summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorBen Lindstrom <mouring@eviladmin.org>2001-01-23 00:19:15 +0000
committerBen Lindstrom <mouring@eviladmin.org>2001-01-23 00:19:15 +0000
commitb1985f727950dbb3d5c7de863ae0e2181ace53f8 (patch)
tree7b852c348ec392349a98c68c6218e9fbdb21cc87
parent9dffa01368369d4ce4af3787aa3e254bb015e2fc (diff)
- (bal) OpenBSD Resync
- markus@cvs.openbsd.org 2001/01/22 8:15:00 [auth-krb4.c sshconnect1.c] only AFS needs radix.[ch] - markus@cvs.openbsd.org 2001/01/22 8:32:53 [auth2.c] no need to include; from mouring@etoh.eviladmin.org - stevesk@cvs.openbsd.org 2001/01/22 16:55:21 [key.c] free() -> xfree(); ok markus@ - stevesk@cvs.openbsd.org 2001/01/22 17:22:28 [sshconnect2.c sshd.c] fix memory leaks in SSH2 key exchange; ok markus@
Diffstat
-rw-r--r--ChangeLog14
-rw-r--r--auth-krb4.c7
-rw-r--r--auth2.c3
-rw-r--r--key.c4
-rw-r--r--sshconnect1.c4
-rw-r--r--sshconnect2.c8
-rw-r--r--sshd.c6
7 files changed, 36 insertions, 10 deletions
diff --git a/ChangeLog b/ChangeLog
index 2da32b85..c8319d5a 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -2,6 +2,20 @@
- (bal) regexp.h typo in configure.in. Should have been regex.h
- (bal) SSH_USER_DIR to _PATH_SSH_USER_DIR patch by stevesk@
- (bal) SSH_ASKPASS_DEFAULT to _PATH_SSH_ASKPASS_DEFAULT
+ - (bal) OpenBSD Resync
+ - markus@cvs.openbsd.org 2001/01/22 8:15:00
+ [auth-krb4.c sshconnect1.c]
+ only AFS needs radix.[ch]
+ - markus@cvs.openbsd.org 2001/01/22 8:32:53
+ [auth2.c]
+ no need to include; from mouring@etoh.eviladmin.org
+ - stevesk@cvs.openbsd.org 2001/01/22 16:55:21
+ [key.c]
+ free() -> xfree(); ok markus@
+ - stevesk@cvs.openbsd.org 2001/01/22 17:22:28
+ [sshconnect2.c sshd.c]
+ fix memory leaks in SSH2 key exchange; ok markus@
+
20010122
- (bal) OpenBSD Resync
diff --git a/auth-krb4.c b/auth-krb4.c
index d68806f9..8bb6e3d6 100644
--- a/auth-krb4.c
+++ b/auth-krb4.c
@@ -23,9 +23,8 @@
*/
#include "includes.h"
-RCSID("$OpenBSD: auth-krb4.c,v 1.22 2001/01/21 19:05:41 markus Exp $");
+RCSID("$OpenBSD: auth-krb4.c,v 1.23 2001/01/22 08:15:00 markus Exp $");
-#ifdef KRB4
#include "ssh.h"
#include "ssh1.h"
#include "packet.h"
@@ -33,8 +32,12 @@ RCSID("$OpenBSD: auth-krb4.c,v 1.22 2001/01/21 19:05:41 markus Exp $");
#include "log.h"
#include "servconf.h"
#include "auth.h"
+
+#ifdef AFS
#include "radix.h"
+#endif
+#ifdef KRB4
char *ticket = NULL;
extern ServerOptions options;
diff --git a/auth2.c b/auth2.c
index 0d2214c7..768fedde 100644
--- a/auth2.c
+++ b/auth2.c
@@ -23,7 +23,7 @@
*/
#include "includes.h"
-RCSID("$OpenBSD: auth2.c,v 1.32 2001/01/21 19:05:44 markus Exp $");
+RCSID("$OpenBSD: auth2.c,v 1.33 2001/01/22 08:32:53 markus Exp $");
#ifdef HAVE_OSF_SIA
# include <sia.h>
@@ -51,7 +51,6 @@ RCSID("$OpenBSD: auth2.c,v 1.32 2001/01/21 19:05:44 markus Exp $");
#include "key.h"
#include "kex.h"
#include "pathnames.h"
-
#include "uidswap.h"
#include "auth-options.h"
diff --git a/key.c b/key.c
index a2306fed..8cecce01 100644
--- a/key.c
+++ b/key.c
@@ -32,7 +32,7 @@
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
#include "includes.h"
-RCSID("$OpenBSD: key.c,v 1.15 2001/01/21 19:05:50 markus Exp $");
+RCSID("$OpenBSD: key.c,v 1.16 2001/01/22 16:55:21 stevesk Exp $");
#include <openssl/evp.h>
@@ -258,7 +258,7 @@ write_bignum(FILE *f, BIGNUM *num)
return 0;
}
fprintf(f, " %s", buf);
- free(buf);
+ xfree(buf);
return 1;
}
diff --git a/sshconnect1.c b/sshconnect1.c
