- otto@cvs.openbsd.org 2006/10/28 18:08:10
[ssh.1]
correct/expand example of usage of -w; ok jmc@ stevesk@
+ - markus@cvs.openbsd.org 2006/10/31 16:33:12
+ [kexdhc.c kexdhs.c kexgexc.c kexgexs.c]
+ check DH_compute_key() for -1 even if it should not happen because of
+ earlier calls to dh_pub_is_valid(); report krahmer at suse.de; ok djm
20061101
- (dtucker) [openbsd-compat/port-solaris.c] Bug #1255: Make only hwerr
-/* $OpenBSD: kexdhc.c,v 1.9 2006/08/03 03:34:42 deraadt Exp $ */
+/* $OpenBSD: kexdhc.c,v 1.10 2006/10/31 16:33:12 markus Exp $ */
/*
* Copyright (c) 2001 Markus Friedl. All rights reserved.
*
Key *server_host_key;
u_char *server_host_key_blob = NULL, *signature = NULL;
u_char *kbuf, *hash;
- u_int klen, kout, slen, sbloblen, hashlen;
+ u_int klen, slen, sbloblen, hashlen;
+ int kout;
/* generate and send 'e', client DH public key */
switch (kex->kex_type) {
klen = DH_size(dh);
kbuf = xmalloc(klen);
- kout = DH_compute_key(kbuf, dh_server_pub, dh);
+ if ((kout = DH_compute_key(kbuf, dh_server_pub, dh)) < 0)
+ fatal("DH_compute_key: failed");
#ifdef DEBUG_KEXDH
dump_digest("shared secret", kbuf, kout);
#endif
-/* $OpenBSD: kexdhs.c,v 1.7 2006/08/03 03:34:42 deraadt Exp $ */
+/* $OpenBSD: kexdhs.c,v 1.8 2006/10/31 16:33:12 markus Exp $ */
/*
* Copyright (c) 2001 Markus Friedl. All rights reserved.
*
DH *dh;
Key *server_host_key;
u_char *kbuf, *hash, *signature = NULL, *server_host_key_blob = NULL;
- u_int sbloblen, klen, kout, hashlen;
- u_int slen;
+ u_int sbloblen, klen, hashlen, slen;
+ int kout;
/* generate server DH public key */
switch (kex->kex_type) {
klen = DH_size(dh);
kbuf = xmalloc(klen);
- kout = DH_compute_key(kbuf, dh_client_pub, dh);
+ if ((kout = DH_compute_key(kbuf, dh_client_pub, dh)) < 0)
+ fatal("DH_compute_key: failed");
#ifdef DEBUG_KEXDH
dump_digest("shared secret", kbuf, kout);
#endif
-/* $OpenBSD: kexgexc.c,v 1.9 2006/08/03 03:34:42 deraadt Exp $ */
+/* $OpenBSD: kexgexc.c,v 1.10 2006/10/31 16:33:12 markus Exp $ */
/*
* Copyright (c) 2000 Niels Provos. All rights reserved.
* Copyright (c) 2001 Markus Friedl. All rights reserved.
BIGNUM *p = NULL, *g = NULL;
Key *server_host_key;
u_char *kbuf, *hash, *signature = NULL, *server_host_key_blob = NULL;
- u_int klen, kout, slen, sbloblen, hashlen;
+ u_int klen, slen, sbloblen, hashlen;
+ int kout;
int min, max, nbits;
DH *dh;
klen = DH_size(dh);
kbuf = xmalloc(klen);
- kout = DH_compute_key(kbuf, dh_server_pub, dh);
+ if ((kout = DH_compute_key(kbuf, dh_server_pub, dh)) < 0)
+ fatal("DH_compute_key: failed");
#ifdef DEBUG_KEXDH
dump_digest("shared secret", kbuf, kout);
#endif
-/* $OpenBSD: kexgexs.c,v 1.8 2006/08/03 03:34:42 deraadt Exp $ */
+/* $OpenBSD: kexgexs.c,v 1.9 2006/10/31 16:33:12 markus Exp $ */
/*
* Copyright (c) 2000 Niels Provos. All rights reserved.
* Copyright (c) 2001 Markus Friedl. All rights reserved.
Key *server_host_key;
DH *dh;
u_char *kbuf, *hash, *signature = NULL, *server_host_key_blob = NULL;
- u_int sbloblen, klen, kout, slen, hashlen;
- int min = -1, max = -1, nbits = -1, type;
+ u_int sbloblen, klen, slen, hashlen;
+ int min = -1, max = -1, nbits = -1, type, kout;
if (kex->load_host_key == NULL)
fatal("Cannot load hostkey");
klen = DH_size(dh);
kbuf = xmalloc(klen);
- kout = DH_compute_key(kbuf, dh_client_pub, dh);
+ if ((kout = DH_compute_key(kbuf, dh_client_pub, dh)) < 0)
+ fatal("DH_compute_key: failed");
#ifdef DEBUG_KEXDH
dump_digest("shared secret", kbuf, kout);
#endif