diff options
author | Theo de Raadt <deraadt@cvs.openbsd.org> | 1999-01-08 21:40:29 +0000 |
---|---|---|
committer | Theo de Raadt <deraadt@cvs.openbsd.org> | 1999-01-08 21:40:29 +0000 |
commit | f516dcb4a03468a0ee9f72fa265fd61d97333609 (patch) | |
tree | af3200378d968060024af9d8da984c0a2fbd6f32 /sys/netinet | |
parent | 4839fc21a520d1e38cad78de2a4c654b1c49b20f (diff) |
do not use random bits when not necessary, remove 8-byte block dependence
Diffstat (limited to 'sys/netinet')
-rw-r--r-- | sys/netinet/ip_esp_new.c | 38 | ||||
-rw-r--r-- | sys/netinet/ip_esp_old.c | 44 | ||||
-rw-r--r-- | sys/netinet/ip_ipsp.h | 4 |
3 files changed, 45 insertions, 41 deletions
diff --git a/sys/netinet/ip_esp_new.c b/sys/netinet/ip_esp_new.c index d8036c38420..927091c7294 100644 --- a/sys/netinet/ip_esp_new.c +++ b/sys/netinet/ip_esp_new.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ip_esp_new.c,v 1.27 1998/11/25 09:56:51 niklas Exp $ */ +/* $OpenBSD: ip_esp_new.c,v 1.28 1999/01/08 21:40:26 deraadt Exp $ */ /* * The authors of this code are John Ioannidis (ji@tla.org), @@ -178,7 +178,7 @@ static void blf_encrypt(void *pxd, u_int8_t *blk) { struct esp_new_xdata *xd = pxd; - Blowfish_encipher(&xd->edx_bks, (u_int32_t *)blk, + Blowfish_encipher(&xd->edx_bks, (u_int32_t *) blk, (u_int32_t *) (blk + 4)); } @@ -186,7 +186,7 @@ static void blf_decrypt(void *pxd, u_int8_t *blk) { struct esp_new_xdata *xd = pxd; - Blowfish_decipher(&xd->edx_bks, (u_int32_t *)blk, + Blowfish_decipher(&xd->edx_bks, (u_int32_t *) blk, (u_int32_t *) (blk + 4)); } @@ -714,22 +714,22 @@ esp_new_input(struct mbuf *m, struct tdb *tdb) /* * Now, the entire chain has been decrypted. As a side effect, - * blk[7] contains the next protocol, and blk[6] contains the - * amount of padding the original chain had. Chop off the + * blk[blks - 1] contains the next protocol, and blk[blks - 2] contains + * the amount of padding the original chain had. Chop off the * appropriate parts of the chain, and return. * Verify correct decryption by checking the last padding bytes. */ if ((xd->edx_flags & ESP_NEW_FLAG_NPADDING) == 0) { - if (blk[6] + 2 + alen > m->m_pkthdr.len - (ip->ip_hl << 2) - 2 * sizeof(u_int32_t) - xd->edx_ivlen) + if (blk[blks - 2] + 2 + alen > m->m_pkthdr.len - (ip->ip_hl << 2) - 2 * sizeof(u_int32_t) - xd->edx_ivlen) { - DPRINTF(("esp_new_input(): invalid padding length %d for packet from %x to %x, SA %x/%08x\n", blk[6], ipo.ip_src, ipo.ip_dst, tdb->tdb_dst, ntohl(tdb->tdb_spi))); + DPRINTF(("esp_new_input(): invalid padding length %d for packet from %x to %x, SA %x/%08x\n", blk[blks - 2], ipo.ip_src, ipo.ip_dst, tdb->tdb_dst, ntohl(tdb->tdb_spi))); espstat.esps_badilen++; m_freem(m); return NULL; } - if ((blk[6] != blk[5]) && (blk[6] != 0)) + if ((blk[blks - 2] != blk[blks - 3]) && (blk[blks - 2] != 0)) { if (encdebug) log(LOG_ALERT, "esp_new_input(): decryption failed for packet from %x to %x, SA %x/%08x\n", ipo.ip_src, ipo.ip_dst, tdb->tdb_dst, ntohl(tdb->tdb_spi)); @@ -737,18 +737,18 @@ esp_new_input(struct mbuf *m, struct tdb *tdb) return NULL; } - m_adj(m, - blk[6] - 2 - alen); /* Old type padding */ + m_adj(m, - blk[blks - 2] - 2 - alen); /* Old type padding */ } else { - if (blk[6] + 1 + alen > m->m_pkthdr.len - (ip->ip_hl << 2) - 2 * sizeof(u_int32_t) - xd->edx_ivlen) + if (blk[blks - 2] + 1 + alen > m->m_pkthdr.len - (ip->ip_hl << 2) - 2 * sizeof(u_int32_t) - xd->edx_ivlen) { - DPRINTF(("esp_new_input(): invalid padding length %d for packet from %x to %x, SA %x/%08x\n", blk[6], ipo.ip_src, ipo.ip_dst, tdb->tdb_dst, ntohl(tdb->tdb_spi))); + DPRINTF(("esp_new_input(): invalid padding length %d for packet from %x to %x, SA %x/%08x\n", blk[blks - 2], ipo.ip_src, ipo.ip_dst, tdb->tdb_dst, ntohl(tdb->tdb_spi))); espstat.esps_badilen++; m_freem(m); return NULL; } - if (blk[6] == 0) + if (blk[blks - 2] == 0) { if (encdebug) log(LOG_ALERT, "esp_new_input(): decryption failed for packet from %x to %x, SA %x/%08x -- peer is probably using old style padding\n", ipo.ip_src, ipo.ip_dst, tdb->tdb_dst, ntohl(tdb->tdb_spi)); @@ -756,7 +756,7 @@ esp_new_input(struct mbuf *m, struct tdb *tdb) return NULL; } else - if (blk[6] != blk[5] + 1) + if (blk[blks - 2] != blk[blks - 3] + 1) { if (encdebug) log(LOG_ALERT, "esp_new_input(): decryption failed for packet from %x to %x, SA %x/%08x\n", ipo.ip_src, ipo.ip_dst, tdb->tdb_dst, ntohl(tdb->tdb_spi)); @@ -764,7 +764,7 @@ esp_new_input(struct mbuf *m, struct tdb *tdb) return NULL; } - m_adj(m, - blk[6] - 1 - alen); + m_adj(m, - blk[blks - 2] - 1 - alen); } m_adj(m, 2 * sizeof(u_int32_t) + xd->edx_ivlen); @@ -780,11 +780,11 @@ esp_new_input(struct mbuf *m, struct tdb *tdb) } ip = mtod(m, struct ip *); - ipo.ip_p = blk[7]; + ipo.ip_p = blk[blks - 1]; ipo.ip_id = htons(ipo.ip_id); ipo.ip_off = 0; ipo.ip_len += (ipo.ip_hl << 2) - 2 * sizeof(u_int32_t) - xd->edx_ivlen - - blk[6] - 1 - alen; + blk[blks - 2] - 1 - alen; if ((xd->edx_flags & ESP_NEW_FLAG_NPADDING) == 0) ipo.ip_len -= 1; @@ -802,9 +802,9 @@ esp_new_input(struct mbuf *m, struct tdb *tdb) /* Update the counters */ tdb->tdb_cur_packets++; tdb->tdb_cur_bytes += ntohs(ip->ip_len) - (ip->ip_hl << 2) + - blk[6] + 1 + alen; + blk[blks - 2] + 1 + alen; espstat.esps_ibytes += ntohs(ip->ip_len) - (ip->ip_hl << 2) + - blk[6] + 1 + alen; + blk[blks - 2] + 1 + alen; if ((xd->edx_flags & ESP_NEW_FLAG_NPADDING) == 0) { @@ -943,7 +943,7 @@ esp_new_output(struct mbuf *m, struct sockaddr_encap *gw, struct tdb *tdb, return EMSGSIZE; } - pad = (u_char *) m_pad(m, padding + alen); + pad = (u_char *) m_pad(m, padding + alen, 0); if (pad == NULL) { DPRINTF(("esp_new_output(): m_pad() failed for SA %x/%08x\n", diff --git a/sys/netinet/ip_esp_old.c b/sys/netinet/ip_esp_old.c index 79a163b5860..fe89cd7eaf4 100644 --- a/sys/netinet/ip_esp_old.c +++ b/sys/netinet/ip_esp_old.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ip_esp_old.c,v 1.23 1998/11/25 09:56:51 niklas Exp $ */ +/* $OpenBSD: ip_esp_old.c,v 1.24 1999/01/08 21:40:27 deraadt Exp $ */ /* * The authors of this code are John Ioannidis (ji@tla.org), @@ -458,7 +458,7 @@ esp_old_input(struct mbuf *m, struct tdb *tdb) xd->edx_xform->decrypt(xd, idat); - for (i=0; i<blks; i++) + for (i = 0; i < blks; i++) idat[i] ^= ivp[i]; ivp = ivn; @@ -481,23 +481,23 @@ esp_old_input(struct mbuf *m, struct tdb *tdb) /* * Now, the entire chain has been decrypted. As a side effect, - * blk[7] contains the next protocol, and blk[6] contains the - * amount of padding the original chain had. Chop off the + * blk[blks - 1] contains the next protocol, and blk[blks - 2] contains + * the amount of padding the original chain had. Chop off the * appropriate parts of the chain, and return. * We cannot verify the decryption here (as in ip_esp_new.c), since * the padding may be random. */ - if (blk[6] + 2 > m->m_pkthdr.len - (ip->ip_hl << 2) - sizeof(u_int32_t) - + if (blk[blks - 2] + 2 > m->m_pkthdr.len - (ip->ip_hl << 2) - sizeof(u_int32_t) - xd->edx_ivlen) { - DPRINTF(("esp_old_input(): invalid padding length %d for