diff options
Diffstat (limited to 'sshd.c')
-rw-r--r-- | sshd.c | 51 |
1 files changed, 31 insertions, 20 deletions
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: sshd.c,v 1.466 2016/03/07 19:02:43 djm Exp $ */ | 1 | /* $OpenBSD: sshd.c,v 1.467 2016/05/02 08:49:03 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
@@ -845,8 +845,8 @@ list_hostkey_types(void) | |||
845 | break; | 845 | break; |
846 | } | 846 | } |
847 | } | 847 | } |
848 | buffer_append(&b, "\0", 1); | 848 | if ((ret = sshbuf_dup_string(&b)) == NULL) |
849 | ret = xstrdup(buffer_ptr(&b)); | 849 | fatal("%s: sshbuf_dup_string failed", __func__); |
850 | buffer_free(&b); | 850 | buffer_free(&b); |
851 | debug("list_hostkey_types: %s", ret); | 851 | debug("list_hostkey_types: %s", ret); |
852 | return ret; | 852 | return ret; |
@@ -1027,12 +1027,13 @@ usage(void) | |||
1027 | } | 1027 | } |
1028 | 1028 | ||
1029 | static void | 1029 | static void |
1030 | send_rexec_state(int fd, Buffer *conf) | 1030 | send_rexec_state(int fd, struct sshbuf *conf) |
1031 | { | 1031 | { |
1032 | Buffer m; | 1032 | struct sshbuf *m; |
1033 | int r; | ||
1033 | 1034 | ||
1034 | debug3("%s: entering fd = %d config len %d", __func__, fd, | 1035 | debug3("%s: entering fd = %d config len %zu", __func__, fd, |
1035 | buffer_len(conf)); | 1036 | sshbuf_len(conf)); |
1036 | 1037 | ||
1037 | /* | 1038 | /* |
1038 | * Protocol from reexec master to child: | 1039 | * Protocol from reexec master to child: |
@@ -1046,31 +1047,41 @@ send_rexec_state(int fd, Buffer *conf) | |||
1046 | * bignum q " | 1047 | * bignum q " |
1047 | * string rngseed (only if OpenSSL is not self-seeded) | 1048 | * string rngseed (only if OpenSSL is not self-seeded) |
1048 | */ | 1049 | */ |
1049 | buffer_init(&m); | 1050 | if ((m = sshbuf_new()) == NULL) |
1050 | buffer_put_cstring(&m, buffer_ptr(conf)); | 1051 | fatal("%s: sshbuf_new failed", __func__); |
1052 | if ((r = sshbuf_put_stringb(m, conf)) != 0) | ||
1053 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); | ||
1051 | 1054 | ||
1052 | #ifdef WITH_SSH1 | 1055 | #ifdef WITH_SSH1 |
1053 | if (sensitive_data.server_key != NULL && | 1056 | if (sensitive_data.server_key != NULL && |
1054 | sensitive_data.server_key->type == KEY_RSA1) { | 1057 | sensitive_data.server_key->type == KEY_RSA1) { |
1055 | buffer_put_int(&m, 1); | 1058 | if ((r = sshbuf_put_u32(m, 1)) != 0 || |
1056 | buffer_put_bignum(&m, sensitive_data.server_key->rsa->e); | 1059 | (r = sshbuf_put_bignum1(m, |
1057 | buffer_put_bignum(&m, sensitive_data.server_key->rsa->n); | 1060 | sensitive_data.server_key->rsa->e)) != 0 || |
1058 | buffer_put_bignum(&m, sensitive_data.server_key->rsa->d); | 1061 | (r = sshbuf_put_bignum1(m, |
1059 | buffer_put_bignum(&m, sensitive_data.server_key->rsa->iqmp); | 1062 | sensitive_data.server_key->rsa->n)) != 0 || |
1060 | buffer_put_bignum(&m, sensitive_data.server_key->rsa->p); | 1063 | (r = sshbuf_put_bignum1(m, |
1061 | buffer_put_bignum(&m, sensitive_data.server_key->rsa->q); | 1064 | sensitive_data.server_key->rsa->d)) != 0 || |
1065 | (r = sshbuf_put_bignum1(m, | ||
1066 | sensitive_data.server_key->rsa->iqmp)) != 0 || | ||
1067 | (r = sshbuf_put_bignum1(m, | ||
1068 | sensitive_data.server_key->rsa->p)) != 0 || | ||
1069 | (r = sshbuf_put_bignum1(m, | ||
1070 | sensitive_data.server_key->rsa->q)) != 0) | ||
1071 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); | ||
1062 | } else | 1072 | } else |
1063 | #endif | 1073 | #endif |
1064 | buffer_put_int(&m, 0); | 1074 | if ((r = sshbuf_put_u32(m, 1)) != 0) |
1075 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); | ||
1065 | 1076 | ||
1066 | #if defined(WITH_OPENSSL) && !defined(OPENSSL_PRNG_ONLY) | 1077 | #if defined(WITH_OPENSSL) && !defined(OPENSSL_PRNG_ONLY) |
1067 | rexec_send_rng_seed(&m); | 1078 | rexec_send_rng_seed(m); |
1068 | #endif | 1079 | #endif |
1069 | 1080 | ||
1070 | if (ssh_msg_send(fd, 0, &m) == -1) | 1081 | if (ssh_msg_send(fd, 0, m) == -1) |
1071 | fatal("%s: ssh_msg_send failed", __func__); | 1082 | fatal("%s: ssh_msg_send failed", __func__); |
1072 | 1083 | ||
1073 | buffer_free(&m); | 1084 | sshbuf_free(m); |
1074 | 1085 | ||
1075 | debug3("%s: done", __func__); | 1086 | debug3("%s: done", __func__); |
1076 | } | 1087 | } |