diff options
author | Jakub Jelen <jjelen@redhat.com> | 2020-04-28 13:09:11 +0200 |
---|---|---|
committer | Andreas Schneider <asn@cryptomilk.org> | 2020-05-05 14:23:06 +0200 |
commit | 4f976ce5c4a393d528d05a8ef2e270f9ac1d3b96 (patch) | |
tree | 06afe15bf415afeda397952820afbd989df22265 | |
parent | 239eef6322d1bca0786a60f68dab3d9b402a41b7 (diff) | |
download | libssh-4f976ce5c4a393d528d05a8ef2e270f9ac1d3b96.tar.gz libssh-4f976ce5c4a393d528d05a8ef2e270f9ac1d3b96.tar.xz libssh-4f976ce5c4a393d528d05a8ef2e270f9ac1d3b96.zip |
packet: Skip HMAC handling if none is selected
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
-rw-r--r-- | src/packet.c | 7 | ||||
-rw-r--r-- | src/packet_crypt.c | 46 |
2 files changed, 30 insertions, 23 deletions
diff --git a/src/packet.c b/src/packet.c index 40b60a10..3d675252 100644 --- a/src/packet.c +++ b/src/packet.c @@ -1213,7 +1213,7 @@ int ssh_packet_socket_callback(const void *data, size_t receivedlen, void *user) if (crypto != NULL) { mac = packet_second_block + packet_remaining; - if (etm) { + if (crypto->in_hmac != SSH_HMAC_NONE && etm) { rc = ssh_packet_hmac_verify(session, data, processed, @@ -1243,7 +1243,7 @@ int ssh_packet_socket_callback(const void *data, size_t receivedlen, void *user) } } - if (!etm) { + if (crypto->in_hmac != SSH_HMAC_NONE && !etm) { rc = ssh_packet_hmac_verify(session, ssh_buffer_get(session->in_buffer), ssh_buffer_get_len(session->in_buffer), @@ -1684,6 +1684,9 @@ static int packet_send2(ssh_session session) hmac = ssh_packet_encrypt(session, ssh_buffer_get(session->out_buffer), ssh_buffer_get_len(session->out_buffer)); + /* XXX This returns null before switching on crypto, with none MAC + * and on various errors. + * We should distinguish between these cases to avoid hiding errors. */ if (hmac != NULL) { rc = ssh_buffer_add_data(session->out_buffer, hmac, diff --git a/src/packet_crypt.c b/src/packet_crypt.c index b248ae85..c2f7ab02 100644 --- a/src/packet_crypt.c +++ b/src/packet_crypt.c @@ -177,34 +177,38 @@ unsigned char *ssh_packet_encrypt(ssh_session session, void *data, uint32_t len) crypto->hmacbuf, session->send_seq); memcpy(data, out, len); } else { - ctx = hmac_init(crypto->encryptMAC, hmac_digest_len(type), type); - if (ctx == NULL) { - SAFE_FREE(out); - return NULL; - } - - if (!etm) { - hmac_update(ctx, (unsigned char *)&seq, sizeof(uint32_t)); - hmac_update(ctx, data, len); - hmac_final(ctx, crypto->hmacbuf, &finallen); + if (type != SSH_HMAC_NONE) { + ctx = hmac_init(crypto->encryptMAC, hmac_digest_len(type), type); + if (ctx == NULL) { + SAFE_FREE(out); + return NULL; + } + + if (!etm) { + hmac_update(ctx, (unsigned char *)&seq, sizeof(uint32_t)); + hmac_update(ctx, data, len); + hmac_final(ctx, crypto->hmacbuf, &finallen); + } } cipher->encrypt(cipher, (uint8_t*)data + etm_packet_offset, out, len - etm_packet_offset); memcpy((uint8_t*)data + etm_packet_offset, out, len - etm_packet_offset); - if (etm) { - PUSH_BE_U32(data, 0, len - etm_packet_offset); - hmac_update(ctx, (unsigned char *)&seq, sizeof(uint32_t)); - hmac_update(ctx, data, len); - hmac_final(ctx, crypto->hmacbuf, &finallen); - } + if (type != SSH_HMAC_NONE) { + if (etm) { + PUSH_BE_U32(data, 0, len - etm_packet_offset); + hmac_update(ctx, (unsigned char *)&seq, sizeof(uint32_t)); + hmac_update(ctx, data, len); + hmac_final(ctx, crypto->hmacbuf, &finallen); + } #ifdef DEBUG_CRYPTO - ssh_log_hexdump("mac: ", data, len); - if (finallen != hmac_digest_len(type)) { - printf("Final len is %d\n", finallen); - } - ssh_log_hexdump("Packet hmac", crypto->hmacbuf, hmac_digest_len(type)); + ssh_log_hexdump("mac: ", data, len); + if (finallen != hmac_digest_len(type)) { + printf("Final len is %d\n", finallen); + } + ssh_log_hexdump("Packet hmac", crypto->hmacbuf, hmac_digest_len(type)); #endif + } } explicit_bzero(out, len); SAFE_FREE(out); |