- (tim) [regress/README.regress] Document ssh-rand-helper issue. ok bal

[openssh.git] / deattack.c

diff --git a/deattack.c b/deattack.c
index 7f95eca31999ec29154039493422e3e16c1ca67b..8b55d668681a1e78c0c2973cedcace140a8b25d9 100644 (file)
--- a/deattack.c
+++ b/deattack.c
@@ -1,5 +1,4 @@
 /*
- * $OpenBSD: deattack.c,v 1.7 2000/06/20 01:39:41 markus Exp $
  * Cryptographic attack detector for ssh - source code
  *
  * Copyright (c) 1998 CORE SDI S.A., Buenos Aires, Argentina.
@@ -19,11 +18,14 @@
  */
 
 #include "includes.h"
+RCSID("$OpenBSD: deattack.c,v 1.19 2003/09/18 08:49:45 markus Exp $");
+
 #include "deattack.h"
-#include "ssh.h"
+#include "log.h"
 #include "crc32.h"
 #include "getput.h"
 #include "xmalloc.h"
+#include "deattack.h"
 
 /* SSH Constants */
 #define SSH_MAXBLOCKS  (32 * 1024)
@@ -35,7 +37,7 @@
 #define HASH_FACTOR(x) ((x)*3/2)
 #define HASH_UNUSEDCHAR        (0xff)
 #define HASH_UNUSED    (0xffff)
-#define HASH_IV        (0xfffe)
+#define HASH_IV                (0xfffe)
 
 #define HASH_MINBLOCKS (7*SSH_BLOCKSIZE)
 
@@ -43,23 +45,22 @@
 /* Hash function (Input keys are cipher results) */
 #define HASH(x)                GET_32BIT(x)
 
-#define CMP(a,b)       (memcmp(a, b, SSH_BLOCKSIZE))
+#define CMP(a, b)      (memcmp(a, b, SSH_BLOCKSIZE))
 
-
-void
+static void
 crc_update(u_int32_t *a, u_int32_t b)
 {
        b ^= *a;
-       *a = crc32((unsigned char *) &b, sizeof(b));
+       *a = ssh_crc32((u_char *) &b, sizeof(b));
 }
 
 /* detect if a block is used in a particular pattern */
-int
-check_crc(unsigned char *S, unsigned char *buf, u_int32_t len,
-         unsigned char *IV)
+static int
+check_crc(u_char *S, u_char *buf, u_int32_t len,
+         u_char *IV)
 {
        u_int32_t crc;
-       unsigned char *c;
+       u_char *c;
 
        crc = 0;
        if (IV && !CMP(S, IV)) {
@@ -81,14 +82,14 @@ check_crc(unsigned char *S, unsigned char *buf, u_int32_t len,
 
 /* Detect a crc32 compensation attack on a packet */
 int
-detect_attack(unsigned char *buf, u_int32_t len, unsigned char *IV)
+detect_attack(u_char *buf, u_int32_t len, u_char *IV)
 {
        static u_int16_t *h = (u_int16_t *) NULL;
-       static u_int16_t n = HASH_MINSIZE / HASH_ENTRYSIZE;
-       register u_int32_t i, j;
+       static u_int32_t n = HASH_MINSIZE / HASH_ENTRYSIZE;
+       u_int32_t i, j;
        u_int32_t l;
-       register unsigned char *c;
-       unsigned char *d;
+       u_char *c;
+       u_char *d;
 
        if (len > (SSH_MAXBLOCKS * SSH_BLOCKSIZE) ||
            len % SSH_BLOCKSIZE != 0) {
@@ -99,12 +100,12 @@ detect_attack(unsigned char *buf, u_int32_t len, unsigned char *IV)
 
        if (h == NULL) {
                debug("Installing crc compensation attack detector.");
+               h = (u_int16_t *) xmalloc(l * HASH_ENTRYSIZE);
                n = l;
-               h = (u_int16_t *) xmalloc(n * HASH_ENTRYSIZE);
        } else {
                if (l > n) {
+                       h = (u_int16_t *) xrealloc(h, l * HASH_ENTRYSIZE);
                        n = l;
-                       h = (u_int16_t *) xrealloc(h, n * HASH_ENTRYSIZE);
                }
        }
 
@@ -134,7 +135,7 @@ detect_attack(unsigned char *buf, u_int32_t len, unsigned char *IV)
 
        for (c = buf, j = 0; c < (buf + len); c += SSH_BLOCKSIZE, j++) {
                for (i = HASH(c) & (n - 1); h[i] != HASH_UNUSED;
-                    i = (i + 1) & (n - 1)) {
+                   i = (i + 1) & (n - 1)) {
                        if (h[i] == HASH_IV) {
                                if (!CMP(c, IV)) {
                                        if (check_crc(c, buf, len, IV))