diff options
| author | Colin Watson <cjwatson@debian.org> | 2017-03-29 01:35:00 +0100 |
|---|---|---|
| committer | Colin Watson <cjwatson@debian.org> | 2017-03-29 01:35:00 +0100 |
| commit | 6fabaf6fd9b07cc8bc6a17c9c4a5b76849cfc874 (patch) | |
| tree | b4377d09196e24e2c6f2c2128f66f92cf7891105 /kex.c | |
| parent | 971a7653746a6972b907dfe0ce139c06e4a6f482 (diff) | |
| parent | d38f05dbdd291212bc95ea80648b72b7177e9f4e (diff) | |
Import openssh_7.5p1.orig.tar.gz
Diffstat (limited to 'kex.c')
| -rw-r--r-- | kex.c | 41 |
1 files changed, 27 insertions, 14 deletions
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: kex.c,v 1.127 2016/10/10 19:28:48 markus Exp $ */ | 1 | /* $OpenBSD: kex.c,v 1.131 2017/03/15 07:07:39 markus Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. | 3 | * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. |
| 4 | * | 4 | * |
| @@ -178,7 +178,7 @@ kex_names_valid(const char *names) | |||
| 178 | char * | 178 | char * |
| 179 | kex_names_cat(const char *a, const char *b) | 179 | kex_names_cat(const char *a, const char *b) |
| 180 | { | 180 | { |
| 181 | char *ret = NULL, *tmp = NULL, *cp, *p; | 181 | char *ret = NULL, *tmp = NULL, *cp, *p, *m; |
| 182 | size_t len; | 182 | size_t len; |
| 183 | 183 | ||
| 184 | if (a == NULL || *a == '\0') | 184 | if (a == NULL || *a == '\0') |
| @@ -195,8 +195,10 @@ kex_names_cat(const char *a, const char *b) | |||
| 195 | } | 195 | } |
| 196 | strlcpy(ret, a, len); | 196 | strlcpy(ret, a, len); |
| 197 | for ((p = strsep(&cp, ",")); p && *p != '\0'; (p = strsep(&cp, ","))) { | 197 | for ((p = strsep(&cp, ",")); p && *p != '\0'; (p = strsep(&cp, ","))) { |
| 198 | if (match_list(ret, p, NULL) != NULL) | 198 | if ((m = match_list(ret, p, NULL)) != NULL) { |
| 199 | free(m); | ||
| 199 | continue; /* Algorithm already present */ | 200 | continue; /* Algorithm already present */ |
| 201 | } | ||
| 200 | if (strlcat(ret, ",", len) >= len || | 202 | if (strlcat(ret, ",", len) >= len || |
| 201 | strlcat(ret, p, len) >= len) { | 203 | strlcat(ret, p, len) >= len) { |
| 202 | free(tmp); | 204 | free(tmp); |
| @@ -211,7 +213,8 @@ kex_names_cat(const char *a, const char *b) | |||
| 211 | /* | 213 | /* |
| 212 | * Assemble a list of algorithms from a default list and a string from a | 214 | * Assemble a list of algorithms from a default list and a string from a |
| 213 | * configuration file. The user-provided string may begin with '+' to | 215 | * configuration file. The user-provided string may begin with '+' to |
| 214 | * indicate that it should be appended to the default. | 216 | * indicate that it should be appended to the default or '-' that the |
| 217 | * specified names should be removed. | ||
| 215 | */ | 218 | */ |
| 216 | int | 219 | int |
| 217 | kex_assemble_names(const char *def, char **list) | 220 | kex_assemble_names(const char *def, char **list) |
| @@ -222,14 +225,18 @@ kex_assemble_names(const char *def, char **list) | |||
| 222 | *list = strdup(def); | 225 | *list = strdup(def); |
| 223 | return 0; | 226 | return 0; |
| 224 | } | 227 | } |
| 225 | if (**list != '+') { | 228 | if (**list == '+') { |
| 226 | return 0; | 229 | if ((ret = kex_names_cat(def, *list + 1)) == NULL) |
| 230 | return SSH_ERR_ALLOC_FAIL; | ||
| 231 | free(*list); | ||
| 232 | *list = ret; | ||
| 233 | } else if (**list == '-') { | ||
| 234 | if ((ret = match_filter_list(def, *list + 1)) == NULL) | ||
| 235 | return SSH_ERR_ALLOC_FAIL; | ||
| 236 | free(*list); | ||
| 237 | *list = ret; | ||
| 227 | } | 238 | } |
| 228 | 239 | ||
| 229 | if ((ret = kex_names_cat(def, *list + 1)) == NULL) | ||
| 230 | return SSH_ERR_ALLOC_FAIL; | ||
| 231 | free(*list); | ||
| 232 | *list = ret; | ||
| 233 | return 0; | 240 | return 0; |
| 234 | } | 241 | } |
| 235 | 242 | ||
| @@ -334,7 +341,6 @@ kex_reset_dispatch(struct ssh *ssh) | |||
