When using OpenSSL, the bignums generated during group exchange are
duplicated and don't transfer the memory management responsibility to
the back-end. The original generated bignums can be freed.
The leak was detectable by running:
$ valgrind --leak-check=full ./tests/pkd/pkd_hello -i1 \
-t torture_pkd_openssh_rsa_rsa_diffie_hellman_group_exchange_sha256
Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
In preparation for deferring computation on DH secret material to
crypto library specific backends
Signed-off-by: Simo Sorce <simo@redhat.com>
Reviewed-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
Rename and refactor how some variables are held in ssh_crypto_struct.
Refactor allocation of dh exchange public keys.
This is in preparation for switching the code to use openssl native DH
handling and allowed to better reason about the code and the overall API.
Signed-off-by: Simo Sorce <simo@redhat.com>
Reviewed-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
Fix a memory leak whereby the x, y, and k bignum fields within
a session's next_crypto structure were being unintentionally
initialized twice.
The leak can be seen before the fix with valgrind and the pkd
tests with:
valgrind \
--leak-check=full \
--show-leak-kinds=definite \
./pkd_hello -i1 -t torture_pkd_openssh_rsa_rsa_diffie_hellman_group_exchange_sha256
Signed-off-by: Jon Simons <jon@jonsimons.org>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
Ensure to close the moduli file stream in `ssh_retrieve_dhgroup`.
The leak is observable with the pkd tests and valgrind with:
valgrind \
--track-fds=yes \
./pkd_hello -i1 \
-t torture_pkd_openssh_rsa_rsa_diffie_hellman_group_exchange_sha256
Signed-off-by: Jon Simons <jon@jonsimons.org>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
