- markus@cvs.openbsd.org 2006/10/31 16:33:12

[kexdhc.c kexdhs.c kexgexc.c kexgexs.c] check DH_compute_key() for -1 even if it should not happen because of earlier calls to dh_pub_is_valid(); report krahmer at suse.de; ok djm
author: djm <djm> 2006-11-04 18:32:02 +0000
committer: djm <djm> 2006-11-04 18:32:02 +0000
commit: aae5db892f3b064814d810f7ad279e3903fb0f4c (patch)
tree: 4975f10f8a2c1e9508fc66deb108938ae83a6211 /kexdhs.c
parent: 15d3a4a5b47606193455e2418c0a46677c2bf5ed (diff)
download: openssh-aae5db892f3b064814d810f7ad279e3903fb0f4c.tar.gz
1 files changed, 5 insertions, 4 deletions
diff --git a/kexdhs.c b/kexdhs.c
index 93ec97f9..5de43430 100644
--- a/kexdhs.c
+++ b/kexdhs.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: kexdhs.c,v 1.7 2006/08/03 03:34:42 deraadt Exp $ */
+/* $OpenBSD: kexdhs.c,v 1.8 2006/10/31 16:33:12 markus Exp $ */
 /*
  * Copyright (c) 2001 Markus Friedl.  All rights reserved.
  *
@@ -52,8 +52,8 @@ kexdh_server(Kex *kex)
 	DH *dh;
 	Key *server_host_key;
 	u_char *kbuf, *hash, *signature = NULL, *server_host_key_blob = NULL;
-	u_int sbloblen, klen, kout, hashlen;
-	u_int slen;
+	u_int sbloblen, klen, hashlen, slen;
+	int kout;
 
 	/* generate server DH public key */
 	switch (kex->kex_type) {
@@ -101,7 +101,8 @@ kexdh_server(Kex *kex)
 
 	klen = DH_size(dh);
 	kbuf = xmalloc(klen);
-	kout = DH_compute_key(kbuf, dh_client_pub, dh);
+	if ((kout = DH_compute_key(kbuf, dh_client_pub, dh)) < 0)
+		fatal("DH_compute_key: failed");
 #ifdef DEBUG_KEXDH
 	dump_digest("shared secret", kbuf, kout);
 #endif
author	djm <djm>	2006-11-04 18:32:02 +0000
committer	djm <djm>	2006-11-04 18:32:02 +0000
commit	aae5db892f3b064814d810f7ad279e3903fb0f4c (patch)
tree	4975f10f8a2c1e9508fc66deb108938ae83a6211 /kexdhs.c
parent	15d3a4a5b47606193455e2418c0a46677c2bf5ed (diff)
download	openssh-aae5db892f3b064814d810f7ad279e3903fb0f4c.tar.gz