packet from %x to %x, SA %x/%08x\n", blk[6], ipo.ip_src, ipo.ip_dst, tdb->tdb_dst, ntohl(tdb->tdb_spi))); + DPRINTF(("esp_old_input(): invalid padding length %d for packet from %x to %x, SA %x/%08x\n", blk[blks - 2], ipo.ip_src, ipo.ip_dst, tdb->tdb_dst, ntohl(tdb->tdb_spi))); espstat.esps_badilen++; m_freem(m); return NULL; } - m_adj(m, -blk[6] - 2); + m_adj(m, - blk[blks - 2] - 2); m_adj(m, 4 + xd->edx_ivlen); if (m->m_len < (ipo.ip_hl << 2)) @@ -511,11 +511,11 @@ esp_old_input(struct mbuf *m, struct tdb *tdb) } ip = mtod(m, struct ip *); - ipo.ip_p = blk[7]; + ipo.ip_p = blk[blks - 1]; ipo.ip_id = htons(ipo.ip_id); ipo.ip_off = 0; ipo.ip_len += (ipo.ip_hl << 2) - sizeof(u_int32_t) - xd->edx_ivlen - - blk[6] - 2; + blk[blks - 2] - 2; ipo.ip_len = htons(ipo.ip_len); ipo.ip_sum = 0; *ip = ipo; @@ -528,8 +528,10 @@ esp_old_input(struct mbuf *m, struct tdb *tdb) /* Update the counters */ tdb->tdb_cur_packets++; - tdb->tdb_cur_bytes += ntohs(ip->ip_len) - (ip->ip_hl << 2) + blk[6] + 2; - espstat.esps_ibytes += ntohs(ip->ip_len) - (ip->ip_hl << 2) + blk[6] + 2; + tdb->tdb_cur_bytes += ntohs(ip->ip_len) - (ip->ip_hl << 2) + + blk[blks - 2] + 2; + espstat.esps_ibytes += ntohs(ip->ip_len) - (ip->ip_hl << 2) + + blk[blks - 2] + 2; /* Notify on expiration */ if (tdb->tdb_flags & TDBF_SOFT_PACKETS) @@ -637,7 +639,7 @@ esp_old_output(struct mbuf *m, struct sockaddr_encap *gw, struct tdb *tdb, return EMSGSIZE; } - pad = (u_char *) m_pad(m, padding); + pad = (u_char *) m_pad(m, padding, 1); if (pad == NULL) { DPRINTF(("esp_old_output(): m_pad() failed for SA %x/%08x\n", @@ -742,7 +744,7 @@ esp_old_output(struct mbuf *m, struct sockaddr_encap *gw, struct tdb *tdb, while (ilen >= blks && plen > 0) { - for (i=0; i<blks; i++) + for (i = 0; i < blks; i++) idat[i] ^= ivp[i]; xd->edx_xform->encrypt(xd, idat); @@ -853,12 +855,13 @@ esp_old_output(struct mbuf *m, struct sockaddr_encap *gw, struct tdb *tdb, * * m_pad(m, n) pads <m> with <n> bytes at the end. The packet header * length is updated, and a pointer to the first byte of the padding - * (which is guaranteed to be all in one mbuf) is returned. + * (which is guaranteed to be all in one mbuf) is returned. The third + * argument specifies whether we need randompadding or not. * */ caddr_t -m_pad(struct mbuf *m, int n) +m_pad(struct mbuf *m, int n, int randompadding) { register struct mbuf *m0, *m1; register int len, pad; @@ -914,11 +917,12 @@ m_pad(struct mbuf *m, int n) m0->m_len += pad; m->m_pkthdr.len += pad; - for (len = 0; len < n; len++) - { - get_random_bytes((void *) &dat, sizeof(u_int8_t)); - retval[len] = len + dat; - } + if (randompadding) + for (len = 0; len < n; len++) + { + get_random_bytes((void *) &dat, sizeof(u_int8_t)); + retval[len] = len + dat; + } return retval; } diff --git a/sys/netinet/ip_ipsp.h b/sys/netinet/ip_ipsp.h index 935a6472736..ade1e34521d 100644 --- a/sys/netinet/ip_ipsp.h +++ b/sys/netinet/ip_ipsp.h @@ -1,4 +1,4 @@ -/* $OpenBSD: ip_ipsp.h,v 1.20 1998/11/25 11:47:17 niklas Exp $ */ +/* $OpenBSD: ip_ipsp.h,v 1.21 1999/01/08 21:40:28 deraadt Exp $ */ /* * The authors of this code are John Ioannidis (ji@tla.org), @@ -277,7 +277,7 @@ extern int esp_new_output(struct mbuf *, struct sockaddr_encap *, struct tdb *, extern struct mbuf *esp_new_input(struct mbuf *, struct tdb *); /* Padding */ -extern caddr_t m_pad(struct mbuf *, int); +extern caddr_t m_pad(struct mbuf *, int, int); /* Replay window */ extern int checkreplaywindow32(u_int32_t, u_int32_t, u_int32_t *, u_int32_t, |