http://www.psc.edu/networking/projects/hpn-ssh/openssh-5.2p1-hpn13v6.diff.gz committe...

[gssapi-openssh.git] / openssh / cipher.c

diff --git a/openssh/cipher.c b/openssh/cipher.c
index bb5c0ac3a2c2a02a7004822ccd25f893e37b4f29..05394c4f2288b439a59d44b7240a28ff7127c829 100644 (file)
--- a/openssh/cipher.c
+++ b/openssh/cipher.c
@@ -55,6 +55,7 @@ extern const EVP_CIPHER *evp_ssh1_bf(void);
 extern const EVP_CIPHER *evp_ssh1_3des(void);
 extern void ssh1_3des_iv(EVP_CIPHER_CTX *, int, u_char *, int);
 extern const EVP_CIPHER *evp_aes_128_ctr(void);
+extern const EVP_CIPHER *evp_aes_ctr_mt(void);
 extern void ssh_aes_ctr_iv(EVP_CIPHER_CTX *, int, u_char *, u_int);
 
 struct Cipher {
@@ -82,9 +83,9 @@ struct Cipher {
        { "aes256-cbc",         SSH_CIPHER_SSH2, 16, 32, 0, 1, EVP_aes_256_cbc },
        { "rijndael-cbc@lysator.liu.se",
                                SSH_CIPHER_SSH2, 16, 32, 0, 1, EVP_aes_256_cbc },
-       { "aes128-ctr",         SSH_CIPHER_SSH2, 16, 16, 0, 0, evp_aes_128_ctr },
-       { "aes192-ctr",         SSH_CIPHER_SSH2, 16, 24, 0, 0, evp_aes_128_ctr },
-       { "aes256-ctr",         SSH_CIPHER_SSH2, 16, 32, 0, 0, evp_aes_128_ctr },
+       { "aes128-ctr",         SSH_CIPHER_SSH2, 16, 16, 0, 0, evp_aes_ctr_mt },
+       { "aes192-ctr",         SSH_CIPHER_SSH2, 16, 24, 0, 0, evp_aes_ctr_mt },
+       { "aes256-ctr",         SSH_CIPHER_SSH2, 16, 32, 0, 0, evp_aes_ctr_mt },
 #ifdef USE_CIPHER_ACSS
        { "acss@openssh.org",   SSH_CIPHER_SSH2, 16, 5, 0, 0, EVP_acss },
 #endif
@@ -163,7 +164,8 @@ ciphers_valid(const char *names)
        for ((p = strsep(&cp, CIPHER_SEP)); p && *p != '\0';
            (p = strsep(&cp, CIPHER_SEP))) {
                c = cipher_by_name(p);
-               if (c == NULL || c->number != SSH_CIPHER_SSH2) {
+               if (c == NULL || (c->number != SSH_CIPHER_SSH2 && 
+c->number != SSH_CIPHER_NONE)) {
                        debug("bad cipher %s [%s]", p, names);
                        xfree(cipher_list);
                        return 0;
@@ -337,6 +339,7 @@ cipher_get_keyiv(CipherContext *cc, u_char *iv, u_int len)
        int evplen;
 
        switch (c->number) {
+       case SSH_CIPHER_NONE:
        case SSH_CIPHER_SSH2:
        case SSH_CIPHER_DES:
        case SSH_CIPHER_BLOWFISH:
@@ -371,6 +374,7 @@ cipher_set_keyiv(CipherContext *cc, u_char *iv)
        int evplen = 0;
 
        switch (c->number) {
+       case SSH_CIPHER_NONE:
        case SSH_CIPHER_SSH2:
        case SSH_CIPHER_DES:
        case SSH_CIPHER_BLOWFISH: