diff options
-rw-r--r-- | ChangeLog | 5 | ||||
-rw-r--r-- | kex.c | 3 | ||||
-rw-r--r-- | kexdh.c | 3 | ||||
-rw-r--r-- | kexgex.c | 3 |
4 files changed, 10 insertions, 4 deletions
@@ -23,6 +23,9 @@ - markus@cvs.openbsd.org 2002/02/22 12:20:34 [log.c log.h ssh-keyscan.c] overwrite fatal() in ssh-keyscan.c; fixes pr 2354; ok provos@ + - markus@cvs.openbsd.org 2002/02/23 17:59:02 + [kex.c kexdh.c kexgex.c] + don't allow garbage after payload. 20020225 - (bal) Last AIX patch. Moved aix_usrinfo() outside of do_setuserconext() @@ -7696,4 +7699,4 @@ - Wrote replacements for strlcpy and mkdtemp - Released 1.0pre1 -$Id: ChangeLog,v 1.1879 2002/02/26 17:52:14 mouring Exp $ +$Id: ChangeLog,v 1.1880 2002/02/26 17:58:29 mouring Exp $ @@ -23,7 +23,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: kex.c,v 1.45 2002/02/14 23:41:01 markus Exp $"); +RCSID("$OpenBSD: kex.c,v 1.46 2002/02/23 17:59:02 markus Exp $"); #include <openssl/crypto.h> @@ -132,6 +132,7 @@ kex_finish(Kex *kex) debug("waiting for SSH2_MSG_NEWKEYS"); packet_read_expect(SSH2_MSG_NEWKEYS); + packet_check_eom(); debug("SSH2_MSG_NEWKEYS received"); kex->done = 1; @@ -23,7 +23,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: kexdh.c,v 1.14 2002/01/31 13:35:11 markus Exp $"); +RCSID("$OpenBSD: kexdh.c,v 1.15 2002/02/23 17:59:02 markus Exp $"); #include <openssl/crypto.h> #include <openssl/bn.h> @@ -220,6 +220,7 @@ kexdh_server(Kex *kex) if ((dh_client_pub = BN_new()) == NULL) fatal("dh_client_pub == NULL"); packet_get_bignum2(dh_client_pub); + packet_check_eom(); #ifdef DEBUG_KEXDH fprintf(stderr, "dh_client_pub= "); @@ -24,7 +24,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: kexgex.c,v 1.17 2002/01/31 13:35:11 markus Exp $"); +RCSID("$OpenBSD: kexgex.c,v 1.18 2002/02/23 17:59:02 markus Exp $"); #include <openssl/bn.h> @@ -319,6 +319,7 @@ kexgex_server(Kex *kex) if ((dh_client_pub = BN_new()) == NULL) fatal("dh_client_pub == NULL"); packet_get_bignum2(dh_client_pub); + packet_check_eom(); #ifdef DEBUG_KEXDH fprintf(stderr, "dh_client_pub= "); |