]> andersk Git - openssh.git/blobdiff - kexgex.c
andersk / openssh.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
oops, that last commit was really:
[openssh.git] / kexgex.c
diff --git a/kexgex.c b/kexgex.c
index f06f2c355243577ed2c079bc109d9b91fbabddfe..49f639c61cab0ffa81437e1f45c4a0fd7e123326 100644 (file)
--- a/kexgex.c
+++ b/kexgex.c
@@ -24,7 +24,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: kexgex.c,v 1.9 2001/09/17 19:27:15 stevesk Exp $");
+RCSID("$OpenBSD: kexgex.c,v 1.13 2001/12/28 12:14:27 markus Exp $");
 
 #include <openssl/bn.h>
 
@@ -146,7 +146,7 @@ kexgex_client(Kex *kex)
        if ((g = BN_new()) == NULL)
                fatal("BN_new");
        packet_get_bignum2(g, &dlen);
-       packet_done();
+       packet_check_eom();
 
        if (BN_num_bits(p) < min || BN_num_bits(p) > max)
                fatal("DH_GEX group out of range: %d !< %d !< %d",
@@ -183,8 +183,7 @@ kexgex_client(Kex *kex)
                fatal("server_host_key verification failed");
 
        /* DH paramter f, server public DH key */
-       dh_server_pub = BN_new();
-       if (dh_server_pub == NULL)
+       if ((dh_server_pub = BN_new()) == NULL)
                fatal("dh_server_pub == NULL");
        packet_get_bignum2(dh_server_pub, &dlen);
 
@@ -197,7 +196,7 @@ kexgex_client(Kex *kex)
 
        /* signed H */
        signature = packet_get_string(&slen);
-       packet_done();
+       packet_check_eom();
 
        if (!dh_pub_is_valid(dh, dh_server_pub))
                packet_disconnect("bad server public DH value");
@@ -208,7 +207,8 @@ kexgex_client(Kex *kex)
 #ifdef DEBUG_KEXDH
        dump_digest("shared secret", kbuf, kout);
 #endif
-       shared_secret = BN_new();
+       if ((shared_secret = BN_new()) == NULL)
+               fatal("kexgex_client: BN_new failed");
        BN_bin2bn(kbuf, kout, shared_secret);
        memset(kbuf, 0, klen);
        xfree(kbuf);
@@ -232,7 +232,7 @@ kexgex_client(Kex *kex)
        /* have keys, free DH */
        DH_free(dh);
        xfree(server_host_key_blob);
-       BN_free(dh_server_pub);
+       BN_clear_free(dh_server_pub);
 
        if (key_verify(server_host_key, signature, slen, hash, 20) != 1)
                fatal("key_verify failed for server_host_key");
@@ -270,7 +270,7 @@ kexgex_server(Kex *kex)
                fatal("Unsupported hostkey type %d", kex->hostkey_type);
 
        type = packet_read(&plen);
-       switch(type){
+       switch (type) {
        case SSH2_MSG_KEX_DH_GEX_REQUEST:
                debug("SSH2_MSG_KEX_DH_GEX_REQUEST received");
                min = packet_get_int();
@@ -289,7 +289,7 @@ kexgex_server(Kex *kex)
        default:
                fatal("protocol error during kex, no DH_GEX_REQUEST: %d", type);
        }
-       packet_done();
+       packet_check_eom();
 
        if (max < min || nbits < min || max < nbits)
                fatal("DH_GEX_REQUEST, bad parameters: %d !< %d !< %d",
@@ -315,8 +315,7 @@ kexgex_server(Kex *kex)
        packet_read_expect(&plen, SSH2_MSG_KEX_DH_GEX_INIT);
 
        /* key, cert */
-       dh_client_pub = BN_new();
-       if (dh_client_pub == NULL)
+       if ((dh_client_pub = BN_new()) == NULL)
                fatal("dh_client_pub == NULL");
        packet_get_bignum2(dh_client_pub, &dlen);
 
@@ -342,7 +341,8 @@ kexgex_server(Kex *kex)
 #ifdef DEBUG_KEXDH
        dump_digest("shared secret", kbuf, kout);
 #endif
-       shared_secret = BN_new();
+       if ((shared_secret = BN_new()) == NULL)
+               fatal("kexgex_server: BN_new failed");
        BN_bin2bn(kbuf, kout, shared_secret);
        memset(kbuf, 0, klen);
        xfree(kbuf);
@@ -365,7 +365,7 @@ kexgex_server(Kex *kex)
            dh->pub_key,
            shared_secret
        );
-       BN_free(dh_client_pub);
+       BN_clear_free(dh_client_pub);
 
        /* save session id := H */
        /* XXX hashlen depends on KEX */
git-cvsimport mirror of OpenSSH
This page took 0.043217 seconds and 4 git commands to generate.