- markus@cvs.openbsd.org 2001/12/27 18:22:16

[auth1.c authfile.c auth-rsa.c dh.c kexdh.c kexgex.c key.c rsa.c scard.c ssh-agent.c sshconnect1.c sshd.c ssh-dss.c]
     call fatal() for openssl allocation failures

ChangeLog

@@ -35,6 +35,10 @@
    - markus@cvs.openbsd.org 2001/12/27 18:10:29
      [ssh-keygen.c]
      -t is only needed for key generation (unbreaks -i, -e, etc).
+   - markus@cvs.openbsd.org 2001/12/27 18:22:16
+     [auth1.c authfile.c auth-rsa.c dh.c kexdh.c kexgex.c key.c rsa.c]
+     [scard.c ssh-agent.c sshconnect1.c sshd.c ssh-dss.c]
+     call fatal() for openssl allocation failures
 
 20020121
  - (djm) Rework ssh-rand-helper:
@@ -7182,4 +7186,4 @@
  - Wrote replacements for strlcpy and mkdtemp
  - Released 1.0pre1
 
-$Id: ChangeLog,v 1.1732 2002/01/22 12:08:16 djm Exp $
+$Id: ChangeLog,v 1.1733 2002/01/22 12:09:22 djm Exp $

auth-rsa.c

@@ -14,7 +14,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: auth-rsa.c,v 1.46 2001/12/18 10:06:24 jakob Exp $");
+RCSID("$OpenBSD: auth-rsa.c,v 1.47 2001/12/27 18:22:16 markus Exp $");
 
 #include <openssl/rsa.h>
 #include <openssl/md5.h>
@@ -68,12 +68,15 @@ auth_rsa_challenge_dialog(RSA *pk)
 	u_int i;
 	int plen, len;
 
-	encrypted_challenge = BN_new();
-	challenge = BN_new();
+	if ((encrypted_challenge = BN_new()) == NULL)
+		fatal("auth_rsa_challenge_dialog: BN_new() failed");
+	if ((challenge = BN_new()) == NULL)
+		fatal("auth_rsa_challenge_dialog: BN_new() failed");
 
 	/* Generate a random challenge. */
 	BN_rand(challenge, 256, 0, 0);
-	ctx = BN_CTX_new();
+	if ((ctx = BN_CTX_new()) == NULL)
+		fatal("auth_rsa_challenge_dialog: BN_CTX_new() failed");
 	BN_mod(challenge, challenge, pk->n, ctx);
 	BN_CTX_free(ctx);
 

auth1.c

@@ -10,7 +10,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: auth1.c,v 1.28 2001/12/25 18:53:00 markus Exp $");
+RCSID("$OpenBSD: auth1.c,v 1.29 2001/12/27 18:22:16 markus Exp $");
 
 #include "xmalloc.h"
 #include "rsa.h"
@@ -66,7 +66,7 @@ do_authloop(Authctxt *authctxt)
 {
 	int authenticated = 0;
 	u_int bits;
-	RSA *client_host_key;
+	Key *client_host_key;
 	BIGNUM *n;
 	char *client_user, *password;
 	char info[1024];
@@ -202,24 +202,20 @@ do_authloop(Authctxt *authctxt)
 			client_user = packet_get_string(&ulen);
 
 			/* Get the client host key. */
-			client_host_key = RSA_new();
-			if (client_host_key == NULL)
-				fatal("RSA_new failed");
-			client_host_key->e = BN_new();
-			client_host_key->n = BN_new();
-			if (client_host_key->e == NULL || client_host_key->n == NULL)
-				fatal("BN_new failed");
+			client_host_key = key_new(KEY_RSA1);
 			bits = packet_get_int();
-			packet_get_bignum(client_host_key->e, &elen);
-			packet_get_bignum(client_host_key->n, &nlen);
+			packet_get_bignum(client_host_key->rsa->e, &elen);
+			packet_get_bignum(client_host_key->rsa->n, &nlen);
 
-			if (bits != BN_num_bits(client_host_key->n))
+			if (bits != BN_num_bits(client_host_key->rsa->n))
 				verbose("Warning: keysize mismatch for client_host_key: "
-				    "actual %d, announced %d", BN_num_bits(client_host_key->n), bits);
+				    "actual %d, announced %d",
+				     BN_num_bits(client_host_key->rsa->n), bits);
 			packet_integrity_check(plen, (4 + ulen) + 4 + elen + nlen, type);
 
