aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJakub Jelen <jjelen@redhat.com>2020-04-28 13:09:11 +0200
committerAndreas Schneider <asn@cryptomilk.org>2020-05-05 14:23:06 +0200
commit4f976ce5c4a393d528d05a8ef2e270f9ac1d3b96 (patch)
tree06afe15bf415afeda397952820afbd989df22265
parent239eef6322d1bca0786a60f68dab3d9b402a41b7 (diff)
downloadlibssh-4f976ce5c4a393d528d05a8ef2e270f9ac1d3b96.tar.gz
libssh-4f976ce5c4a393d528d05a8ef2e270f9ac1d3b96.tar.xz
libssh-4f976ce5c4a393d528d05a8ef2e270f9ac1d3b96.zip
packet: Skip HMAC handling if none is selected
Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
-rw-r--r--src/packet.c7
-rw-r--r--src/packet_crypt.c46
2 files changed, 30 insertions, 23 deletions
diff --git a/src/packet.c b/src/packet.c
index 40b60a10..3d675252 100644
--- a/src/packet.c
+++ b/src/packet.c
@@ -1213,7 +1213,7 @@ int ssh_packet_socket_callback(const void *data, size_t receivedlen, void *user)
if (crypto != NULL) {
mac = packet_second_block + packet_remaining;
- if (etm) {
+ if (crypto->in_hmac != SSH_HMAC_NONE && etm) {
rc = ssh_packet_hmac_verify(session,
data,
processed,
@@ -1243,7 +1243,7 @@ int ssh_packet_socket_callback(const void *data, size_t receivedlen, void *user)
}
}
- if (!etm) {
+ if (crypto->in_hmac != SSH_HMAC_NONE && !etm) {
rc = ssh_packet_hmac_verify(session,
ssh_buffer_get(session->in_buffer),
ssh_buffer_get_len(session->in_buffer),
@@ -1684,6 +1684,9 @@ static int packet_send2(ssh_session session)
hmac = ssh_packet_encrypt(session,
ssh_buffer_get(session->out_buffer),
ssh_buffer_get_len(session->out_buffer));
+ /* XXX This returns null before switching on crypto, with none MAC
+ * and on various errors.
+ * We should distinguish between these cases to avoid hiding errors. */
if (hmac != NULL) {
rc = ssh_buffer_add_data(session->out_buffer,
hmac,
diff --git a/src/packet_crypt.c b/src/packet_crypt.c
index b248ae85..c2f7ab02 100644
--- a/src/packet_crypt.c
+++ b/src/packet_crypt.c
@@ -177,34 +177,38 @@ unsigned char *ssh_packet_encrypt(ssh_session session, void *data, uint32_t len)
crypto->hmacbuf, session->send_seq);
memcpy(data, out, len);
} else {
- ctx = hmac_init(crypto->encryptMAC, hmac_digest_len(type), type);
- if (ctx == NULL) {
- SAFE_FREE(out);
- return NULL;
- }
-
- if (!etm) {
- hmac_update(ctx, (unsigned char *)&seq, sizeof(uint32_t));
- hmac_update(ctx, data, len);
- hmac_final(ctx, crypto->hmacbuf, &finallen);
+ if (type != SSH_HMAC_NONE) {
+ ctx = hmac_init(crypto->encryptMAC, hmac_digest_len(type), type);
+ if (ctx == NULL) {
+ SAFE_FREE(out);
+ return NULL;
+ }
+
+ if (!etm) {
+ hmac_update(ctx, (unsigned char *)&seq, sizeof(uint32_t));
+ hmac_update(ctx, data, len);
+ hmac_final(ctx, crypto->hmacbuf, &finallen);
+ }
}
cipher->encrypt(cipher, (uint8_t*)data + etm_packet_offset, out, len - etm_packet_offset);
memcpy((uint8_t*)data + etm_packet_offset, out, len - etm_packet_offset);
- if (etm) {
- PUSH_BE_U32(data, 0, len - etm_packet_offset);
- hmac_update(ctx, (unsigned char *)&seq, sizeof(uint32_t));
- hmac_update(ctx, data, len);
- hmac_final(ctx, crypto->hmacbuf, &finallen);
- }
+ if (type != SSH_HMAC_NONE) {
+ if (etm) {
+ PUSH_BE_U32(data, 0, len - etm_packet_offset);
+ hmac_update(ctx, (unsigned char *)&seq, sizeof(uint32_t));
+ hmac_update(ctx, data, len);
+ hmac_final(ctx, crypto->hmacbuf, &finallen);
+ }
#ifdef DEBUG_CRYPTO
- ssh_log_hexdump("mac: ", data, len);
- if (finallen != hmac_digest_len(type)) {
- printf("Final len is %d\n", finallen);
- }
- ssh_log_hexdump("Packet hmac", crypto->hmacbuf, hmac_digest_len(type));
+ ssh_log_hexdump("mac: ", data, len);
+ if (finallen != hmac_digest_len(type)) {
+ printf("Final len is %d\n", finallen);
+ }
+ ssh_log_hexdump("Packet hmac", crypto->hmacbuf, hmac_digest_len(type));
#endif
+ }
}
explicit_bzero(out, len);
SAFE_FREE(out);