20061107
- (dtucker) [sshd.c] Use privsep_pw if we have it, but only require it
if we absolutely need it. Pointed out by Corinna, ok djm@
+ - (dtucker) OpenBSD CVS Sync
+ - markus@cvs.openbsd.org 2006/11/06 21:25:28
+ [auth-rsa.c kexgexc.c kexdhs.c key.c ssh-dss.c sshd.c kexgexs.c
+ ssh-keygen.c bufbn.c moduli.c scard.c kexdhc.c sshconnect1.c dh.c rsa.c]
+ add missing checks for openssl return codes; with & ok djm@
20061105
- (djm) OpenBSD CVS Sync
-/* $OpenBSD: auth-rsa.c,v 1.71 2006/08/03 03:34:41 deraadt Exp $ */
+/* $OpenBSD: auth-rsa.c,v 1.72 2006/11/06 21:25:27 markus Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
if ((challenge = BN_new()) == NULL)
fatal("auth_rsa_generate_challenge: BN_new() failed");
/* Generate a random challenge. */
- BN_rand(challenge, 256, 0, 0);
+ if (BN_rand(challenge, 256, 0, 0) == 0)
+ fatal("auth_rsa_generate_challenge: BN_rand failed");
if ((ctx = BN_CTX_new()) == NULL)
- fatal("auth_rsa_generate_challenge: BN_CTX_new() failed");
- BN_mod(challenge, challenge, key->rsa->n, ctx);
+ fatal("auth_rsa_generate_challenge: BN_CTX_new failed");
+ if (BN_mod(challenge, challenge, key->rsa->n, ctx) == 0)
+ fatal("auth_rsa_generate_challenge: BN_mod failed");
BN_CTX_free(ctx);
return challenge;
-/* $OpenBSD: bufbn.c,v 1.3 2006/08/03 03:34:41 deraadt Exp $*/
+/* $OpenBSD: bufbn.c,v 1.4 2006/11/06 21:25:28 markus Exp $*/
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
return (-1);
}
bin = buffer_ptr(buffer);
- BN_bin2bn(bin, bytes, value);
+ if (BN_bin2bn(bin, bytes, value) == NULL) {
+ error("buffer_get_bignum_ret: BN_bin2bn failed");
+ return (-1);
+ }
if (buffer_consume_ret(buffer, bytes) == -1) {
error("buffer_get_bignum_ret: buffer_consume failed");
return (-1);
xfree(bin);
return (-1);
}
- BN_bin2bn(bin, len, value);
+ if (BN_bin2bn(bin, len, value) == NULL) {
+ error("buffer_get_bignum2_ret: BN_bin2bn failed");
+ return (-1);
+ }
xfree(bin);
return (0);
}
-/* $OpenBSD: dh.c,v 1.42 2006/08/03 03:34:42 deraadt Exp $ */
+/* $OpenBSD: dh.c,v 1.43 2006/11/06 21:25:28 markus Exp $ */
/*
* Copyright (c) 2000 Niels Provos. All rights reserved.
*
if ((dh = DH_new()) == NULL)
fatal("dh_new_group_asc: DH_new");
- if (BN_hex2bn(&dh->p, modulus) == 0)
+ if (BN_hex2bn(&dh->p, modulus) == NULL)
fatal("BN_hex2bn p");
- if (BN_hex2bn(&dh->g, gen) == 0)
+ if (BN_hex2bn(&dh->g, gen) == NULL)
fatal("BN_hex2bn g");
return (dh);
-/* $OpenBSD: kexdhc.c,v 1.10 2006/10/31 16:33:12 markus Exp $ */
+/* $OpenBSD: kexdhc.c,v 1.11 2006/11/06 21:25:28 markus Exp $ */
/*
* Copyright (c) 2001 Markus Friedl. All rights reserved.
*
#endif
if ((shared_secret = BN_new()) == NULL)
fatal("kexdh_client: BN_new failed");
- BN_bin2bn(kbuf, kout, shared_secret);
+ if (BN_bin2bn(kbuf, kout, shared_secret) == NULL)
+ fatal("kexdh_client: BN_bin2bn failed");
memset(kbuf, 0, klen);
xfree(kbuf);
-/* $OpenBSD: kexdhs.c,v 1.8 2006/10/31 16:33:12 markus Exp $ */
+/* $OpenBSD: kexdhs.c,v 1.9 2006/11/06 21:25:28 markus Exp $ */
/*
* Copyright (c) 2001 Markus Friedl. All rights reserved.
