diff options
author | djm@openbsd.org <djm@openbsd.org> | 2023-08-28 03:31:16 +0000 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 2023-08-28 13:34:10 +1000 |
commit | 7603ba71264e7fa938325c37eca993e2fa61272f (patch) | |
tree | e0b2fecdb68f63bdafd81eee605f5e3be9c0177a /packet.c | |
parent | dce6d80d2ed3cad2c516082682d5f6ca877ef714 (diff) |
upstream: Add keystroke timing obfuscation to the client.
This attempts to hide inter-keystroke timings by sending interactive
traffic at fixed intervals (default: every 20ms) when there is only a
small amount of data being sent. It also sends fake "chaff" keystrokes
for a random interval after the last real keystroke. These are
controlled by a new ssh_config ObscureKeystrokeTiming keyword/
feedback/ok markus@
OpenBSD-Commit-ID: 02231ddd4f442212820976068c34a36e3c1b15be
Diffstat (limited to 'packet.c')
-rw-r--r-- | packet.c | 14 |
1 files changed, 13 insertions, 1 deletions
@@ -1,4 +1,4 @@ -/* $OpenBSD: packet.c,v 1.311 2023/08/28 03:28:43 djm Exp $ */ +/* $OpenBSD: packet.c,v 1.312 2023/08/28 03:31:16 djm Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland @@ -2083,6 +2083,18 @@ ssh_packet_not_very_much_data_to_write(struct ssh *ssh) return sshbuf_len(ssh->state->output) < 128 * 1024; } +/* + * returns true when there are at most a few keystrokes of data to write + * and the connection is in interactive mode. + */ + +int +ssh_packet_interactive_data_to_write(struct ssh *ssh) +{ + return ssh->state->interactive_mode && + sshbuf_len(ssh->state->output) < 256; +} + void ssh_packet_set_tos(struct ssh *ssh, int tos) { |