make non-OpenSSL aes-ctr work on sshd w/ privsep; ok markus@

author djm <djm@openbsd.org>

Wed, 14 Jan 2015 10:29:45 +0000 (10:29 +0000)

committer djm <djm@openbsd.org>

Wed, 14 Jan 2015 10:29:45 +0000 (10:29 +0000)
author djm <djm@openbsd.org>
Wed, 14 Jan 2015 10:29:45 +0000 (10:29 +0000)
committer djm <djm@openbsd.org>
Wed, 14 Jan 2015 10:29:45 +0000 (10:29 +0000)
diff --git a/usr.bin/ssh/cipher.c b/usr.bin/ssh/cipher.c

index 3cac653..4e74ca7 100644 (file)
--- a/usr.bin/ssh/cipher.c
+++ b/usr.bin/ssh/cipher.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: cipher.c,v 1.99 2014/06/24 01:13:21 djm Exp $ */
+/* $OpenBSD: cipher.c,v 1.100 2015/01/14 10:29:45 djm Exp $ */
  /*
   * Author: Tatu Ylonen <ylo@cs.hut.fi>
   * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -506,6 +506,8 @@ cipher_get_keyiv_len(const struct sshcipher_ctx *cc)
                 ivlen = 24;
         else if ((cc->cipher->flags & CFLAG_CHACHAPOLY) != 0)
                 ivlen = 0;
+       else if ((cc->cipher->flags & CFLAG_AESCTR) != 0)
+               ivlen = sizeof(cc->ac_ctx.ctr);
  #ifdef WITH_OPENSSL
         else
                 ivlen = EVP_CIPHER_CTX_iv_length(&cc->evp);
@@ -526,6 +528,12 @@ cipher_get_keyiv(struct sshcipher_ctx *cc, u_char *iv, u_int len)
                         return SSH_ERR_INVALID_ARGUMENT;
                 return 0;
         }
+       if ((cc->cipher->flags & CFLAG_AESCTR) != 0) {
+               if (len != sizeof(cc->ac_ctx.ctr))
+                       return SSH_ERR_INVALID_ARGUMENT;
+               memcpy(iv, cc->ac_ctx.ctr, len);
+               return 0;
+       }
         if ((cc->cipher->flags & CFLAG_NONE) != 0)
                 return 0;
author	djm <djm@openbsd.org>
	Wed, 14 Jan 2015 10:29:45 +0000 (10:29 +0000)
committer	djm <djm@openbsd.org>
	Wed, 14 Jan 2015 10:29:45 +0000 (10:29 +0000)