diff options
| -rw-r--r-- | ChangeLog | 5 | ||||
| -rw-r--r-- | dh.c | 16 | ||||
| -rw-r--r-- | kexdh.c | 6 | ||||
| -rw-r--r-- | kexgex.c | 6 |
4 files changed, 18 insertions, 15 deletions
@@ -45,6 +45,9 @@ - markus@cvs.openbsd.org 2001/12/27 18:26:13 [authfile.c] missing include + - markus@cvs.openbsd.org 2001/12/27 19:37:23 + [dh.c kexdh.c kexgex.c] + always use BN_clear_free instead of BN_free 20020121 - (djm) Rework ssh-rand-helper: @@ -7192,4 +7195,4 @@ - Wrote replacements for strlcpy and mkdtemp - Released 1.0pre1 -$Id: ChangeLog,v 1.1735 2002/01/22 12:10:04 djm Exp $ +$Id: ChangeLog,v 1.1736 2002/01/22 12:10:33 djm Exp $ @@ -23,7 +23,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: dh.c,v 1.18 2001/12/27 18:22:16 markus Exp $"); +RCSID("$OpenBSD: dh.c,v 1.19 2001/12/27 19:37:22 markus Exp $"); #include "xmalloc.h" @@ -94,8 +94,8 @@ parse_prime(int linenum, char *line, struct dhgroup *dhg) return (1); failclean: - BN_free(dhg->g); - BN_free(dhg->p); + BN_clear_free(dhg->g); + BN_clear_free(dhg->p); fail: error("Bad prime description in line %d", linenum); return (0); @@ -122,8 +122,8 @@ choose_dh(int min, int wantbits, int max) linenum++; if (!parse_prime(linenum, line, &dhg)) continue; - BN_free(dhg.g); - BN_free(dhg.p); + BN_clear_free(dhg.g); + BN_clear_free(dhg.p); if (dhg.size > max || dhg.size < min) continue; @@ -152,8 +152,8 @@ choose_dh(int min, int wantbits, int max) if ((dhg.size > max || dhg.size < min) || dhg.size != best || linenum++ != which) { - BN_free(dhg.g); - BN_free(dhg.p); + BN_clear_free(dhg.g); + BN_clear_free(dhg.p); continue; } break; @@ -203,7 +203,7 @@ dh_gen_key(DH *dh, int need) BN_num_bits(dh->p), 2*need); do { if (dh->priv_key != NULL) - BN_free(dh->priv_key); + BN_clear_free(dh->priv_key); if ((dh->priv_key = BN_new()) == NULL) fatal("dh_gen_key: BN_new failed"); /* generate a 2*need bits random private exponent */ @@ -23,7 +23,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: kexdh.c,v 1.8 2001/12/27 18:22:16 markus Exp $"); +RCSID("$OpenBSD: kexdh.c,v 1.9 2001/12/27 19:37:22 markus Exp $"); #include <openssl/crypto.h> #include <openssl/bn.h> @@ -171,7 +171,7 @@ kexdh_client(Kex *kex) shared_secret ); xfree(server_host_key_blob); - BN_free(dh_server_pub); + BN_clear_free(dh_server_pub); DH_free(dh); if (key_verify(server_host_key, signature, slen, hash, 20) != 1) @@ -262,7 +262,7 @@ kexdh_server(Kex *kex) dh->pub_key, shared_secret ); - BN_free(dh_client_pub); + BN_clear_free(dh_client_pub); /* save session id := H */ /* XXX hashlen depends on KEX */ @@ -24,7 +24,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: kexgex.c,v 1.11 2001/12/27 18:22:16 markus Exp $"); +RCSID("$OpenBSD: kexgex.c,v 1.12 2001/12/27 19:37:23 markus Exp $"); #include <openssl/bn.h> @@ -232,7 +232,7 @@ kexgex_client(Kex *kex) /* have keys, free DH */ DH_free(dh); xfree(server_host_key_blob); - BN_free(dh_server_pub); + BN_clear_free(dh_server_pub); if (key_verify(server_host_key, signature, slen, hash, 20) != 1) fatal("key_verify failed for server_host_key"); @@ -365,7 +365,7 @@ kexgex_server(Kex *kex) dh->pub_key, shared_secret ); - BN_free(dh_client_pub); + BN_clear_free(dh_client_pub); /* save session id := H */ /* XXX hashlen depends on KEX */ |