diff options
author | Ben Lindstrom <mouring@eviladmin.org> | 2001-01-23 00:19:15 +0000 |
---|---|---|
committer | Ben Lindstrom <mouring@eviladmin.org> | 2001-01-23 00:19:15 +0000 |
commit | b1985f727950dbb3d5c7de863ae0e2181ace53f8 (patch) | |
tree | 7b852c348ec392349a98c68c6218e9fbdb21cc87 | |
parent | 9dffa01368369d4ce4af3787aa3e254bb015e2fc (diff) |
- (bal) OpenBSD Resync
- markus@cvs.openbsd.org 2001/01/22 8:15:00
[auth-krb4.c sshconnect1.c]
only AFS needs radix.[ch]
- markus@cvs.openbsd.org 2001/01/22 8:32:53
[auth2.c]
no need to include; from mouring@etoh.eviladmin.org
- stevesk@cvs.openbsd.org 2001/01/22 16:55:21
[key.c]
free() -> xfree(); ok markus@
- stevesk@cvs.openbsd.org 2001/01/22 17:22:28
[sshconnect2.c sshd.c]
fix memory leaks in SSH2 key exchange; ok markus@
-rw-r--r-- | ChangeLog | 14 | ||||
-rw-r--r-- | auth-krb4.c | 7 | ||||
-rw-r--r-- | auth2.c | 3 | ||||
-rw-r--r-- | key.c | 4 | ||||
-rw-r--r-- | sshconnect1.c | 4 | ||||
-rw-r--r-- | sshconnect2.c | 8 | ||||
-rw-r--r-- | sshd.c | 6 |
7 files changed, 36 insertions, 10 deletions
@@ -2,6 +2,20 @@ - (bal) regexp.h typo in configure.in. Should have been regex.h - (bal) SSH_USER_DIR to _PATH_SSH_USER_DIR patch by stevesk@ - (bal) SSH_ASKPASS_DEFAULT to _PATH_SSH_ASKPASS_DEFAULT + - (bal) OpenBSD Resync + - markus@cvs.openbsd.org 2001/01/22 8:15:00 + [auth-krb4.c sshconnect1.c] + only AFS needs radix.[ch] + - markus@cvs.openbsd.org 2001/01/22 8:32:53 + [auth2.c] + no need to include; from mouring@etoh.eviladmin.org + - stevesk@cvs.openbsd.org 2001/01/22 16:55:21 + [key.c] + free() -> xfree(); ok markus@ + - stevesk@cvs.openbsd.org 2001/01/22 17:22:28 + [sshconnect2.c sshd.c] + fix memory leaks in SSH2 key exchange; ok markus@ + 20010122 - (bal) OpenBSD Resync diff --git a/auth-krb4.c b/auth-krb4.c index d68806f9..8bb6e3d6 100644 --- a/auth-krb4.c +++ b/auth-krb4.c @@ -23,9 +23,8 @@ */ #include "includes.h" -RCSID("$OpenBSD: auth-krb4.c,v 1.22 2001/01/21 19:05:41 markus Exp $"); +RCSID("$OpenBSD: auth-krb4.c,v 1.23 2001/01/22 08:15:00 markus Exp $"); -#ifdef KRB4 #include "ssh.h" #include "ssh1.h" #include "packet.h" @@ -33,8 +32,12 @@ RCSID("$OpenBSD: auth-krb4.c,v 1.22 2001/01/21 19:05:41 markus Exp $"); #include "log.h" #include "servconf.h" #include "auth.h" + +#ifdef AFS #include "radix.h" +#endif +#ifdef KRB4 char *ticket = NULL; extern ServerOptions options; @@ -23,7 +23,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: auth2.c,v 1.32 2001/01/21 19:05:44 markus Exp $"); +RCSID("$OpenBSD: auth2.c,v 1.33 2001/01/22 08:32:53 markus Exp $"); #ifdef HAVE_OSF_SIA # include <sia.h> @@ -51,7 +51,6 @@ RCSID("$OpenBSD: auth2.c,v 1.32 2001/01/21 19:05:44 markus Exp $"); #include "key.h" #include "kex.h" #include "pathnames.h" - #include "uidswap.h" #include "auth-options.h" @@ -32,7 +32,7 @@ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ #include "includes.h" -RCSID("$OpenBSD: key.c,v 1.15 2001/01/21 19:05:50 markus Exp $"); +RCSID("$OpenBSD: key.c,v 1.16 2001/01/22 16:55:21 stevesk Exp $"); #include <openssl/evp.h> @@ -258,7 +258,7 @@ write_bignum(FILE *f, BIGNUM *num) return 0; } fprintf(f, " %s", buf); - free(buf); + xfree(buf); return 1; } diff --git a/sshconnect1.c b/sshconnect1.c index d0c0215c..2c097256 