summaryrefslogtreecommitdiff
path: root/cipher.c
diff options
context:
space:
mode:
authorDamien Miller <djm@mindrot.org>2000-04-12 20:17:38 +1000
committerDamien Miller <djm@mindrot.org>2000-04-12 20:17:38 +1000
commit78928793fb23a3a4c80ae62eca6a7826b2987690 (patch)
treeadd8a953ac4cf06877b91624fe7f647b17e6cf6f /cipher.c
parentefb4afe0265333ce554f699c2a19ae249dd8d1b5 (diff)
- OpenBSD CVS updates:
- [channels.c] repair x11-fwd - [sshconnect.c] fix passwd prompt for ssh2, less debugging output. - [clientloop.c compat.c dsa.c kex.c sshd.c] less debugging output - [kex.c kex.h sshconnect.c sshd.c] check for reasonable public DH values - [README.openssh2 cipher.c cipher.h compat.c compat.h readconf.c] [readconf.h servconf.c servconf.h ssh.c ssh.h sshconnect.c sshd.c] add Cipher and Protocol options to ssh/sshd, e.g.: ssh -o 'Protocol 1,2' if you prefer proto 1, ssh -o 'Ciphers arcfour,3des-cbc' - [sshd.c] print 1.99 only if server supports both
Diffstat (limited to 'cipher.c')
-rw-r--r--cipher.c37
1 files changed, 31 insertions, 6 deletions
diff --git a/cipher.c b/cipher.c
index 8911ffef..27debf90 100644
--- a/cipher.c
+++ b/cipher.c
@@ -12,11 +12,11 @@
*/
#include "includes.h"
-RCSID("$Id: cipher.c,v 1.16 2000/04/06 02:32:39 damien Exp $");
+RCSID("$Id: cipher.c,v 1.17 2000/04/12 10:17:39 damien Exp $");
#include "ssh.h"
#include "cipher.h"
-#include "config.h"
+#include "xmalloc.h"
#ifdef HAVE_OPENSSL
#include <openssl/md5.h>
@@ -26,7 +26,9 @@ RCSID("$Id: cipher.c,v 1.16 2000/04/06 02:32:39 damien Exp $");
#endif
/*
- * What kind of tripple DES are these 2 routines?
+ * This is used by SSH1:
+ *
+ * What kind of triple DES are these 2 routines?
*
* Why is there a redundant initialization vector?
*
@@ -81,7 +83,7 @@ SSH_3CBC_DECRYPT(des_key_schedule ks1,
}
/*
- * SSH uses a variation on Blowfish, all bytes must be swapped before
+ * SSH1 uses a variation on Blowfish, all bytes must be swapped before
* and after encryption/decryption. Thus the swap_bytes stuff (yuk).
*/
static void
@@ -167,10 +169,34 @@ cipher_name(int cipher)
{
if (cipher < 0 || cipher >= sizeof(cipher_names) / sizeof(cipher_names[0]) ||
cipher_names[cipher] == NULL)
- fatal("cipher_name: bad cipher number: %d", cipher);
+ fatal("cipher_name: bad cipher name: %d", cipher);
return cipher_names[cipher];
}
+/* Returns 1 if the name of the ciphers are valid. */
+
+#define CIPHER_SEP ","
+int
+ciphers_valid(const char *names)
+{
+ char *ciphers;
+ char *p;
+ int i;
+
+ if (strcmp(names, "") == 0)
+ return 0;
+ ciphers = xstrdup(names);
+ for ((p = strtok(ciphers, CIPHER_SEP)); p; (p = strtok(NULL, CIPHER_SEP))) {
+ i = cipher_number(p);
+ if (i == -1 || !(cipher_mask2() & (1 << i))) {
+ xfree(ciphers);
+ return 0;
+ }
+ }
+ xfree(ciphers);
+ return 1;
+}
+
/*
* Parses the name of the cipher. Returns the number of the corresponding
* cipher, or -1 on error.
@@ -271,7 +297,6 @@ cipher_set_key(CipherContext *context, int cipher, const unsigned char *key,
memset(padded, 0, sizeof(padded));
}
-
void
cipher_set_key_iv(CipherContext * context, int cipher,
const unsigned char *key, int keylen,