34 lines
1.3 KiB
Diff
34 lines
1.3 KiB
Diff
From 146c420d29d055cc75c8606327a1cf8439fe3a08 Mon Sep 17 00:00:00 2001
|
|
From: "djm@openbsd.org" <djm@openbsd.org>
|
|
Date: Mon, 1 Jul 2024 04:31:17 +0000
|
|
Subject: upstream: when sending ObscureKeystrokeTiming chaff packets, we
|
|
|
|
can't rely on channel_did_enqueue to tell that there is data to send. This
|
|
flag indicates that the channels code enqueued a packet on _this_ ppoll()
|
|
iteration, not that data was enqueued in _any_ ppoll() iteration in the
|
|
timeslice. ok markus@
|
|
|
|
OpenBSD-Commit-ID: 009b74fd2769b36b5284a0188ade182f00564136
|
|
---
|
|
clientloop.c | 5 ++++---
|
|
1 file changed, 3 insertions(+), 2 deletions(-)
|
|
|
|
diff --git a/clientloop.c b/clientloop.c
|
|
index 0b6f3c9b..8ed8b1c3 100644
|
|
--- a/clientloop.c
|
|
+++ b/clientloop.c
|
|
@@ -607,8 +607,9 @@ obfuscate_keystroke_timing(struct ssh *ssh, struct timespec *timeout,
|
|
if (timespeccmp(&now, &chaff_until, >=)) {
|
|
/* Stop if there have been no keystrokes for a while */
|
|
stop_reason = "chaff time expired";
|
|
- } else if (timespeccmp(&now, &next_interval, >=)) {
|
|
- /* Otherwise if we were due to send, then send chaff */
|
|
+ } else if (timespeccmp(&now, &next_interval, >=) &&
|
|
+ !ssh_packet_have_data_to_write(ssh)) {
|
|
+ /* If due to send but have no data, then send chaff */
|
|
if (send_chaff(ssh))
|
|
nchaff++;
|
|
}
|
|
--
|
|
cgit v1.2.3
|