diff options
Diffstat (limited to 'packet.c')
-rw-r--r-- | packet.c | 27 |
1 files changed, 14 insertions, 13 deletions
@@ -37,7 +37,7 @@ | |||
37 | */ | 37 | */ |
38 | 38 | ||
39 | #include "includes.h" | 39 | #include "includes.h" |
40 | RCSID("$OpenBSD: packet.c,v 1.58 2001/04/04 09:48:34 markus Exp $"); | 40 | RCSID("$OpenBSD: packet.c,v 1.59 2001/04/04 23:09:18 markus Exp $"); |
41 | 41 | ||
42 | #include "xmalloc.h" | 42 | #include "xmalloc.h" |
43 | #include "buffer.h" | 43 | #include "buffer.h" |
@@ -124,16 +124,6 @@ int use_ssh2_packet_format = 0; | |||
124 | Newkeys *newkeys[MODE_MAX]; | 124 | Newkeys *newkeys[MODE_MAX]; |
125 | 125 | ||
126 | void | 126 | void |
127 | clear_enc_keys(Enc *enc, int len) | ||
128 | { | ||
129 | memset(enc->iv, 0, len); | ||
130 | memset(enc->key, 0, len); | ||
131 | xfree(enc->iv); | ||
132 | xfree(enc->key); | ||
133 | enc->iv = NULL; | ||
134 | enc->key = NULL; | ||
135 | } | ||
136 | void | ||
137 | packet_set_ssh2_format(void) | 127 | packet_set_ssh2_format(void) |
138 | { | 128 | { |
139 | DBG(debug("use_ssh2_packet_format")); | 129 | DBG(debug("use_ssh2_packet_format")); |
@@ -524,8 +514,18 @@ set_newkeys(int mode) | |||
524 | cc = (mode == MODE_OUT) ? &send_context : &receive_context; | 514 | cc = (mode == MODE_OUT) ? &send_context : &receive_context; |
525 | if (newkeys[mode] != NULL) { | 515 | if (newkeys[mode] != NULL) { |
526 | debug("newkeys: rekeying"); | 516 | debug("newkeys: rekeying"); |
527 | memset(cc, 0, sizeof(*cc)); | ||
528 | /* todo: free old keys, reset compression/cipher-ctxt; */ | 517 | /* todo: free old keys, reset compression/cipher-ctxt; */ |
518 | memset(cc, 0, sizeof(*cc)); | ||
519 | enc = &newkeys[mode]->enc; | ||
520 | mac = &newkeys[mode]->mac; | ||
521 | comp = &newkeys[mode]->comp; | ||
522 | memset(mac->key, 0, mac->key_len); | ||
523 | xfree(enc->name); | ||
524 | xfree(enc->iv); | ||
525 | xfree(enc->key); | ||
526 | xfree(mac->name); | ||
527 | xfree(mac->key); | ||
528 | xfree(comp->name); | ||
529 | xfree(newkeys[mode]); | 529 | xfree(newkeys[mode]); |
530 | } | 530 | } |
531 | newkeys[mode] = kex_get_newkeys(mode); | 531 | newkeys[mode] = kex_get_newkeys(mode); |
@@ -539,7 +539,8 @@ set_newkeys(int mode) | |||
539 | DBG(debug("cipher_init_context: %d", mode)); | 539 | DBG(debug("cipher_init_context: %d", mode)); |
540 | cipher_init(cc, enc->cipher, enc->key, enc->cipher->key_len, | 540 | cipher_init(cc, enc->cipher, enc->key, enc->cipher->key_len, |
541 | enc->iv, enc->cipher->block_size); | 541 | enc->iv, enc->cipher->block_size); |
542 | clear_enc_keys(enc, enc->cipher->key_len); | 542 | memset(enc->iv, 0, enc->cipher->block_size); |
543 | memset(enc->key, 0, enc->cipher->key_len); | ||
543 | if (comp->type != 0 && comp->enabled == 0) { | 544 | if (comp->type != 0 && comp->enabled == 0) { |
544 | comp->enabled = 1; | 545 | comp->enabled = 1; |
545 | if (! packet_compression) | 546 | if (! packet_compression) |