*
#endif
if ((shared_secret = BN_new()) == NULL)
fatal("kexdh_server: BN_new failed");
- BN_bin2bn(kbuf, kout, shared_secret);
+ if (BN_bin2bn(kbuf, kout, shared_secret) == NULL)
+ fatal("kexdh_server: BN_bin2bn failed");
memset(kbuf, 0, klen);
xfree(kbuf);
-/* $OpenBSD: kexgexc.c,v 1.10 2006/10/31 16:33:12 markus Exp $ */
+/* $OpenBSD: kexgexc.c,v 1.11 2006/11/06 21:25:28 markus Exp $ */
/*
* Copyright (c) 2000 Niels Provos. All rights reserved.
* Copyright (c) 2001 Markus Friedl. All rights reserved.
#endif
if ((shared_secret = BN_new()) == NULL)
fatal("kexgex_client: BN_new failed");
- BN_bin2bn(kbuf, kout, shared_secret);
+ if (BN_bin2bn(kbuf, kout, shared_secret) == NULL)
+ fatal("kexgex_client: BN_bin2bn failed");
memset(kbuf, 0, klen);
xfree(kbuf);
-/* $OpenBSD: kexgexs.c,v 1.9 2006/10/31 16:33:12 markus Exp $ */
+/* $OpenBSD: kexgexs.c,v 1.10 2006/11/06 21:25:28 markus Exp $ */
/*
* Copyright (c) 2000 Niels Provos. All rights reserved.
* Copyright (c) 2001 Markus Friedl. All rights reserved.
#endif
if ((shared_secret = BN_new()) == NULL)
fatal("kexgex_server: BN_new failed");
- BN_bin2bn(kbuf, kout, shared_secret);
+ if (BN_bin2bn(kbuf, kout, shared_secret) == NULL)
+ fatal("kexgex_server: BN_bin2bn failed");
memset(kbuf, 0, klen);
xfree(kbuf);
-/* $OpenBSD: key.c,v 1.67 2006/08/03 03:34:42 deraadt Exp $ */
+/* $OpenBSD: key.c,v 1.68 2006/11/06 21:25:28 markus Exp $ */
/*
* read_bignum():
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
switch (k->type) {
case KEY_DSA:
n = key_new(k->type);
- BN_copy(n->dsa->p, k->dsa->p);
- BN_copy(n->dsa->q, k->dsa->q);
- BN_copy(n->dsa->g, k->dsa->g);
- BN_copy(n->dsa->pub_key, k->dsa->pub_key);
+ if ((BN_copy(n->dsa->p, k->dsa->p) == NULL) ||
+ (BN_copy(n->dsa->q, k->dsa->q) == NULL) ||
+ (BN_copy(n->dsa->g, k->dsa->g) == NULL) ||
+ (BN_copy(n->dsa->pub_key, k->dsa->pub_key) == NULL))
+ fatal("key_from_private: BN_copy failed");
break;
case KEY_RSA:
case KEY_RSA1:
n = key_new(k->type);
- BN_copy(n->rsa->n, k->rsa->n);
- BN_copy(n->rsa->e, k->rsa->e);
+ if ((BN_copy(n->rsa->n, k->rsa->n) == NULL) ||
+ (BN_copy(n->rsa->e, k->rsa->e) == NULL))
+ fatal("key_from_private: BN_copy failed");
break;
default:
fatal("key_from_private: unknown type %d", k->type);
-/* $OpenBSD: moduli.c,v 1.18 2006/08/03 03:34:42 deraadt Exp $ */
+/* $OpenBSD: moduli.c,v 1.19 2006/11/06 21:25:28 markus Exp $ */
/*
* Copyright 1994 Phil Karn <karn@qualcomm.com>
* Copyright 1996-1998, 2003 William Allen Simpson <wsimpson@greendragon.com>
/* validation check: count the number of primes tried */
largetries = 0;
- q = BN_new();
+ if ((q = BN_new()) == NULL)
+ fatal("BN_new failed");
/*
* Generate random starting point for subprime search, or use
* specified parameter.