-			authenticated = auth_rhosts_rsa(pw, client_user, client_host_key);
-			RSA_free(client_host_key);
+			authenticated = auth_rhosts_rsa(pw, client_user,
+			    client_host_key->rsa);
+			key_free(client_host_key);
 
 			snprintf(info, sizeof info, " ruser %.100s", client_user);
 			break;
@@ -230,9 +226,8 @@ do_authloop(Authctxt *authctxt)
 				break;
 			}
 			/* RSA authentication requested. */
-			n = BN_new();
-			if (n == NULL)
-				fatal("BN_new failed");
+			if ((n = BN_new()) == NULL)
+				fatal("do_authloop: BN_new failed");
 			packet_get_bignum(n, &nlen);
 			packet_integrity_check(plen, nlen, type);
 			authenticated = auth_rsa(pw, n);

authfile.c

@@ -36,7 +36,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: authfile.c,v 1.42 2001/12/19 17:16:13 stevesk Exp $");
+RCSID("$OpenBSD: authfile.c,v 1.43 2001/12/27 18:22:16 markus Exp $");
 
 #include <openssl/err.h>
 #include <openssl/evp.h>
@@ -316,8 +316,6 @@ key_load_private_rsa1(int fd, const char *filename, const char *passphrase,
 	char *cp;
 	CipherContext ciphercontext;
 	Cipher *cipher;
-	BN_CTX *ctx;
-	BIGNUM *aux;
 	Key *prv = NULL;
 
 	len = lseek(fd, (off_t) 0, SEEK_END);
@@ -406,17 +404,7 @@ key_load_private_rsa1(int fd, const char *filename, const char *passphrase,
 	buffer_get_bignum(&decrypted, prv->rsa->p);		/* q */
 
 	/* calculate p-1 and q-1 */
-	ctx = BN_CTX_new();
-	aux = BN_new();
-
-	BN_sub(aux, prv->rsa->q, BN_value_one());
-	BN_mod(prv->rsa->dmq1, prv->rsa->d, aux, ctx);
-
-	BN_sub(aux, prv->rsa->p, BN_value_one());
-	BN_mod(prv->rsa->dmp1, prv->rsa->d, aux, ctx);
-
-	BN_clear_free(aux);
-	BN_CTX_free(ctx);
+	rsa_generate_additional_parameters(prv->rsa);
 
 	buffer_free(&decrypted);
 	close(fd);

dh.c

@@ -23,7 +23,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: dh.c,v 1.17 2001/06/23 15:12:18 itojun Exp $");
+RCSID("$OpenBSD: dh.c,v 1.18 2001/12/27 18:22:16 markus Exp $");
 
 #include "xmalloc.h"
 
@@ -78,8 +78,10 @@ parse_prime(int linenum, char *line, struct dhgroup *dhg)
 	if (cp != NULL || *prime == '\0')
 		goto fail;
 
-	dhg->g = BN_new();
-	dhg->p = BN_new();
+	if ((dhg->g = BN_new()) == NULL)
+		fatal("parse_prime: BN_new failed");
+	if ((dhg->p = BN_new()) == NULL)
+		fatal("parse_prime: BN_new failed");
 	if (BN_hex2bn(&dhg->g, gen) == 0)
 		goto failclean;
 
@@ -202,8 +204,7 @@ dh_gen_key(DH *dh, int need)
 	do {
 		if (dh->priv_key != NULL)
 			BN_free(dh->priv_key);
-		dh->priv_key = BN_new();
-		if (dh->priv_key == NULL)
+		if ((dh->priv_key = BN_new()) == NULL)
 			fatal("dh_gen_key: BN_new failed");
 		/* generate a 2*need bits random private exponent */
 		if (!BN_rand(dh->priv_key, 2*need, 0, 0))
@@ -225,9 +226,8 @@ dh_new_group_asc(const char *gen, const char *modulus)
 {
 	DH *dh;
 
-	dh = DH_new();
-	if (dh == NULL)
-		fatal("DH_new");
+	if ((dh = DH_new()) == NULL)
+		fatal("dh_new_group_asc: DH_new");
 
 	if (BN_hex2bn(&dh->p, modulus) == 0)
 		fatal("BN_hex2bn p");
@@ -247,9 +247,8 @@ dh_new_group(BIGNUM *gen, BIGNUM *modulus)
 {
 	DH *dh;
 
