use actual random data with KEX_INIT cookie and packet padding

This commit is contained in:
Sara Golemon 2004-12-27 20:38:44 +00:00
parent 143c6bf97f
commit 596b62c027
3 changed files with 6 additions and 3 deletions

2
README
View File

@ -4,6 +4,8 @@ libssh2 - SSH2 library
Version 0.5
-----------
Fixed KEX_INIT cookie and packet padding to use actual random data
Added DESTDIR support to makefiles (Adam Go³êbiowski -- I hope that character set translates right)
Version 0.4

View File

@ -39,6 +39,7 @@
#include <openssl/bn.h>
#include <openssl/sha.h>
#include <openssl/evp.h>
#include <openssl/rand.h>
/* TODO: Switch this to an inline and handle alloc() failures */
/* Helper macro called from libssh2_kex_method_diffie_hellman_group1_sha1_key_exchange */
@ -720,8 +721,7 @@ static int libssh2_kexinit(LIBSSH2_SESSION *session)
*(s++) = SSH_MSG_KEXINIT;
/* TODO: Build a better cookie (and the mice will beat a path to my door...) */
memcpy(s, "mysecretMYSECRET", 16);
RAND_bytes(s, 16);
s += 16;
/* Ennumerating through these lists twice is probably (certainly?) inefficient from a CPU standpoint, but it saves multiple malloc/realloc calls */

View File

@ -40,6 +40,7 @@
#include <fcntl.h>
#include <unistd.h>
#include <openssl/evp.h>
#include <openssl/rand.h>
/* {{{ libssh2_packet_new
* Create a new packet and attach it to the brigade
@ -627,7 +628,7 @@ int libssh2_packet_write(LIBSSH2_SESSION *session, unsigned char *data, unsigned
/* Copy packet to encoding buffer */
memcpy(encbuf, buf, 5);
memcpy(encbuf + 5, data, data_len);
memcpy(encbuf + 5 + data_len, buf + 5, padding_length);
RAND_bytes(encbuf + 5 + data_len, padding_length);
if (free_data) {
LIBSSH2_FREE(session, data);
}