summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--ChangeLog5
-rw-r--r--dh.c16
-rw-r--r--kexdh.c6
-rw-r--r--kexgex.c6
4 files changed, 18 insertions, 15 deletions
diff --git a/ChangeLog b/ChangeLog
index 894ad539d..635f4c23b 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -45,6 +45,9 @@
45 - markus@cvs.openbsd.org 2001/12/27 18:26:13 45 - markus@cvs.openbsd.org 2001/12/27 18:26:13
46 [authfile.c] 46 [authfile.c]
47 missing include 47 missing include
48 - markus@cvs.openbsd.org 2001/12/27 19:37:23
49 [dh.c kexdh.c kexgex.c]
50 always use BN_clear_free instead of BN_free
48 51
4920020121 5220020121
50 - (djm) Rework ssh-rand-helper: 53 - (djm) Rework ssh-rand-helper:
@@ -7192,4 +7195,4 @@
7192 - Wrote replacements for strlcpy and mkdtemp 7195 - Wrote replacements for strlcpy and mkdtemp
7193 - Released 1.0pre1 7196 - Released 1.0pre1
7194 7197
7195$Id: ChangeLog,v 1.1735 2002/01/22 12:10:04 djm Exp $ 7198$Id: ChangeLog,v 1.1736 2002/01/22 12:10:33 djm Exp $
diff --git a/dh.c b/dh.c
index a5d6f379c..3e1594eae 100644
--- a/dh.c
+++ b/dh.c
@@ -23,7 +23,7 @@
23 */ 23 */
24 24
25#include "includes.h" 25#include "includes.h"
26RCSID("$OpenBSD: dh.c,v 1.18 2001/12/27 18:22:16 markus Exp $"); 26RCSID("$OpenBSD: dh.c,v 1.19 2001/12/27 19:37:22 markus Exp $");
27 27
28#include "xmalloc.h" 28#include "xmalloc.h"
29 29
@@ -94,8 +94,8 @@ parse_prime(int linenum, char *line, struct dhgroup *dhg)
94 return (1); 94 return (1);
95 95
96 failclean: 96 failclean:
97 BN_free(dhg->g); 97 BN_clear_free(dhg->g);
98 BN_free(dhg->p); 98 BN_clear_free(dhg->p);
99 fail: 99 fail:
100 error("Bad prime description in line %d", linenum); 100 error("Bad prime description in line %d", linenum);
101 return (0); 101 return (0);
@@ -122,8 +122,8 @@ choose_dh(int min, int wantbits, int max)
122 linenum++; 122 linenum++;
123 if (!parse_prime(linenum, line, &dhg)) 123 if (!parse_prime(linenum, line, &dhg))
124 continue; 124 continue;
125 BN_free(dhg.g); 125 BN_clear_free(dhg.g);
126 BN_free(dhg.p); 126 BN_clear_free(dhg.p);
127 127
128 if (dhg.size > max || dhg.size < min) 128 if (dhg.size > max || dhg.size < min)
129 continue; 129 continue;
@@ -152,8 +152,8 @@ choose_dh(int min, int wantbits, int max)
152 if ((dhg.size > max || dhg.size < min) || 152 if ((dhg.size > max || dhg.size < min) ||
153 dhg.size != best || 153 dhg.size != best ||
154 linenum++ != which) { 154 linenum++ != which) {
155 BN_free(dhg.g); 155 BN_clear_free(dhg.g);
156 BN_free(dhg.p); 156 BN_clear_free(dhg.p);
157 continue; 157 continue;
158 } 158 }
159 break; 159 break;
@@ -203,7 +203,7 @@ dh_gen_key(DH *dh, int need)
203 BN_num_bits(dh->p), 2*need); 203 BN_num_bits(dh->p), 2*need);
204 do { 204 do {
205 if (dh->priv_key != NULL) 205 if (dh->priv_key != NULL)
