diff options
Diffstat (limited to 'sshd.c')
-rw-r--r-- | sshd.c | 30 |
1 files changed, 15 insertions, 15 deletions
@@ -11,7 +11,7 @@ | |||
11 | */ | 11 | */ |
12 | 12 | ||
13 | #include "includes.h" | 13 | #include "includes.h" |
14 | RCSID("$OpenBSD: sshd.c,v 1.92 2000/03/16 20:56:15 markus Exp $"); | 14 | RCSID("$OpenBSD: sshd.c,v 1.94 2000/03/23 22:15:34 markus Exp $"); |
15 | 15 | ||
16 | #include "xmalloc.h" | 16 | #include "xmalloc.h" |
17 | #include "rsa.h" | 17 | #include "rsa.h" |
@@ -516,9 +516,6 @@ main(int ac, char **av) | |||
516 | unmounted if desired. */ | 516 | unmounted if desired. */ |
517 | chdir("/"); | 517 | chdir("/"); |
518 | 518 | ||
519 | /* Close connection cleanly after attack. */ | ||
520 | cipher_attack_detected = packet_disconnect; | ||
521 | |||
522 | /* Start listening for a socket, unless started from inetd. */ | 519 | /* Start listening for a socket, unless started from inetd. */ |
523 | if (inetd_flag) { | 520 | if (inetd_flag) { |
524 | int s1, s2; | 521 | int s1, s2; |
@@ -1301,7 +1298,7 @@ do_authloop(struct passwd * pw) | |||
1301 | { | 1298 | { |
1302 | int attempt = 0; | 1299 | int attempt = 0; |
1303 | unsigned int bits; | 1300 | unsigned int bits; |
1304 | BIGNUM *client_host_key_e, *client_host_key_n; | 1301 | RSA *client_host_key; |
1305 | BIGNUM *n; | 1302 | BIGNUM *n; |
1306 | char *client_user = NULL, *password = NULL; | 1303 | char *client_user = NULL, *password = NULL; |
1307 | char user[1024]; | 1304 | char user[1024]; |
@@ -1417,21 +1414,24 @@ do_authloop(struct passwd * pw) | |||
1417 | client_user = packet_get_string(&ulen); | 1414 | client_user = packet_get_string(&ulen); |
1418 | 1415 | ||
1419 | /* Get the client host key. */ | 1416 | /* Get the client host key. */ |
1420 | client_host_key_e = BN_new(); | 1417 | client_host_key = RSA_new(); |
1421 | client_host_key_n = BN_new(); | 1418 | if (client_host_key == NULL) |
1419 | fatal("RSA_new failed"); | ||
1420 | client_host_key->e = BN_new(); | ||
1421 | client_host_key->n = BN_new(); | ||
1422 | if (client_host_key->e == NULL || client_host_key->n == NULL) | ||
1423 | fatal("BN_new failed"); | ||
1422 | bits = packet_get_int(); | 1424 | bits = packet_get_int(); |
1423 | packet_get_bignum(client_host_key_e, &elen); | 1425 | packet_get_bignum(client_host_key->e, &elen); |
1424 | packet_get_bignum(client_host_key_n, &nlen); | 1426 | packet_get_bignum(client_host_key->n, &nlen); |
1425 | 1427 | ||
1426 | if (bits != BN_num_bits(client_host_key_n)) | 1428 | if (bits != BN_num_bits(client_host_key->n)) |
1427 | error("Warning: keysize mismatch for client_host_key: " | 1429 | error("Warning: keysize mismatch for client_host_key: " |
1428 | "actual %d, announced %d", BN_num_bits(client_host_key_n), bits); | 1430 | "actual %d, announced %d", BN_num_bits(client_host_key->n), bits); |
1429 | packet_integrity_check(plen, (4 + ulen) + 4 + elen + nlen, type); | 1431 | packet_integrity_check(plen, (4 + ulen) + 4 + elen + nlen, type); |
1430 | 1432 | ||
1431 | authenticated = auth_rhosts_rsa(pw, client_user, | 1433 | authenticated = auth_rhosts_rsa(pw, client_user, client_host_key); |
1432 | client_host_key_e, client_host_key_n); | 1434 | RSA_free(client_host_key); |
1433 | BN_clear_free(client_host_key_e); | ||
1434 | BN_clear_free(client_host_key_n); | ||
1435 | 1435 | ||
1436 | snprintf(user, sizeof user, " ruser %s", client_user); | 1436 | snprintf(user, sizeof user, " ruser %s", client_user); |
1437 | break; | 1437 | break; |