diff options
Diffstat (limited to 'kex.c')
-rw-r--r-- | kex.c | 17 |
1 files changed, 12 insertions, 5 deletions
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: kex.c,v 1.156 2020/01/23 10:24:29 dtucker Exp $ */ | 1 | /* $OpenBSD: kex.c,v 1.158 2020/03/13 04:01:56 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. | 3 | * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. |
4 | * | 4 | * |
@@ -727,8 +727,7 @@ kex_free_newkeys(struct newkeys *newkeys) | |||
727 | } | 727 | } |
728 | free(newkeys->mac.name); | 728 | free(newkeys->mac.name); |
729 | explicit_bzero(&newkeys->mac, sizeof(newkeys->mac)); | 729 | explicit_bzero(&newkeys->mac, sizeof(newkeys->mac)); |
730 | explicit_bzero(newkeys, sizeof(*newkeys)); | 730 | freezero(newkeys, sizeof(*newkeys)); |
731 | free(newkeys); | ||
732 | } | 731 | } |
733 | 732 | ||
734 | void | 733 | void |
@@ -1228,7 +1227,7 @@ int | |||
1228 | kex_exchange_identification(struct ssh *ssh, int timeout_ms, | 1227 | kex_exchange_identification(struct ssh *ssh, int timeout_ms, |
1229 | int debian_banner, const char *version_addendum) | 1228 | int debian_banner, const char *version_addendum) |
1230 | { | 1229 | { |
1231 | int remote_major, remote_minor, mismatch; | 1230 | int remote_major, remote_minor, mismatch, oerrno = 0; |
1232 | size_t len, i, n; | 1231 | size_t len, i, n; |
1233 | int r, expect_nl; | 1232 | int r, expect_nl; |
1234 | u_char c; | 1233 | u_char c; |
@@ -1248,6 +1247,7 @@ kex_exchange_identification(struct ssh *ssh, int timeout_ms, | |||
1248 | debian_banner ? SSH_RELEASE : SSH_RELEASE_MINIMUM, | 1247 | debian_banner ? SSH_RELEASE : SSH_RELEASE_MINIMUM, |
1249 | version_addendum == NULL ? "" : " ", | 1248 | version_addendum == NULL ? "" : " ", |
1250 | version_addendum == NULL ? "" : version_addendum)) != 0) { | 1249 | version_addendum == NULL ? "" : version_addendum)) != 0) { |
1250 | oerrno = errno; | ||
1251 | error("%s: sshbuf_putf: %s", __func__, ssh_err(r)); | 1251 | error("%s: sshbuf_putf: %s", __func__, ssh_err(r)); |
1252 | goto out; | 1252 | goto out; |
1253 | } | 1253 | } |
@@ -1255,11 +1255,13 @@ kex_exchange_identification(struct ssh *ssh, int timeout_ms, | |||
1255 | if (atomicio(vwrite, ssh_packet_get_connection_out(ssh), | 1255 | if (atomicio(vwrite, ssh_packet_get_connection_out(ssh), |
1256 | sshbuf_mutable_ptr(our_version), | 1256 | sshbuf_mutable_ptr(our_version), |
1257 | sshbuf_len(our_version)) != sshbuf_len(our_version)) { | 1257 | sshbuf_len(our_version)) != sshbuf_len(our_version)) { |
1258 | error("%s: write: %.100s", __func__, strerror(errno)); | 1258 | oerrno = errno; |
1259 | debug("%s: write: %.100s", __func__, strerror(errno)); | ||
1259 | r = SSH_ERR_SYSTEM_ERROR; | 1260 | r = SSH_ERR_SYSTEM_ERROR; |
1260 | goto out; | 1261 | goto out; |
1261 | } | 1262 | } |
1262 | if ((r = sshbuf_consume_end(our_version, 2)) != 0) { /* trim \r\n */ | 1263 | if ((r = sshbuf_consume_end(our_version, 2)) != 0) { /* trim \r\n */ |
1264 | oerrno = errno; | ||
1263 | error("%s: sshbuf_consume_end: %s", __func__, ssh_err(r)); | 1265 | error("%s: sshbuf_consume_end: %s", __func__, ssh_err(r)); |
1264 | goto out; | 1266 | goto out; |
1265 | } | 1267 | } |
@@ -1295,6 +1297,7 @@ kex_exchange_identification(struct ssh *ssh, int timeout_ms, | |||
1295 | r = SSH_ERR_CONN_TIMEOUT; | 1297 | r = SSH_ERR_CONN_TIMEOUT; |
1296 | goto out; | 1298 | goto out; |
1297 | } else if (r == -1) { | 1299 | } else if (r == -1) { |
1300 | oerrno = errno; | ||
1298 | error("%s: %s", | 1301 | error("%s: %s", |
1299 | __func__, strerror(errno)); | 1302 | __func__, strerror(errno)); |
1300 | r = SSH_ERR_SYSTEM_ERROR; | 1303 | r = SSH_ERR_SYSTEM_ERROR; |
@@ -1310,6 +1313,7 @@ kex_exchange_identification(struct ssh *ssh, int timeout_ms, | |||
1310 | r = SSH_ERR_CONN_CLOSED; | 1313 | r = SSH_ERR_CONN_CLOSED; |
1311 | goto out; | 1314 | goto out; |
1312 | } else if (len != 1) { | 1315 | } else if (len != 1) { |
1316 | oerrno = errno; | ||
1313 | error("%s: read: %.100s", | 1317 | error("%s: read: %.100s", |
1314 | __func__, strerror(errno)); | 1318 | __func__, strerror(errno)); |
1315 | r = SSH_ERR_SYSTEM_ERROR; | 1319 | r = SSH_ERR_SYSTEM_ERROR; |
@@ -1327,6 +1331,7 @@ kex_exchange_identification(struct ssh *ssh, int timeout_ms, | |||
1327 | goto invalid; | 1331 | goto invalid; |
1328 | } | 1332 | } |
1329 | if ((r = sshbuf_put_u8(peer_version, c)) != 0) { | 1333 | if ((r = sshbuf_put_u8(peer_version, c)) != 0) { |
1334 | oerrno = errno; | ||
1330 | error("%s: sshbuf_put: %s", | 1335 | error("%s: sshbuf_put: %s", |
1331 | __func__, ssh_err(r)); | 1336 | __func__, ssh_err(r)); |
1332 | goto out; | 1337 | goto out; |
@@ -1427,6 +1432,8 @@ kex_exchange_identification(struct ssh *ssh, int timeout_ms, | |||
1427 | free(our_version_string); | 1432 | free(our_version_string); |
1428 | free(peer_version_string); | 1433 | free(peer_version_string); |
1429 | free(remote_version); | 1434 | free(remote_version); |
1435 | if (r == SSH_ERR_SYSTEM_ERROR) | ||
1436 | errno = oerrno; | ||
1430 | return r; | 1437 | return r; |
1431 | } | 1438 | } |
1432 | 1439 | ||