shinys000114/libssh
1
0
Fork 0
mirror of https://git.libssh.org/projects/libssh.git synced 2026-02-09 18:04:25 +09:00
Code Issues Packages Projects Releases Wiki Activity

Add memory error checks for crypto wrapper functions.

Browse Source 
git-svn-id: svn+ssh://svn.berlios.de/svnroot/repos/libssh/trunk@330 7dcaeef0-15fb-0310-b436-a5af3365683c
This commit is contained in:
Andreas Schneider
2009-04-01 21:24:16 +00:00
parent 1b627b3867
commit 891539af6c
9 changed files with 191 additions and 44 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
libssh/client.c
View File

@@ -213,7 +213,13 @@ static int dh_handshake(SSH_SESSION *session){
crypto_free(session->current_crypto); crypto_free(session->current_crypto);
/* XXX later, include a function to change keys */ /* XXX later, include a function to change keys */
session->current_crypto=session->next_crypto; session->current_crypto=session->next_crypto;
session->next_crypto=crypto_new();
session->next_crypto = crypto_new();
if (session->next_crypto == NULL) {
leave_function();
return SSH_ERROR;
}
session->dh_handshake_state=DH_STATE_FINISHED; session->dh_handshake_state=DH_STATE_FINISHED;
leave_function(); leave_function();
return SSH_OK; return SSH_OK;

9
libssh/crypt.c
View File

@@ -90,7 +90,10 @@ unsigned char * packet_encrypt(SSH_SESSION *session,void *data,u32 len){
#endif #endif
out=malloc(len); out=malloc(len);
if(session->version==2){ if(session->version==2){
ctx=hmac_init(session->current_crypto->encryptMAC,20,HMAC_SHA1); ctx = hmac_init(session->current_crypto->encryptMAC,20,HMAC_SHA1);
if (ctx == NULL) {
return NULL;
}
hmac_update(ctx,(unsigned char *)&seq,sizeof(u32)); hmac_update(ctx,(unsigned char *)&seq,sizeof(u32));
hmac_update(ctx,data,len); hmac_update(ctx,data,len);
hmac_final(ctx,session->current_crypto->hmacbuf,&finallen); hmac_final(ctx,session->current_crypto->hmacbuf,&finallen);
@@ -115,12 +118,16 @@ unsigned char * packet_encrypt(SSH_SESSION *session,void *data,u32 len){
return NULL; return NULL;
} }
/* TODO FIXME think about the return value isn't 0 enough and -1 on error */
int packet_hmac_verify(SSH_SESSION *session,BUFFER *buffer,unsigned char *mac){ int packet_hmac_verify(SSH_SESSION *session,BUFFER *buffer,unsigned char *mac){
HMACCTX ctx; HMACCTX ctx;
unsigned char hmacbuf[EVP_MAX_MD_SIZE]; unsigned char hmacbuf[EVP_MAX_MD_SIZE];
unsigned int len; unsigned int len;
u32 seq=htonl(session->recv_seq); u32 seq=htonl(session->recv_seq);
ctx=hmac_init(session->current_crypto->decryptMAC,20,HMAC_SHA1); ctx=hmac_init(session->current_crypto->decryptMAC,20,HMAC_SHA1);
if (ctx == NULL) {
return -1;
}
hmac_update(ctx,(unsigned char *)&seq,sizeof(u32)); hmac_update(ctx,(unsigned char *)&seq,sizeof(u32));
hmac_update(ctx,buffer_get(buffer),buffer_get_len(buffer)); hmac_update(ctx,buffer_get(buffer),buffer_get_len(buffer));
hmac_final(ctx,hmacbuf,&len); hmac_final(ctx,hmacbuf,&len);

