summaryrefslogtreecommitdiff
path: root/monitor.c
diff options
context:
space:
mode:
Diffstat (limited to 'monitor.c')
-rw-r--r--monitor.c20
1 files changed, 10 insertions, 10 deletions
diff --git a/monitor.c b/monitor.c
index a1f4a2e05..f30f7d591 100644
--- a/monitor.c
+++ b/monitor.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: monitor.c,v 1.106 2010/03/07 11:57:13 dtucker Exp $ */ 1/* $OpenBSD: monitor.c,v 1.108 2010/07/13 23:13:16 djm Exp $ */
2/* 2/*
3 * Copyright 2002 Niels Provos <provos@citi.umich.edu> 3 * Copyright 2002 Niels Provos <provos@citi.umich.edu>
4 * Copyright 2002 Markus Friedl <markus@openbsd.org> 4 * Copyright 2002 Markus Friedl <markus@openbsd.org>
@@ -537,7 +537,7 @@ monitor_allowed_key(u_char *blob, u_int bloblen)
537{ 537{
538 /* make sure key is allowed */ 538 /* make sure key is allowed */
539 if (key_blob == NULL || key_bloblen != bloblen || 539 if (key_blob == NULL || key_bloblen != bloblen ||
540 memcmp(key_blob, blob, key_bloblen)) 540 timingsafe_bcmp(key_blob, blob, key_bloblen))
541 return (0); 541 return (0);
542 return (1); 542 return (1);
543} 543}
@@ -965,8 +965,8 @@ mm_answer_pam_init_ctx(int sock, Buffer *m)
965int 965int
966mm_answer_pam_query(int sock, Buffer *m) 966mm_answer_pam_query(int sock, Buffer *m)
967{ 967{
968 char *name, *info, **prompts; 968 char *name = NULL, *info = NULL, **prompts = NULL;
969 u_int i, num, *echo_on; 969 u_int i, num = 0, *echo_on = 0;
970 int ret; 970 int ret;
971 971
972 debug3("%s", __func__); 972 debug3("%s", __func__);
@@ -1146,14 +1146,14 @@ monitor_valid_userblob(u_char *data, u_int datalen)
1146 len = buffer_len(&b); 1146 len = buffer_len(&b);
1147 if ((session_id2 == NULL) || 1147 if ((session_id2 == NULL) ||
1148 (len < session_id2_len) || 1148 (len < session_id2_len) ||
1149 (memcmp(p, session_id2, session_id2_len) != 0)) 1149 (timingsafe_bcmp(p, session_id2, session_id2_len) != 0))
1150 fail++; 1150 fail++;
1151 buffer_consume(&b, session_id2_len); 1151 buffer_consume(&b, session_id2_len);
1152 } else { 1152 } else {
1153 p = buffer_get_string(&b, &len); 1153 p = buffer_get_string(&b, &len);
1154 if ((session_id2 == NULL) || 1154 if ((session_id2 == NULL) ||
1155 (len != session_id2_len) || 1155 (len != session_id2_len) ||
1156 (memcmp(p, session_id2, session_id2_len) != 0)) 1156 (timingsafe_bcmp(p, session_id2, session_id2_len) != 0))
1157 fail++; 1157 fail++;
1158 xfree(p); 1158 xfree(p);
1159 } 1159 }
@@ -1201,7 +1201,7 @@ monitor_valid_hostbasedblob(u_char *data, u_int datalen, char *cuser,
1201 p = buffer_get_string(&b, &len); 1201 p = buffer_get_string(&b, &len);
1202 if ((session_id2 == NULL) || 1202 if ((session_id2 == NULL) ||
1203 (len != session_id2_len) || 1203 (len != session_id2_len) ||
1204 (memcmp(p, session_id2, session_id2_len) != 0)) 1204 (timingsafe_bcmp(p, session_id2, session_id2_len) != 0))
1205 fail++; 1205 fail++;
1206 xfree(p); 1206 xfree(p);
1207 1207
@@ -1725,9 +1725,9 @@ mm_get_kex(Buffer *m)
1725 1725
1726 kex = xcalloc(1, sizeof(*kex)); 1726 kex = xcalloc(1, sizeof(*kex));
1727 kex->session_id = buffer_get_string(m, &kex->session_id_len); 1727 kex->session_id = buffer_get_string(m, &kex->session_id_len);
1728 if ((session_id2 == NULL) || 1728 if (session_id2 == NULL ||
1729 (kex->session_id_len != session_id2_len) || 1729 kex->session_id_len != session_id2_len ||
1730 (memcmp(kex->session_id, session_id2, session_id2_len) != 0)) 1730 timingsafe_bcmp(kex->session_id, session_id2, session_id2_len) != 0)
1731 fatal("mm_get_get: internal error: bad session id"); 1731 fatal("mm_get_get: internal error: bad session id");
1732 kex->we_need = buffer_get_int(m); 1732 kex->we_need = buffer_get_int(m);
1733 kex->kex[KEX_DH_GRP1_SHA1] = kexdh_server; 1733 kex->kex[KEX_DH_GRP1_SHA1] = kexdh_server;