Jon Simons 5d75090d9f pki_crypto.c: plug ecdsa_sig->[r,s] bignum leaks ...

Per ecdsa(3ssl), ECDSA_SIG_new does allocate its 'r' and 's' bignum fields.
Fix a bug where the initial 'r' and 's' bignums were being overwritten with
newly-allocated bignums, resulting in a memory leak.

BUG: https://red.libssh.org/issues/175

Signed-off-by: Jon Simons <jon@jonsimons.org>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>

(cherry picked from commit 4745d652b5)

2014-12-05 10:46:31 +01:00

..

agent.h

ssh-agent: implement the clientside for agent forwarding auth.

2013-07-13 14:51:00 +02:00

auth.h

auth: implement client-side gssapi

2013-07-13 14:41:20 +02:00

bind.h

include: Fix the LGPL header.

2013-01-23 00:22:46 +01:00

buffer.h

include: Fix the LGPL header.

2013-01-23 00:22:46 +01:00

callbacks.h

doc: Document expected return value of channel data callback

2014-02-02 22:21:07 +01:00

channels.h

include: Fix the LGPL header.

2013-01-23 00:22:46 +01:00

CMakeLists.txt

Install missing legacy header file.

2010-05-17 23:36:39 +02:00

crc32.h

include: Fix the LGPL header.

2013-01-23 00:22:46 +01:00

crypto.h

kex: implement curve25519-sha256@libssh.org

2013-09-27 16:06:09 +02:00

curve25519.h

ecdh: Check if we have ECC support.

2013-11-27 22:53:53 +01:00

dh.h

pki_crypto.c: plug ecdsa_sig->[r,s] bignum leaks

2014-12-05 10:46:31 +01:00

ecdh.h

ecdh: Check if we have ECC support.

2013-11-27 22:53:53 +01:00

gssapi.h

server: Fix compilation without WITH_SERVER

2013-07-14 09:30:59 +02:00

kex.h

src: Migrate to SSH_LOG.

2013-07-14 12:44:26 +02:00

keys.h

include: Fix the LGPL header.

2013-01-23 00:22:46 +01:00

knownhosts.h

knownhosts: detect variations of ecdsa

2014-02-05 08:08:31 +01:00

legacy.h

include: Fix the LGPL header.

2013-01-23 00:22:46 +01:00

libcrypto.h

include: Fix build on platforms without ECC.

2013-10-21 07:16:26 +02:00

libgcrypt.h

wrapper: Fix compilation with gcrypt.

2013-10-19 10:39:44 +02:00

libssh.h

pki crypto: expose new ssh_pki_key_ecdsa_name API

2014-05-07 09:35:06 +02:00

libsshpp.hpp

libssh: libhpp: overload read function to support timeout parameter

2014-03-27 11:15:39 +01:00

messages.h

server: Fix compilation without WITH_SERVER

2013-07-14 09:30:59 +02:00

misc.h

include: Fix the LGPL header.

2013-01-23 00:22:46 +01:00

options.h

include: Fix the LGPL header.

2013-01-23 00:22:46 +01:00

packet.h

include: Fix the LGPL header.

2013-01-23 00:22:46 +01:00

pcap.h

include: Fix the LGPL header.

2013-01-23 00:22:46 +01:00

pki_priv.h

pki: Add missing semi-colon.

2014-05-07 09:36:11 +02:00

pki.h

pki: Add the type as a char pointer.

2013-10-18 23:50:08 +02:00

poll.h

include: Fix the LGPL header.

2013-01-23 00:22:46 +01:00

priv.h

build: remove OSX deprecated warnings for openssl

2014-02-04 15:55:37 +01:00

scp.h

include: Fix the LGPL header.

2013-01-23 00:22:46 +01:00

server.h

doc: Improve and consolidate ssh_bind_options_set docs

2014-03-27 11:15:39 +01:00

session.h

server: allow custom server banners (bug #83)

2014-02-04 16:04:26 +01:00

sftp.h

sftp: more flexibility on channels

2013-07-13 15:01:17 +02:00

socket.h

Add ssh_get_poll_flags()

2013-11-09 12:29:25 +01:00

ssh1.h

first import

2005-07-05 01:21:44 +00:00

ssh2.h

gssapi: added SSH constants

2013-07-13 14:12:06 +02:00

string.h

include: Fix the LGPL header.

2013-01-23 00:22:46 +01:00

threads.h

include: Fix the LGPL header.

2013-01-23 00:22:46 +01:00

wrapper.h

security: fix for vulnerability CVE-2014-0017

2014-03-04 09:55:02 +01:00