20
libssh/dh.c
View File

@@ -355,6 +355,8 @@ static void sha_add(STRING *str,SHACTX ctx){
#endif #endif
} }
*/ */
/* TODO FIXME add memory checking and a return value */
void make_sessionid(SSH_SESSION *session){ void make_sessionid(SSH_SESSION *session){
SHACTX ctx; SHACTX ctx;
STRING *num,*str; STRING *num,*str;
@@ -362,7 +364,11 @@ void make_sessionid(SSH_SESSION *session){
BUFFER *buf=buffer_new(); BUFFER *buf=buffer_new();
u32 len; u32 len;
enter_function(); enter_function();
ctx=sha1_init();
ctx = sha1_init();
if (ctx == NULL) {
return;
}
str=string_from_char(session->clientbanner); str=string_from_char(session->clientbanner);
buffer_add_ssh_string(buf,str); buffer_add_ssh_string(buf,str);
@@ -450,8 +456,12 @@ void hashbufin_add_cookie(SSH_SESSION *session,unsigned char *cookie){
buffer_add_data(session->in_hashbuf,cookie,16); buffer_add_data(session->in_hashbuf,cookie,16);
} }
/* TODO FIXME add return value for memory checks */
static void generate_one_key(STRING *k,unsigned char session_id[SHA_DIGEST_LEN],unsigned char output[SHA_DIGEST_LEN],char letter){ static void generate_one_key(STRING *k,unsigned char session_id[SHA_DIGEST_LEN],unsigned char output[SHA_DIGEST_LEN],char letter){
SHACTX ctx=sha1_init(); SHACTX ctx=sha1_init();
if (ctx == NULL) {
return;
}
sha1_update(ctx,k,string_len(k)+4); sha1_update(ctx,k,string_len(k)+4);
sha1_update(ctx,session_id,SHA_DIGEST_LEN); sha1_update(ctx,session_id,SHA_DIGEST_LEN);
sha1_update(ctx,&letter,1); sha1_update(ctx,&letter,1);
@@ -459,6 +469,7 @@ static void generate_one_key(STRING *k,unsigned char session_id[SHA_DIGEST_LEN],
sha1_final(output,ctx); sha1_final(output,ctx);
} }
/* TODO FIXME add return value for memory checks */
void generate_session_keys(SSH_SESSION *session){ void generate_session_keys(SSH_SESSION *session){
STRING *k_string; STRING *k_string;
SHACTX ctx; SHACTX ctx;
@@ -484,6 +495,9 @@ void generate_session_keys(SSH_SESSION *session){
/* XXX verify it's ok for server implementation */ /* XXX verify it's ok for server implementation */
if(session->next_crypto->out_cipher->keysize > SHA_DIGEST_LEN*8){ if(session->next_crypto->out_cipher->keysize > SHA_DIGEST_LEN*8){
ctx=sha1_init(); ctx=sha1_init();
if (ctx == NULL) {
return;
}
sha1_update(ctx,k_string,string_len(k_string)+4); sha1_update(ctx,k_string,string_len(k_string)+4);
sha1_update(ctx,session->next_crypto->session_id,SHA_DIGEST_LEN); sha1_update(ctx,session->next_crypto->session_id,SHA_DIGEST_LEN);
sha1_update(ctx,session->next_crypto->encryptkey,SHA_DIGEST_LEN); sha1_update(ctx,session->next_crypto->encryptkey,SHA_DIGEST_LEN);
@@ -533,6 +547,10 @@ int ssh_get_pubkey_hash(SSH_SESSION *session,unsigned char hash[MD5_DIGEST_LEN])
int len=string_len(pubkey); int len=string_len(pubkey);
ctx=md5_init(); ctx=md5_init();
if (ctx == NULL) {
return 0;
}
md5_update(ctx,pubkey->string,len); md5_update(ctx,pubkey->string,len);
md5_final(hash,ctx); md5_final(hash,ctx);
return MD5_DIGEST_LEN; return MD5_DIGEST_LEN;

