xfree DSA blobs

4 files changed, 41 insertions, 33 deletions

diff --git a/usr.bin/ssh/auth2.c b/usr.bin/ssh/auth2.c
index b896bc2dd48..35060a88810 100644
--- a/usr.bin/ssh/auth2.c
+++ b/usr.bin/ssh/auth2.c
@@ -27,7 +27,7 @@
  * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  */
 #include "includes.h"
-RCSID("$OpenBSD: auth2.c,v 1.1 2000/04/26 21:28:32 markus Exp $");
+RCSID("$OpenBSD: auth2.c,v 1.2 2000/04/27 08:01:25 markus Exp $");
 
 #include <openssl/dsa.h>
 #include <openssl/rsa.h>
@@ -237,38 +237,40 @@ ssh2_auth_pubkey(struct passwd *pw, unsigned char *raw, unsigned int rlen)
 	}
 	pkblob = packet_get_string(&blen);
 	key = dsa_key_from_blob(pkblob, blen);
-	
-	if (have_sig && key != NULL) {
-		sig = packet_get_string(&slen);
-		packet_done();
-		buffer_init(&b);
-		buffer_append(&b, session_id2, session_id2_len);
-		buffer_put_char(&b, SSH2_MSG_USERAUTH_REQUEST);
-		if (slen + 4 > rlen)
-			fatal("bad rlen/slen");
-		buffer_append(&b, raw, rlen - slen - 4);
+	if (key != NULL) {
+		if (have_sig) {
+			sig = packet_get_string(&slen);
+			packet_done();
+			buffer_init(&b);
+			buffer_append(&b, session_id2, session_id2_len);
+			buffer_put_char(&b, SSH2_MSG_USERAUTH_REQUEST);
+			if (slen + 4 > rlen)
+				fatal("bad rlen/slen");
+			buffer_append(&b, raw, rlen - slen - 4);
 #ifdef DEBUG_DSS
-		buffer_dump(&b);
+			buffer_dump(&b);
 #endif
-		/* test for correct signature */
-		if (user_dsa_key_allowed(pw, key) &&
-		    dsa_verify(key, sig, slen, buffer_ptr(&b), buffer_len(&b)) == 1)
-			authenticated = 1;
-		buffer_clear(&b);
-		xfree(sig);
-	} else if (!have_sig && key != NULL) {
-		packet_done();
-		debug("test key...");
-		/* test whether pkalg/pkblob are acceptable */
-		/* XXX fake reply and always send PK_OK ? */
-		if (user_dsa_key_allowed(pw, key)) {
-			packet_start(SSH2_MSG_USERAUTH_PK_OK);
-			packet_put_string(pkalg, alen);
-			packet_put_string(pkblob, blen);
-			packet_send();
-			packet_write_wait();
-			authenticated = -1;
+			/* test for correct signature */
+			if (user_dsa_key_allowed(pw, key) &&
+			    dsa_verify(key, sig, slen, buffer_ptr(&b), buffer_len(&b)) == 1)
+				authenticated = 1;
+			buffer_clear(&b);
+			xfree(sig);
+		} else {
+			packet_done();
+			debug("test key...");
+			/* test whether pkalg/pkblob are acceptable */
+			/* XXX fake reply and always send PK_OK ? */
+			if (user_dsa_key_allowed(pw, key)) {
+				packet_start(SSH2_MSG_USERAUTH_PK_OK);
+				packet_put_string(pkalg, alen);
+				packet_put_string(pkblob, blen);
+				packet_send();
+				packet_write_wait();
+				authenticated = -1;
+			}
 		}
+		key_free(key);
 	}
 	xfree(pkalg);
 	xfree(pkblob);
diff --git a/usr.bin/ssh/ssh-keygen.c b/usr.bin/ssh/ssh-keygen.c
index eae66500250..51ff058d96b 100644
--- a/usr.bin/ssh/ssh-keygen.c
+++ b/usr.bin/ssh/ssh-keygen.c
@@ -7,7 +7,7 @@
  */
 
 #include "includes.h"
-RCSID("$Id: ssh-keygen.c,v 1.20 2000/04/26 21:55:04 deraadt Exp $");
+RCSID("$Id: ssh-keygen.c,v 1.21 2000/04/27 08:01:27 markus Exp $");
 
 #include <openssl/evp.h>
 #include <openssl/pem.h>
@@ -130,6 +130,7 @@ do_convert_to_ssh2(struct passwd *pw)
 	dump_base64(stdout, blob, len);
 	fprintf(stdout, SSH_COM_MAGIC_END "\n");
 	key_free(k);
+	xfree(blob);
 	exit(0);
 }
 
@@ -206,6 +207,7 @@ do_print_public(struct passwd *pw)
 	if (!key_write(k, stdout))
 		fprintf(stderr, "key_write failed");
 	key_free(k);
+	xfree(blob);
 	fprintf(stdout, "\n");
 	exit(0);
 }
diff --git a/usr.bin/ssh/sshconnect2.c b/usr.bin/ssh/sshconnect2.c
index e29eb4906a7..1b64fb9e47e 100644
--- a/usr.bin/ssh/sshconnect2.c
+++ b/usr.bin/ssh/sshconnect2.c
@@ -28,7 +28,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: sshconnect2.c,v 1.2 2000/04/26 21:33:53 markus Exp $");
+RCSID("$OpenBSD: sshconnect2.c,v 1.3 2000/04/27 08:01:27 markus Exp $");
 
 #include <openssl/bn.h>
 #include <openssl/rsa.h>
@@ -231,6 +231,7 @@ ssh_kex2(char *host, struct sockaddr *hostaddr)
 	    dh_server_pub,
 	    shared_secret
 	);
+	xfree(server_host_key_blob);
 	buffer_free(client_kexinit);
 	buffer_free(server_kexinit);
 	xfree(client_kexinit);
@@ -341,6 +342,7 @@ ssh2_try_pubkey(char *filename,
 	buffer_put_char(&b, 1);
 	buffer_put_cstring(&b, KEX_DSS); 
 	buffer_put_string(&b, blob, bloblen);
+	xfree(blob);
 
 	/* generate signature */
 	dsa_sign(k, &signature, &slen, buffer_ptr(&b), buffer_len(&b));
diff --git a/usr.bin/ssh/sshd.c b/usr.bin/ssh/sshd.c
index 4dbfa0a57a3..14f3eb965b4 100644
--- a/usr.bin/ssh/sshd.c
+++ b/usr.bin/ssh/sshd.c
@@ -14,7 +14,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: sshd.c,v 1.110 2000/04/26 22:36:06 markus Exp $");
+RCSID("$OpenBSD: sshd.c,v 1.111 2000/04/27 08:01:28 markus Exp $");
 
 #include "xmalloc.h"
 #include "rsa.h"
@@ -1270,6 +1270,7 @@ do_ssh2_kex()
 	memset(kbuf, 0, klen);
 	xfree(kbuf);
 
+	/* XXX precompute? */
 	dsa_make_key_blob(sensitive_data.dsa_host_key, &server_host_key_blob, &sbloblen);
 
 	/* calc H */			/* XXX depends on 'kex' */
@@ -1312,6 +1313,7 @@ do_ssh2_kex()
 	packet_put_string((char *)signature, slen);
 	packet_send();
 	xfree(signature);
+	xfree(server_host_key_blob);
 	packet_write_wait();
 
 	kex_derive_keys(kex, hash, shared_secret);