diff options
author | Aris Adamantiadis <aris@0xbadc0de.be> | 2005-08-25 13:44:26 +0000 |
---|---|---|
committer | Aris Adamantiadis <aris@0xbadc0de.be> | 2005-08-25 13:44:26 +0000 |
commit | 35221f967ef5e9801c2496a7f10ced1408f9cd20 (patch) | |
tree | fea84b96f4de3b8fd67df8bf557efa89c42be050 /libssh | |
parent | 6c0503f6c68ba92638516257c9991bcfd660e41e (diff) | |
download | libssh-35221f967ef5e9801c2496a7f10ced1408f9cd20.tar.gz libssh-35221f967ef5e9801c2496a7f10ced1408f9cd20.tar.xz libssh-35221f967ef5e9801c2496a7f10ced1408f9cd20.zip |
fixed server segfaults on exit (double frees)
sftp_server_init()
git-svn-id: svn+ssh://svn.berlios.de/svnroot/repos/libssh/trunk@15 7dcaeef0-15fb-0310-b436-a5af3365683c
Diffstat (limited to 'libssh')
-rw-r--r-- | libssh/Makefile.in | 2 | ||||
-rw-r--r-- | libssh/messages.c | 1 | ||||
-rw-r--r-- | libssh/server.c | 21 | ||||
-rw-r--r-- | libssh/sftp.c | 31 |
4 files changed, 45 insertions, 10 deletions
diff --git a/libssh/Makefile.in b/libssh/Makefile.in index 21591a6a..ecd25a92 100644 --- a/libssh/Makefile.in +++ b/libssh/Makefile.in @@ -2,7 +2,7 @@ OBJECTS= client.o packet.o dh.o crypt.o connect.o error.o buffer.o \ string.o kex.o channels.o options.o keys.o auth.o base64.o \ keyfiles.o misc.o gzip.o wrapper.o sftp.o server.o crc32.o \ - session.o messages.o channels1.o auth1.o + session.o messages.o channels1.o auth1.o sftpserver.o SHELL = /bin/sh VPATH = @srcdir@ diff --git a/libssh/messages.c b/libssh/messages.c index 66653d04..46dec52d 100644 --- a/libssh/messages.c +++ b/libssh/messages.c @@ -186,6 +186,7 @@ CHANNEL *ssh_message_channel_request_open_reply_accept(SSH_MESSAGE *msg){ chan->remote_channel=msg->channel_request_open.sender; chan->remote_maxpacket=msg->channel_request_open.packet_size; chan->remote_window=msg->channel_request_open.window; + chan->open=1; packet_clear_out(msg->session); buffer_add_u8(msg->session->out_buffer,SSH2_MSG_CHANNEL_OPEN_CONFIRMATION); buffer_add_u32(msg->session->out_buffer,htonl(chan->remote_channel)); diff --git a/libssh/server.c b/libssh/server.c index fb678755..a2d9d48f 100644 --- a/libssh/server.c +++ b/libssh/server.c @@ -175,16 +175,11 @@ int server_set_kex(SSH_SESSION * session) { } server->methods = malloc(10 * sizeof(char **)); for (i = 0; i < 10; i++) { - if (!(wanted = options->wanted_methods[i])) - wanted = supported_methods[i]; - server->methods[i] = wanted; + if (!(wanted = options->wanted_methods[i])) + wanted = supported_methods[i]; + server->methods[i] = strdup(wanted); printf("server->methods[%d]=%s\n",i,wanted); } - if (!server->methods[i]) { - ssh_set_error(session, SSH_FATAL, - "kex error : did not find algo"); - return -1; - } return 0; } @@ -222,7 +217,15 @@ static int dh_handshake_server(SSH_SESSION *session){ make_sessionid(session); sign=ssh_sign_session_id(session,prv); buffer_free(buf); - private_key_free(prv); + /* free private keys as they should not be readable past this point */ + if(session->rsa_key){ + private_key_free(session->rsa_key); + session->rsa_key=NULL; + } + if(session->dsa_key){ + private_key_free(session->dsa_key); + session->dsa_key=NULL; + } buffer_add_u8(session->out_buffer,SSH2_MSG_KEXDH_REPLY); buffer_add_ssh_string(session->out_buffer,pubkey); buffer_add_ssh_string(session->out_buffer,f); diff --git a/libssh/sftp.c b/libssh/sftp.c index 8e293e19..a78a4b08 100644 --- a/libssh/sftp.c +++ b/libssh/sftp.c @@ -42,6 +42,8 @@ MA 02111-1307, USA. */ static void sftp_packet_free(SFTP_PACKET *packet); void sftp_enqueue(SFTP_SESSION *session, SFTP_MESSAGE *msg); static void sftp_message_free(SFTP_MESSAGE *msg); +SFTP_PACKET *sftp_packet_read(SFTP_SESSION *sftp); +int sftp_packet_write(SFTP_SESSION *sftp,u8 type, BUFFER *payload); SFTP_SESSION *sftp_new(SSH_SESSION *session){ SFTP_SESSION *sftp=malloc(sizeof(SFTP_SESSION)); @@ -68,6 +70,35 @@ SFTP_SESSION *sftp_server_new(SSH_SESSION *session, CHANNEL *chan){ sftp->channel=chan; return sftp; } + +int sftp_server_init(SFTP_SESSION *sftp){ + SFTP_PACKET *packet=sftp_packet_read(sftp); + u32 version; + BUFFER *reply; + if(!packet) + return -1; + if(packet->type != SSH_FXP_INIT){ + ssh_set_error(sftp->session,SSH_FATAL,"Packet read of type %d instead of SSH_FXP_INIT", + packet->type); + sftp_packet_free(packet); + return -1; + } + ssh_say(2,"received SSH_FXP_INIT\n"); + buffer_get_u32(packet->payload,&version); + version=ntohl(version); + ssh_say(2,"client version %d\n"); + sftp->client_version=version; + sftp_packet_free(packet); + reply=buffer_new(); + buffer_add_u32(reply,ntohl(LIBSFTP_VERSION)); + if(sftp_packet_write(sftp,SSH_FXP_VERSION,reply)==-1){ + buffer_free(reply); + return -1; + } + buffer_free(reply); + ssh_say(2,"server version sent\n"); + return 0; +} #endif void sftp_free(SFTP_SESSION *sftp){ |