[dh.c kexdh.c kexgex.c]
     always use BN_clear_free instead of BN_free
This commit is contained in:
Damien Miller 2002-01-22 23:10:33 +11:00
parent 040b64f60a
commit 9ef95ddcaf
4 changed files with 18 additions and 15 deletions

View File

@ -45,6 +45,9 @@
- markus@cvs.openbsd.org 2001/12/27 18:26:13
[authfile.c]
missing include
- markus@cvs.openbsd.org 2001/12/27 19:37:23
[dh.c kexdh.c kexgex.c]
always use BN_clear_free instead of BN_free
20020121
- (djm) Rework ssh-rand-helper:
@ -7192,4 +7195,4 @@
- Wrote replacements for strlcpy and mkdtemp
- Released 1.0pre1
$Id: ChangeLog,v 1.1735 2002/01/22 12:10:04 djm Exp $
$Id: ChangeLog,v 1.1736 2002/01/22 12:10:33 djm Exp $

16
dh.c
View File

@ -23,7 +23,7 @@
*/
#include "includes.h"
RCSID("$OpenBSD: dh.c,v 1.18 2001/12/27 18:22:16 markus Exp $");
RCSID("$OpenBSD: dh.c,v 1.19 2001/12/27 19:37:22 markus Exp $");
#include "xmalloc.h"
@ -94,8 +94,8 @@ parse_prime(int linenum, char *line, struct dhgroup *dhg)
return (1);
failclean:
BN_free(dhg->g);
BN_free(dhg->p);
BN_clear_free(dhg->g);
BN_clear_free(dhg->p);
fail:
error("Bad prime description in line %d", linenum);
return (0);
@ -122,8 +122,8 @@ choose_dh(int min, int wantbits, int max)
linenum++;
if (!parse_prime(linenum, line, &dhg))
continue;
BN_free(dhg.g);
BN_free(dhg.p);
BN_clear_free(dhg.g);
BN_clear_free(dhg.p);
if (dhg.size > max || dhg.size < min)
continue;
@ -152,8 +152,8 @@ choose_dh(int min, int wantbits, int max)
if ((dhg.size > max || dhg.size < min) ||
dhg.size != best ||
linenum++ != which) {
BN_free(dhg.g);
BN_free(dhg.p);
BN_clear_free(dhg.g);
BN_clear_free(dhg.p);
continue;
}
break;
@ -203,7 +203,7 @@ dh_gen_key(DH *dh, int need)
BN_num_bits(dh->p), 2*need);
do {
if (dh->priv_key != NULL)
BN_free(dh->priv_key);
BN_clear_free(dh->priv_key);
if ((dh->priv_key = BN_new()) == NULL)
fatal("dh_gen_key: BN_new failed");
/* generate a 2*need bits random private exponent */

View File

@ -23,7 +23,7 @@
*/
#include "includes.h"
RCSID("$OpenBSD: kexdh.c,v 1.8 2001/12/27 18:22:16 markus Exp $");
RCSID("$OpenBSD: kexdh.c,v 1.9 2001/12/27 19:37:22 markus Exp $");
#include <openssl/crypto.h>
#include <openssl/bn.h>
@ -171,7 +171,7 @@ kexdh_client(Kex *kex)
shared_secret
);
xfree(server_host_key_blob);
BN_free(dh_server_pub);
BN_clear_free(dh_server_pub);
DH_free(dh);
if (key_verify(server_host_key, signature, slen, hash, 20) != 1)
@ -262,7 +262,7 @@ kexdh_server(Kex *kex)
dh->pub_key,
shared_secret
);
BN_free(dh_client_pub);
BN_clear_free(dh_client_pub);
/* save session id := H */
/* XXX hashlen depends on KEX */

View File

@ -24,7 +24,7 @@
*/
#include "includes.h"
RCSID("$OpenBSD: kexgex.c,v 1.11 2001/12/27 18:22:16 markus Exp $");
RCSID("$OpenBSD: kexgex.c,v 1.12 2001/12/27 19:37:23 markus Exp $");
#include <openssl/bn.h>
@ -232,7 +232,7 @@ kexgex_client(Kex *kex)
/* have keys, free DH */
DH_free(dh);
xfree(server_host_key_blob);
BN_free(dh_server_pub);
BN_clear_free(dh_server_pub);
if (key_verify(server_host_key, signature, slen, hash, 20) != 1)
fatal("key_verify failed for server_host_key");
@ -365,7 +365,7 @@ kexgex_server(Kex *kex)
dh->pub_key,
shared_secret
);
BN_free(dh_client_pub);
BN_clear_free(dh_client_pub);
/* save session id := H */
/* XXX hashlen depends on KEX */