-	dh = DH_new();
-	if (dh == NULL)
-		fatal("DH_new");
+	if ((dh = DH_new()) == NULL)
+		fatal("dh_new_group: DH_new");
 	dh->p = modulus;
 	dh->g = gen;
 

kexdh.c

@@ -23,7 +23,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: kexdh.c,v 1.7 2001/09/17 19:27:15 stevesk Exp $");
+RCSID("$OpenBSD: kexdh.c,v 1.8 2001/12/27 18:22:16 markus Exp $");
 
 #include <openssl/crypto.h>
 #include <openssl/bn.h>
@@ -129,8 +129,7 @@ kexdh_client(Kex *kex)
 		fatal("server_host_key verification failed");
 
 	/* DH paramter f, server public DH key */
-	dh_server_pub = BN_new();
-	if (dh_server_pub == NULL)
+	if ((dh_server_pub = BN_new()) == NULL)
 		fatal("dh_server_pub == NULL");
 	packet_get_bignum2(dh_server_pub, &dlen);
 
@@ -154,7 +153,8 @@ kexdh_client(Kex *kex)
 #ifdef DEBUG_KEXDH
 	dump_digest("shared secret", kbuf, kout);
 #endif
-	shared_secret = BN_new();
+	if ((shared_secret = BN_new()) == NULL)
+		fatal("kexdh_client: BN_new failed");
 	BN_bin2bn(kbuf, kout, shared_secret);
 	memset(kbuf, 0, klen);
 	xfree(kbuf);
@@ -217,8 +217,7 @@ kexdh_server(Kex *kex)
 		fatal("Unsupported hostkey type %d", kex->hostkey_type);
 
 	/* key, cert */
-	dh_client_pub = BN_new();
-	if (dh_client_pub == NULL)
+	if ((dh_client_pub = BN_new()) == NULL)
 		fatal("dh_client_pub == NULL");
 	packet_get_bignum2(dh_client_pub, &dlen);
 
@@ -244,7 +243,8 @@ kexdh_server(Kex *kex)
 #ifdef DEBUG_KEXDH
 	dump_digest("shared secret", kbuf, kout);
 #endif
-	shared_secret = BN_new();
+	if ((shared_secret = BN_new()) == NULL)
+		fatal("kexdh_server: BN_new failed");
 	BN_bin2bn(kbuf, kout, shared_secret);
 	memset(kbuf, 0, klen);
 	xfree(kbuf);

kexgex.c

@@ -24,7 +24,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: kexgex.c,v 1.10 2001/12/05 10:06:12 deraadt Exp $");
+RCSID("$OpenBSD: kexgex.c,v 1.11 2001/12/27 18:22:16 markus Exp $");
 
 #include <openssl/bn.h>
 
@@ -183,8 +183,7 @@ kexgex_client(Kex *kex)
 		fatal("server_host_key verification failed");
 
 	/* DH paramter f, server public DH key */
-	dh_server_pub = BN_new();
-	if (dh_server_pub == NULL)
+	if ((dh_server_pub = BN_new()) == NULL)
 		fatal("dh_server_pub == NULL");
 	packet_get_bignum2(dh_server_pub, &dlen);
 
@@ -208,7 +207,8 @@ kexgex_client(Kex *kex)
 #ifdef DEBUG_KEXDH
 	dump_digest("shared secret", kbuf, kout);
 #endif
-	shared_secret = BN_new();
+	if ((shared_secret = BN_new()) == NULL)
+		fatal("kexgex_client: BN_new failed");
 	BN_bin2bn(kbuf, kout, shared_secret);
 	memset(kbuf, 0, klen);
 	xfree(kbuf);
@@ -315,8 +315,7 @@ kexgex_server(Kex *kex)
 	packet_read_expect(&plen, SSH2_MSG_KEX_DH_GEX_INIT);
 
 	/* key, cert */
-	dh_client_pub = BN_new();
-	if (dh_client_pub == NULL)
+	if ((dh_client_pub = BN_new()) == NULL)
 		fatal("dh_client_pub == NULL");
 	packet_get_bignum2(dh_client_pub, &dlen);
 
