diff options
author | djm <djm> | 2013-01-09 04:57:16 +0000 |
---|---|---|
committer | djm <djm> | 2013-01-09 04:57:16 +0000 |
commit | 27bcacb18ef915589f16fcab926326f826c2517a (patch) | |
tree | 4b2856a061dbb9acc4e4fac3187d30c31ce1c85c | |
parent | a8f2c39191867af889b9649fc69418011463ea14 (diff) | |
download | openssh-27bcacb18ef915589f16fcab926326f826c2517a.tar.gz |
- djm@cvs.openbsd.org 2013/01/03 12:49:01
[PROTOCOL]
fix description of MAC calculation for EtM modes; ok markus@
-rw-r--r-- | ChangeLog | 3 | ||||
-rw-r--r-- | PROTOCOL | 7 |
2 files changed, 7 insertions, 3 deletions
@@ -16,6 +16,9 @@ add a couple of ServerOptions members that should be copied to the privsep child (for consistency, in this case they happen only to be accessed in the monitor); ok dtucker@ + - djm@cvs.openbsd.org 2013/01/03 12:49:01 + [PROTOCOL] + fix description of MAC calculation for EtM modes; ok markus@ 20121217 - (dtucker) [Makefile.in] Add some scaffolding so that the new regress @@ -70,9 +70,10 @@ verified without decrypting unauthenticated data. As such, the MAC covers: - mac = MAC(key, sequence_number || encrypted_packet) + mac = MAC(key, sequence_number || packet_length || encrypted_packet) -where "encrypted_packet" contains: +where "packet_length" is encoded as a uint32 and "encrypted_packet" +contains: byte padding_length byte[n1] payload; n1 = packet_length - padding_length - 1 @@ -318,4 +319,4 @@ link(oldpath, newpath) and will respond with a SSH_FXP_STATUS message. This extension is advertised in the SSH_FXP_VERSION hello with version "1". -$OpenBSD: PROTOCOL,v 1.18 2012/12/11 22:31:18 markus Exp $ +$OpenBSD: PROTOCOL,v 1.19 2013/01/03 12:49:01 djm Exp $ |