*/
- largebase = BN_new();
- if (start == NULL)
- BN_rand(largebase, power, 1, 1);
- else
- BN_copy(largebase, start);
+ if ((largebase = BN_new()) == NULL)
+ fatal("BN_new failed");
+ if (start == NULL) {
+ if (BN_rand(largebase, power, 1, 1) == 0)
+ fatal("BN_rand failed");
+ } else {
+ if (BN_copy(largebase, start) == NULL)
+ fatal("BN_copy: failed");
+ }
/* ensure odd */
- BN_set_bit(largebase, 0);
+ if (BN_set_bit(largebase, 0) == 0)
+ fatal("BN_set_bit: failed");
time(&time_start);
continue; /* Definitely composite, skip */
debug2("test q = largebase+%u", 2 * j);
- BN_set_word(q, 2 * j);
- BN_add(q, q, largebase);
+ if (BN_set_word(q, 2 * j) == 0)
+ fatal("BN_set_word failed");
+ if (BN_add(q, q, largebase) == 0)
+ fatal("BN_add failed");
if (qfileout(out, QTYPE_SOPHIE_GERMAIN, QTEST_SIEVE,
largetries, (power - 1) /* MSB */, (0), q) == -1) {
ret = -1;
time(&time_start);
- p = BN_new();
- q = BN_new();
- ctx = BN_CTX_new();
+ if ((p = BN_new()) == NULL)
+ fatal("BN_new failed");
+ if ((q = BN_new()) == NULL)
+ fatal("BN_new failed");
+ if ((ctx = BN_CTX_new()) == NULL)
+ fatal("BN_CTX_new failed");
debug2("%.24s Final %u Miller-Rabin trials (%x generator)",
ctime(&time_start), trials, generator_wanted);
case QTYPE_SOPHIE_GERMAIN:
debug2("%10u: (%u) Sophie-Germain", count_in, in_type);
a = q;
- BN_hex2bn(&a, cp);
+ if (BN_hex2bn(&a, cp) == 0)
+ fatal("BN_hex2bn failed");
/* p = 2*q + 1 */
- BN_lshift(p, q, 1);
- BN_add_word(p, 1);
+ if (BN_lshift(p, q, 1) == 0)
+ fatal("BN_lshift failed");
+ if (BN_add_word(p, 1) == 0)
+ fatal("BN_add_word failed");
in_size += 1;
generator_known = 0;
break;
case QTYPE_UNKNOWN:
debug2("%10u: (%u)", count_in, in_type);
a = p;
- BN_hex2bn(&a, cp);
+ if (BN_hex2bn(&a, cp) == 0)
+ fatal("BN_hex2bn failed");
/* q = (p-1) / 2 */
- BN_rshift(q, p, 1);
+ if (BN_rshift(q, p, 1) == 0)
+ fatal("BN_rshift failed");
break;
default:
debug2("Unknown prime type");
-/* $OpenBSD: rsa.c,v 1.28 2006/08/03 03:34:42 deraadt Exp $ */
+/* $OpenBSD: rsa.c,v 1.29 2006/11/06 21:25:28 markus Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
RSA_PKCS1_PADDING)) <= 0)
fatal("rsa_public_encrypt() failed");
- BN_bin2bn(outbuf, len, out);
+ if (BN_bin2bn(outbuf, len, out) == NULL)
+ fatal("rsa_public_encrypt: BN_bin2bn failed");
memset(outbuf, 0, olen);
memset(inbuf, 0, ilen);
RSA_PKCS1_PADDING)) <= 0) {
error("rsa_private_decrypt() failed");
} else {
- BN_bin2bn(outbuf, len, out);
+ if (BN_bin2bn(outbuf, len, out) == NULL)
+ fatal("rsa_private_decrypt: BN_bin2bn failed");
}
memset(outbuf, 0, olen);
memset(inbuf, 0, ilen);
if ((ctx = BN_CTX_new()) == NULL)
fatal("rsa_generate_additional_parameters: BN_CTX_new failed");
- BN_sub(aux, rsa->q, BN_value_one());
- BN_mod(rsa->dmq1, rsa->d, aux, ctx);
-
- BN_sub(aux, rsa->p, BN_value_one());
- BN_mod(rsa->dmp1, rsa->d, aux, ctx);
+ if ((BN_sub(aux, rsa->q, BN_value_one()) == 0) ||
+ (BN_mod(rsa->dmq1, rsa->d, aux, ctx) == 0) ||
+ (BN_sub(aux, rsa->p, BN_value_one()) == 0) ||
+ (BN_mod(rsa->dmp1, rsa->d, aux, ctx) == 0))
+ fatal("rsa_generate_additional_parameters: BN_sub/mod failed");
BN_clear_free(aux);
BN_CTX_free(ctx);
-/* $OpenBSD: scard.c,v 1.35 2006/08/03 03:34:42 deraadt Exp $ */
+/* $OpenBSD: scard.c,v 1.36 2006/11/06 21:25:28 markus Exp $ */
/*
* Copyright (c) 2001 Markus Friedl. All rights reserved.
