зеркало из https://github.com/github/putty.git
Move some manual freeing into freersakey().
Several pieces of old code were disposing of pieces of an RSAKey by manually freeing them one at a time. We have a centralised freersakey(), so we should use that instead wherever possible. Where it wasn't possible to switch over to that, it was because we were only freeing the private fields of the key - so I've fixed that by cutting freersakey() down the middle and exposing the private-only half as freersapriv().
This commit is contained in:
Родитель
55cea187e9
Коммит
a80edab4b5
10
pageant.c
10
pageant.c
|
@ -308,8 +308,7 @@ void pageant_handle_msg(BinarySink *bs,
|
||||||
if (response)
|
if (response)
|
||||||
freebn(response);
|
freebn(response);
|
||||||
freebn(challenge);
|
freebn(challenge);
|
||||||
freebn(reqkey.exponent);
|
freersakey(&reqkey);
|
||||||
freebn(reqkey.modulus);
|
|
||||||
}
|
}
|
||||||
break;
|
break;
|
||||||
case SSH2_AGENTC_SIGN_REQUEST:
|
case SSH2_AGENTC_SIGN_REQUEST:
|
||||||
|
@ -526,13 +525,13 @@ void pageant_handle_msg(BinarySink *bs,
|
||||||
|
|
||||||
plog(logctx, logfn, "request: SSH1_AGENTC_REMOVE_RSA_IDENTITY");
|
plog(logctx, logfn, "request: SSH1_AGENTC_REMOVE_RSA_IDENTITY");
|
||||||
|
|
||||||
|
memset(&reqkey, 0, sizeof(reqkey));
|
||||||
get_rsa_ssh1_pub(msg, &reqkey, RSA_SSH1_EXPONENT_FIRST);
|
get_rsa_ssh1_pub(msg, &reqkey, RSA_SSH1_EXPONENT_FIRST);
|
||||||
|
|
||||||
if (get_err(msg)) {
|
if (get_err(msg)) {
|
||||||
pageant_failure_msg(bs, "unable to decode request",
|
pageant_failure_msg(bs, "unable to decode request",
|
||||||
logctx, logfn);
|
logctx, logfn);
|
||||||
freebn(reqkey.exponent);
|
freersakey(&reqkey);
|
||||||
freebn(reqkey.modulus);
|
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -545,8 +544,7 @@ void pageant_handle_msg(BinarySink *bs,
|
||||||
}
|
}
|
||||||
|
|
||||||
key = find234(rsakeys, &reqkey, NULL);
|
key = find234(rsakeys, &reqkey, NULL);
|
||||||
freebn(reqkey.exponent);
|
freersakey(&reqkey);
|
||||||
freebn(reqkey.modulus);
|
|
||||||
if (key) {
|
if (key) {
|
||||||
plog(logctx, logfn, "found with comment: %s", key->comment);
|
plog(logctx, logfn, "found with comment: %s", key->comment);
|
||||||
|
|
||||||
|
|
1
ssh.h
1
ssh.h
|
@ -514,6 +514,7 @@ bool rsa_verify(struct RSAKey *key);
|
||||||
void rsa_ssh1_public_blob(BinarySink *bs, struct RSAKey *key,
|
void rsa_ssh1_public_blob(BinarySink *bs, struct RSAKey *key,
|
||||||
RsaSsh1Order order);
|
RsaSsh1Order order);
|
||||||
int rsa_ssh1_public_blob_len(void *data, int maxlen);
|
int rsa_ssh1_public_blob_len(void *data, int maxlen);
|
||||||
|
void freersapriv(struct RSAKey *key);
|
||||||
void freersakey(struct RSAKey *key);
|
void freersakey(struct RSAKey *key);
|
||||||
|
|
||||||
unsigned long crc32_compute(const void *s, size_t len);
|
unsigned long crc32_compute(const void *s, size_t len);
|
||||||
|
|
20
ssh1login.c
20
ssh1login.c
|
@ -368,22 +368,8 @@ static void ssh1_login_process_queue(PacketProtocolLayer *ppl)
|
||||||
ssh1_bpp_new_cipher(s->ppl.bpp, cipher, s->session_key);
|
ssh1_bpp_new_cipher(s->ppl.bpp, cipher, s->session_key);
