- (tim) [configure.ac] Autoconf didn't define HAVE_LIBIAF because we

[openssh.git] / packet.c

diff --git a/packet.c b/packet.c
index ea0a82e21e9cea26e9948529ede5aeffa63b2ba7..f82a63c47e262e22ab37d9d3a24f30403bb2e281 100644 (file)
--- a/packet.c
+++ b/packet.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: packet.c,v 1.131 2006/03/30 09:58:16 djm Exp $ */
+/* $OpenBSD: packet.c,v 1.148 2007/06/07 19:37:34 pvalchev Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -39,25 +39,38 @@
 
 #include "includes.h"
  
+#include <sys/types.h>
 #include "openbsd-compat/sys-queue.h"
-#include <netinet/in_systm.h>
+#include <sys/param.h>
+#include <sys/socket.h>
+#ifdef HAVE_SYS_TIME_H
+# include <sys/time.h>
+#endif
+
+#include <netinet/in.h>
 #include <netinet/ip.h>
+#include <arpa/inet.h>
+
+#include <errno.h>
+#include <stdarg.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <unistd.h>
+#include <signal.h>
 
 #include "xmalloc.h"
 #include "buffer.h"
 #include "packet.h"
-#include "bufaux.h"
 #include "crc32.h"
-
 #include "compress.h"
 #include "deattack.h"
 #include "channels.h"
-
 #include "compat.h"
 #include "ssh1.h"
 #include "ssh2.h"
-
 #include "cipher.h"
+#include "key.h"
 #include "kex.h"
 #include "mac.h"
 #include "log.h"
@@ -616,7 +629,7 @@ set_newkeys(int mode)
                enc  = &newkeys[mode]->enc;
                mac  = &newkeys[mode]->mac;
                comp = &newkeys[mode]->comp;
-               memset(mac->key, 0, mac->key_len);
+               mac_clear(mac);
                xfree(enc->name);
                xfree(enc->iv);
                xfree(enc->key);
@@ -631,14 +644,15 @@ set_newkeys(int mode)
        enc  = &newkeys[mode]->enc;
        mac  = &newkeys[mode]->mac;
        comp = &newkeys[mode]->comp;
-       if (mac->md != NULL)
+       if (mac_init(mac) == 0)
                mac->enabled = 1;
        DBG(debug("cipher_init_context: %d", mode));
        cipher_init(cc, enc->cipher, enc->key, enc->key_len,
            enc->iv, enc->block_size, crypt_type);
        /* Deleting the keys does not gain extra security */
        /* memset(enc->iv,  0, enc->block_size);
-          memset(enc->key, 0, enc->key_len); */
+          memset(enc->key, 0, enc->key_len);
+          memset(mac->key, 0, mac->key_len); */
        if ((comp->type == COMP_ZLIB ||
            (comp->type == COMP_DELAYED && after_authentication)) &&
            comp->enabled == 0) {
@@ -663,7 +677,7 @@ set_newkeys(int mode)
 
 /*
  * Delayed compression for SSH2 is enabled after authentication:
- * This happans on the server side after a SSH2_MSG_USERAUTH_SUCCESS is sent,
+ * This happens on the server side after a SSH2_MSG_USERAUTH_SUCCESS is sent,
  * and on the client side after a SSH2_MSG_USERAUTH_SUCCESS is received.
  */
 static void
@@ -678,6 +692,9 @@ packet_enable_delayed_compress(void)
         */
        after_authentication = 1;
        for (mode = 0; mode < MODE_MAX; mode++) {
+               /* protocol error: USERAUTH_SUCCESS received before NEWKEYS */
+               if (newkeys[mode] == NULL)
+                       continue;
                comp = &newkeys[mode]->comp;
                if (comp && !comp->enabled && comp->type == COMP_DELAYED) {
                        packet_init_compression();
@@ -987,9 +1004,16 @@ packet_read_poll1(void)
         * (C)1998 CORE-SDI, Buenos Aires Argentina
         * Ariel Futoransky(futo@core-sdi.com)
         */
-       if (!receive_context.plaintext &&
-           detect_attack(buffer_ptr(&input), padded_len) == DEATTACK_DETECTED)
-               packet_disconnect("crc32 compensation attack: network attack detected");
+       if (!receive_context.plaintext) {
+               switch (detect_attack(buffer_ptr(&input), padded_len)) {
+               case DEATTACK_DETECTED:
+                       packet_disconnect("crc32 compensation attack: "
+                           "network attack detected");
+               case DEATTACK_DOS_DETECTED:
+                       packet_disconnect("deattack denial of "
+                           "service detected");
+               }
+       }
 
        /* Decrypt data to incoming_packet. */
        buffer_clear(&incoming_packet);
@@ -1212,7 +1236,6 @@ packet_read_poll_seqnr(u_int32_t *seqnr_p)
                                logit("Received disconnect from %s: %.400s",
                                    get_remote_ipaddr(), msg);
                                cleanup_exit(255);
-                               xfree(msg);
                                break;
                        default:
                                if (type)