On Feb 6, 1:26pm, m...@netbsd.org (m...@netbsd.org) wrote:
-- Subject: Re: CVS commit: src/crypto/external/bsd/openssh/dist
| > + const BIGNUM *pub_key;
| > + if ((r = dh_gen_key(kex->dh, kex->we_need * 8)) != 0)
| > + goto out;
| > + DH_get0_key(kex->dh, _key, NULL);
| > + if
On Tue, Feb 06, 2018 at 01:26:41PM +, m...@netbsd.org wrote:
> BN_clear_free will null deref on this error path I think
oops, I"m relying on ctags and went into the heimdal BN_clear_free
instead which does this, and not the openssl which does NULL test.
> + const BIGNUM *pub_key;
> + if ((r = dh_gen_key(kex->dh, kex->we_need * 8)) != 0)
> + goto out;
> + DH_get0_key(kex->dh, _key, NULL);
> + if ((r = sshpkt_start(ssh, SSH2_MSG_KEX_DH_GEX_INIT)) != 0 ||
> + (r = sshpkt_put_bignum2(ssh, pub_key)) != 0 ||
> +
On Feb 6, 11:10am, m...@netbsd.org (m...@netbsd.org) wrote:
-- Subject: Re: CVS commit: src/crypto/external/bsd/openssh/dist
| On Sun, Feb 04, 2018 at 07:13:50PM -0500, Christos Zoulas wrote:
| > - return BN_num_bits(k->rsa->n);
| > +#if OPENSSL_VERSION_NUMBER >= 0x1010UL
| > +
On Sun, Feb 04, 2018 at 07:13:50PM -0500, Christos Zoulas wrote:
> - return BN_num_bits(k->rsa->n);
> +#if OPENSSL_VERSION_NUMBER >= 0x1010UL
> + return RSA_bits(k->rsa);
> +#else
> + return BN_num_bits(k->rsa->p);
> +#endif
> case KEY_DSA:
>