1 files changed, 15 insertions, 15 deletions
diff --git a/kexgex.c b/kexgex.c
index 3ca4bd370..8040a1320 100644
--- a/kexgex.c
+++ b/kexgex.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: kexgex.c,v 1.29 2015/01/19 20:16:15 markus Exp $ */
+/* $OpenBSD: kexgex.c,v 1.32 2019/01/23 00:30:41 djm Exp $ */
 /*
 * Copyright (c) 2000 Niels Provos.  All rights reserved.
 * Copyright (c) 2001 Markus Friedl.  All rights reserved.
@@ -46,17 +46,17 @@
 int
 kexgex_hash(
    int hash_alg,
-    const char *client_version_string,
+    const struct sshbuf *client_version,
-    const char *server_version_string,
+    const struct sshbuf *server_version,
-    const u_char *ckexinit, size_t ckexinitlen,
+    const struct sshbuf *client_kexinit,
-    const u_char *skexinit, size_t skexinitlen,
+    const struct sshbuf *server_kexinit,
-    const u_char *serverhostkeyblob, size_t sbloblen,
+    const struct sshbuf *server_host_key_blob,
    int min, int wantbits, int max,
    const BIGNUM *prime,
    const BIGNUM *gen,
    const BIGNUM *client_dh_pub,
    const BIGNUM *server_dh_pub,
-    const BIGNUM *shared_secret,
+    const u_char *shared_secret, size_t secretlen,
    u_char *hash, size_t *hashlen)
 {
        struct sshbuf *b;
@@ -66,16 +66,16 @@ kexgex_hash(
                return SSH_ERR_INVALID_ARGUMENT;
        if ((b = sshbuf_new()) == NULL)
                return SSH_ERR_ALLOC_FAIL;
-        if ((r = sshbuf_put_cstring(b, client_version_string)) != 0 ||
+        if ((r = sshbuf_put_stringb(b, client_version)) < 0 ||
-            (r = sshbuf_put_cstring(b, server_version_string)) != 0 ||
+            (r = sshbuf_put_stringb(b, server_version)) < 0 ||
            /* kexinit messages: fake header: len+SSH2_MSG_KEXINIT */
-            (r = sshbuf_put_u32(b, ckexinitlen+1)) != 0 ||
+            (r = sshbuf_put_u32(b, sshbuf_len(client_kexinit) + 1)) != 0 ||
            (r = sshbuf_put_u8(b, SSH2_MSG_KEXINIT)) != 0 ||
-            (r = sshbuf_put(b, ckexinit, ckexinitlen)) != 0 ||
+            (r = sshbuf_putb(b, client_kexinit)) != 0 ||
-            (r = sshbuf_put_u32(b, skexinitlen+1)) != 0 ||
+            (r = sshbuf_put_u32(b, sshbuf_len(server_kexinit) + 1)) != 0 ||
            (r = sshbuf_put_u8(b, SSH2_MSG_KEXINIT)) != 0 ||
-            (r = sshbuf_put(b, skexinit, skexinitlen)) != 0 ||
+            (r = sshbuf_putb(b, server_kexinit)) != 0 ||
-            (r = sshbuf_put_string(b, serverhostkeyblob, sbloblen)) != 0 ||
+            (r = sshbuf_put_stringb(b, server_host_key_blob)) != 0 ||
            (min != -1 && (r = sshbuf_put_u32(b, min)) != 0) ||
            (r = sshbuf_put_u32(b, wantbits)) != 0 ||
            (max != -1 && (r = sshbuf_put_u32(b, max)) != 0) ||
@@ -83,7 +83,7 @@ kexgex_hash(
            (r = sshbuf_put_bignum2(b, gen)) != 0 ||
            (r = sshbuf_put_bignum2(b, client_dh_pub)) != 0 ||
            (r = sshbuf_put_bignum2(b, server_dh_pub)) != 0 ||
-            (r = sshbuf_put_bignum2(b, shared_secret)) != 0) {
+            (r = sshbuf_put(b, shared_secret, secretlen)) != 0) {
                sshbuf_free(b);
                return r;
        }

diff --git a/kexgex.c b/kexgex.c index 3ca4bd370..8040a1320 100644 --- a/kexgex.c +++ b/kexgex.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: kexgex.c,v 1.29 2015/01/19 20:16:15 markus Exp $ */	1	/* $OpenBSD: kexgex.c,v 1.32 2019/01/23 00:30:41 djm Exp $ */
2	/*	2	/*
3	* Copyright (c) 2000 Niels Provos. All rights reserved.	3	* Copyright (c) 2000 Niels Provos. All rights reserved.
4	* Copyright (c) 2001 Markus Friedl. All rights reserved.	4	* Copyright (c) 2001 Markus Friedl. All rights reserved.