10
libssh/kex.c
View File

@@ -353,9 +353,17 @@ static STRING *make_rsa1_string(STRING *e, STRING *n){
return ret; return ret;
} }
/* TODO FIXME add return value and error checking in callers */
static void build_session_id1(SSH_SESSION *session, STRING *servern, static void build_session_id1(SSH_SESSION *session, STRING *servern,
STRING *hostn){ STRING *hostn){
MD5CTX md5=md5_init(); MD5CTX md5;
md5 = md5_init();
if (md5 == NULL) {
return;
}
#ifdef DEBUG_CRYPTO #ifdef DEBUG_CRYPTO
ssh_print_hexa("host modulus",hostn->string,string_len(hostn)); ssh_print_hexa("host modulus",hostn->string,string_len(hostn));
ssh_print_hexa("server modulus",servern->string,string_len(servern)); ssh_print_hexa("server modulus",servern->string,string_len(servern));

11
libssh/keyfiles.c
View File

@@ -993,10 +993,14 @@ static int match_hashed_host(SSH_SESSION *session, char *host, char *sourcehash)
if(strncmp(sourcehash,"|1|",3) != 0) if(strncmp(sourcehash,"|1|",3) != 0)
return 0; return 0;
source=strdup(sourcehash+3); source=strdup(sourcehash+3);
if (source == NULL) {
leave_function();
return 0;
}
b64hash=strchr(source,'|'); b64hash=strchr(source,'|');
if(!b64hash){ if(!b64hash){
/* Invalid hash */ /* Invalid hash */
free(source); SAFE_FREE(source);
leave_function(); leave_function();
return 0; return 0;
} }
@@ -1006,6 +1010,11 @@ static int match_hashed_host(SSH_SESSION *session, char *host, char *sourcehash)
hash=base64_to_bin(b64hash); hash=base64_to_bin(b64hash);
free(source); free(source);
mac=hmac_init(buffer_get(salt),buffer_get_len(salt),HMAC_SHA1); mac=hmac_init(buffer_get(salt),buffer_get_len(salt),HMAC_SHA1);
if (mac == NULL) {
SAFE_FREE(source);
leave_function();
return 0;
}
hmac_update(mac,host,strlen(host)); hmac_update(mac,host,strlen(host));
hmac_final(mac,buffer,&size); hmac_final(mac,buffer,&size);
if(size == buffer_get_len(hash) && memcmp(buffer,buffer_get(hash),size)==0) if(size == buffer_get_len(hash) && memcmp(buffer,buffer_get(hash),size)==0)

11
libssh/keys.c
View File

@@ -715,7 +715,11 @@ STRING *ssh_do_sign(SSH_SESSION *session,BUFFER *sigbuf, PRIVATE_KEY *privatekey
return NULL; return NULL;
} }
string_fill(session_str,crypto->session_id,SHA_DIGEST_LEN); string_fill(session_str,crypto->session_id,SHA_DIGEST_LEN);
ctx=sha1_init(); ctx = sha1_init();
if (ctx == NULL) {
SAFE_FREE(session_str);
return NULL;
}
sha1_update(ctx,session_str,string_len(session_str)+4); sha1_update(ctx,session_str,string_len(session_str)+4);
SAFE_FREE(session_str); SAFE_FREE(session_str);
sha1_update(ctx,buffer_get(sigbuf),buffer_get_len(sigbuf)); sha1_update(ctx,buffer_get(sigbuf),buffer_get_len(sigbuf));
@@ -818,7 +822,10 @@ STRING *ssh_sign_session_id(SSH_SESSION *session, PRIVATE_KEY *privatekey){
#ifdef HAVE_LIBGCRYPT #ifdef HAVE_LIBGCRYPT
gcry_sexp_t data_sexp; gcry_sexp_t data_sexp;
#endif #endif
ctx=sha1_init(); ctx = sha1_init();
if (ctx == NULL) {
return NULL;
}
sha1_update(ctx,crypto->session_id,SHA_DIGEST_LEN); sha1_update(ctx,crypto->session_id,SHA_DIGEST_LEN);
sha1_final(hash+1,ctx); sha1_final(hash+1,ctx);
hash[0]=0; hash[0]=0;

