diff options
author | Ben Lindstrom <mouring@eviladmin.org> | 2001-04-05 02:05:21 +0000 |
---|---|---|
committer | Ben Lindstrom <mouring@eviladmin.org> | 2001-04-05 02:05:21 +0000 |
commit | 5ba23b39bf2d8d2c9c0747b9a66f356180306691 (patch) | |
tree | 402e41d5b01532ef4579ba5eaccd212433415510 | |
parent | 8e312f3db05059499cf6655663ce31e73d508817 (diff) |
- markus@cvs.openbsd.org 2001/04/04 23:09:18
[dh.c kex.c packet.c]
clear+free keys,iv for rekeying.
+ fix DH mem leaks. ok niels@
-rw-r--r-- | ChangeLog | 6 | ||||
-rw-r--r-- | dh.c | 13 | ||||
-rw-r--r-- | kex.c | 5 | ||||
-rw-r--r-- | packet.c | 27 |
4 files changed, 30 insertions, 21 deletions
@@ -24,6 +24,10 @@ | |||
24 | [kex.c kexgex.c serverloop.c] | 24 | [kex.c kexgex.c serverloop.c] |
25 | parse full kexinit packet. | 25 | parse full kexinit packet. |
26 | make server-side more robust, too. | 26 | make server-side more robust, too. |
27 | - markus@cvs.openbsd.org 2001/04/04 23:09:18 | ||
28 | [dh.c kex.c packet.c] | ||
29 | clear+free keys,iv for rekeying. | ||
30 | + fix DH mem leaks. ok niels@ | ||
27 | 31 | ||
28 | 20010404 | 32 | 20010404 |
29 | - OpenBSD CVS Sync | 33 | - OpenBSD CVS Sync |
@@ -4863,4 +4867,4 @@ | |||
4863 | - Wrote replacements for strlcpy and mkdtemp | 4867 | - Wrote replacements for strlcpy and mkdtemp |
4864 | - Released 1.0pre1 | 4868 | - Released 1.0pre1 |
4865 | 4869 | ||
4866 | $Id: ChangeLog,v 1.1060 2001/04/04 23:50:21 mouring Exp $ | 4870 | $Id: ChangeLog,v 1.1061 2001/04/05 02:05:21 mouring Exp $ |
@@ -23,7 +23,7 @@ | |||
23 | */ | 23 | */ |
24 | 24 | ||
25 | #include "includes.h" | 25 | #include "includes.h" |
26 | RCSID("$OpenBSD: dh.c,v 1.12 2001/04/03 19:53:29 markus Exp $"); | 26 | RCSID("$OpenBSD: dh.c,v 1.13 2001/04/04 23:09:17 markus Exp $"); |
27 | 27 | ||
28 | #include "xmalloc.h" | 28 | #include "xmalloc.h" |
29 | 29 | ||
@@ -151,11 +151,9 @@ choose_dh(int min, int wantbits, int max) | |||
151 | while (fgets(line, sizeof(line), f)) { | 151 | while (fgets(line, sizeof(line), f)) { |
152 | if (!parse_prime(linenum, line, &dhg)) | 152 | if (!parse_prime(linenum, line, &dhg)) |
153 | continue; | 153 | continue; |
154 | if (dhg.size > max || dhg.size < min) | 154 | if ((dhg.size > max || dhg.size < min) || |
155 | continue; | 155 | dhg.size != best || |
156 | if (dhg.size != best) | 156 | linenum++ != which) { |
157 | continue; | ||
158 | if (linenum++ != which) { | ||
159 | BN_free(dhg.g); | 157 | BN_free(dhg.g); |
160 | BN_free(dhg.p); | 158 | BN_free(dhg.p); |
161 | continue; | 159 | continue; |
@@ -163,6 +161,9 @@ choose_dh(int min, int wantbits, int max) | |||
163 | break; | 161 | break; |
164 | } | 162 | } |
165 | fclose(f); | 163 | fclose(f); |
164 | if (linenum != which+1) | ||
165 | fatal("WARNING: line %d disappeared in %s, giving up", | ||
166 | which, _PATH_DH_PRIMES); | ||
166 | 167 | ||
167 | return (dh_new_group(dhg.g, dhg.p)); | 168 | return (dh_new_group(dhg.g, dhg.p)); |
168 | } | 169 | } |
@@ -23,7 +23,7 @@ | |||
23 | */ | 23 | */ |
24 | 24 | ||
25 | #include "includes.h" | 25 | #include "includes.h" |
26 | RCSID("$OpenBSD: kex.c,v 1.31 2001/04/04 22:04:34 markus Exp $"); | 26 | RCSID("$OpenBSD: kex.c,v 1.32 2001/04/04 23:09:18 markus Exp $"); |
27 | 27 | ||
28 | #include <openssl/crypto.h> | 28 | #include <openssl/crypto.h> |
29 | 29 | ||
@@ -136,10 +136,13 @@ kex_finish(Kex *kex) | |||
136 | debug("waiting for SSH2_MSG_NEWKEYS"); | 136 | debug("waiting for SSH2_MSG_NEWKEYS"); |
