summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--ChangeLog6
-rw-r--r--dh.c13
-rw-r--r--kex.c5
-rw-r--r--packet.c27
4 files changed, 30 insertions, 21 deletions
diff --git a/ChangeLog b/ChangeLog
index e3d3e7af2..60dcf8ebe 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -24,6 +24,10 @@
24 [kex.c kexgex.c serverloop.c] 24 [kex.c kexgex.c serverloop.c]
25 parse full kexinit packet. 25 parse full kexinit packet.
26 make server-side more robust, too. 26 make server-side more robust, too.
27 - markus@cvs.openbsd.org 2001/04/04 23:09:18
28 [dh.c kex.c packet.c]
29 clear+free keys,iv for rekeying.
30 + fix DH mem leaks. ok niels@
27 31
2820010404 3220010404
29 - OpenBSD CVS Sync 33 - OpenBSD CVS Sync
@@ -4863,4 +4867,4 @@
4863 - Wrote replacements for strlcpy and mkdtemp 4867 - Wrote replacements for strlcpy and mkdtemp
4864 - Released 1.0pre1 4868 - Released 1.0pre1
4865 4869
4866$Id: ChangeLog,v 1.1060 2001/04/04 23:50:21 mouring Exp $ 4870$Id: ChangeLog,v 1.1061 2001/04/05 02:05:21 mouring Exp $
diff --git a/dh.c b/dh.c
index 03b9fd1b8..982064f54 100644
--- a/dh.c
+++ b/dh.c
@@ -23,7 +23,7 @@
23 */ 23 */
24 24
25#include "includes.h" 25#include "includes.h"
26RCSID("$OpenBSD: dh.c,v 1.12 2001/04/03 19:53:29 markus Exp $"); 26RCSID("$OpenBSD: dh.c,v 1.13 2001/04/04 23:09:17 markus Exp $");
27 27
28#include "xmalloc.h" 28#include "xmalloc.h"
29 29
@@ -151,11 +151,9 @@ choose_dh(int min, int wantbits, int max)
151 while (fgets(line, sizeof(line), f)) { 151 while (fgets(line, sizeof(line), f)) {
152 if (!parse_prime(linenum, line, &dhg)) 152 if (!parse_prime(linenum, line, &dhg))
153 continue; 153 continue;
154 if (dhg.size > max || dhg.size < min) 154 if ((dhg.size > max || dhg.size < min) ||
155 continue; 155 dhg.size != best ||
156 if (dhg.size != best) 156 linenum++ != which) {
157 continue;
158 if (linenum++ != which) {
159 BN_free(dhg.g); 157 BN_free(dhg.g);
160 BN_free(dhg.p); 158 BN_free(dhg.p);
161 continue; 159 continue;
@@ -163,6 +161,9 @@ choose_dh(int min, int wantbits, int max)
163 break; 161 break;
164 } 162 }
165 fclose(f); 163 fclose(f);
164 if (linenum != which+1)
165 fatal("WARNING: line %d disappeared in %s, giving up",
166 which, _PATH_DH_PRIMES);
166 167
167 return (dh_new_group(dhg.g, dhg.p)); 168 return (dh_new_group(dhg.g, dhg.p));
168} 169}
diff --git a/kex.c b/kex.c
index 0720c073d..39f037b74 100644
--- a/kex.c
+++ b/kex.c
@@ -23,7 +23,7 @@
23 */ 23 */
24 24
25#include "includes.h" 25#include "includes.h"
26RCSID("$OpenBSD: kex.c,v 1.31 2001/04/04 22:04:34 markus Exp $"); 26RCSID("$OpenBSD: kex.c,v 1.32 2001/04/04 23:09:18 markus Exp $");
27 27
28#include <openssl/crypto.h> 28#include <openssl/crypto.h>
29 29
@@ -136,10 +136,13 @@ kex_finish(Kex *kex)
136 debug("waiting for SSH2_MSG_NEWKEYS"); 136 debug("waiting for SSH2_MSG_NEWKEYS");
137 packet_read_expect(&plen, SSH2_MSG_NEWKEYS); 137 packet_read_expect(&plen, SSH2_MSG_NEWKEYS);
