diff options
Diffstat (limited to 'monitor.c')
-rw-r--r-- | monitor.c | 20 |
1 files changed, 10 insertions, 10 deletions
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: monitor.c,v 1.106 2010/03/07 11:57:13 dtucker Exp $ */ | 1 | /* $OpenBSD: monitor.c,v 1.108 2010/07/13 23:13:16 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright 2002 Niels Provos <provos@citi.umich.edu> | 3 | * Copyright 2002 Niels Provos <provos@citi.umich.edu> |
4 | * Copyright 2002 Markus Friedl <markus@openbsd.org> | 4 | * Copyright 2002 Markus Friedl <markus@openbsd.org> |
@@ -535,7 +535,7 @@ monitor_allowed_key(u_char *blob, u_int bloblen) | |||
535 | { | 535 | { |
536 | /* make sure key is allowed */ | 536 | /* make sure key is allowed */ |
537 | if (key_blob == NULL || key_bloblen != bloblen || | 537 | if (key_blob == NULL || key_bloblen != bloblen || |
538 | memcmp(key_blob, blob, key_bloblen)) | 538 | timingsafe_bcmp(key_blob, blob, key_bloblen)) |
539 | return (0); | 539 | return (0); |
540 | return (1); | 540 | return (1); |
541 | } | 541 | } |
@@ -939,8 +939,8 @@ mm_answer_pam_init_ctx(int sock, Buffer *m) | |||
939 | int | 939 | int |
940 | mm_answer_pam_query(int sock, Buffer *m) | 940 | mm_answer_pam_query(int sock, Buffer *m) |
941 | { | 941 | { |
942 | char *name, *info, **prompts; | 942 | char *name = NULL, *info = NULL, **prompts = NULL; |
943 | u_int i, num, *echo_on; | 943 | u_int i, num = 0, *echo_on = 0; |
944 | int ret; | 944 | int ret; |
945 | 945 | ||
946 | debug3("%s", __func__); | 946 | debug3("%s", __func__); |
@@ -1120,14 +1120,14 @@ monitor_valid_userblob(u_char *data, u_int datalen) | |||
1120 | len = buffer_len(&b); | 1120 | len = buffer_len(&b); |
1121 | if ((session_id2 == NULL) || | 1121 | if ((session_id2 == NULL) || |
1122 | (len < session_id2_len) || | 1122 | (len < session_id2_len) || |
1123 | (memcmp(p, session_id2, session_id2_len) != 0)) | 1123 | (timingsafe_bcmp(p, session_id2, session_id2_len) != 0)) |
1124 | fail++; | 1124 | fail++; |
1125 | buffer_consume(&b, session_id2_len); | 1125 | buffer_consume(&b, session_id2_len); |
1126 | } else { | 1126 | } else { |
1127 | p = buffer_get_string(&b, &len); | 1127 | p = buffer_get_string(&b, &len); |
1128 | if ((session_id2 == NULL) || | 1128 | if ((session_id2 == NULL) || |
1129 | (len != session_id2_len) || | 1129 | (len != session_id2_len) || |
1130 | (memcmp(p, session_id2, session_id2_len) != 0)) | 1130 | (timingsafe_bcmp(p, session_id2, session_id2_len) != 0)) |
1131 | fail++; | 1131 | fail++; |
1132 | xfree(p); | 1132 | xfree(p); |
1133 | } | 1133 | } |
@@ -1175,7 +1175,7 @@ monitor_valid_hostbasedblob(u_char *data, u_int datalen, char *cuser, | |||
1175 | p = buffer_get_string(&b, &len); | 1175 | p = buffer_get_string(&b, &len); |
1176 | if ((session_id2 == NULL) || | 1176 | if ((session_id2 == NULL) || |
1177 | (len != session_id2_len) || | 1177 | (len != session_id2_len) || |
1178 | (memcmp(p, session_id2, session_id2_len) != 0)) | 1178 | (timingsafe_bcmp(p, session_id2, session_id2_len) != 0)) |
1179 | fail++; | 1179 | fail++; |
1180 | xfree(p); | 1180 | xfree(p); |
1181 | 1181 | ||
@@ -1699,9 +1699,9 @@ mm_get_kex(Buffer *m) | |||
1699 | 1699 | ||
1700 | kex = xcalloc(1, sizeof(*kex)); | 1700 | kex = xcalloc(1, sizeof(*kex)); |
1701 | kex->session_id = buffer_get_string(m, &kex->session_id_len); | 1701 | kex->session_id = buffer_get_string(m, &kex->session_id_len); |
1702 | if ((session_id2 == NULL) || | 1702 | if (session_id2 == NULL || |
1703 | (kex->session_id_len != session_id2_len) || | 1703 | kex->session_id_len != session_id2_len || |
1704 | (memcmp(kex->session_id, session_id2, session_id2_len) != 0)) | 1704 | timingsafe_bcmp(kex->session_id, session_id2, session_id2_len) != 0) |
1705 | fatal("mm_get_get: internal error: bad session id"); | 1705 | fatal("mm_get_get: internal error: bad session id"); |
1706 | kex->we_need = buffer_get_int(m); | 1706 | kex->we_need = buffer_get_int(m); |
1707 | kex->kex[KEX_DH_GRP1_SHA1] = kexdh_server; | 1707 | kex->kex[KEX_DH_GRP1_SHA1] = kexdh_server; |