@@ -342,7 +341,8 @@ kexgex_server(Kex *kex)
 #ifdef DEBUG_KEXDH
 	dump_digest("shared secret", kbuf, kout);
 #endif
-	shared_secret = BN_new();
+	if ((shared_secret = BN_new()) == NULL)
+		fatal("kexgex_server: BN_new failed");
 	BN_bin2bn(kbuf, kout, shared_secret);
 	memset(kbuf, 0, klen);
 	xfree(kbuf);

key.c

@@ -32,7 +32,7 @@
  * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  */
 #include "includes.h"
-RCSID("$OpenBSD: key.c,v 1.37 2001/12/25 18:49:56 markus Exp $");
+RCSID("$OpenBSD: key.c,v 1.38 2001/12/27 18:22:16 markus Exp $");
 
 #include <openssl/evp.h>
 
@@ -60,22 +60,25 @@ key_new(int type)
 	switch (k->type) {
 	case KEY_RSA1:
 	case KEY_RSA:
-		rsa = RSA_new();
-		rsa->n = BN_new();
-		rsa->e = BN_new();
-		if (rsa == NULL || rsa->n == NULL || rsa->e == NULL)
-			fatal("key_new: malloc failure");
+		if ((rsa = RSA_new()) == NULL)
+			fatal("key_new: RSA_new failed");
+		if ((rsa->n = BN_new()) == NULL)
+			fatal("key_new: BN_new failed");
+		if ((rsa->e = BN_new()) == NULL)
+			fatal("key_new: BN_new failed");
 		k->rsa = rsa;
 		break;
 	case KEY_DSA:
-		dsa = DSA_new();
-		dsa->p = BN_new();
-		dsa->q = BN_new();
-		dsa->g = BN_new();
-		dsa->pub_key = BN_new();
-		if (dsa == NULL || dsa->p == NULL || dsa->q == NULL ||
-		    dsa->g == NULL || dsa->pub_key == NULL)
-			fatal("key_new: malloc failure");
+		if ((dsa = DSA_new()) == NULL)
+			fatal("key_new: DSA_new failed");
+		if ((dsa->p = BN_new()) == NULL)
+			fatal("key_new: BN_new failed");
+		if ((dsa->q = BN_new()) == NULL)
+			fatal("key_new: BN_new failed");
+		if ((dsa->g = BN_new()) == NULL)
+			fatal("key_new: BN_new failed");
+		if ((dsa->pub_key = BN_new()) == NULL)
+			fatal("key_new: BN_new failed");
 		k->dsa = dsa;
 		break;
 	case KEY_UNSPEC:
@@ -93,15 +96,22 @@ key_new_private(int type)
 	switch (k->type) {
 	case KEY_RSA1:
 	case KEY_RSA:
-		k->rsa->d = BN_new();
-		k->rsa->iqmp = BN_new();
-		k->rsa->q = BN_new();
-		k->rsa->p = BN_new();
-		k->rsa->dmq1 = BN_new();
-		k->rsa->dmp1 = BN_new();
+		if ((k->rsa->d = BN_new()) == NULL)
+			fatal("key_new_private: BN_new failed");
+		if ((k->rsa->iqmp = BN_new()) == NULL)
+			fatal("key_new_private: BN_new failed");
+		if ((k->rsa->q = BN_new()) == NULL)
+			fatal("key_new_private: BN_new failed");
+		if ((k->rsa->p = BN_new()) == NULL)
+			fatal("key_new_private: BN_new failed");
+		if ((k->rsa->dmq1 = BN_new()) == NULL)
+			fatal("key_new_private: BN_new failed");
+		if ((k->rsa->dmp1 = BN_new()) == NULL)
+			fatal("key_new_private: BN_new failed");
 		break;
 	case KEY_DSA:
-		k->dsa->priv_key = BN_new();
+		if ((k->dsa->priv_key = BN_new()) == NULL)
+			fatal("key_new_private: BN_new failed");
 		break;
 	case KEY_UNSPEC:
 		break;

rsa.c

@@ -60,7 +60,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: rsa.c,v 1.23 2001/06/27 05:42:24 markus Exp $");
+RCSID("$OpenBSD: rsa.c,v 1.24 2001/12/27 18:22:16 markus Exp $");
 
 #include "rsa.h"
 #include "log.h"
@@ -120,14 +120,17 @@ rsa_private_decrypt(BIGNUM *out, BIGNUM *in, RSA *key)
 	return len;
 }
 