5
libssh/server.c
View File

@@ -307,7 +307,10 @@ static int dh_handshake_server(SSH_SESSION *session){
crypto_free(session->current_crypto); crypto_free(session->current_crypto);
/* XXX later, include a function to change keys */ /* XXX later, include a function to change keys */
session->current_crypto=session->next_crypto; session->current_crypto=session->next_crypto;
session->next_crypto=crypto_new(); session->next_crypto = crypto_new();
if (session->next_crypto == NULL) {
return -1;
}
return 0; return 0;
} }
/* do the banner and key exchange */ /* do the banner and key exchange */

3
libssh/session.c
View File

@@ -43,6 +43,9 @@ SSH_SESSION *ssh_new(void) {
SSH_SESSION *session=malloc(sizeof (SSH_SESSION)); SSH_SESSION *session=malloc(sizeof (SSH_SESSION));
memset(session,0,sizeof(SSH_SESSION)); memset(session,0,sizeof(SSH_SESSION));
session->next_crypto=crypto_new(); session->next_crypto=crypto_new();
if (session->next_crypto == NULL) {
goto err;
}
session->maxchannel=FIRST_CHANNEL; session->maxchannel=FIRST_CHANNEL;
session->socket = ssh_socket_new(session); session->socket = ssh_socket_new(session);
if (session->socket == NULL) { if (session->socket == NULL) {

