changeset 532:c67c8c0c6c35

merge of 'e1c100e6366c5d607af08f4abdbb0f4281df4fa9' and 'fe8161b0698c9816b98f79e3cab2b9d59f2be71b'
author Matt Johnston <matt@ucc.asn.au>
date Thu, 26 Feb 2009 13:21:14 +0000
parents 164b7c2cd5df (current diff) 22a0d8355c2c (diff)
children 805ae74ec024
files packet.c
diffstat 4 files changed, 29 insertions(+), 27 deletions(-) [+]
line wrap: on
line diff
--- a/Makefile.in	Thu Feb 26 13:20:53 2009 +0000
+++ b/Makefile.in	Thu Feb 26 13:21:14 2009 +0000
@@ -25,7 +25,7 @@
 SVROBJS=svr-kex.o svr-algo.o svr-auth.o sshpty.o \
 		svr-authpasswd.o svr-authpubkey.o svr-authpubkeyoptions.o svr-session.o svr-service.o \
 		svr-chansession.o svr-runopts.o svr-agentfwd.o svr-main.o svr-x11fwd.o\
-		svr-tcpfwd.o svr-authpam.o
+		svr-tcpfwd.o svr-authpam.o @CRYPTLIB@
 
 CLIOBJS=cli-algo.o cli-main.o cli-auth.o cli-authpasswd.o cli-kex.o \
 		cli-session.o cli-service.o cli-runopts.o cli-chansession.o \
--- a/configure.in	Thu Feb 26 13:20:53 2009 +0000
+++ b/configure.in	Thu Feb 26 13:21:14 2009 +0000
@@ -82,7 +82,8 @@
 	],,,)
 
 # Checks for libraries.
-AC_CHECK_LIB(crypt, crypt, LIBS="$LIBS -lcrypt")
+AC_CHECK_LIB(crypt, crypt, CRYPTLIB="-lcrypt")
+AC_SUBST(CRYPTLIB)	
 
 # Check if zlib is needed
 AC_ARG_WITH(zlib,
--- a/packet.c	Thu Feb 26 13:20:53 2009 +0000
+++ b/packet.c	Thu Feb 26 13:21:14 2009 +0000
@@ -240,17 +240,16 @@
 	buf_setpos(ses.decryptreadbuf, blocksize);
 
 	/* decrypt it */
-	while (ses.readbuf->pos < ses.readbuf->len - macsize) {
-		if (ses.keys->recv_crypt_mode->decrypt(
-					buf_getptr(ses.readbuf, blocksize), 
-					buf_getwriteptr(ses.decryptreadbuf, blocksize),
-					blocksize,
-					&ses.keys->recv_cipher_state) != CRYPT_OK) {
-			dropbear_exit("error decrypting");
-		}
-		buf_incrpos(ses.readbuf, blocksize);
-		buf_incrwritepos(ses.decryptreadbuf, blocksize);
+	len = ses.readbuf->len - macsize - ses.readbuf->pos;
+	if (ses.keys->recv_crypt_mode->decrypt(
+				buf_getptr(ses.readbuf, len), 
+				buf_getwriteptr(ses.decryptreadbuf, len),
+				len,
+				&ses.keys->recv_cipher_state) != CRYPT_OK) {
+		dropbear_exit("error decrypting");
 	}
+	buf_incrpos(ses.readbuf, len);
+	buf_incrwritepos(ses.decryptreadbuf, len);
 
 	/* check the hmac */
 	buf_setpos(ses.readbuf, ses.readbuf->len - macsize);
@@ -454,7 +453,7 @@
 	buffer * writebuf; /* the packet which will go on the wire */
 	buffer * clearwritebuf; /* unencrypted, possibly compressed */
 	unsigned char type;
-	unsigned int clear_len;
+	unsigned int len;
 	
 	type = ses.writepayload->data[0];
 	TRACE(("enter encrypt_packet()"))
@@ -474,12 +473,12 @@
 	/* Encrypted packet len is payload+5, then worst case is if we are 3 away
 	 * from a blocksize multiple. In which case we need to pad to the
 	 * multiple, then add another blocksize (or MIN_PACKET_LEN) */
-	clear_len = (ses.writepayload->len+4+1) + MIN_PACKET_LEN + 3;
+	len = (ses.writepayload->len+4+1) + MIN_PACKET_LEN + 3;
 
 #ifndef DISABLE_ZLIB
-	clear_len += ZLIB_COMPRESS_INCR; /* bit of a kludge, but we can't know len*/
+	len += ZLIB_COMPRESS_INCR; /* bit of a kludge, but we can't know len*/
 #endif
-	clearwritebuf = buf_new(clear_len);
+	clearwritebuf = buf_new(len);
 	buf_setlen(clearwritebuf, PACKET_PAYLOAD_OFF);
 	buf_setpos(clearwritebuf, PACKET_PAYLOAD_OFF);
 
@@ -531,17 +530,16 @@
 	writebuf = buf_new(clearwritebuf->len + macsize);
 
 	/* encrypt it */
-	while (clearwritebuf->pos < clearwritebuf->len) {
-		if (ses.keys->trans_crypt_mode->encrypt(
-					buf_getptr(clearwritebuf, blocksize),
-					buf_getwriteptr(writebuf, blocksize),
-					blocksize,
-					&ses.keys->trans_cipher_state) != CRYPT_OK) {
-			dropbear_exit("error encrypting");
-		}
-		buf_incrpos(clearwritebuf, blocksize);
-		buf_incrwritepos(writebuf, blocksize);
+	len = clearwritebuf->len;
+	if (ses.keys->trans_crypt_mode->encrypt(
+				buf_getptr(clearwritebuf, len),
+				buf_getwriteptr(writebuf, len),
+				len,
+				&ses.keys->trans_cipher_state) != CRYPT_OK) {
+		dropbear_exit("error encrypting");
 	}
+	buf_incrpos(clearwritebuf, len);
+	buf_incrwritepos(writebuf, len);
 
 	/* now add a hmac and we're done */
 	writemac(writebuf, clearwritebuf);
--- a/sysoptions.h	Thu Feb 26 13:20:53 2009 +0000
+++ b/sysoptions.h	Thu Feb 26 13:21:14 2009 +0000
@@ -202,5 +202,8 @@
 #define IS_DROPBEAR_CLIENT 1
 
 #else
-#error You must compiled with either DROPBEAR_CLIENT or DROPBEAR_SERVER selected
+/* Just building key utils? */
+#define IS_DROPBEAR_SERVER 0
+#define IS_DROPBEAR_CLIENT 0
+
 #endif