diff options
| author | Ben Lindstrom <mouring@eviladmin.org> | 2001-01-23 00:19:15 +0000 |
|---|---|---|
| committer | Ben Lindstrom <mouring@eviladmin.org> | 2001-01-23 00:19:15 +0000 |
| commit | b1985f727950dbb3d5c7de863ae0e2181ace53f8 (patch) | |
| tree | 7b852c348ec392349a98c68c6218e9fbdb21cc87 /sshconnect2.c | |
| parent | 9dffa01368369d4ce4af3787aa3e254bb015e2fc (diff) | |
- (bal) OpenBSD Resync
- markus@cvs.openbsd.org 2001/01/22 8:15:00
[auth-krb4.c sshconnect1.c]
only AFS needs radix.[ch]
- markus@cvs.openbsd.org 2001/01/22 8:32:53
[auth2.c]
no need to include; from mouring@etoh.eviladmin.org
- stevesk@cvs.openbsd.org 2001/01/22 16:55:21
[key.c]
free() -> xfree(); ok markus@
- stevesk@cvs.openbsd.org 2001/01/22 17:22:28
[sshconnect2.c sshd.c]
fix memory leaks in SSH2 key exchange; ok markus@
Diffstat (limited to 'sshconnect2.c')
| -rw-r--r-- | sshconnect2.c | 8 |
1 files changed, 7 insertions, 1 deletions
diff --git a/sshconnect2.c b/sshconnect2.c index 6f41b987..1b442287 100644 --- a/sshconnect2.c +++ b/sshconnect2.c @@ -23,7 +23,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: sshconnect2.c,v 1.37 2001/01/21 19:06:00 markus Exp $"); +RCSID("$OpenBSD: sshconnect2.c,v 1.38 2001/01/22 17:22:28 stevesk Exp $"); #include <openssl/bn.h> #include <openssl/md5.h> @@ -248,6 +248,7 @@ ssh_dh1_client(Kex *kex, char *host, struct sockaddr *hostaddr, ); xfree(server_host_key_blob); DH_free(dh); + BN_free(dh_server_pub); #ifdef DEBUG_KEXDH fprintf(stderr, "hash == "); for (i = 0; i< 20; i++) @@ -257,8 +258,10 @@ ssh_dh1_client(Kex *kex, char *host, struct sockaddr *hostaddr, if (key_verify(server_host_key, (u_char *)signature, slen, hash, 20) != 1) fatal("key_verify failed for server_host_key"); key_free(server_host_key); + xfree(signature); kex_derive_keys(kex, hash, shared_secret); + BN_clear_free(shared_secret); packet_set_kex(kex); /* save session id */ @@ -420,6 +423,7 @@ ssh_dhgex_client(Kex *kex, char *host, struct sockaddr *hostaddr, ); xfree(server_host_key_blob); DH_free(dh); + BN_free(dh_server_pub); #ifdef DEBUG_KEXDH fprintf(stderr, "hash == "); for (i = 0; i< 20; i++) @@ -429,8 +433,10 @@ ssh_dhgex_client(Kex *kex, char *host, struct sockaddr *hostaddr, if (key_verify(server_host_key, (u_char *)signature, slen, hash, 20) != 1) fatal("key_verify failed for server_host_key"); key_free(server_host_key); + xfree(signature); kex_derive_keys(kex, hash, shared_secret); + BN_clear_free(shared_secret); packet_set_kex(kex); /* save session id */ |