158
libssh/wrapper.c
View File

@@ -38,6 +38,17 @@
#include <stdlib.h> #include <stdlib.h>
#include <stdio.h> #include <stdio.h>
#include <string.h> #include <string.h>
/* TODO FIXME */
static int alloc_key(struct crypto_struct *cipher) {
cipher->key = malloc(cipher->keylen);
if (cipher->key == NULL) {
return -1;
}
return 0;
}
#ifdef HAVE_LIBGCRYPT #ifdef HAVE_LIBGCRYPT
#include <gcrypt.h> #include <gcrypt.h>
@@ -97,17 +108,16 @@ void hmac_final(HMACCTX c,unsigned char *hashmacbuf,unsigned int *len){
gcry_md_close(c); gcry_md_close(c);
} }
static void alloc_key(struct crypto_struct *cipher){
cipher->key=malloc(cipher->keylen);
}
/* the wrapper functions for blowfish */ /* the wrapper functions for blowfish */
static void blowfish_set_key(struct crypto_struct *cipher, void *key, void *IV){ static void blowfish_set_key(struct crypto_struct *cipher, void *key, void *IV){
if(!cipher->key){ if(cipher->key == NULL) {
alloc_key(cipher); /* TODO FIXME */
gcry_cipher_open(&cipher->key[0],GCRY_CIPHER_BLOWFISH,GCRY_CIPHER_MODE_CBC,0); if (alloc_key(cipher) < 0) {
gcry_cipher_setkey(cipher->key[0],key,16); return;
gcry_cipher_setiv(cipher->key[0],IV,8); }
gcry_cipher_open(&cipher->key[0],GCRY_CIPHER_BLOWFISH,GCRY_CIPHER_MODE_CBC,0);
gcry_cipher_setkey(cipher->key[0],key,16);
gcry_cipher_setiv(cipher->key[0],IV,8);
} }
} }
@@ -121,7 +131,10 @@ static void blowfish_decrypt(struct crypto_struct *cipher, void *in, void *out,
static void aes_set_key(struct crypto_struct *cipher, void *key, void *IV){ static void aes_set_key(struct crypto_struct *cipher, void *key, void *IV){
if(!cipher->key){ if(!cipher->key){
alloc_key(cipher); /* TODO FIXME */
if (alloc_key(cipher) < 0) {
return;
}
switch(cipher->keysize){ switch(cipher->keysize){
case 128: case 128:
gcry_cipher_open(&cipher->key[0],GCRY_CIPHER_AES128,GCRY_CIPHER_MODE_CBC,0); gcry_cipher_open(&cipher->key[0],GCRY_CIPHER_AES128,GCRY_CIPHER_MODE_CBC,0);
@@ -148,7 +161,10 @@ static void aes_decrypt(struct crypto_struct *cipher, void *in, void *out,unsign
static void des3_set_key(struct crypto_struct *cipher, void *key, void *IV){ static void des3_set_key(struct crypto_struct *cipher, void *key, void *IV){
if(!cipher->key){ if(!cipher->key){
alloc_key(cipher); /* TODO FIXME */
if (alloc_key(cipher) < 0) {
return;
}
gcry_cipher_open(&cipher->key[0],GCRY_CIPHER_3DES,GCRY_CIPHER_MODE_CBC,0); gcry_cipher_open(&cipher->key[0],GCRY_CIPHER_3DES,GCRY_CIPHER_MODE_CBC,0);
gcry_cipher_setkey(cipher->key[0],key,24); gcry_cipher_setkey(cipher->key[0],key,24);
gcry_cipher_setiv(cipher->key[0],IV,8); gcry_cipher_setiv(cipher->key[0],IV,8);
@@ -167,7 +183,10 @@ static void des3_decrypt(struct crypto_struct *cipher, void *in, void *out,
static void des3_1_set_key(struct crypto_struct *cipher, void *key, void *IV){ static void des3_1_set_key(struct crypto_struct *cipher, void *key, void *IV){
if(!cipher->key){ if(!cipher->key){
alloc_key(cipher); /* TODO FIXME */
if (alloc_key(cipher) < 0) {
return;
}
gcry_cipher_open(&cipher->key[0],GCRY_CIPHER_DES,GCRY_CIPHER_MODE_CBC,0); gcry_cipher_open(&cipher->key[0],GCRY_CIPHER_DES,GCRY_CIPHER_MODE_CBC,0);
gcry_cipher_setkey(cipher->key[0],key,8); gcry_cipher_setkey(cipher->key[0],key,8);
gcry_cipher_setiv(cipher->key[0],IV,8); gcry_cipher_setiv(cipher->key[0],IV,8);
@@ -231,7 +250,10 @@ static struct crypto_struct ssh_ciphertab[]={
#endif #endif
SHACTX sha1_init(){ SHACTX sha1_init(){
SHACTX c=malloc(sizeof(*c)); SHACTX c = malloc(sizeof(*c));
if (c == NULL) {
return NULL;
}
SHA1_Init(c); SHA1_Init(c);
return c; return c;
} }
@@ -247,7 +269,10 @@ void sha1(unsigned char *digest,int len,unsigned char *hash){
} }
MD5CTX md5_init(){ MD5CTX md5_init(){