206 BN_free(dh->priv_key); 206 BN_clear_free(dh->priv_key);
207 if ((dh->priv_key = BN_new()) == NULL) 207 if ((dh->priv_key = BN_new()) == NULL)
208 fatal("dh_gen_key: BN_new failed"); 208 fatal("dh_gen_key: BN_new failed");
209 /* generate a 2*need bits random private exponent */ 209 /* generate a 2*need bits random private exponent */
diff --git a/kexdh.c b/kexdh.c
index 1e9f35835..059b41c41 100644
--- a/kexdh.c
+++ b/kexdh.c
@@ -23,7 +23,7 @@
23 */ 23 */
24 24
25#include "includes.h" 25#include "includes.h"
26RCSID("$OpenBSD: kexdh.c,v 1.8 2001/12/27 18:22:16 markus Exp $"); 26RCSID("$OpenBSD: kexdh.c,v 1.9 2001/12/27 19:37:22 markus Exp $");
27 27
28#include <openssl/crypto.h> 28#include <openssl/crypto.h>
29#include <openssl/bn.h> 29#include <openssl/bn.h>
@@ -171,7 +171,7 @@ kexdh_client(Kex *kex)
171 shared_secret 171 shared_secret
172 ); 172 );
173 xfree(server_host_key_blob); 173 xfree(server_host_key_blob);
174 BN_free(dh_server_pub); 174 BN_clear_free(dh_server_pub);
175 DH_free(dh); 175 DH_free(dh);
176 176
177 if (key_verify(server_host_key, signature, slen, hash, 20) != 1) 177 if (key_verify(server_host_key, signature, slen, hash, 20) != 1)
@@ -262,7 +262,7 @@ kexdh_server(Kex *kex)
262 dh->pub_key, 262 dh->pub_key,
263 shared_secret 263 shared_secret
264 ); 264 );
265 BN_free(dh_client_pub); 265 BN_clear_free(dh_client_pub);
266 266
267 /* save session id := H */ 267 /* save session id := H */
268 /* XXX hashlen depends on KEX */ 268 /* XXX hashlen depends on KEX */
diff --git a/kexgex.c b/kexgex.c
index b4fdac695..8822c8dcd 100644
--- a/kexgex.c
+++ b/kexgex.c
@@ -24,7 +24,7 @@
24 */ 24 */
25 25
26#include "includes.h" 26#include "includes.h"
27RCSID("$OpenBSD: kexgex.c,v 1.11 2001/12/27 18:22:16 markus Exp $"); 27RCSID("$OpenBSD: kexgex.c,v 1.12 2001/12/27 19:37:23 markus Exp $");
28 28
29#include <openssl/bn.h> 29#include <openssl/bn.h>
30 30
@@ -232,7 +232,7 @@ kexgex_client(Kex *kex)
232 /* have keys, free DH */ 232 /* have keys, free DH */
233 DH_free(dh); 233 DH_free(dh);
234 xfree(server_host_key_blob); 234 xfree(server_host_key_blob);
235 BN_free(dh_server_pub); 235 BN_clear_free(dh_server_pub);
236 236
237 if (key_verify(server_host_key, signature, slen, hash, 20) != 1) 237 if (key_verify(server_host_key, signature, slen, hash, 20) != 1)
238 fatal("key_verify failed for server_host_key"); 238 fatal("key_verify failed for server_host_key");
@@ -365,7 +365,7 @@ kexgex_server(Kex *kex)
365 dh->pub_key, 365 dh->pub_key,
366 shared_secret 366 shared_secret
367 ); 367 );
368 BN_free(dh_client_pub); 368 BN_clear_free(dh_client_pub);
369 369
370 /* save session id := H */ 370 /* save session id := H */
371 /* XXX hashlen depends on KEX */ 371 /* XXX hashlen depends on KEX */
generated by cgit v1.2.3 (git 2.39.1) at 2024-06-29 08:24:40 +0000