Attachment 2778 Details for Bug 2521 – The patch to rekey limit computation, based on GitHub commit 2c48eb1

[patch] The patch to rekey limit computation, based on GitHub commit 2c48eb1

0001-subtract-buffer-size-from-computed-rekey-limit-to-av.patch (text/plain), 1.29 KB, created by Aleksander Adamowski on 2016-01-06 09:09:48 AEDT

(hide)

Description:

Filename:

MIME Type:

Creator: Aleksander Adamowski

Created: 2016-01-06 09:09:48 AEDT

Size: 1.29 KB

patch

obsolete

>From 2c48eb1148e7fb44eec4291d7c53d8711df601d2 Mon Sep 17 00:00:00 2001
>From: Aleksander Adamowski <olo@fb.com>
>Date: Tue, 7 Apr 2015 16:59:57 -0700
>Subject: [PATCH] subtract buffer size from computed rekey limit to avoid
> exceeding it
>
>---
> packet.c | 17 ++++++++++++++---
> 1 file changed, 14 insertions(+), 3 deletions(-)
>
>diff --git a/packet.c b/packet.c
>index ec2cbd3..4e26e1d 100644
>--- a/packet.c
>+++ b/packet.c
>@@ -1000,10 +1000,21 @@ ssh_set_newkeys(struct ssh *ssh, int mode)
> 	 * The 2^(blocksize*2) limit is too expensive for 3DES,
> 	 * blowfish, etc, so enforce a 1GB limit for small blocksizes.
> 	 */
>-	if (enc->block_size >= 16)
>-		*max_blocks = (u_int64_t)1 << (enc->block_size*2);
>-	else
>+	if (enc->block_size >= 16) {
>+		*max_blocks = ((u_int64_t)1 << (enc->block_size*2))
>+			/*
>+			 * Subtract the maximum number of blocks that can
>+			 * possibly come from the buffer to avoid
>+			 * running over the limit.
>+			 *
>+			 * Effectively, this currently subtracts 128MB from
>+			 * rekey limits which are 64GB and more.
>+			 */
>+			- ((sshbuf_max_size(state->input) + enc->block_size - 1)
>+				/ enc->block_size);
>+	} else {
> 		*max_blocks = ((u_int64_t)1 << 30) / enc->block_size;
>+	}
> 	if (state->rekey_limit)
> 		*max_blocks = MIN(*max_blocks,
> 		    state->rekey_limit / enc->block_size);
>-- 
>2.4.6
>

Actions: View | Diff

Attachments on bug 2521: 2778 | 2779 | 2780 | 2783