MD5CTX c=malloc(sizeof(*c)); MD5CTX c = malloc(sizeof(*c));
if (c == NULL) {
return NULL;
}
MD5_Init(c); MD5_Init(c);
return c; return c;
} }
@@ -261,7 +286,11 @@ void md5_final(unsigned char *md,MD5CTX c){
HMACCTX hmac_init(const void *key, int len,int type){ HMACCTX hmac_init(const void *key, int len,int type){
HMACCTX ctx; HMACCTX ctx;
ctx=malloc(sizeof(*ctx));
ctx = malloc(sizeof(*ctx));
if (ctx == NULL) {
return NULL;
}
#ifndef OLD_CRYPTO #ifndef OLD_CRYPTO
HMAC_CTX_init(ctx); // openssl 0.9.7 requires it. HMAC_CTX_init(ctx); // openssl 0.9.7 requires it.
#endif #endif
@@ -291,15 +320,14 @@ void hmac_final(HMACCTX ctx,unsigned char *hashmacbuf,unsigned int *len){
free(ctx); free(ctx);
} }
static void alloc_key(struct crypto_struct *cipher){
cipher->key=malloc(cipher->keylen);
}
#ifdef HAS_BLOWFISH #ifdef HAS_BLOWFISH
/* the wrapper functions for blowfish */ /* the wrapper functions for blowfish */
static void blowfish_set_key(struct crypto_struct *cipher, void *key){ static void blowfish_set_key(struct crypto_struct *cipher, void *key){
if(!cipher->key){ if(!cipher->key){
alloc_key(cipher); /* TODO FIXME */
if (alloc_key(cipher) < 0) {
return;
}
BF_set_key(cipher->key,16,key); BF_set_key(cipher->key,16,key);
} }
} }
@@ -315,13 +343,19 @@ static void blowfish_decrypt(struct crypto_struct *cipher, void *in, void *out,u
#ifdef HAS_AES #ifdef HAS_AES
static void aes_set_encrypt_key(struct crypto_struct *cipher, void *key){ static void aes_set_encrypt_key(struct crypto_struct *cipher, void *key){
if(!cipher->key){ if(!cipher->key){
alloc_key(cipher); /* TODO FIXME */
if (alloc_key(cipher) < 0) {
return;
}
AES_set_encrypt_key(key,cipher->keysize,cipher->key); AES_set_encrypt_key(key,cipher->keysize,cipher->key);
} }
} }
static void aes_set_decrypt_key(struct crypto_struct *cipher, void *key){ static void aes_set_decrypt_key(struct crypto_struct *cipher, void *key){
if(!cipher->key){ if(!cipher->key){
alloc_key(cipher); /* TODO FIXME */
if (alloc_key(cipher) < 0) {
return;
}
AES_set_decrypt_key(key,cipher->keysize,cipher->key); AES_set_decrypt_key(key,cipher->keysize,cipher->key);
} }
} }
@@ -335,7 +369,10 @@ static void aes_decrypt(struct crypto_struct *cipher, void *in, void *out, unsig
#ifdef HAS_DES #ifdef HAS_DES
static void des3_set_key(struct crypto_struct *cipher, void *key){ static void des3_set_key(struct crypto_struct *cipher, void *key){
if(!cipher->key){ if(!cipher->key){
alloc_key(cipher); /* TODO FIXME */
if (alloc_key(cipher) < 0) {
return;
}
DES_set_odd_parity(key); DES_set_odd_parity(key);
DES_set_odd_parity(key+8); DES_set_odd_parity(key+8);
DES_set_odd_parity(key+16); DES_set_odd_parity(key+16);
@@ -413,7 +450,13 @@ static struct crypto_struct ssh_ciphertab[]={
/* it allocates a new cipher structure based on its offset into the global table */ /* it allocates a new cipher structure based on its offset into the global table */
static struct crypto_struct *cipher_new(int offset){ static struct crypto_struct *cipher_new(int offset){
struct crypto_struct *cipher=malloc(sizeof(struct crypto_struct)); struct crypto_struct *cipher;
cipher = malloc(sizeof(struct crypto_struct));
if (cipher == NULL) {
return NULL;
}
/* note the memcpy will copy the pointers : so, you shouldn't free them */ /* note the memcpy will copy the pointers : so, you shouldn't free them */
memcpy(cipher,&ssh_ciphertab[offset],sizeof(*cipher)); memcpy(cipher,&ssh_ciphertab[offset],sizeof(*cipher));
return cipher; return cipher;
@@ -436,10 +479,17 @@ static void cipher_free(struct crypto_struct *cipher){
free(cipher); free(cipher);
} }
CRYPTO *crypto_new(void){ CRYPTO *crypto_new(void) {
