From b1985f727950dbb3d5c7de863ae0e2181ace53f8 Mon Sep 17 00:00:00 2001
From: Ben Lindstrom <mouring@eviladmin.org>
Date: Tue, 23 Jan 2001 00:19:15 +0000
Subject:  - (bal) OpenBSD Resync    - markus@cvs.openbsd.org 2001/01/22
 8:15:00      [auth-krb4.c sshconnect1.c]      only AFS needs radix.[ch]    -
 markus@cvs.openbsd.org 2001/01/22 8:32:53      [auth2.c]      no need to
 include; from mouring@etoh.eviladmin.org    - stevesk@cvs.openbsd.org
 2001/01/22 16:55:21      [key.c]      free() -> xfree(); ok markus@    -
 stevesk@cvs.openbsd.org 2001/01/22 17:22:28      [sshconnect2.c sshd.c]     
 fix memory leaks in SSH2 key exchange; ok markus@

---
 sshconnect2.c | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

(limited to 'sshconnect2.c')

diff --git a/sshconnect2.c b/sshconnect2.c
index 6f41b987..1b442287 100644
--- a/sshconnect2.c
+++ b/sshconnect2.c
@@ -23,7 +23,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: sshconnect2.c,v 1.37 2001/01/21 19:06:00 markus Exp $");
+RCSID("$OpenBSD: sshconnect2.c,v 1.38 2001/01/22 17:22:28 stevesk Exp $");
 
 #include <openssl/bn.h>
 #include <openssl/md5.h>
@@ -248,6 +248,7 @@ ssh_dh1_client(Kex *kex, char *host, struct sockaddr *hostaddr,
 	);
 	xfree(server_host_key_blob);
 	DH_free(dh);
+	BN_free(dh_server_pub);
 #ifdef DEBUG_KEXDH
 	fprintf(stderr, "hash == ");
 	for (i = 0; i< 20; i++)
@@ -257,8 +258,10 @@ ssh_dh1_client(Kex *kex, char *host, struct sockaddr *hostaddr,
 	if (key_verify(server_host_key, (u_char *)signature, slen, hash, 20) != 1)
 		fatal("key_verify failed for server_host_key");
 	key_free(server_host_key);
+	xfree(signature);
 
 	kex_derive_keys(kex, hash, shared_secret);
+	BN_clear_free(shared_secret);
 	packet_set_kex(kex);
 
 	/* save session id */
@@ -420,6 +423,7 @@ ssh_dhgex_client(Kex *kex, char *host, struct sockaddr *hostaddr,
 	);
 	xfree(server_host_key_blob);
 	DH_free(dh);
+	BN_free(dh_server_pub);
 #ifdef DEBUG_KEXDH
 	fprintf(stderr, "hash == ");
 	for (i = 0; i< 20; i++)
@@ -429,8 +433,10 @@ ssh_dhgex_client(Kex *kex, char *host, struct sockaddr *hostaddr,
 	if (key_verify(server_host_key, (u_char *)signature, slen, hash, 20) != 1)
 		fatal("key_verify failed for server_host_key");
 	key_free(server_host_key);
+	xfree(signature);
 
 	kex_derive_keys(kex, hash, shared_secret);
+	BN_clear_free(shared_secret);
 	packet_set_kex(kex);
 
 	/* save session id */
-- 
cgit v1.2.3