diff options
author | Markus Friedl <markus@cvs.openbsd.org> | 2001-01-08 21:55:42 +0000 |
---|---|---|
committer | Markus Friedl <markus@cvs.openbsd.org> | 2001-01-08 21:55:42 +0000 |
commit | 07b40fb01e3ecc52e904872eb91715aead1c9294 (patch) | |
tree | d54129411edb8d888942ef6fc9da704050245486 /usr.bin/ssh/sshconnect1.c | |
parent | aaea5effe9942635ace793082fa8c1c2568ee47b (diff) |
more cleanups and fixes from stevesk@pobox.com:
1) try_agent_authentication() for loop will overwrite key just
allocated with key_new(); don't alloc
2) call ssh_close_authentication_connection() before exit
try_agent_authentication()
3) free mem on bad passphrase in try_rsa_authentication()
Diffstat (limited to 'usr.bin/ssh/sshconnect1.c')
-rw-r--r-- | usr.bin/ssh/sshconnect1.c | 7 |
1 files changed, 5 insertions, 2 deletions
diff --git a/usr.bin/ssh/sshconnect1.c b/usr.bin/ssh/sshconnect1.c index d6230529f2a..09d0210a9db 100644 --- a/usr.bin/ssh/sshconnect1.c +++ b/usr.bin/ssh/sshconnect1.c @@ -13,7 +13,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: sshconnect1.c,v 1.13 2000/12/19 23:17:58 markus Exp $"); +RCSID("$OpenBSD: sshconnect1.c,v 1.14 2001/01/08 21:55:41 markus Exp $"); #include <openssl/bn.h> #include <openssl/dsa.h> @@ -62,7 +62,6 @@ try_agent_authentication() return 0; challenge = BN_new(); - key = key_new(KEY_RSA1); /* Loop through identities served by the agent. */ for (key = ssh_get_first_identity(auth, &comment, 1); @@ -125,6 +124,7 @@ try_agent_authentication() /* The server returns success if it accepted the authentication. */ if (type == SSH_SMSG_SUCCESS) { + ssh_close_authentication_connection(auth); BN_clear_free(challenge); debug("RSA authentication accepted by server."); return 1; @@ -134,6 +134,7 @@ try_agent_authentication() packet_disconnect("Protocol error waiting RSA auth response: %d", type); } + ssh_close_authentication_connection(auth); BN_clear_free(challenge); debug("RSA authentication using agent refused."); return 0; @@ -270,6 +271,8 @@ try_rsa_authentication(const char *authfile) /* Expect the server to reject it... */ packet_read_expect(&plen, SSH_SMSG_FAILURE); xfree(comment); + key_free(private); + BN_clear_free(challenge); return 0; } /* Destroy the passphrase. */ |