137 | packet_read_expect(&plen, SSH2_MSG_NEWKEYS); | 137 | packet_read_expect(&plen, SSH2_MSG_NEWKEYS); |
138 | debug("SSH2_MSG_NEWKEYS received"); | 138 | debug("SSH2_MSG_NEWKEYS received"); |
139 | |||
139 | kex->done = 1; | 140 | kex->done = 1; |
140 | buffer_clear(&kex->peer); | 141 | buffer_clear(&kex->peer); |
141 | /* buffer_clear(&kex->my); */ | 142 | /* buffer_clear(&kex->my); */ |
142 | kex->flags &= ~KEX_INIT_SENT; | 143 | kex->flags &= ~KEX_INIT_SENT; |
144 | xfree(kex->name); | ||
145 | kex->name = NULL; | ||
143 | } | 146 | } |
144 | 147 | ||
145 | void | 148 | void |
@@ -37,7 +37,7 @@ | |||
37 | */ | 37 | */ |
38 | 38 | ||
39 | #include "includes.h" | 39 | #include "includes.h" |
40 | RCSID("$OpenBSD: packet.c,v 1.58 2001/04/04 09:48:34 markus Exp $"); | 40 | RCSID("$OpenBSD: packet.c,v 1.59 2001/04/04 23:09:18 markus Exp $"); |
41 | 41 | ||
42 | #include "xmalloc.h" | 42 | #include "xmalloc.h" |
43 | #include "buffer.h" | 43 | #include "buffer.h" |
@@ -124,16 +124,6 @@ int use_ssh2_packet_format = 0; | |||
124 | Newkeys *newkeys[MODE_MAX]; | 124 | Newkeys *newkeys[MODE_MAX]; |
125 | 125 | ||
126 | void | 126 | void |
127 | clear_enc_keys(Enc *enc, int len) | ||
128 | { | ||
129 | memset(enc->iv, 0, len); | ||
130 | memset(enc->key, 0, len); | ||
131 | xfree(enc->iv); | ||
132 | xfree(enc->key); | ||
133 | enc->iv = NULL; | ||
134 | enc->key = NULL; | ||
135 | } | ||
136 | void | ||
137 | packet_set_ssh2_format(void) | 127 | packet_set_ssh2_format(void) |
138 | { | 128 | { |
139 | DBG(debug("use_ssh2_packet_format")); | 129 | DBG(debug("use_ssh2_packet_format")); |
@@ -524,8 +514,18 @@ set_newkeys(int mode) | |||
524 | cc = (mode == MODE_OUT) ? &send_context : &receive_context; | 514 | cc = (mode == MODE_OUT) ? &send_context : &receive_context; |
525 | if (newkeys[mode] != NULL) { | 515 | if (newkeys[mode] != NULL) { |
526 | debug("newkeys: rekeying"); | 516 | debug("newkeys: rekeying"); |
527 | memset(cc, 0, sizeof(*cc)); | ||
528 | /* todo: free old keys, reset compression/cipher-ctxt; */ | 517 | /* todo: free old keys, reset compression/cipher-ctxt; */ |
518 | memset(cc, 0, sizeof(*cc)); | ||
519 | enc = &newkeys[mode]->enc; | ||
520 | mac = &newkeys[mode]->mac; | ||
521 | comp = &newkeys[mode]->comp; | ||
522 | memset(mac->key, 0, mac->key_len); | ||
523 | xfree(enc->name); | ||
524 | xfree(enc->iv); | ||
525 | xfree(enc->key); | ||
526 | xfree(mac->name); | ||
527 | xfree(mac->key); | ||
528 | xfree(comp->name); | ||
529 | xfree(newkeys[mode]); | 529 | xfree(newkeys[mode]); |
530 | } | 530 | } |
531 | newkeys[mode] = kex_get_newkeys(mode); | 531 | newkeys[mode] = kex_get_newkeys(mode); |
@@ -539,7 +539,8 @@ set_newkeys(int mode) | |||
539 | DBG(debug("cipher_init_context: %d", mode)); | 539 | DBG(debug("cipher_init_context: %d", mode)); |
540 | cipher_init(cc, enc->cipher, enc->key, enc->cipher->key_len, | 540 | cipher_init(cc, enc->cipher, enc->key, enc->cipher->key_len, |
541 | enc->iv, enc->cipher->block_size); | 541 | enc->iv, enc->cipher->block_size); |
542 | clear_enc_keys(enc, enc->cipher->key_len); | 542 | memset(enc->iv, 0, enc->cipher->block_size); |
543 | memset(enc->key, 0, enc->cipher->key_len); | ||
543 | if (comp->type != 0 && comp->enabled == 0) { | 544 | if (comp->type != 0 && comp->enabled == 0) { |
544 | comp->enabled = 1; | 545 | comp->enabled = 1; |
545 | if (! packet_compression) | 546 | if (! packet_compression) |