diff options
author | Ben Lindstrom <mouring@eviladmin.org> | 2001-03-05 06:28:06 +0000 |
---|---|---|
committer | Ben Lindstrom <mouring@eviladmin.org> | 2001-03-05 06:28:06 +0000 |
commit | e229b25a9efc4924f9b45a34de0aef491ae35d09 (patch) | |
tree | 168b2a8e9d3615a86d39fd9d57b78053fc360b45 | |
parent | 941ac82e1624e7d7bb7091785ca525889738420b (diff) |
- markus@cvs.openbsd.org 2001/02/28 21:27:48
[channels.c packet.c packet.h serverloop.c]
use ignore message to simulate a SSH2_MSG_CHANNEL_DATA message
use random content in ignore messages.
-rw-r--r-- | ChangeLog | 6 | ||||
-rw-r--r-- | channels.c | 12 | ||||
-rw-r--r-- | packet.c | 16 | ||||
-rw-r--r-- | packet.h | 5 | ||||
-rw-r--r-- | serverloop.c | 6 |
5 files changed, 29 insertions, 16 deletions
@@ -85,6 +85,10 @@ - markus@cvs.openbsd.org 2001/02/28 21:21:41 [sshd.c] generate a fake session id, too + - markus@cvs.openbsd.org 2001/02/28 21:27:48 + [channels.c packet.c packet.h serverloop.c] + use ignore message to simulate a SSH2_MSG_CHANNEL_DATA message + use random content in ignore messages. 20010304 - (bal) Remove make-ssh-known-hosts.1 since it's no longer valid. @@ -4277,4 +4281,4 @@ - Wrote replacements for strlcpy and mkdtemp - Released 1.0pre1 -$Id: ChangeLog,v 1.876 2001/03/05 06:25:23 mouring Exp $ +$Id: ChangeLog,v 1.877 2001/03/05 06:28:06 mouring Exp $ @@ -40,7 +40,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: channels.c,v 1.94 2001/02/28 12:55:07 markus Exp $"); +RCSID("$OpenBSD: channels.c,v 1.95 2001/02/28 21:27:48 markus Exp $"); #include <openssl/rsa.h> #include <openssl/dsa.h> @@ -768,6 +768,7 @@ channel_handle_rfd(Channel *c, fd_set * readset, fd_set * writeset) int channel_handle_wfd(Channel *c, fd_set * readset, fd_set * writeset) { + struct termios tio; int len; /* Send buffered output data to the socket. */ @@ -789,16 +790,15 @@ channel_handle_wfd(Channel *c, fd_set * readset, fd_set * writeset) return -1; } if (compat20 && c->isatty) { - struct termios tio; if (tcgetattr(c->wfd, &tio) == 0 && !(tio.c_lflag & ECHO) && (tio.c_lflag & ICANON)) { /* * Simulate echo to reduce the impact of - * traffic analysis. + * traffic analysis. We need too match the + * size of a SSH2_MSG_CHANNEL_DATA message + * (4 byte channel id + data) */ - packet_start(SSH2_MSG_IGNORE); - memset(buffer_ptr(&c->output), 0, len); - packet_put_string(buffer_ptr(&c->output), len); + packet_send_ignore(4 + len); packet_send(); } } @@ -37,7 +37,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: packet.c,v 1.53 2001/02/28 09:57:06 markus Exp $"); +RCSID("$OpenBSD: packet.c,v 1.54 2001/02/28 21:27:47 markus Exp $"); #include "xmalloc.h" #include "buffer.h" @@ -1321,8 +1321,7 @@ packet_set_maxsize(int s) void packet_inject_ignore(int sumlen) { - u_int32_t rand = 0; - int i, blocksize, padlen, have, need, nb, mini, nbytes; + int blocksize, padlen, have, need, nb, mini, nbytes; Enc *enc = NULL; if (use_ssh2_packet_format == 0) @@ -1350,7 +1349,16 @@ packet_inject_ignore(int sumlen) /* enqueue current message and append a ignore message */ packet_send(); - packet_start(SSH2_MSG_IGNORE); + packet_send_ignore(nbytes); +} + +void +packet_send_ignore(int nbytes) +{ + u_int32_t rand = 0; + int i; + + packet_start(compat20 ? SSH2_MSG_IGNORE : SSH_MSG_IGNORE); packet_put_int(nbytes); for(i = 0; i < nbytes; i++) { if (i % 4 == 0) @@ -11,7 +11,7 @@ * called by a name other than "ssh" or "Secure Shell". */ -/* RCSID("$OpenBSD: packet.h,v 1.20 2001/02/28 09:57:07 markus Exp $"); */ +/* RCSID("$OpenBSD: packet.h,v 1.21 2001/02/28 21:27:47 markus Exp $"); */ #ifndef PACKET_H #define PACKET_H @@ -215,6 +215,9 @@ void packet_set_ssh2_format(void); int packet_remaining(void); /* append an ignore message */ +void packet_send_ignore(int nbytes); + +/* add an ignore message and make sure size (current+ignore) = n*sumlen */ void packet_inject_ignore(int sumlen); #endif /* PACKET_H */ diff --git a/serverloop.c b/serverloop.c index 651d3feb..285f314e 100644 --- a/serverloop.c +++ b/serverloop.c @@ -35,7 +35,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: serverloop.c,v 1.51 2001/02/23 15:34:53 markus Exp $"); +RCSID("$OpenBSD: serverloop.c,v 1.52 2001/02/28 21:27:48 markus Exp $"); #include "xmalloc.h" #include "packet.h" @@ -345,9 +345,7 @@ process_output(fd_set * writeset) * Simulate echo to reduce the impact of * traffic analysis */ - packet_start(SSH_MSG_IGNORE); - memset(buffer_ptr(&stdin_buffer), 0, len); - packet_put_string(buffer_ptr(&stdin_buffer), len); + packet_send_ignore(len); packet_send(); } /* Consume the data from the buffer. */ |