+/* calculate p-1 and q-1 */
 void
 rsa_generate_additional_parameters(RSA *rsa)
 {
 	BIGNUM *aux;
 	BN_CTX *ctx;
-	/* Generate additional parameters */
-	aux = BN_new();
-	ctx = BN_CTX_new();
+
+	if ((aux = BN_new()) == NULL)
+		fatal("rsa_generate_additional_parameters: BN_new failed");
+	if ((ctx = BN_CTX_new()) == NULL)
+		fatal("rsa_generate_additional_parameters: BN_CTX_new failed");
 
 	BN_sub(aux, rsa->q, BN_value_one());
 	BN_mod(rsa->dmq1, rsa->d, aux, ctx);

scard.c

@@ -24,7 +24,7 @@
 
 #include "includes.h"
 #ifdef SMARTCARD
-RCSID("$OpenBSD: scard.c,v 1.16 2001/12/19 07:18:56 deraadt Exp $");
+RCSID("$OpenBSD: scard.c,v 1.17 2001/12/27 18:22:16 markus Exp $");
 
 #include <openssl/engine.h>
 #include <sectok.h>
@@ -320,7 +320,8 @@ sc_get_engine(void)
 	smart_rsa.rsa_sign	= def->rsa_sign;
 	smart_rsa.rsa_verify	= def->rsa_verify;
 
-	smart_engine = ENGINE_new();
+	if ((smart_engine = ENGINE_new()) == NULL)
+		fatal("ENGINE_new failed");
 
 	ENGINE_set_id(smart_engine, "sectok");
 	ENGINE_set_name(smart_engine, "libsectok");

ssh-agent.c

@@ -1,4 +1,4 @@
-/*	$OpenBSD: ssh-agent.c,v 1.75 2001/12/19 07:18:56 deraadt Exp $	*/
+/*	$OpenBSD: ssh-agent.c,v 1.76 2001/12/27 18:22:16 markus Exp $	*/
 
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
@@ -36,7 +36,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: ssh-agent.c,v 1.75 2001/12/19 07:18:56 deraadt Exp $");
+RCSID("$OpenBSD: ssh-agent.c,v 1.76 2001/12/27 18:22:16 markus Exp $");
 
 #include <openssl/evp.h>
 #include <openssl/md5.h>
@@ -186,7 +186,8 @@ process_authentication_challenge1(SocketEntry *e)
 
 	buffer_init(&msg);
 	key = key_new(KEY_RSA1);
-	challenge = BN_new();
+	if ((challenge = BN_new()) == NULL)
+		fatal("process_authentication_challenge1: BN_new failed");
 
 	buffer_get_int(&e->input);				/* ignored */
 	buffer_get_bignum(&e->input, key->rsa->e);

ssh-dss.c

@@ -23,7 +23,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: ssh-dss.c,v 1.10 2001/12/05 10:06:12 deraadt Exp $");
+RCSID("$OpenBSD: ssh-dss.c,v 1.11 2001/12/27 18:22:16 markus Exp $");
 
 #include <openssl/bn.h>
 #include <openssl/evp.h>
@@ -158,9 +158,12 @@ ssh_dss_verify(
 	}
 
 	/* parse signature */
-	sig = DSA_SIG_new();
-	sig->r = BN_new();
-	sig->s = BN_new();
+	if ((sig = DSA_SIG_new()) == NULL)
+		fatal("ssh_dss_verify: DSA_SIG_new failed");
+	if ((sig->r = BN_new()) == NULL)
+		fatal("ssh_dss_verify: BN_new failed");
+	if ((sig->s = BN_new()) == NULL)
+		fatal("ssh_dss_verify: BN_new failed");
 	BN_bin2bn(sigblob, INTBLOB_LEN, sig->r);
 	BN_bin2bn(sigblob+ INTBLOB_LEN, INTBLOB_LEN, sig->s);
 

sshconnect1.c

@@ -13,7 +13,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: sshconnect1.c,v 1.42 2001/12/19 07:18:56 deraadt Exp $");
+RCSID("$OpenBSD: sshconnect1.c,v 1.43 2001/12/27 18:22:16 markus Exp $");
 
 #include <openssl/bn.h>
 #include <openssl/evp.h>
@@ -76,8 +76,8 @@ try_agent_authentication(void)
 	if (!auth)
 		return 0;
 
-	challenge = BN_new();
-
+	if ((challenge = BN_new()) == NULL)
+		fatal("try_agent_authentication: BN_new failed");
 	/* Loop through identities served by the agent. */
 	for (key = ssh_get_first_identity(auth, &comment, 1);
 	    key != NULL;
@@ -241,7 +241,8 @@ try_rsa_authentication(int idx)
 		packet_disconnect("Protocol error during RSA authentication: %d", type);
 
