summaryrefslogtreecommitdiff
path: root/monitor.c
diff options
context:
space:
mode:
Diffstat (limited to 'monitor.c')
-rw-r--r--monitor.c20
1 files changed, 10 insertions, 10 deletions
diff --git a/monitor.c b/monitor.c
index 454767587..517acf3dc 100644
--- a/monitor.c
+++ b/monitor.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: monitor.c,v 1.106 2010/03/07 11:57:13 dtucker Exp $ */ 1/* $OpenBSD: monitor.c,v 1.108 2010/07/13 23:13:16 djm Exp $ */
2/* 2/*
3 * Copyright 2002 Niels Provos <provos@citi.umich.edu> 3 * Copyright 2002 Niels Provos <provos@citi.umich.edu>
4 * Copyright 2002 Markus Friedl <markus@openbsd.org> 4 * Copyright 2002 Markus Friedl <markus@openbsd.org>
@@ -535,7 +535,7 @@ monitor_allowed_key(u_char *blob, u_int bloblen)
535{ 535{
536 /* make sure key is allowed */ 536 /* make sure key is allowed */
537 if (key_blob == NULL || key_bloblen != bloblen || 537 if (key_blob == NULL || key_bloblen != bloblen ||
538 memcmp(key_blob, blob, key_bloblen)) 538 timingsafe_bcmp(key_blob, blob, key_bloblen))
539 return (0); 539 return (0);
540 return (1); 540 return (1);
541} 541}
@@ -939,8 +939,8 @@ mm_answer_pam_init_ctx(int sock, Buffer *m)
939int 939int
940mm_answer_pam_query(int sock, Buffer *m) 940mm_answer_pam_query(int sock, Buffer *m)
941{ 941{
942 char *name, *info, **prompts; 942 char *name = NULL, *info = NULL, **prompts = NULL;
943 u_int i, num, *echo_on; 943 u_int i, num = 0, *echo_on = 0;
944 int ret; 944 int ret;
945 945
946 debug3("%s", __func__); 946 debug3("%s", __func__);
@@ -1120,14 +1120,14 @@ monitor_valid_userblob(u_char *data, u_int datalen)
1120 len = buffer_len(&b); 1120 len = buffer_len(&b);
1121 if ((session_id2 == NULL) || 1121 if ((session_id2 == NULL) ||
1122 (len < session_id2_len) || 1122 (len < session_id2_len) ||
1123 (memcmp(p, session_id2, session_id2_len) != 0)) 1123 (timingsafe_bcmp(p, session_id2, session_id2_len) != 0))
1124 fail++; 1124 fail++;
1125 buffer_consume(&b, session_id2_len); 1125 buffer_consume(&b, session_id2_len);
1126 } else { 1126 } else {
1127 p = buffer_get_string(&b, &len); 1127 p = buffer_get_string(&b, &len);
1128 if ((session_id2 == NULL) || 1128 if ((session_id2 == NULL) ||
1129 (len != session_id2_len) || 1129 (len != session_id2_len) ||
1130 (memcmp(p, session_id2, session_id2_len) != 0)) 1130 (timingsafe_bcmp(p, session_id2, session_id2_len) != 0))
1131 fail++; 1131 fail++;
1132 xfree(p); 1132 xfree(p);
1133 } 1133 }
@@ -1175,7 +1175,7 @@ monitor_valid_hostbasedblob(u_char *data, u_int datalen, char *cuser,
1175 p = buffer_get_string(&b, &len); 1175 p = buffer_get_string(&b, &len);
1176 if ((session_id2 == NULL) || 1176 if ((session_id2 == NULL) ||
1177 (len != session_id2_len) || 1177 (len != session_id2_len) ||
1178 (memcmp(p, session_id2, session_id2_len) != 0)) 1178 (timingsafe_bcmp(p, session_id2, session_id2_len) != 0))
1179 fail++; 1179 fail++;
1180 xfree(p); 1180 xfree(p);
1181 1181
@@ -1699,9 +1699,9 @@ mm_get_kex(Buffer *m)
1699 1699
1700 kex = xcalloc(1, sizeof(*kex)); 1700 kex = xcalloc(1, sizeof(*kex));
1701 kex->session_id = buffer_get_string(m, &kex->session_id_len); 1701 kex->session_id = buffer_get_string(m, &kex->session_id_len);
1702 if ((session_id2 == NULL) || 1702 if (session_id2 == NULL ||
1703 (kex->session_id_len != session_id2_len) || 1703 kex->session_id_len != session_id2_len ||
1704 (memcmp(kex->session_id, session_id2, session_id2_len) != 0)) 1704 timingsafe_bcmp(kex->session_id, session_id2, session_id2_len) != 0)
1705 fatal("mm_get_get: internal error: bad session id"); 1705 fatal("mm_get_get: internal error: bad session id");
1706 kex->we_need = buffer_get_int(m); 1706 kex->we_need = buffer_get_int(m);
1707 kex->kex[KEX_DH_GRP1_SHA1] = kexdh_server; 1707 kex->kex[KEX_DH_GRP1_SHA1] = kexdh_server;