@@ -46,17 +46,17 @@
46	int	46	int
47	kexgex_hash(	47	kexgex_hash(
48	int hash_alg,	48	int hash_alg,
49	const char *client_version_string,	49	const struct sshbuf *client_version,
50	const char *server_version_string,	50	const struct sshbuf *server_version,
51	const u_char *ckexinit, size_t ckexinitlen,	51	const struct sshbuf *client_kexinit,
52	const u_char *skexinit, size_t skexinitlen,	52	const struct sshbuf *server_kexinit,
53	const u_char *serverhostkeyblob, size_t sbloblen,	53	const struct sshbuf *server_host_key_blob,
54	int min, int wantbits, int max,	54	int min, int wantbits, int max,
55	const BIGNUM *prime,	55	const BIGNUM *prime,
56	const BIGNUM *gen,	56	const BIGNUM *gen,
57	const BIGNUM *client_dh_pub,	57	const BIGNUM *client_dh_pub,
58	const BIGNUM *server_dh_pub,	58	const BIGNUM *server_dh_pub,
59	const BIGNUM *shared_secret,	59	const u_char *shared_secret, size_t secretlen,
60	u_char hash, size_t hashlen)	60	u_char hash, size_t hashlen)
61	{	61	{
62	struct sshbuf *b;	62	struct sshbuf *b;
@@ -66,16 +66,16 @@ kexgex_hash(
66	return SSH_ERR_INVALID_ARGUMENT;	66	return SSH_ERR_INVALID_ARGUMENT;
67	if ((b = sshbuf_new()) == NULL)	67	if ((b = sshbuf_new()) == NULL)
68	return SSH_ERR_ALLOC_FAIL;	68	return SSH_ERR_ALLOC_FAIL;
69	if ((r = sshbuf_put_cstring(b, client_version_string)) != 0 \|\|	69	if ((r = sshbuf_put_stringb(b, client_version)) < 0 \|\|
70	(r = sshbuf_put_cstring(b, server_version_string)) != 0 \|\|	70	(r = sshbuf_put_stringb(b, server_version)) < 0 \|\|
71	/* kexinit messages: fake header: len+SSH2_MSG_KEXINIT */	71	/* kexinit messages: fake header: len+SSH2_MSG_KEXINIT */
72	(r = sshbuf_put_u32(b, ckexinitlen+1)) != 0 \|\|	72	(r = sshbuf_put_u32(b, sshbuf_len(client_kexinit) + 1)) != 0 \|\|
73	(r = sshbuf_put_u8(b, SSH2_MSG_KEXINIT)) != 0 \|\|	73	(r = sshbuf_put_u8(b, SSH2_MSG_KEXINIT)) != 0 \|\|
74	(r = sshbuf_put(b, ckexinit, ckexinitlen)) != 0 \|\|	74	(r = sshbuf_putb(b, client_kexinit)) != 0 \|\|
75	(r = sshbuf_put_u32(b, skexinitlen+1)) != 0 \|\|	75	(r = sshbuf_put_u32(b, sshbuf_len(server_kexinit) + 1)) != 0 \|\|
76	(r = sshbuf_put_u8(b, SSH2_MSG_KEXINIT)) != 0 \|\|	76	(r = sshbuf_put_u8(b, SSH2_MSG_KEXINIT)) != 0 \|\|
77	(r = sshbuf_put(b, skexinit, skexinitlen)) != 0 \|\|	77	(r = sshbuf_putb(b, server_kexinit)) != 0 \|\|
78	(r = sshbuf_put_string(b, serverhostkeyblob, sbloblen)) != 0 \|\|	78	(r = sshbuf_put_stringb(b, server_host_key_blob)) != 0 \|\|
79	(min != -1 && (r = sshbuf_put_u32(b, min)) != 0) \|\|	79	(min != -1 && (r = sshbuf_put_u32(b, min)) != 0) \|\|
80	(r = sshbuf_put_u32(b, wantbits)) != 0 \|\|	80	(r = sshbuf_put_u32(b, wantbits)) != 0 \|\|
81	(max != -1 && (r = sshbuf_put_u32(b, max)) != 0) \|\|	81	(max != -1 && (r = sshbuf_put_u32(b, max)) != 0) \|\|
@@ -83,7 +83,7 @@ kexgex_hash(
83	(r = sshbuf_put_bignum2(b, gen)) != 0 \|\|	83	(r = sshbuf_put_bignum2(b, gen)) != 0 \|\|
84	(r = sshbuf_put_bignum2(b, client_dh_pub)) != 0 \|\|	84	(r = sshbuf_put_bignum2(b, client_dh_pub)) != 0 \|\|
85	(r = sshbuf_put_bignum2(b, server_dh_pub)) != 0 \|\|	85	(r = sshbuf_put_bignum2(b, server_dh_pub)) != 0 \|\|
86	(r = sshbuf_put_bignum2(b, shared_secret)) != 0) {	86	(r = sshbuf_put(b, shared_secret, secretlen)) != 0) {
87	sshbuf_free(b);	87	sshbuf_free(b);
88	return r;	88	return r;
89	}	89	}