- markus@cvs.openbsd.org 2006/10/31 16:33:12

[kexdhc.c kexdhs.c kexgexc.c kexgexs.c] check DH_compute_key() for -1 even if it should not happen because of earlier calls to dh_pub_is_valid(); report krahmer at suse.de; ok djm
author: Damien Miller <djm@mindrot.org> 2006-11-04 19:32:02 +0100
committer: Damien Miller <djm@mindrot.org> 2006-11-04 19:32:02 +0100
commit: 570c2ab1b619ea36a06bfbf21d88a82683cc4213 (patch)
tree: 7564b301ac020a29c41f456b7e47b6e252af5e9d /kexdhc.c
parent: - (djm) OpenBSD CVS Sync (diff)
download: openssh-570c2ab1b619ea36a06bfbf21d88a82683cc4213.tar.xz
openssh-570c2ab1b619ea36a06bfbf21d88a82683cc4213.zip
1 files changed, 5 insertions, 3 deletions
diff --git a/kexdhc.c b/kexdhc.c
index 64de7af30..61d54fdc2 100644
--- a/kexdhc.c
+++ b/kexdhc.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: kexdhc.c,v 1.9 2006/08/03 03:34:42 deraadt Exp $ */
+/* $OpenBSD: kexdhc.c,v 1.10 2006/10/31 16:33:12 markus Exp $ */
 /*
  * Copyright (c) 2001 Markus Friedl.  All rights reserved.
  *
@@ -50,7 +50,8 @@ kexdh_client(Kex *kex)
 	Key *server_host_key;
 	u_char *server_host_key_blob = NULL, *signature = NULL;
 	u_char *kbuf, *hash;
-	u_int klen, kout, slen, sbloblen, hashlen;
+	u_int klen, slen, sbloblen, hashlen;
+	int kout;
 
 	/* generate and send 'e', client DH public key */
 	switch (kex->kex_type) {
@@ -112,7 +113,8 @@ kexdh_client(Kex *kex)
 
 	klen = DH_size(dh);
 	kbuf = xmalloc(klen);
-	kout = DH_compute_key(kbuf, dh_server_pub, dh);
+	if ((kout = DH_compute_key(kbuf, dh_server_pub, dh)) < 0)
+		fatal("DH_compute_key: failed");
 #ifdef DEBUG_KEXDH
 	dump_digest("shared secret", kbuf, kout);
 #endif
author	Damien Miller <djm@mindrot.org>	2006-11-04 19:32:02 +0100
committer	Damien Miller <djm@mindrot.org>	2006-11-04 19:32:02 +0100
commit	570c2ab1b619ea36a06bfbf21d88a82683cc4213 (patch)
tree	7564b301ac020a29c41f456b7e47b6e252af5e9d /kexdhc.c
parent	- (djm) OpenBSD CVS Sync (diff)
download	openssh-570c2ab1b619ea36a06bfbf21d88a82683cc4213.tar.xz openssh-570c2ab1b619ea36a06bfbf21d88a82683cc4213.zip