Do the RC4_ALIGN dance also for sideband connections.

[paraslash.git] / crypt.c

diff --git a/crypt.c b/crypt.c
index b754c0919e6fbccca77c0d662bddf59c6351fca6..17026cc63525c5527f63fb95c27242dc272add23 100644 (file)
--- a/crypt.c
+++ b/crypt.c
@@ -319,19 +319,26 @@ int sc_recv_bin_buffer(struct stream_cipher_context *scc, char *buf,
 
 void sc_crypt(struct stream_cipher *sc, struct iovec *src, struct iovec *dst)
 {
+       size_t len = src->iov_len, l1, l2;
        RC4_KEY *key = &sc->key;
 
+       assert(len > 0);
+       assert(len < ((typeof(src->iov_len))-1) / 2);
+       l1 = ROUND_DOWN(len, RC4_ALIGN);
+       l2 = ROUND_UP(len, RC4_ALIGN);
+
        *dst = (typeof(*dst)) {
-               /*
-                * Add one for the terminating zero byte. Integer overflow is
-                * no problem here as para_malloc() aborts when given a zero
-                * size argument.
-                */
-               .iov_base = para_malloc(src->iov_len + 1),
-               .iov_len = src->iov_len
+               /* Add one for the terminating zero byte. */
+               .iov_base = para_malloc(l2 + 1),
+               .iov_len = len
        };
-       RC4(key, src->iov_len, src->iov_base, dst->iov_base);
-       ((char *)dst->iov_base)[dst->iov_len] = '\0';
+       RC4(key, l1, src->iov_base, dst->iov_base);
+       if (len > l1) {
+               unsigned char remainder[RC4_ALIGN] = "";
+               memcpy(remainder, src->iov_base + l1, len - l1);
+               RC4(key, len - l1, remainder, dst->iov_base + l1);
+       }
+       ((char *)dst->iov_base)[len] = '\0';
 }
 
 void hash_function(const char *data, unsigned long len, unsigned char *hash)