| 334 | { | 341 | { |
| 335 | ssh_dispatch_range(ssh, SSH2_MSG_TRANSPORT_MIN, | 342 | ssh_dispatch_range(ssh, SSH2_MSG_TRANSPORT_MIN, |
| 336 | SSH2_MSG_TRANSPORT_MAX, &kex_protocol_error); | 343 | SSH2_MSG_TRANSPORT_MAX, &kex_protocol_error); |
| 337 | ssh_dispatch_set(ssh, SSH2_MSG_KEXINIT, &kex_input_kexinit); | ||
| 338 | } | 344 | } |
| 339 | 345 | ||
| 340 | static int | 346 | static int |
| @@ -343,7 +349,7 @@ kex_send_ext_info(struct ssh *ssh) | |||
| 343 | int r; | 349 | int r; |
| 344 | char *algs; | 350 | char *algs; |
| 345 | 351 | ||
| 346 | if ((algs = sshkey_alg_list(0, 1, ',')) == NULL) | 352 | if ((algs = sshkey_alg_list(0, 1, 1, ',')) == NULL) |
| 347 | return SSH_ERR_ALLOC_FAIL; | 353 | return SSH_ERR_ALLOC_FAIL; |
| 348 | if ((r = sshpkt_start(ssh, SSH2_MSG_EXT_INFO)) != 0 || | 354 | if ((r = sshpkt_start(ssh, SSH2_MSG_EXT_INFO)) != 0 || |
| 349 | (r = sshpkt_put_u32(ssh, 1)) != 0 || | 355 | (r = sshpkt_put_u32(ssh, 1)) != 0 || |
| @@ -424,6 +430,7 @@ kex_input_newkeys(int type, u_int32_t seq, void *ctxt) | |||
| 424 | 430 | ||
| 425 | debug("SSH2_MSG_NEWKEYS received"); | 431 | debug("SSH2_MSG_NEWKEYS received"); |
| 426 | ssh_dispatch_set(ssh, SSH2_MSG_NEWKEYS, &kex_protocol_error); | 432 | ssh_dispatch_set(ssh, SSH2_MSG_NEWKEYS, &kex_protocol_error); |
| 433 | ssh_dispatch_set(ssh, SSH2_MSG_KEXINIT, &kex_input_kexinit); | ||
| 427 | if ((r = sshpkt_get_end(ssh)) != 0) | 434 | if ((r = sshpkt_get_end(ssh)) != 0) |
| 428 | return r; | 435 | return r; |
| 429 | if ((r = ssh_set_newkeys(ssh, MODE_IN)) != 0) | 436 | if ((r = ssh_set_newkeys(ssh, MODE_IN)) != 0) |
| @@ -538,6 +545,7 @@ kex_new(struct ssh *ssh, char *proposal[PROPOSAL_MAX], struct kex **kexp) | |||
| 538 | goto out; | 545 | goto out; |
| 539 | kex->done = 0; | 546 | kex->done = 0; |
| 540 | kex_reset_dispatch(ssh); | 547 | kex_reset_dispatch(ssh); |
| 548 | ssh_dispatch_set(ssh, SSH2_MSG_KEXINIT, &kex_input_kexinit); | ||
| 541 | r = 0; | 549 | r = 0; |
| 542 | *kexp = kex; | 550 | *kexp = kex; |
| 543 | out: | 551 | out: |
| @@ -646,8 +654,10 @@ choose_enc(struct sshenc *enc, char *client, char *server) | |||
| 646 | 654 | ||
| 647 | if (name == NULL) | 655 | if (name == NULL) |
| 648 | return SSH_ERR_NO_CIPHER_ALG_MATCH; | 656 | return SSH_ERR_NO_CIPHER_ALG_MATCH; |
| 649 | if ((enc->cipher = cipher_by_name(name)) == NULL) | 657 | if ((enc->cipher = cipher_by_name(name)) == NULL) { |
| 658 | free(name); | ||
| 650 | return SSH_ERR_INTERNAL_ERROR; | 659 | return SSH_ERR_INTERNAL_ERROR; |
| 660 | } | ||
| 651 | enc->name = name; | 661 | enc->name = name; |
| 652 | enc->enabled = 0; | 662 | enc->enabled = 0; |
| 653 | enc->iv = NULL; | 663 | enc->iv = NULL; |
| @@ -665,8 +675,10 @@ choose_mac(struct ssh *ssh, struct sshmac *mac, char *client, char *server) | |||
| 665 | 675 | ||
| 666 | if (name == NULL) | 676 | if (name == NULL) |
| 667 | return SSH_ERR_NO_MAC_ALG_MATCH; | 677 | return SSH_ERR_NO_MAC_ALG_MATCH; |
| 668 | if (mac_setup(mac, name) < 0) | 678 | if (mac_setup(mac, name) < 0) { |
| 679 | free(name); | ||
| 669 | return SSH_ERR_INTERNAL_ERROR; | 680 | return SSH_ERR_INTERNAL_ERROR; |
| 681 | } | ||
| 670 | /* truncate the key */ | 682 | /* truncate the key */ |
| 671 | if (ssh->compat & SSH_BUG_HMAC) | 683 | if (ssh->compat & SSH_BUG_HMAC) |
| 672 | mac->key_len = 16; | 684 | mac->key_len = 16; |
| @@ -690,6 +702,7 @@ choose_comp(struct sshcomp *comp, char *client, char *server) | |||
| 690 | } else if (strcmp(name, "none") == 0) { | 702 | } else if (strcmp(name, "none") == 0) { |
| 691 | comp->type = COMP_NONE; | 703 | comp->type = COMP_NONE; |
| 692 | } else { | 704 | } else { |
| 705 | free(name); | ||
| 693 | return SSH_ERR_INTERNAL_ERROR; | 706 | return SSH_ERR_INTERNAL_ERROR; |
| 694 | } | 707 | } |
| 695 | comp->name = name; | 708 | comp->name = name; |