diff options
Diffstat (limited to 'kex.c')
-rw-r--r-- | kex.c | 17 |
1 files changed, 12 insertions, 5 deletions
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: kex.c,v 1.156 2020/01/23 10:24:29 dtucker Exp $ */ | 1 | /* $OpenBSD: kex.c,v 1.158 2020/03/13 04:01:56 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. | 3 | * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. |
4 | * | 4 | * |
@@ -670,8 +670,7 @@ kex_free_newkeys(struct newkeys *newkeys) | |||
670 | } | 670 | } |
671 | free(newkeys->mac.name); | 671 | free(newkeys->mac.name); |
672 | explicit_bzero(&newkeys->mac, sizeof(newkeys->mac)); | 672 | explicit_bzero(&newkeys->mac, sizeof(newkeys->mac)); |
673 | explicit_bzero(newkeys, sizeof(*newkeys)); | 673 | freezero(newkeys, sizeof(*newkeys)); |
674 | free(newkeys); | ||
675 | } | 674 | } |
676 | 675 | ||
677 | void | 676 | void |
@@ -1168,7 +1167,7 @@ int | |||
1168 | kex_exchange_identification(struct ssh *ssh, int timeout_ms, | 1167 | kex_exchange_identification(struct ssh *ssh, int timeout_ms, |
1169 | const char *version_addendum) | 1168 | const char *version_addendum) |
1170 | { | 1169 | { |
1171 | int remote_major, remote_minor, mismatch; | 1170 | int remote_major, remote_minor, mismatch, oerrno = 0; |
1172 | size_t len, i, n; | 1171 | size_t len, i, n; |
1173 | int r, expect_nl; | 1172 | int r, expect_nl; |
1174 | u_char c; | 1173 | u_char c; |
@@ -1187,6 +1186,7 @@ kex_exchange_identification(struct ssh *ssh, int timeout_ms, | |||
1187 | PROTOCOL_MAJOR_2, PROTOCOL_MINOR_2, SSH_VERSION, | 1186 | PROTOCOL_MAJOR_2, PROTOCOL_MINOR_2, SSH_VERSION, |
1188 | version_addendum == NULL ? "" : " ", | 1187 | version_addendum == NULL ? "" : " ", |
1189 | version_addendum == NULL ? "" : version_addendum)) != 0) { | 1188 | version_addendum == NULL ? "" : version_addendum)) != 0) { |
1189 | oerrno = errno; | ||
1190 | error("%s: sshbuf_putf: %s", __func__, ssh_err(r)); | 1190 | error("%s: sshbuf_putf: %s", __func__, ssh_err(r)); |
1191 | goto out; | 1191 | goto out; |
1192 | } | 1192 | } |
@@ -1194,11 +1194,13 @@ kex_exchange_identification(struct ssh *ssh, int timeout_ms, | |||
1194 | if (atomicio(vwrite, ssh_packet_get_connection_out(ssh), | 1194 | if (atomicio(vwrite, ssh_packet_get_connection_out(ssh), |
1195 | sshbuf_mutable_ptr(our_version), | 1195 | sshbuf_mutable_ptr(our_version), |
1196 | sshbuf_len(our_version)) != sshbuf_len(our_version)) { | 1196 | sshbuf_len(our_version)) != sshbuf_len(our_version)) { |
1197 | error("%s: write: %.100s", __func__, strerror(errno)); | 1197 | oerrno = errno; |
1198 | debug("%s: write: %.100s", __func__, strerror(errno)); | ||
1198 | r = SSH_ERR_SYSTEM_ERROR; | 1199 | r = SSH_ERR_SYSTEM_ERROR; |
1199 | goto out; | 1200 | goto out; |
1200 | } | 1201 | } |
1201 | if ((r = sshbuf_consume_end(our_version, 2)) != 0) { /* trim \r\n */ | 1202 | if ((r = sshbuf_consume_end(our_version, 2)) != 0) { /* trim \r\n */ |
1203 | oerrno = errno; | ||
1202 | error("%s: sshbuf_consume_end: %s", __func__, ssh_err(r)); | 1204 | error("%s: sshbuf_consume_end: %s", __func__, ssh_err(r)); |
1203 | goto out; | 1205 | goto out; |
1204 | } | 1206 | } |
@@ -1234,6 +1236,7 @@ kex_exchange_identification(struct ssh *ssh, int timeout_ms, | |||
1234 | r = SSH_ERR_CONN_TIMEOUT; | 1236 | r = SSH_ERR_CONN_TIMEOUT; |
1235 | goto out; | 1237 | goto out; |
1236 | } else if (r == -1) { | 1238 | } else if (r == -1) { |
1239 | oerrno = errno; | ||
1237 | error("%s: %s", | 1240 | error("%s: %s", |
1238 | __func__, strerror(errno)); | 1241 | __func__, strerror(errno)); |
1239 | r = SSH_ERR_SYSTEM_ERROR; | 1242 | r = SSH_ERR_SYSTEM_ERROR; |
@@ -1249,6 +1252,7 @@ kex_exchange_identification(struct ssh *ssh, int timeout_ms, | |||
1249 | r = SSH_ERR_CONN_CLOSED; | 1252 | r = SSH_ERR_CONN_CLOSED; |
1250 | goto out; | 1253 | goto out; |
1251 | } else if (len != 1) { | 1254 | } else if (len != 1) { |
1255 | oerrno = errno; | ||
1252 | error("%s: read: %.100s", | 1256 | error("%s: read: %.100s", |
1253 | __func__, strerror(errno)); | 1257 | __func__, strerror(errno)); |
1254 | r = SSH_ERR_SYSTEM_ERROR; | 1258 | r = SSH_ERR_SYSTEM_ERROR; |
@@ -1266,6 +1270,7 @@ kex_exchange_identification(struct ssh *ssh, int timeout_ms, | |||
1266 | goto invalid; | 1270 | goto invalid; |
1267 | } | 1271 | } |
1268 | if ((r = sshbuf_put_u8(peer_version, c)) != 0) { | 1272 | if ((r = sshbuf_put_u8(peer_version, c)) != 0) { |
1273 | oerrno = errno; | ||
1269 | error("%s: sshbuf_put: %s", | 1274 | error("%s: sshbuf_put: %s", |
1270 | __func__, ssh_err(r)); | 1275 | __func__, ssh_err(r)); |
1271 | goto out; | 1276 | goto out; |
@@ -1366,6 +1371,8 @@ kex_exchange_identification(struct ssh *ssh, int timeout_ms, | |||
1366 | free(our_version_string); | 1371 | free(our_version_string); |
1367 | free(peer_version_string); | 1372 | free(peer_version_string); |
1368 | free(remote_version); | 1373 | free(remote_version); |
1374 | if (r == SSH_ERR_SYSTEM_ERROR) | ||
1375 | errno = oerrno; | ||
1369 | return r; | 1376 | return r; |
1370 | } | 1377 | } |
1371 | 1378 | ||