 	/* Get the challenge from the packet. */
-	challenge = BN_new();
+	if ((challenge = BN_new()) == NULL)
+		fatal("try_rsa_authentication: BN_new failed");
 	packet_get_bignum(challenge, &clen);
 
 	packet_integrity_check(plen, clen, type);
@@ -355,7 +356,8 @@ try_rhosts_rsa_authentication(const char *local_user, Key * host_key)
 		packet_disconnect("Protocol error during RSA authentication: %d", type);
 
 	/* Get the challenge from the packet. */
-	challenge = BN_new();
+	if ((challenge = BN_new()) == NULL)
+		fatal("try_rhosts_rsa_authentication: BN_new failed");
 	packet_get_bignum(challenge, &clen);
 
 	packet_integrity_check(plen, clen, type);
@@ -912,9 +914,7 @@ ssh_kex(char *host, struct sockaddr *hostaddr)
 {
 	int i;
 	BIGNUM *key;
-	RSA *host_key;
-	RSA *public_key;
-	Key k;
+	Key *host_key, *server_key;
 	int bits, rbits;
 	int ssh_cipher_default = SSH_CIPHER_3DES;
 	u_char session_key[SSH_SESSION_KEY_LENGTH];
@@ -934,32 +934,28 @@ ssh_kex(char *host, struct sockaddr *hostaddr)
 		cookie[i] = packet_get_char();
 
 	/* Get the public key. */
-	public_key = RSA_new();
-	bits = packet_get_int();/* bits */
-	public_key->e = BN_new();
-	packet_get_bignum(public_key->e, &clen);
+	server_key = key_new(KEY_RSA1);
+	bits = packet_get_int();
+	packet_get_bignum(server_key->rsa->e, &clen);
 	sum_len += clen;
-	public_key->n = BN_new();
-	packet_get_bignum(public_key->n, &clen);
+	packet_get_bignum(server_key->rsa->n, &clen);
 	sum_len += clen;
 
-	rbits = BN_num_bits(public_key->n);
+	rbits = BN_num_bits(server_key->rsa->n);
 	if (bits != rbits) {
 		log("Warning: Server lies about size of server public key: "
 		    "actual size is %d bits vs. announced %d.", rbits, bits);
 		log("Warning: This may be due to an old implementation of ssh.");
 	}
 	/* Get the host key. */
-	host_key = RSA_new();
-	bits = packet_get_int();/* bits */
-	host_key->e = BN_new();
-	packet_get_bignum(host_key->e, &clen);
+	host_key = key_new(KEY_RSA1);
+	bits = packet_get_int();
+	packet_get_bignum(host_key->rsa->e, &clen);
 	sum_len += clen;
-	host_key->n = BN_new();
-	packet_get_bignum(host_key->n, &clen);
+	packet_get_bignum(host_key->rsa->n, &clen);
 	sum_len += clen;
 
-	rbits = BN_num_bits(host_key->n);
+	rbits = BN_num_bits(host_key->rsa->n);
 	if (bits != rbits) {
 		log("Warning: Server lies about size of server host key: "
 		    "actual size is %d bits vs. announced %d.", rbits, bits);
@@ -974,19 +970,17 @@ ssh_kex(char *host, struct sockaddr *hostaddr)
 	supported_authentications = packet_get_int();
 
 	debug("Received server public key (%d bits) and host key (%d bits).",
-	    BN_num_bits(public_key->n), BN_num_bits(host_key->n));
+	    BN_num_bits(server_key->rsa->n), BN_num_bits(host_key->rsa->n));
 
 	packet_integrity_check(payload_len,
 	    8 + 4 + sum_len + 0 + 4 + 0 + 0 + 4 + 4 + 4,
 	    SSH_SMSG_PUBLIC_KEY);
-	k.type = KEY_RSA1;
-	k.rsa = host_key;
-	if (verify_host_key(host, hostaddr, &k) == -1)
+	if (verify_host_key(host, hostaddr, host_key) == -1)
 		fatal("Host key verification failed.");
 
 	client_flags = SSH_PROTOFLAG_SCREEN_NUMBER | SSH_PROTOFLAG_HOST_IN_FWD_OPEN;
 
-	compute_session_id(session_id, cookie, host_key->n, public_key->n);
+	compute_session_id(session_id, cookie, host_key->rsa->n, server_key->rsa->n);
 
