summaryrefslogtreecommitdiff
path: root/usr.bin/ssh/sshconnect1.c
diff options
context:
space:
mode:
authorMarkus Friedl <markus@cvs.openbsd.org>2001-01-08 21:55:42 +0000
committerMarkus Friedl <markus@cvs.openbsd.org>2001-01-08 21:55:42 +0000
commit07b40fb01e3ecc52e904872eb91715aead1c9294 (patch)
treed54129411edb8d888942ef6fc9da704050245486 /usr.bin/ssh/sshconnect1.c
parentaaea5effe9942635ace793082fa8c1c2568ee47b (diff)
more cleanups and fixes from stevesk@pobox.com:
1) try_agent_authentication() for loop will overwrite key just allocated with key_new(); don't alloc 2) call ssh_close_authentication_connection() before exit try_agent_authentication() 3) free mem on bad passphrase in try_rsa_authentication()
Diffstat (limited to 'usr.bin/ssh/sshconnect1.c')
-rw-r--r--usr.bin/ssh/sshconnect1.c7
1 files changed, 5 insertions, 2 deletions
diff --git a/usr.bin/ssh/sshconnect1.c b/usr.bin/ssh/sshconnect1.c
index d6230529f2a..09d0210a9db 100644
--- a/usr.bin/ssh/sshconnect1.c
+++ b/usr.bin/ssh/sshconnect1.c
@@ -13,7 +13,7 @@
*/
#include "includes.h"
-RCSID("$OpenBSD: sshconnect1.c,v 1.13 2000/12/19 23:17:58 markus Exp $");
+RCSID("$OpenBSD: sshconnect1.c,v 1.14 2001/01/08 21:55:41 markus Exp $");
#include <openssl/bn.h>
#include <openssl/dsa.h>
@@ -62,7 +62,6 @@ try_agent_authentication()
return 0;
challenge = BN_new();
- key = key_new(KEY_RSA1);
/* Loop through identities served by the agent. */
for (key = ssh_get_first_identity(auth, &comment, 1);
@@ -125,6 +124,7 @@ try_agent_authentication()
/* The server returns success if it accepted the authentication. */
if (type == SSH_SMSG_SUCCESS) {
+ ssh_close_authentication_connection(auth);
BN_clear_free(challenge);
debug("RSA authentication accepted by server.");
return 1;
@@ -134,6 +134,7 @@ try_agent_authentication()
packet_disconnect("Protocol error waiting RSA auth response: %d",
type);
}
+ ssh_close_authentication_connection(auth);
BN_clear_free(challenge);
debug("RSA authentication using agent refused.");
return 0;
@@ -270,6 +271,8 @@ try_rsa_authentication(const char *authfile)
/* Expect the server to reject it... */
packet_read_expect(&plen, SSH_SMSG_FAILURE);
xfree(comment);
+ key_free(private);
+ BN_clear_free(challenge);
return 0;
}
/* Destroy the passphrase. */