100644 --- a/sshconnect1.c +++ b/sshconnect1.c @@ -13,17 +13,17 @@ */ #include "includes.h" -RCSID("$OpenBSD: sshconnect1.c,v 1.18 2001/01/21 19:06:00 markus Exp $"); +RCSID("$OpenBSD: sshconnect1.c,v 1.19 2001/01/22 08:15:00 markus Exp $"); #include <openssl/bn.h> #include <openssl/evp.h> #ifdef KRB4 #include <krb.h> -#include "radix.h" #endif #ifdef AFS #include <kafs.h> +#include "radix.h" #endif #include "ssh.h" diff --git a/sshconnect2.c b/sshconnect2.c index 6f41b987..1b442287 100644 --- a/sshconnect2.c +++ b/sshconnect2.c @@ -23,7 +23,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: sshconnect2.c,v 1.37 2001/01/21 19:06:00 markus Exp $"); +RCSID("$OpenBSD: sshconnect2.c,v 1.38 2001/01/22 17:22:28 stevesk Exp $"); #include <openssl/bn.h> #include <openssl/md5.h> @@ -248,6 +248,7 @@ ssh_dh1_client(Kex *kex, char *host, struct sockaddr *hostaddr, ); xfree(server_host_key_blob); DH_free(dh); + BN_free(dh_server_pub); #ifdef DEBUG_KEXDH fprintf(stderr, "hash == "); for (i = 0; i< 20; i++) @@ -257,8 +258,10 @@ ssh_dh1_client(Kex *kex, char *host, struct sockaddr *hostaddr, if (key_verify(server_host_key, (u_char *)signature, slen, hash, 20) != 1) fatal("key_verify failed for server_host_key"); key_free(server_host_key); + xfree(signature); kex_derive_keys(kex, hash, shared_secret); + BN_clear_free(shared_secret); packet_set_kex(kex); /* save session id */ @@ -420,6 +423,7 @@ ssh_dhgex_client(Kex *kex, char *host, struct sockaddr *hostaddr, ); xfree(server_host_key_blob); DH_free(dh); + BN_free(dh_server_pub); #ifdef DEBUG_KEXDH fprintf(stderr, "hash == "); for (i = 0; i< 20; i++) @@ -429,8 +433,10 @@ ssh_dhgex_client(Kex *kex, char *host, struct sockaddr *hostaddr, if (key_verify(server_host_key, (u_char *)signature, slen, hash, 20) != 1) fatal("key_verify failed for server_host_key"); key_free(server_host_key); + xfree(signature); kex_derive_keys(kex, hash, shared_secret); + BN_clear_free(shared_secret); packet_set_kex(kex); /* save session id */ @@ -40,7 +40,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: sshd.c,v 1.155 2001/01/21 19:06:00 markus Exp $"); +RCSID("$OpenBSD: sshd.c,v 1.156 2001/01/22 17:22:28 stevesk Exp $"); #include <openssl/dh.h> #include <openssl/bn.h> @@ -1531,6 +1531,7 @@ ssh_dh1_server(Kex *kex, Buffer *client_kexinit, Buffer *server_kexinit) buffer_free(server_kexinit); xfree(client_kexinit); xfree(server_kexinit); + BN_free(dh_client_pub); #ifdef DEBUG_KEXDH fprintf(stderr, "hash == "); for (i = 0; i< 20; i++) @@ -1560,6 +1561,7 @@ ssh_dh1_server(Kex *kex, Buffer *client_kexinit, Buffer *server_kexinit) packet_write_wait(); kex_derive_keys(kex, hash, shared_secret); + BN_clear_free(shared_secret); packet_set_kex(kex); /* have keys, free DH */ @@ -1673,6 +1675,7 @@ ssh_dhgex_server(Kex *kex, Buffer *client_kexinit, Buffer *server_kexinit) buffer_free(server_kexinit); xfree(client_kexinit); xfree(server_kexinit); + BN_free(dh_client_pub); #ifdef DEBUG_KEXDH fprintf(stderr, "hash == "); for (i = 0; i< 20; i++) @@ -1702,6 +1705,7 @@ ssh_dhgex_server(Kex *kex, Buffer *client_kexinit, Buffer *server_kexinit) packet_write_wait(); kex_derive_keys(kex, hash, shared_secret); + BN_clear_free(shared_secret); packet_set_kex(kex); /* have keys, free DH */ |