diff options
| author |   djm <djm@openbsd.org> | 2006-03-22 21:27:15 +0000 |
|---|---|---|
| committer | djm <djm@openbsd.org> | 2006-03-22 21:27:15 +0000 |
| commit | 73b749e4b77e25673fdbf5ea3e761d79132ec81b (patch) | |
| tree | 6e3116c0ca3d1348ec998d6f6b2283d050ff7bba | |
| parent | simplify SSHFP example; ok jmc@ (diff) | |
| download | wireguard-openbsd-73b749e4b77e25673fdbf5ea3e761d79132ec81b.tar.xz wireguard-openbsd-73b749e4b77e25673fdbf5ea3e761d79132ec81b.zip | |
remove IV support from the CRC attack detector, OpenSSH has never used
it - it only applied to IDEA-CFB, which we don't support.
prompted by NetBSD Coverity report via elad AT netbsd.org;
feedback markus@ "nuke it" deraadt@
| -rw-r--r-- | usr.bin/ssh/deattack.c | 31 | ||||
| -rw-r--r-- | usr.bin/ssh/deattack.h | 4 | ||||
| -rw-r--r-- | usr.bin/ssh/packet.c | 2 |
3 files changed, 8 insertions, 29 deletions
diff --git a/usr.bin/ssh/deattack.c b/usr.bin/ssh/deattack.c index b50d81f85f5..bf4451b8814 100644 --- a/usr.bin/ssh/deattack.c +++ b/usr.bin/ssh/deattack.c @@ -54,17 +54,12 @@ crc_update(u_int32_t *a, u_int32_t b) /* detect if a block is used in a particular pattern */ static int -check_crc(u_char *S, u_char *buf, u_int32_t len, - u_char *IV) +check_crc(u_char *S, u_char *buf, u_int32_t len) { u_int32_t crc; u_char *c; crc = 0; - if (IV && !CMP(S, IV)) { - crc_update(&crc, 1); - crc_update(&crc, 0); - } for (c = buf; c < buf + len; c += SSH_BLOCKSIZE) { if (!CMP(S, c)) { crc_update(&crc, 1); @@ -80,7 +75,7 @@ check_crc(u_char *S, u_char *buf, u_int32_t len, /* Detect a crc32 compensation attack on a packet */ int -detect_attack(u_char *buf, u_int32_t len, u_char *IV) +detect_attack(u_char *buf, u_int32_t len) { static u_int16_t *h = (u_int16_t *) NULL; static u_int32_t n = HASH_MINSIZE / HASH_ENTRYSIZE; @@ -109,15 +104,9 @@ detect_attack(u_char *buf, u_int32_t len, u_char *IV) if (len <= HASH_MINBLOCKS) { for (c = buf; c < buf + len; c += SSH_BLOCKSIZE) { - if (IV && (!CMP(c, IV))) { - if ((check_crc(c, buf, len, IV))) - return (DEATTACK_DETECTED); - else - break; - } for (d = buf; d < c; d += SSH_BLOCKSIZE) { if (!CMP(c, d)) { - if ((check_crc(c, buf, len, IV))) + if ((check_crc(c, buf, len))) return (DEATTACK_DETECTED); else break; @@ -128,21 +117,11 @@ detect_attack(u_char *buf, u_int32_t len, u_char *IV) } memset(h, HASH_UNUSEDCHAR, n * HASH_ENTRYSIZE); - if (IV) - h[HASH(IV) & (n - 1)] = HASH_IV; - for (c = buf, j = 0; c < (buf + len); c += SSH_BLOCKSIZE, j++) { for (i = HASH(c) & (n - 1); h[i] != HASH_UNUSED; i = (i + 1) & (n - 1)) { - if (h[i] == HASH_IV) { - if (!CMP(c, IV)) { - if (check_crc(c, buf, len, IV)) - return (DEATTACK_DETECTED); - else - break; - } - } else if (!CMP(c, buf + h[i] * SSH_BLOCKSIZE)) { - if (check_crc(c, buf, len, IV)) + if (!CMP(c, buf + h[i] * SSH_BLOCKSIZE)) { + if (check_crc(c, buf, len)) return (DEATTACK_DETECTED); else break; diff --git a/usr.bin/ssh/deattack.h b/usr.bin/ssh/deattack.h index ddccdea5059..7bb6100d0a4 100644 --- a/usr.bin/ssh/deattack.h +++ b/usr.bin/ssh/deattack.h @@ -1,4 +1,4 @@ -/* $OpenBSD: deattack.h,v 1.7 2001/06/26 17:27:23 markus Exp $ */ +/* $OpenBSD: deattack.h,v 1.8 2006/03/22 21:27:15 djm Exp $ */ /* * Cryptographic attack detector for ssh - Header file @@ -26,5 +26,5 @@ #define DEATTACK_OK 0 #define DEATTACK_DETECTED 1 -int detect_attack(u_char *, u_int32_t, u_char[8]); +int detect_attack(u_char *, u_int32_t); #endif diff --git a/usr.bin/ssh/packet.c b/usr.bin/ssh/packet.c index f90900456b4..6e5721ad5d0 100644 --- a/usr.bin/ssh/packet.c +++ b/usr.bin/ssh/packet.c @@ -984,7 +984,7 @@ packet_read_poll1(void) * Ariel Futoransky(futo@core-sdi.com) */ if (!receive_context.plaintext && - detect_attack(buffer_ptr(&input), padded_len, NULL) == DEATTACK_DETECTED) + detect_attack(buffer_ptr(&input), padded_len) == DEATTACK_DETECTED) packet_disconnect("crc32 compensation attack: network attack detected"); /* Decrypt data to incoming_packet. */ |