← Back to branch summary

~ubuntu-branches/ubuntu/utopic/dropbear/utopic-proposed

« back to all changes in this revision

Viewing changes to common-kex.c

  • Committer: Bazaar Package Importer
  • Author(s): Gerrit Pape, Matt Johnston, Gerrit Pape
  • Date: 2008-11-19 20:58:59 UTC
  • mfrom: (1.4.2 upstream)
  • mto: This revision was merged to the branch mainline in revision 11.
  • Revision ID: james.westby@ubuntu.com-20081119205859-dmeze0y6b16ia93v
Tags: 0.52-1
http://bugs.debian.org/495823
http://bugs.debian.org/495825
http://bugs.debian.org/465903
[ Matt Johnston ]
* New upstream release.
  * dbclient.1: mention optional 'command' argument (closes: #495823).

[ Gerrit Pape ]
* debian/diff/0001-dbclient.1-dbclient-uses-compression-if...diff:
  new; dbclient.1: dbclient uses compression if compiled with zlib
  support (thx Luca Capello, closes: #495825).
* debian/initramfs/*: new; cryptroot remote unlocking on boot feature
  (thx debian@x.ray.net).
* debian/rules: install debian/initramfs/* (thx debian@x.ray.net).
* debian/control: Suggests: udev (for cryptroot support, thx
  debian@x.ray.net).
* debian/dropbear.postinst: conditionally run update-initramfs -u
  (for cryptroot support, thx debian@x.ray.net. closes: #465903).
* debian/diff/0002-dropbearkey.8-mention-y-option-add-example.diff:
  new; mention -y option, add example (thx debian@x.ray.net).

Show diffs side-by-side

added added

removed removed

Lines of Context:
common-kex.c
295
295
        recv_cipher = find_cipher(ses.newkeys->recv_algo_crypt->cipherdesc->name);
296
296
        if (recv_cipher < 0)
297
297
            dropbear_exit("crypto error");
298
 
                
299
 
        if (cbc_start(recv_cipher, recv_IV, recv_key, 
 
298
        if (ses.newkeys->recv_crypt_mode->start(recv_cipher, 
 
299
                        recv_IV, recv_key, 
300
300
                        ses.newkeys->recv_algo_crypt->keysize, 0, 
301
 
                        &ses.newkeys->recv_symmetric_struct) != CRYPT_OK) {
 
301
                        &ses.newkeys->recv_cipher_state) != CRYPT_OK) {
302
302
                dropbear_exit("crypto error");
303
303
        }
 
304
 
304
305
        trans_cipher = find_cipher(ses.newkeys->trans_algo_crypt->cipherdesc->name);
305
306
        if (trans_cipher < 0)
306
307
            dropbear_exit("crypto error");
307
 
                
308
 
        if (cbc_start(trans_cipher, trans_IV, trans_key, 
 
308
        if (ses.newkeys->trans_crypt_mode->start(trans_cipher, 
 
309
                        trans_IV, trans_key, 
309
310
                        ses.newkeys->trans_algo_crypt->keysize, 0, 
310
 
                        &ses.newkeys->trans_symmetric_struct) != CRYPT_OK) {
 
311
                        &ses.newkeys->trans_cipher_state) != CRYPT_OK) {
311
312
                dropbear_exit("crypto error");
312
313
        }
313
314
        
331
332
}
332
333
 
333
334
#ifndef DISABLE_ZLIB
 
335
 
 
336
int is_compress_trans() {
 
337
        return ses.keys->trans_algo_comp == DROPBEAR_COMP_ZLIB
 
338
                || (ses.authstate.authdone
 
339
                        && ses.keys->trans_algo_comp == DROPBEAR_COMP_ZLIB_DELAY);
 
340
}
 
341
 
 
342
int is_compress_recv() {
 
343
        return ses.keys->recv_algo_comp == DROPBEAR_COMP_ZLIB
 
344
                || (ses.authstate.authdone
 
345
                        && ses.keys->recv_algo_comp == DROPBEAR_COMP_ZLIB_DELAY);
 
346
}
 
347
 
334
348
/* Set up new zlib compression streams, close the old ones. Only
335
349
 * called from gen_new_keys() */
336
350
static void gen_new_zstreams() {
337
351
 
338
352
        /* create new zstreams */
339
 
        if (ses.newkeys->recv_algo_comp == DROPBEAR_COMP_ZLIB) {
 
353
        if (ses.newkeys->recv_algo_comp == DROPBEAR_COMP_ZLIB
 
354
                        || ses.newkeys->recv_algo_comp == DROPBEAR_COMP_ZLIB_DELAY) {
340
355
                ses.newkeys->recv_zstream = (z_streamp)m_malloc(sizeof(z_stream));
341
356
                ses.newkeys->recv_zstream->zalloc = Z_NULL;
342
357
                ses.newkeys->recv_zstream->zfree = Z_NULL;
348
363
                ses.newkeys->recv_zstream = NULL;
349
364
        }
350
365
 
351
 
        if (ses.newkeys->trans_algo_comp == DROPBEAR_COMP_ZLIB) {
 
366
        if (ses.newkeys->trans_algo_comp == DROPBEAR_COMP_ZLIB
 
367
                        || ses.newkeys->trans_algo_comp == DROPBEAR_COMP_ZLIB_DELAY) {
352
368
                ses.newkeys->trans_zstream = (z_streamp)m_malloc(sizeof(z_stream));
353
369
                ses.newkeys->trans_zstream->zalloc = Z_NULL;
354
370
                ses.newkeys->trans_zstream->zfree = Z_NULL;
360
376
        } else {
361
377
                ses.newkeys->trans_zstream = NULL;
362
378
        }
363
 
        
 
379
 
364
380
        /* clean up old keys */
365
381
        if (ses.keys->recv_zstream != NULL) {
366
382
                if (inflateEnd(ses.keys->recv_zstream) == Z_STREAM_ERROR) {
377
393
                m_free(ses.keys->trans_zstream);
378
394
        }
379
395
}
380
 
#endif
 
396
#endif /* DISABLE_ZLIB */
381
397
 
382
398
 
383
399
/* Executed upon receiving a kexinit message from the client to initiate
686
702
                        (struct dropbear_cipher*)s2c_cipher_algo->data;
687
703
                ses.newkeys->trans_algo_crypt = 
688
704
                        (struct dropbear_cipher*)c2s_cipher_algo->data;
 
705
                ses.newkeys->recv_crypt_mode = 
 
706
                        (struct dropbear_cipher_mode*)s2c_cipher_algo->mode;
 
707
                ses.newkeys->trans_crypt_mode =
 
708
                        (struct dropbear_cipher_mode*)c2s_cipher_algo->mode;
689
709
                ses.newkeys->recv_algo_mac = 
690
710
                        (struct dropbear_hash*)s2c_hash_algo->data;
691
711
                ses.newkeys->trans_algo_mac = 
698
718
                        (struct dropbear_cipher*)c2s_cipher_algo->data;
699
719
                ses.newkeys->trans_algo_crypt = 
700
720
                        (struct dropbear_cipher*)s2c_cipher_algo->data;
 
721
                ses.newkeys->recv_crypt_mode =
 
722
                        (struct dropbear_cipher_mode*)c2s_cipher_algo->mode;
 
723
                ses.newkeys->trans_crypt_mode =
 
724
                        (struct dropbear_cipher_mode*)s2c_cipher_algo->mode;
701
725
                ses.newkeys->recv_algo_mac = 
702
726
                        (struct dropbear_hash*)c2s_hash_algo->data;
703
727
                ses.newkeys->trans_algo_mac =