CRYPTO *crypto=malloc(sizeof (CRYPTO)); CRYPTO *crypto;
memset(crypto,0,sizeof(*crypto));
return crypto; crypto = malloc(sizeof (CRYPTO));
if (crypto == NULL) {
return NULL;
}
ZERO_STRUCTP(crypto);
return crypto;
} }
void crypto_free(CRYPTO *crypto){ void crypto_free(CRYPTO *crypto){
@@ -477,7 +527,13 @@ static int crypt_set_algorithms2(SSH_SESSION *session){
return SSH_ERROR; return SSH_ERROR;
} }
ssh_log(session,SSH_LOG_PACKET,"Set output algorithm %s",wanted); ssh_log(session,SSH_LOG_PACKET,"Set output algorithm %s",wanted);
session->next_crypto->out_cipher=cipher_new(i);
session->next_crypto->out_cipher = cipher_new(i);
if (session->next_crypto->out_cipher == NULL) {
ssh_set_error(session, SSH_FATAL, "No space left");
return SSH_ERROR;
}
i=0; i=0;
/* in */ /* in */
wanted=session->client_kex.methods[SSH_CRYPT_S_C]; wanted=session->client_kex.methods[SSH_CRYPT_S_C];
@@ -488,7 +544,13 @@ static int crypt_set_algorithms2(SSH_SESSION *session){
return SSH_ERROR; return SSH_ERROR;
} }
ssh_log(session,SSH_LOG_PACKET,"Set input algorithm %s",wanted); ssh_log(session,SSH_LOG_PACKET,"Set input algorithm %s",wanted);
session->next_crypto->in_cipher=cipher_new(i);
session->next_crypto->in_cipher = cipher_new(i);
if (session->next_crypto->in_cipher == NULL) {
ssh_set_error(session, SSH_FATAL, "No space left");
return SSH_ERROR;
}
/* compression */ /* compression */
if(strstr(session->client_kex.methods[SSH_COMP_C_S],"zlib")) if(strstr(session->client_kex.methods[SSH_COMP_C_S],"zlib"))
session->next_crypto->do_compress_out=1; session->next_crypto->do_compress_out=1;
@@ -506,8 +568,19 @@ static int crypt_set_algorithms1(SSH_SESSION *session){
ssh_set_error(session,SSH_FATAL,"cipher 3des-cbc-ssh1 not found !"); ssh_set_error(session,SSH_FATAL,"cipher 3des-cbc-ssh1 not found !");
return -1; return -1;
} }
session->next_crypto->out_cipher=cipher_new(i);
session->next_crypto->in_cipher=cipher_new(i); session->next_crypto->out_cipher = cipher_new(i);
if (session->next_crypto->out_cipher == NULL) {
ssh_set_error(session, SSH_FATAL, "No space left");
return SSH_ERROR;
}
session->next_crypto->in_cipher = cipher_new(i);
if (session->next_crypto->in_cipher == NULL) {
ssh_set_error(session, SSH_FATAL, "No space left");
return SSH_ERROR;
}
return SSH_OK; return SSH_OK;
} }
@@ -545,8 +618,14 @@ int crypt_set_algorithms_server(SSH_SESSION *session){
return SSH_ERROR; return SSH_ERROR;
} }
ssh_log(session,SSH_LOG_PACKET,"Set output algorithm %s",match); ssh_log(session,SSH_LOG_PACKET,"Set output algorithm %s",match);
session->next_crypto->out_cipher=cipher_new(i); SAFE_FREE(match);
free(match);
session->next_crypto->out_cipher = cipher_new(i);
if (session->next_crypto->out_cipher == NULL) {
ssh_set_error(session, SSH_FATAL, "No space left");
leave_function();
return SSH_ERROR;
}
i=0; i=0;
/* in */ /* in */
client=session->client_kex.methods[SSH_CRYPT_C_S]; client=session->client_kex.methods[SSH_CRYPT_C_S];
@@ -567,8 +646,15 @@ int crypt_set_algorithms_server(SSH_SESSION *session){
return SSH_ERROR; return SSH_ERROR;
} }
ssh_log(session,SSH_LOG_PACKET,"Set input algorithm %s",match); ssh_log(session,SSH_LOG_PACKET,"Set input algorithm %s",match);
session->next_crypto->in_cipher=cipher_new(i); SAFE_FREE(match);
free(match);
session->next_crypto->in_cipher = cipher_new(i);
if (session->next_crypto->in_cipher == NULL) {
ssh_set_error(session, SSH_FATAL, "No space left");
leave_function();
return SSH_ERROR;
}
/* compression */ /* compression */
client=session->client_kex.methods[SSH_CRYPT_C_S]; client=session->client_kex.methods[SSH_CRYPT_C_S];
server=session->server_kex.methods[SSH_CRYPT_C_S]; server=session->server_kex.methods[SSH_CRYPT_C_S];