*
keys = xcalloc((nkeys+1), sizeof(Key *));
n = key_new(KEY_RSA1);
- BN_copy(n->rsa->n, k->rsa->n);
- BN_copy(n->rsa->e, k->rsa->e);
+ if ((BN_copy(n->rsa->n, k->rsa->n) == NULL) ||
+ (BN_copy(n->rsa->e, k->rsa->e) == NULL))
+ fatal("sc_get_keys: BN_copy failed");
RSA_set_method(n->rsa, sc_get_rsa());
n->flags |= KEY_FLAG_EXT;
keys[0] = n;
n = key_new(KEY_RSA);
- BN_copy(n->rsa->n, k->rsa->n);
- BN_copy(n->rsa->e, k->rsa->e);
+ if ((BN_copy(n->rsa->n, k->rsa->n) == NULL) ||
+ (BN_copy(n->rsa->e, k->rsa->e) == NULL))
+ fatal("sc_get_keys: BN_copy failed");
RSA_set_method(n->rsa, sc_get_rsa());
n->flags |= KEY_FLAG_EXT;
keys[1] = n;
-/* $OpenBSD: ssh-dss.c,v 1.23 2006/08/03 03:34:42 deraadt Exp $ */
+/* $OpenBSD: ssh-dss.c,v 1.24 2006/11/06 21:25:28 markus Exp $ */
/*
* Copyright (c) 2000 Markus Friedl. All rights reserved.
*
fatal("ssh_dss_verify: BN_new failed");
if ((sig->s = BN_new()) == NULL)
fatal("ssh_dss_verify: BN_new failed");
- BN_bin2bn(sigblob, INTBLOB_LEN, sig->r);
- BN_bin2bn(sigblob+ INTBLOB_LEN, INTBLOB_LEN, sig->s);
+ if ((BN_bin2bn(sigblob, INTBLOB_LEN, sig->r) == NULL) ||
+ (BN_bin2bn(sigblob+ INTBLOB_LEN, INTBLOB_LEN, sig->s) == NULL))
+ fatal("ssh_dss_verify: BN_bin2bn failed");
/* clean up */
memset(sigblob, 0, len);
-/* $OpenBSD: ssh-keygen.c,v 1.154 2006/08/03 03:34:42 deraadt Exp $ */
+/* $OpenBSD: ssh-keygen.c,v 1.155 2006/11/06 21:25:28 markus Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1994 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
if (buffer_len(b) < bytes)
fatal("buffer_get_bignum_bits: input buffer too small: "
"need %d have %d", bytes, buffer_len(b));
- BN_bin2bn(buffer_ptr(b), bytes, value);
+ if (BN_bin2bn(buffer_ptr(b), bytes, value) == NULL)
+ fatal("buffer_get_bignum_bits: BN_bin2bn failed");
buffer_consume(b, bytes);
}
-/* $OpenBSD: sshconnect1.c,v 1.69 2006/08/03 03:34:42 deraadt Exp $ */
+/* $OpenBSD: sshconnect1.c,v 1.70 2006/11/06 21:25:28 markus Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
* the first 16 bytes of the session id.
*/
if ((key = BN_new()) == NULL)
- fatal("respond_to_rsa_challenge: BN_new failed");
- BN_set_word(key, 0);
+ fatal("ssh_kex: BN_new failed");
+ if (BN_set_word(key, 0) == 0)
+ fatal("ssh_kex: BN_set_word failed");
for (i = 0; i < SSH_SESSION_KEY_LENGTH; i++) {
- BN_lshift(key, key, 8);
- if (i < 16)
- BN_add_word(key, session_key[i] ^ session_id[i]);
- else
- BN_add_word(key, session_key[i]);
+ if (BN_lshift(key, key, 8) == 0)
+ fatal("ssh_kex: BN_lshift failed");
+ if (i < 16) {
+ if (BN_add_word(key, session_key[i] ^ session_id[i])
+ == 0)
+ fatal("ssh_kex: BN_add_word failed");
+ } else {
+ if (BN_add_word(key, session_key[i]) == 0)
+ fatal("ssh_kex: BN_add_word failed");
+ }
}
/*
-/* $OpenBSD: sshd.c,v 1.347 2006/08/18 09:15:20 markus Exp $ */
+/* $OpenBSD: sshd.c,v 1.348 2006/11/06 21:25:28 markus Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
* key is in the highest bits.
*/
if (!rsafail) {
- BN_mask_bits(session_key_int, sizeof(session_key) * 8);
+ (void) BN_mask_bits(session_key_int, sizeof(session_key) * 8);
len = BN_num_bytes(session_key_int);
if (len < 0 || (u_int)len > sizeof(session_key)) {
- error("do_connection: bad session key len from %s: "
+ error("do_ssh1_kex: bad session key len from %s: "
"session_key_int %d > sizeof(session_key) %lu",
get_remote_ipaddr(), len, (u_long)sizeof(session_key));
rsafail++;