diff options
| author | Damien Miller <djm@mindrot.org> | 2009-01-28 16:38:41 +1100 |
|---|---|---|
| committer | Damien Miller <djm@mindrot.org> | 2009-01-28 16:38:41 +1100 |
| commit | 13ae44ce5865b720708aae9cb1d2e2f08a0d90cb (patch) | |
| tree | b9acd30c2e1edfa1a4b7dcc26b8c11f8ea77b855 /cipher.h | |
| parent | 9aa72ba57af907af8f7228f64fca8a474797898f (diff) | |
| download | openssh-git-13ae44ce5865b720708aae9cb1d2e2f08a0d90cb.tar.gz | |
- markus@cvs.openbsd.org 2009/01/26 09:58:15
[cipher.c cipher.h packet.c]
Work around the CPNI-957037 Plaintext Recovery Attack by always
reading 256K of data on packet size or HMAC errors (in CBC mode only).
Help, feedback and ok djm@
Feedback from Martin Albrecht and Paterson Kenny
Diffstat (limited to 'cipher.h')
| -rw-r--r-- | cipher.h | 3 |
1 files changed, 2 insertions, 1 deletions
@@ -1,4 +1,4 @@ -/* $OpenBSD: cipher.h,v 1.36 2006/03/25 22:22:42 djm Exp $ */ +/* $OpenBSD: cipher.h,v 1.37 2009/01/26 09:58:15 markus Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> @@ -81,6 +81,7 @@ void cipher_cleanup(CipherContext *); void cipher_set_key_string(CipherContext *, Cipher *, const char *, int); u_int cipher_blocksize(const Cipher *); u_int cipher_keylen(const Cipher *); +u_int cipher_is_cbc(const Cipher *); u_int cipher_get_number(const Cipher *); void cipher_get_keyiv(CipherContext *, u_char *, u_int); |