index d0c0215c..2c097256 100644
--- a/sshconnect1.c
+++ b/sshconnect1.c
@@ -13,17 +13,17 @@
*/
#include "includes.h"
-RCSID("$OpenBSD: sshconnect1.c,v 1.18 2001/01/21 19:06:00 markus Exp $");
+RCSID("$OpenBSD: sshconnect1.c,v 1.19 2001/01/22 08:15:00 markus Exp $");
#include <openssl/bn.h>
#include <openssl/evp.h>
#ifdef KRB4
#include <krb.h>
-#include "radix.h"
#endif
#ifdef AFS
#include <kafs.h>
+#include "radix.h"
#endif
#include "ssh.h"
diff --git a/sshconnect2.c b/sshconnect2.c
index 6f41b987..1b442287 100644
--- a/sshconnect2.c
+++ b/sshconnect2.c
@@ -23,7 +23,7 @@
*/
#include "includes.h"
-RCSID("$OpenBSD: sshconnect2.c,v 1.37 2001/01/21 19:06:00 markus Exp $");
+RCSID("$OpenBSD: sshconnect2.c,v 1.38 2001/01/22 17:22:28 stevesk Exp $");
#include <openssl/bn.h>
#include <openssl/md5.h>
@@ -248,6 +248,7 @@ ssh_dh1_client(Kex *kex, char *host, struct sockaddr *hostaddr,
);
xfree(server_host_key_blob);
DH_free(dh);
+ BN_free(dh_server_pub);
#ifdef DEBUG_KEXDH
fprintf(stderr, "hash == ");
for (i = 0; i< 20; i++)
@@ -257,8 +258,10 @@ ssh_dh1_client(Kex *kex, char *host, struct sockaddr *hostaddr,
if (key_verify(server_host_key, (u_char *)signature, slen, hash, 20) != 1)
fatal("key_verify failed for server_host_key");
key_free(server_host_key);
+ xfree(signature);
kex_derive_keys(kex, hash, shared_secret);
+ BN_clear_free(shared_secret);
packet_set_kex(kex);
/* save session id */
@@ -420,6 +423,7 @@ ssh_dhgex_client(Kex *kex, char *host, struct sockaddr *hostaddr,
);
xfree(server_host_key_blob);
DH_free(dh);
+ BN_free(dh_server_pub);
#ifdef DEBUG_KEXDH
fprintf(stderr, "hash == ");
for (i = 0; i< 20; i++)
@@ -429,8 +433,10 @@ ssh_dhgex_client(Kex *kex, char *host, struct sockaddr *hostaddr,
if (key_verify(server_host_key, (u_char *)signature, slen, hash, 20) != 1)
fatal("key_verify failed for server_host_key");
key_free(server_host_key);
+ xfree(signature);
kex_derive_keys(kex, hash, shared_secret);
+ BN_clear_free(shared_secret);
packet_set_kex(kex);
/* save session id */
diff --git a/sshd.c b/sshd.c
index 77a17e14..686e7c26 100644
--- a/sshd.c
+++ b/sshd.c
@@ -40,7 +40,7 @@
*/
#include "includes.h"
-RCSID("$OpenBSD: sshd.c,v 1.155 2001/01/21 19:06:00 markus Exp $");
+RCSID("$OpenBSD: sshd.c,v 1.156 2001/01/22 17:22:28 stevesk Exp $");
#include <openssl/dh.h>
#include <openssl/bn.h>
@@ -1531,6 +1531,7 @@ ssh_dh1_server(Kex *kex, Buffer *client_kexinit, Buffer *server_kexinit)
buffer_free(server_kexinit);
xfree(client_kexinit);
xfree(server_kexinit);
+ BN_free(dh_client_pub);
#ifdef DEBUG_KEXDH
fprintf(stderr, "hash == ");
for (i = 0; i< 20; i++)
@@ -1560,6 +1561,7 @@ ssh_dh1_server(Kex *kex, Buffer *client_kexinit, Buffer *server_kexinit)
packet_write_wait();
kex_derive_keys(kex, hash, shared_secret);
+ BN_clear_free(shared_secret);
packet_set_kex(kex);
/* have keys, free DH */
@@ -1673,6 +1675,7 @@ ssh_dhgex_server(Kex *kex, Buffer *client_kexinit, Buffer *server_kexinit)
buffer_free(server_kexinit);
xfree(client_kexinit);
xfree(server_kexinit);
+ BN_free(dh_client_pub);
#ifdef DEBUG_KEXDH
fprintf(stderr, "hash == ");
for (i = 0; i< 20; i++)
@@ -1702,6 +1705,7 @@ ssh_dhgex_server(Kex *kex, Buffer *client_kexinit, Buffer *server_kexinit)
packet_write_wait();
kex_derive_keys(kex, hash, shared_secret);
+ BN_clear_free(shared_secret);
packet_set_kex(kex);
/* have keys, free DH */
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-12 10:42:14 +0000