- markus@cvs.openbsd.org 2001/11/07 16:03:17

[packet.c packet.h sshconnect2.c] pad using the padding field from the ssh2 packet instead of sending extra ignore messages. tested against several other ssh servers.
2024-12-22 01:50:16 +00:00 · 2001-11-12 11:02:52 +11:00 · 2001-11-12 11:02:52 +11:00 · 9f64390f41
commit 9f64390f41
parent 1f8dddc927
4 changed files with 33 additions and 43 deletions
--- a/6
+++ b/6
@ -23,6 +23,10 @@
   - markus@cvs.openbsd.org 2001/10/30 20:29:09
     [ssh.1]
     ssh.1
+   - markus@cvs.openbsd.org 2001/11/07 16:03:17
+     [packet.c packet.h sshconnect2.c]
+     pad using the padding field from the ssh2 packet instead of sending
+     extra ignore messages. tested against several other ssh servers.

 20011109
 - (stevesk) auth-pam.c: use do_pam_authenticate(PAM_DISALLOW_NULL_AUTHTOK)
@ -6832,4 +6836,4 @@
 - Wrote replacements for strlcpy and mkdtemp
 - Released 1.0pre1

-$Id: ChangeLog,v 1.1641 2001/11/12 00:02:25 djm Exp $
+$Id: ChangeLog,v 1.1642 2001/11/12 00:02:52 djm Exp $
--- a/packet.c
+++ b/packet.c
@ -37,7 +37,7 @@
 */

 #include "includes.h"
-RCSID("$OpenBSD: packet.c,v 1.70 2001/09/27 11:59:37 markus Exp $");
+RCSID("$OpenBSD: packet.c,v 1.71 2001/11/07 16:03:17 markus Exp $");

 #include "xmalloc.h"
 #include "buffer.h"
@ -115,6 +115,9 @@ static int interactive_mode = 0;
 /* Session key information for Encryption and MAC */
 Newkeys *newkeys[MODE_MAX];

+/* roundup current message to extra_pad bytes */
+static u_char extra_pad = 0;
+
 /*
 * Sets the descriptors used for communication.  Disables encryption until
 * packet_set_encryption_key is called.
@ -485,9 +488,10 @@ packet_send2(void)
 {
 	static u_int32_t seqnr = 0;
 	u_char type, *ucp, *macbuf = NULL;
+	u_char padlen, pad;
 	char *cp;
 	u_int packet_length = 0;
-	u_int i, padlen, len;
+	u_int i, len;
 	u_int32_t rand = 0;
 	Enc *enc   = NULL;
 	Mac *mac   = NULL;
@ -533,6 +537,15 @@ packet_send2(void)
 	padlen = block_size - (len % block_size);
 	if (padlen < 4)
 		padlen += block_size;
+	if (extra_pad) {
+		/* will wrap if extra_pad+padlen > 255 */
+		extra_pad  = roundup(extra_pad, block_size);
+		pad = extra_pad - ((len + padlen) % extra_pad);
+		debug("packet_send2: adding %d (len %d padlen %d extra_pad %d)",
+		    pad, len, padlen, extra_pad);
+		padlen += pad;
+		extra_pad = 0;
+	}
 	buffer_append_space(&outgoing_packet, &cp, padlen);
 	if (enc && enc->cipher->number != SSH_CIPHER_NONE) {
 		/* random padding */
@ -1109,6 +1122,7 @@ packet_write_poll()
 			else
 				fatal("Write failed: %.100s", strerror(errno));
 		}
+debug("packet_write_poll: sent %d bytes", len);
 		buffer_consume(&output, len);
 	}
 }
@ -1238,6 +1252,13 @@ packet_set_maxsize(int s)
 	return s;
 }

+/* roundup current message to pad bytes */
+void
+packet_add_padding(u_char pad)
+{
+	extra_pad = pad;
+}
+
 /*
 * 9.2.  Ignored Data Message
 *
@ -1249,41 +1270,6 @@ packet_set_maxsize(int s)
 * required to send them. This message can be used as an additional
 * protection measure against advanced traffic analysis techniques.
 */
-/* size of current + ignore message should be n*sumlen bytes (w/o mac) */
-void
-packet_inject_ignore(int sumlen)
-{
-	int blocksize, padlen, have, need, nb, mini, nbytes;
-	Enc *enc = NULL;
-
-	if (compat20 == 0)
-		return;
-
-	have = buffer_len(&outgoing_packet);
-	debug2("packet_inject_ignore: current %d", have);
-	if (newkeys[MODE_OUT] != NULL)
-		enc  = &newkeys[MODE_OUT]->enc;
-	blocksize = enc ? enc->cipher->block_size : 8;
-	padlen = blocksize - (have % blocksize);
-	if (padlen < 4)
-		padlen += blocksize;
-	have += padlen;
-	have /= blocksize;	/* # of blocks for current message */
-
-	nb   = roundup(sumlen,  blocksize) / blocksize;	/* blocks for both */
-	mini = roundup(5+1+4+4, blocksize) / blocksize; /* minsize ignore msg */
-	need = nb - (have % nb);			/* blocks for ignore */
-	if (need <= mini)
-		need += nb;
-	nbytes = (need - mini) * blocksize;	/* size of ignore payload */
-	debug2("packet_inject_ignore: block %d have %d nb %d mini %d need %d",
-	    blocksize, have, nb, mini, need);
-
-	/* enqueue current message and append a ignore message */
-	packet_send();
-	packet_send_ignore(nbytes);
-}
-
 void
 packet_send_ignore(int nbytes)
 {
--- a/packet.h
+++ b/packet.h
@ -11,7 +11,7 @@
 * called by a name other than "ssh" or "Secure Shell".
 */

-/* RCSID("$OpenBSD: packet.h,v 1.25 2001/06/26 17:27:24 markus Exp $"); */
+/* RCSID("$OpenBSD: packet.h,v 1.26 2001/11/07 16:03:17 markus Exp $"); */

 #ifndef PACKET_H
 #define PACKET_H
@ -63,7 +63,7 @@ int	 packet_connection_is_on_socket(void);
 int	 packet_connection_is_ipv4(void);
 int	 packet_remaining(void);
 void	 packet_send_ignore(int);
-void	 packet_inject_ignore(int);
+void	 packet_add_padding(u_char);

 void	 tty_make_modes(int, struct termios *);
 void	 tty_parse_modes(int, int *);
--- a/sshconnect2.c
+++ b/sshconnect2.c
@ -23,7 +23,7 @@
 */

 #include "includes.h"
-RCSID("$OpenBSD: sshconnect2.c,v 1.84 2001/10/29 19:27:15 markus Exp $");
+RCSID("$OpenBSD: sshconnect2.c,v 1.85 2001/11/07 16:03:17 markus Exp $");

 #include <openssl/bn.h>
 #include <openssl/md5.h>
@ -460,7 +460,7 @@ userauth_passwd(Authctxt *authctxt)
 	packet_put_cstring(password);
 	memset(password, 0, strlen(password));
 	xfree(password);
-	packet_inject_ignore(64);
+	packet_add_padding(64);
 	packet_send();
 	return 1;
 }
@ -817,7 +817,7 @@ input_userauth_info_req(int type, int plen, void *ctxt)
 	}
 	packet_done(); /* done with parsing incoming message. */

-	packet_inject_ignore(64);
+	packet_add_padding(64);
 	packet_send();
 }