Skip to content

Commit

Permalink
OpenSSH: correct logic error in ObscureKeystrokeTiming
Browse files Browse the repository at this point in the history
Cherry-pick fix:
upstream: when sending ObscureKeystrokeTiming chaff packets, we
can't rely on channel_did_enqueue to tell that there is data to send. This
flag indicates that the channels code enqueued a packet on _this_ ppoll()
iteration, not that data was enqueued in _any_ ppoll() iteration in the
timeslice. ok markus@

OpenBSD-Commit-ID: 009b74fd2769b36b5284a0188ade182f00564136

Obtained from:	openssh-portable 146c420d29d0
Reviewed by:	gordon
Sponsored by:	The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D45823
  • Loading branch information
emaste committed Jul 4, 2024
1 parent a2e65d4 commit 8598794
Showing 1 changed file with 3 additions and 2 deletions.
5 changes: 3 additions & 2 deletions crypto/openssh/clientloop.c
Original file line number Diff line number Diff line change
Expand Up @@ -608,8 +608,9 @@ obfuscate_keystroke_timing(struct ssh *ssh, struct timespec *timeout,
if (timespeccmp(&now, &chaff_until, >=)) {
/* Stop if there have been no keystrokes for a while */
stop_reason = "chaff time expired";
} else if (timespeccmp(&now, &next_interval, >=)) {
/* Otherwise if we were due to send, then send chaff */
} else if (timespeccmp(&now, &next_interval, >=) &&
!ssh_packet_have_data_to_write(ssh)) {
/* If due to send but have no data, then send chaff */
if (send_chaff(ssh))
nchaff++;
}
Expand Down

0 comments on commit 8598794

Please sign in to comment.