aboutsummaryrefslogtreecommitdiff
path: root/libssh
diff options
context:
space:
mode:
authorAris Adamantiadis <aris@0xbadc0de.be>2005-08-25 13:44:26 +0000
committerAris Adamantiadis <aris@0xbadc0de.be>2005-08-25 13:44:26 +0000
commit35221f967ef5e9801c2496a7f10ced1408f9cd20 (patch)
treefea84b96f4de3b8fd67df8bf557efa89c42be050 /libssh
parent6c0503f6c68ba92638516257c9991bcfd660e41e (diff)
downloadlibssh-35221f967ef5e9801c2496a7f10ced1408f9cd20.tar.gz
libssh-35221f967ef5e9801c2496a7f10ced1408f9cd20.tar.xz
libssh-35221f967ef5e9801c2496a7f10ced1408f9cd20.zip
fixed server segfaults on exit (double frees)
sftp_server_init() git-svn-id: svn+ssh://svn.berlios.de/svnroot/repos/libssh/trunk@15 7dcaeef0-15fb-0310-b436-a5af3365683c
Diffstat (limited to 'libssh')
-rw-r--r--libssh/Makefile.in2
-rw-r--r--libssh/messages.c1
-rw-r--r--libssh/server.c21
-rw-r--r--libssh/sftp.c31
4 files changed, 45 insertions, 10 deletions
diff --git a/libssh/Makefile.in b/libssh/Makefile.in
index 21591a6a..ecd25a92 100644
--- a/libssh/Makefile.in
+++ b/libssh/Makefile.in
@@ -2,7 +2,7 @@
OBJECTS= client.o packet.o dh.o crypt.o connect.o error.o buffer.o \
string.o kex.o channels.o options.o keys.o auth.o base64.o \
keyfiles.o misc.o gzip.o wrapper.o sftp.o server.o crc32.o \
- session.o messages.o channels1.o auth1.o
+ session.o messages.o channels1.o auth1.o sftpserver.o
SHELL = /bin/sh
VPATH = @srcdir@
diff --git a/libssh/messages.c b/libssh/messages.c
index 66653d04..46dec52d 100644
--- a/libssh/messages.c
+++ b/libssh/messages.c
@@ -186,6 +186,7 @@ CHANNEL *ssh_message_channel_request_open_reply_accept(SSH_MESSAGE *msg){
chan->remote_channel=msg->channel_request_open.sender;
chan->remote_maxpacket=msg->channel_request_open.packet_size;
chan->remote_window=msg->channel_request_open.window;
+ chan->open=1;
packet_clear_out(msg->session);
buffer_add_u8(msg->session->out_buffer,SSH2_MSG_CHANNEL_OPEN_CONFIRMATION);
buffer_add_u32(msg->session->out_buffer,htonl(chan->remote_channel));
diff --git a/libssh/server.c b/libssh/server.c
index fb678755..a2d9d48f 100644
--- a/libssh/server.c
+++ b/libssh/server.c
@@ -175,16 +175,11 @@ int server_set_kex(SSH_SESSION * session) {
}
server->methods = malloc(10 * sizeof(char **));
for (i = 0; i < 10; i++) {
- if (!(wanted = options->wanted_methods[i]))
- wanted = supported_methods[i];
- server->methods[i] = wanted;
+ if (!(wanted = options->wanted_methods[i]))
+ wanted = supported_methods[i];
+ server->methods[i] = strdup(wanted);
printf("server->methods[%d]=%s\n",i,wanted);
}
- if (!server->methods[i]) {
- ssh_set_error(session, SSH_FATAL,
- "kex error : did not find algo");
- return -1;
- }
return 0;
}
@@ -222,7 +217,15 @@ static int dh_handshake_server(SSH_SESSION *session){
make_sessionid(session);
sign=ssh_sign_session_id(session,prv);
buffer_free(buf);
- private_key_free(prv);
+ /* free private keys as they should not be readable past this point */
+ if(session->rsa_key){
+ private_key_free(session->rsa_key);
+ session->rsa_key=NULL;
+ }
+ if(session->dsa_key){
+ private_key_free(session->dsa_key);
+ session->dsa_key=NULL;
+ }
buffer_add_u8(session->out_buffer,SSH2_MSG_KEXDH_REPLY);
buffer_add_ssh_string(session->out_buffer,pubkey);
buffer_add_ssh_string(session->out_buffer,f);
diff --git a/libssh/sftp.c b/libssh/sftp.c
index 8e293e19..a78a4b08 100644
--- a/libssh/sftp.c
+++ b/libssh/sftp.c
@@ -42,6 +42,8 @@ MA 02111-1307, USA. */
static void sftp_packet_free(SFTP_PACKET *packet);
void sftp_enqueue(SFTP_SESSION *session, SFTP_MESSAGE *msg);
static void sftp_message_free(SFTP_MESSAGE *msg);
+SFTP_PACKET *sftp_packet_read(SFTP_SESSION *sftp);
+int sftp_packet_write(SFTP_SESSION *sftp,u8 type, BUFFER *payload);
SFTP_SESSION *sftp_new(SSH_SESSION *session){
SFTP_SESSION *sftp=malloc(sizeof(SFTP_SESSION));
@@ -68,6 +70,35 @@ SFTP_SESSION *sftp_server_new(SSH_SESSION *session, CHANNEL *chan){
sftp->channel=chan;
return sftp;
}
+
+int sftp_server_init(SFTP_SESSION *sftp){
+ SFTP_PACKET *packet=sftp_packet_read(sftp);
+ u32 version;
+ BUFFER *reply;
+ if(!packet)
+ return -1;
+ if(packet->type != SSH_FXP_INIT){
+ ssh_set_error(sftp->session,SSH_FATAL,"Packet read of type %d instead of SSH_FXP_INIT",
+ packet->type);
+ sftp_packet_free(packet);
+ return -1;
+ }
+ ssh_say(2,"received SSH_FXP_INIT\n");
+ buffer_get_u32(packet->payload,&version);
+ version=ntohl(version);
+ ssh_say(2,"client version %d\n");
+ sftp->client_version=version;
+ sftp_packet_free(packet);
+ reply=buffer_new();
+ buffer_add_u32(reply,ntohl(LIBSFTP_VERSION));
+ if(sftp_packet_write(sftp,SSH_FXP_VERSION,reply)==-1){
+ buffer_free(reply);
+ return -1;
+ }
+ buffer_free(reply);
+ ssh_say(2,"server version sent\n");
+ return 0;
+}
#endif
void sftp_free(SFTP_SESSION *sftp){