diff --git a/src/curve25519_crypto.c b/src/curve25519_crypto.c index b7e18411..3314f70e 100644 --- a/src/curve25519_crypto.c +++ b/src/curve25519_crypto.c @@ -79,6 +79,12 @@ int ssh_curve25519_init(ssh_session session) return SSH_ERROR; } + /* Free any previously allocated privkey */ + if (session->next_crypto->curve25519_privkey != NULL) { + EVP_PKEY_free(session->next_crypto->curve25519_privkey); + session->next_crypto->curve25519_privkey = NULL; + } + session->next_crypto->curve25519_privkey = pkey; pkey = NULL; diff --git a/src/curve25519_gcrypt.c b/src/curve25519_gcrypt.c index 5fae8cde..cd522a1d 100644 --- a/src/curve25519_gcrypt.c +++ b/src/curve25519_gcrypt.c @@ -89,6 +89,12 @@ int ssh_curve25519_init(ssh_session session) memcpy(*pubkey_loc, pubkey_data + 1, CURVE25519_PUBKEY_SIZE); + /* Free any previously allocated privkey */ + if (session->next_crypto->curve25519_privkey != NULL) { + gcry_sexp_release(session->next_crypto->curve25519_privkey); + session->next_crypto->curve25519_privkey = NULL; + } + /* Store the private key */ session->next_crypto->curve25519_privkey = keypair_sexp; keypair_sexp = NULL; diff --git a/src/dh_crypto.c b/src/dh_crypto.c index d1241fd4..a646e856 100644 --- a/src/dh_crypto.c +++ b/src/dh_crypto.c @@ -407,6 +407,11 @@ int ssh_dh_init_common(struct ssh_crypto_struct *crypto) struct dh_ctx *ctx = NULL; int rc; + /* Cleanup any previously allocated dh_ctx */ + if (crypto->dh_ctx != NULL) { + ssh_dh_cleanup(crypto); + } + ctx = calloc(1, sizeof(*ctx)); if (ctx == NULL) { return SSH_ERROR; diff --git a/src/dh_key.c b/src/dh_key.c index 20d24a31..d9743ceb 100644 --- a/src/dh_key.c +++ b/src/dh_key.c @@ -237,6 +237,11 @@ int ssh_dh_init_common(struct ssh_crypto_struct *crypto) struct dh_ctx *ctx = NULL; int rc; + /* Cleanup any previously allocated dh_ctx */ + if (crypto->dh_ctx != NULL) { + ssh_dh_cleanup(crypto); + } + ctx = calloc(1, sizeof(*ctx)); if (ctx == NULL) { return SSH_ERROR; diff --git a/src/ecdh_crypto.c b/src/ecdh_crypto.c index 57c3dc89..a286804f 100644 --- a/src/ecdh_crypto.c +++ b/src/ecdh_crypto.c @@ -191,6 +191,17 @@ static ssh_string ssh_ecdh_generate(ssh_session session) #endif /* OPENSSL_VERSION_NUMBER */ return NULL; } + + /* Free any previously allocated privkey */ + if (session->next_crypto->ecdh_privkey != NULL) { +#if OPENSSL_VERSION_NUMBER < 0x30000000L + EC_KEY_free(session->next_crypto->ecdh_privkey); +#else + EVP_PKEY_free(session->next_crypto->ecdh_privkey); +#endif + session->next_crypto->ecdh_privkey = NULL; + } + session->next_crypto->ecdh_privkey = key; return pubkey_string; } diff --git a/src/ecdh_gcrypt.c b/src/ecdh_gcrypt.c index a52ca84d..8eabfe18 100644 --- a/src/ecdh_gcrypt.c +++ b/src/ecdh_gcrypt.c @@ -101,6 +101,12 @@ int ssh_client_ecdh_init(ssh_session session) goto out; } + /* Free any previously allocated privkey */ + if (session->next_crypto->ecdh_privkey != NULL) { + gcry_sexp_release(session->next_crypto->ecdh_privkey); + session->next_crypto->ecdh_privkey = NULL; + } + session->next_crypto->ecdh_privkey = key; key = NULL; session->next_crypto->ecdh_client_pubkey = client_pubkey; diff --git a/src/ecdh_mbedcrypto.c b/src/ecdh_mbedcrypto.c index 1d9c8f36..d31bfcc7 100644 --- a/src/ecdh_mbedcrypto.c +++ b/src/ecdh_mbedcrypto.c @@ -70,6 +70,12 @@ int ssh_client_ecdh_init(ssh_session session) return SSH_ERROR; } + /* Free any previously allocated privkey */ + if (session->next_crypto->ecdh_privkey != NULL) { + mbedtls_ecp_keypair_free(session->next_crypto->ecdh_privkey); + SAFE_FREE(session->next_crypto->ecdh_privkey); + } + session->next_crypto->ecdh_privkey = malloc(sizeof(mbedtls_ecp_keypair)); if (session->next_crypto->ecdh_privkey == NULL) { return SSH_ERROR;