|
||||||
}
|
}
|
||||||
|
|
||||||
if (s->servkey.modulus) {
|
freersakey(&s->servkey);
|
||||||
sfree(s->servkey.modulus);
|
freersakey(&s->hostkey);
|
||||||
s->servkey.modulus = NULL;
|
|
||||||
}
|
|
||||||
if (s->servkey.exponent) {
|
|
||||||
sfree(s->servkey.exponent);
|
|
||||||
s->servkey.exponent = NULL;
|
|
||||||
}
|
|
||||||
if (s->hostkey.modulus) {
|
|
||||||
sfree(s->hostkey.modulus);
|
|
||||||
s->hostkey.modulus = NULL;
|
|
||||||
}
|
|
||||||
if (s->hostkey.exponent) {
|
|
||||||
sfree(s->hostkey.exponent);
|
|
||||||
s->hostkey.exponent = NULL;
|
|
||||||
}
|
|
||||||
crMaybeWaitUntilV((pktin = ssh1_login_pop(s)) != NULL);
|
crMaybeWaitUntilV((pktin = ssh1_login_pop(s)) != NULL);
|
||||||
|
|
||||||
if (pktin->type != SSH1_SMSG_SUCCESS) {
|
if (pktin->type != SSH1_SMSG_SUCCESS) {
|
||||||
|
@ -745,7 +731,7 @@ static void ssh1_login_process_queue(PacketProtocolLayer *ppl)
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
response = rsa_ssh1_decrypt(challenge, &s->key);
|
response = rsa_ssh1_decrypt(challenge, &s->key);
|
||||||
freebn(s->key.private_exponent);/* burn the evidence */
|
freersapriv(&s->key); /* burn the evidence */
|
||||||
|
|
||||||
for (i = 0; i < 32; i++) {
|
for (i = 0; i < 32; i++) {
|
||||||
buffer[i] = bignum_byte(response, 31 - i);
|
buffer[i] = bignum_byte(response, 31 - i);
|
||||||
|
|
41
sshrsa.c
41
sshrsa.c
|
@ -486,22 +486,41 @@ int rsa_ssh1_public_blob_len(void *data, int maxlen)
|
||||||
return src->pos;
|
return src->pos;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
void freersapriv(struct RSAKey *key)
|
||||||
|
{
|
||||||
|
if (key->private_exponent) {
|
||||||
|
freebn(key->private_exponent);
|
||||||
|
key->private_exponent = NULL;
|
||||||
|
}
|
||||||
|
if (key->p) {
|
||||||
|
freebn(key->p);
|
||||||
|
key->p = NULL;
|
||||||
|
}
|
||||||
|
if (key->q) {
|
||||||
|
freebn(key->q);
|
||||||
|
key->q = NULL;
|
||||||
|
}
|
||||||
|
if (key->iqmp) {
|
||||||
|
freebn(key->iqmp);
|
||||||
|
key->iqmp = NULL;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
void freersakey(struct RSAKey *key)
|
void freersakey(struct RSAKey *key)
|
||||||
{
|
{
|
||||||
if (key->modulus)
|
freersapriv(key);
|
||||||
|
if (key->modulus) {
|
||||||
freebn(key->modulus);
|
freebn(key->modulus);
|
||||||
if (key->exponent)
|
key->modulus = NULL;
|
||||||
|
}
|
||||||
|
if (key->exponent) {
|
||||||
freebn(key->exponent);
|
freebn(key->exponent);
|
||||||
if (key->private_exponent)
|
key->exponent = NULL;
|
||||||
freebn(key->private_exponent);
|
}
|
||||||
if (key->p)
|
if (key->comment) {
|
||||||
freebn(key->p);
|
|
||||||
if (key->q)
|
|
||||||
freebn(key->q);
|
|
||||||
if (key->iqmp)
|
|
||||||
freebn(key->iqmp);
|
|
||||||
if (key->comment)
|
|
||||||
sfree(key->comment);
|
sfree(key->comment);
|
||||||
|
key->comment = NULL;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
/* ----------------------------------------------------------------------
|
/* ----------------------------------------------------------------------
|
||||||
|
|
Загрузка…
Ссылка в новой задаче