138 debug("SSH2_MSG_NEWKEYS received"); 138 debug("SSH2_MSG_NEWKEYS received");
139
139 kex->done = 1; 140 kex->done = 1;
140 buffer_clear(&kex->peer); 141 buffer_clear(&kex->peer);
141 /* buffer_clear(&kex->my); */ 142 /* buffer_clear(&kex->my); */
142 kex->flags &= ~KEX_INIT_SENT; 143 kex->flags &= ~KEX_INIT_SENT;
144 xfree(kex->name);
145 kex->name = NULL;
143} 146}
144 147
145void 148void
diff --git a/packet.c b/packet.c
index cf081a0f8..5b5fa08d2 100644
--- a/packet.c
+++ b/packet.c
@@ -37,7 +37,7 @@
37 */ 37 */
38 38
39#include "includes.h" 39#include "includes.h"
40RCSID("$OpenBSD: packet.c,v 1.58 2001/04/04 09:48:34 markus Exp $"); 40RCSID("$OpenBSD: packet.c,v 1.59 2001/04/04 23:09:18 markus Exp $");
41 41
42#include "xmalloc.h" 42#include "xmalloc.h"
43#include "buffer.h" 43#include "buffer.h"
@@ -124,16 +124,6 @@ int use_ssh2_packet_format = 0;
124Newkeys *newkeys[MODE_MAX]; 124Newkeys *newkeys[MODE_MAX];
125 125
126void 126void
127clear_enc_keys(Enc *enc, int len)
128{
129 memset(enc->iv, 0, len);
130 memset(enc->key, 0, len);
131 xfree(enc->iv);
132 xfree(enc->key);
133 enc->iv = NULL;
134 enc->key = NULL;
135}
136void
137packet_set_ssh2_format(void) 127packet_set_ssh2_format(void)
138{ 128{
139 DBG(debug("use_ssh2_packet_format")); 129 DBG(debug("use_ssh2_packet_format"));
@@ -524,8 +514,18 @@ set_newkeys(int mode)
524 cc = (mode == MODE_OUT) ? &send_context : &receive_context; 514 cc = (mode == MODE_OUT) ? &send_context : &receive_context;
525 if (newkeys[mode] != NULL) { 515 if (newkeys[mode] != NULL) {
526 debug("newkeys: rekeying"); 516 debug("newkeys: rekeying");
527 memset(cc, 0, sizeof(*cc));
528 /* todo: free old keys, reset compression/cipher-ctxt; */ 517 /* todo: free old keys, reset compression/cipher-ctxt; */
518 memset(cc, 0, sizeof(*cc));
519 enc = &newkeys[mode]->enc;
520 mac = &newkeys[mode]->mac;
521 comp = &newkeys[mode]->comp;
522 memset(mac->key, 0, mac->key_len);
523 xfree(enc->name);
524 xfree(enc->iv);
525 xfree(enc->key);
526 xfree(mac->name);
527 xfree(mac->key);
528 xfree(comp->name);
529 xfree(newkeys[mode]); 529 xfree(newkeys[mode]);
530 } 530 }
531 newkeys[mode] = kex_get_newkeys(mode); 531 newkeys[mode] = kex_get_newkeys(mode);
@@ -539,7 +539,8 @@ set_newkeys(int mode)
539 DBG(debug("cipher_init_context: %d", mode)); 539 DBG(debug("cipher_init_context: %d", mode));
540 cipher_init(cc, enc->cipher, enc->key, enc->cipher->key_len, 540 cipher_init(cc, enc->cipher, enc->key, enc->cipher->key_len,
541 enc->iv, enc->cipher->block_size); 541 enc->iv, enc->cipher->block_size);
542 clear_enc_keys(enc, enc->cipher->key_len); 542 memset(enc->iv, 0, enc->cipher->block_size);
543 memset(enc->key, 0, enc->cipher->key_len);
543 if (comp->type != 0 && comp->enabled == 0) { 544 if (comp->type != 0 && comp->enabled == 0) {
544 comp->enabled = 1; 545 comp->enabled = 1;
545 if (! packet_compression) 546 if (! packet_compression)
generated by cgit v1.2.3 (git 2.39.1) at 2024-06-29 08:40:18 +0000