aboutsummaryrefslogtreecommitdiff
path: root/src/curve25519.c
diff options
context:
space:
mode:
authorAndreas Schneider <asn@cryptomilk.org>2013-11-27 20:26:14 +0100
committerAndreas Schneider <asn@cryptomilk.org>2013-11-27 22:53:53 +0100
commitecb01e05a27006205c63b8bf30c2518b6be9796d (patch)
treeb71d970c9a760d5e8d2fcfc049cb3d27112cbd48 /src/curve25519.c
parentb3911d0fa251da88eb9e27f1ba14bbc05b3fffd1 (diff)
downloadlibssh-ecb01e05a27006205c63b8bf30c2518b6be9796d.tar.gz
libssh-ecb01e05a27006205c63b8bf30c2518b6be9796d.tar.xz
libssh-ecb01e05a27006205c63b8bf30c2518b6be9796d.zip
curve25519: Fix memory leaks in ssh_server_curve25519_init().
CID #1125255
Diffstat (limited to 'src/curve25519.c')
-rw-r--r--src/curve25519.c43
1 files changed, 23 insertions, 20 deletions
diff --git a/src/curve25519.c b/src/curve25519.c
index 8864035a..073bf1e9 100644
--- a/src/curve25519.c
+++ b/src/curve25519.c
@@ -195,44 +195,36 @@ int ssh_server_curve25519_init(ssh_session session, ssh_buffer packet){
rc = ssh_get_random(session->next_crypto->curve25519_privkey, CURVE25519_PRIVKEY_SIZE, 1);
if (rc == 0){
- ssh_set_error(session, SSH_FATAL, "PRNG error");
- return SSH_ERROR;
+ ssh_set_error(session, SSH_FATAL, "PRNG error");
+ return SSH_ERROR;
}
crypto_scalarmult_base(session->next_crypto->curve25519_server_pubkey,
session->next_crypto->curve25519_privkey);
- q_s_string = ssh_string_new(CURVE25519_PUBKEY_SIZE);
- if (q_s_string == NULL) {
- return SSH_ERROR;
- }
-
- ssh_string_fill(q_s_string, session->next_crypto->curve25519_server_pubkey,
- CURVE25519_PUBKEY_SIZE);
-
rc = buffer_add_u8(session->out_buffer, SSH2_MSG_KEX_ECDH_REPLY);
if (rc < 0) {
ssh_set_error_oom(session);
- return SSH_ERROR;
+ goto error;
}
/* build k and session_id */
rc = ssh_curve25519_build_k(session);
if (rc < 0) {
ssh_set_error(session, SSH_FATAL, "Cannot build k number");
- return SSH_ERROR;
+ goto error;
}
/* privkey is not allocated */
rc = ssh_get_key_params(session, &privkey);
if (rc == SSH_ERROR) {
- return SSH_ERROR;
+ goto error;
}
rc = make_sessionid(session);
if (rc != SSH_OK) {
ssh_set_error(session, SSH_FATAL, "Could not create a session id");
- return SSH_ERROR;
+ goto error;
}
/* add host's public key */
@@ -240,29 +232,37 @@ int ssh_server_curve25519_init(ssh_session session, ssh_buffer packet){
session->next_crypto->server_pubkey);
if (rc < 0) {
ssh_set_error_oom(session);
- return SSH_ERROR;
+ goto error;
}
/* add ecdh public key */
+ q_s_string = ssh_string_new(CURVE25519_PUBKEY_SIZE);
+ if (q_s_string == NULL) {
+ goto error;
+ }
+
+ ssh_string_fill(q_s_string,
+ session->next_crypto->curve25519_server_pubkey,
+ CURVE25519_PUBKEY_SIZE);
+
rc = buffer_add_ssh_string(session->out_buffer, q_s_string);
ssh_string_free(q_s_string);
-
if (rc < 0) {
ssh_set_error_oom(session);
- return SSH_ERROR;
+ goto error;
}
/* add signature blob */
sig_blob = ssh_srv_pki_do_sign_sessionid(session, privkey);
if (sig_blob == NULL) {
ssh_set_error(session, SSH_FATAL, "Could not sign the session id");
- return SSH_ERROR;
+ goto error;
}
rc = buffer_add_ssh_string(session->out_buffer, sig_blob);
ssh_string_free(sig_blob);
if (rc < 0) {
ssh_set_error_oom(session);
- return SSH_ERROR;
+ goto error;
}
SSH_LOG(SSH_LOG_PROTOCOL, "SSH_MSG_KEX_ECDH_REPLY sent");
@@ -274,7 +274,7 @@ int ssh_server_curve25519_init(ssh_session session, ssh_buffer packet){
/* Send the MSG_NEWKEYS */
rc = buffer_add_u8(session->out_buffer, SSH2_MSG_NEWKEYS);
if (rc < 0) {
- return SSH_ERROR;;
+ goto error;
}
session->dh_handshake_state = DH_STATE_NEWKEYS_SENT;
@@ -282,6 +282,9 @@ int ssh_server_curve25519_init(ssh_session session, ssh_buffer packet){
SSH_LOG(SSH_LOG_PROTOCOL, "SSH_MSG_NEWKEYS sent");
return rc;
+error:
+ buffer_reinit(session->out_buffer);
+ return SSH_ERROR;
}
#endif /* WITH_SERVER */