 	/* Generate a session key. */
 	arc4random_stir();
@@ -1008,7 +1002,8 @@ ssh_kex(char *host, struct sockaddr *hostaddr)
 	 * is the highest byte of the integer.  The session key is xored with
 	 * the first 16 bytes of the session id.
 	 */
-	key = BN_new();
+	if ((key = BN_new()) == NULL)
+		fatal("respond_to_rsa_challenge: BN_new failed");
 	BN_set_word(key, 0);
 	for (i = 0; i < SSH_SESSION_KEY_LENGTH; i++) {
 		BN_lshift(key, key, 8);
@@ -1022,35 +1017,35 @@ ssh_kex(char *host, struct sockaddr *hostaddr)
 	 * Encrypt the integer using the public key and host key of the
 	 * server (key with smaller modulus first).
 	 */
-	if (BN_cmp(public_key->n, host_key->n) < 0) {
+	if (BN_cmp(server_key->rsa->n, host_key->rsa->n) < 0) {
 		/* Public key has smaller modulus. */
-		if (BN_num_bits(host_key->n) <
-		    BN_num_bits(public_key->n) + SSH_KEY_BITS_RESERVED) {
-			fatal("respond_to_rsa_challenge: host_key %d < public_key %d + "
+		if (BN_num_bits(host_key->rsa->n) <
+		    BN_num_bits(server_key->rsa->n) + SSH_KEY_BITS_RESERVED) {
+			fatal("respond_to_rsa_challenge: host_key %d < server_key %d + "
 			    "SSH_KEY_BITS_RESERVED %d",
-			    BN_num_bits(host_key->n),
-			    BN_num_bits(public_key->n),
+			    BN_num_bits(host_key->rsa->n),
+			    BN_num_bits(server_key->rsa->n),
 			    SSH_KEY_BITS_RESERVED);
 		}
-		rsa_public_encrypt(key, key, public_key);
-		rsa_public_encrypt(key, key, host_key);
+		rsa_public_encrypt(key, key, server_key->rsa);
+		rsa_public_encrypt(key, key, host_key->rsa);
 	} else {
 		/* Host key has smaller modulus (or they are equal). */
-		if (BN_num_bits(public_key->n) <
-		    BN_num_bits(host_key->n) + SSH_KEY_BITS_RESERVED) {
-			fatal("respond_to_rsa_challenge: public_key %d < host_key %d + "
+		if (BN_num_bits(server_key->rsa->n) <
+		    BN_num_bits(host_key->rsa->n) + SSH_KEY_BITS_RESERVED) {
+			fatal("respond_to_rsa_challenge: server_key %d < host_key %d + "
 			    "SSH_KEY_BITS_RESERVED %d",
-			    BN_num_bits(public_key->n),
-			    BN_num_bits(host_key->n),
+			    BN_num_bits(server_key->rsa->n),
+			    BN_num_bits(host_key->rsa->n),
 			    SSH_KEY_BITS_RESERVED);
 		}
-		rsa_public_encrypt(key, key, host_key);
-		rsa_public_encrypt(key, key, public_key);
+		rsa_public_encrypt(key, key, host_key->rsa);
+		rsa_public_encrypt(key, key, server_key->rsa);
 	}
 
 	/* Destroy the public keys since we no longer need them. */
-	RSA_free(public_key);
-	RSA_free(host_key);
+	key_free(server_key);
+	key_free(host_key);
 
 	if (options.cipher == SSH_CIPHER_NOT_SET) {
 		if (cipher_mask_ssh1(1) & supported_ciphers & (1 << ssh_cipher_default))

sshd.c

@@ -40,7 +40,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: sshd.c,v 1.217 2001/12/19 07:18:56 deraadt Exp $");
+RCSID("$OpenBSD: sshd.c,v 1.218 2001/12/27 18:22:16 markus Exp $");
 
 #include <openssl/dh.h>
 #include <openssl/bn.h>
@@ -1352,7 +1352,8 @@ do_ssh1_kex(void)
 	debug("Encryption type: %.200s", cipher_name(cipher_type));
 
 	/* Get the encrypted integer. */
-	session_key_int = BN_new();
+	if ((session_key_int = BN_new()) == NULL)
+		fatal("do_ssh1_kex: BN_new failed");
 	packet_get_bignum(session_key_int, &slen);
 
 	protocol_flags = packet_get_int();