diff options
| author | djm@openbsd.org <djm@openbsd.org> | 2021-01-27 10:05:28 +0000 |
|---|---|---|
| committer | Damien Miller <djm@mindrot.org> | 2021-01-27 21:10:57 +1100 |
| commit | 39be3dc209f28f9c1ebfeba42adde8963b01e1cd (patch) | |
| tree | d40c854a19626434deaf3b6e1706517ae234827f /sshconnect2.c | |
| parent | 4ca6a1fac328477c642329676d6469dba59019a3 (diff) | |
| download | openssh-git-39be3dc209f28f9c1ebfeba42adde8963b01e1cd.tar.gz | |
upstream: make ssh->kex->session_id a sshbuf instead of u_char*/size_t
and use that instead of global variables containing copies of it. feedback/ok
markus@
OpenBSD-Commit-ID: a4b1b1ca4afd2e37cb9f64f737b30a6a7f96af68
Diffstat (limited to 'sshconnect2.c')
| -rw-r--r-- | sshconnect2.c | 24 |
1 files changed, 9 insertions, 15 deletions
diff --git a/sshconnect2.c b/sshconnect2.c index efd1def4..059c9480 100644 --- a/sshconnect2.c +++ b/sshconnect2.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshconnect2.c,v 1.345 2021/01/27 09:26:54 djm Exp $ */ +/* $OpenBSD: sshconnect2.c,v 1.346 2021/01/27 10:05:28 djm Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. * Copyright (c) 2008 Damien Miller. All rights reserved. @@ -89,9 +89,6 @@ extern Options options; * SSH2 key exchange */ -u_char *session_id2 = NULL; -u_int session_id2_len = 0; - static char *xxx_host; static struct sockaddr *xxx_hostaddr; static const struct ssh_conn_info *xxx_conn_info; @@ -298,9 +295,6 @@ ssh_kex2(struct ssh *ssh, char *host, struct sockaddr *hostaddr, u_short port, if ((r = kex_prop2buf(ssh->kex->my, myproposal)) != 0) fatal_r(r, "kex_prop2buf"); - session_id2 = ssh->kex->session_id; - session_id2_len = ssh->kex->session_id_len; - #ifdef DEBUG_KEXDH /* send 1st encrypted/maced/compressed message */ if ((r = sshpkt_start(ssh, SSH2_MSG_IGNORE)) != 0 || @@ -878,7 +872,8 @@ process_gssapi_token(struct ssh *ssh, gss_buffer_t recv_tok) if ((b = sshbuf_new()) == NULL) fatal_f("sshbuf_new failed"); ssh_gssapi_buildmic(b, authctxt->server_user, - authctxt->service, "gssapi-with-mic"); + authctxt->service, "gssapi-with-mic", + ssh->kex->session_id); if ((gssbuf.value = sshbuf_mutable_ptr(b)) == NULL) fatal_f("sshbuf_mutable_ptr failed"); @@ -1409,13 +1404,12 @@ sign_and_send_pubkey(struct ssh *ssh, Identity *id) if ((b = sshbuf_new()) == NULL) fatal_f("sshbuf_new failed"); if (ssh->compat & SSH_OLD_SESSIONID) { - if ((r = sshbuf_put(b, session_id2, - session_id2_len)) != 0) - fatal_fr(r, "sshbuf_put"); + if ((r = sshbuf_putb(b, ssh->kex->session_id)) != 0) + fatal_fr(r, "sshbuf_putb"); } else { - if ((r = sshbuf_put_string(b, session_id2, - session_id2_len)) != 0) - fatal_fr(r, "sshbuf_put_string"); + if ((r = sshbuf_put_stringb(b, + ssh->kex->session_id)) != 0) + fatal_fr(r, "sshbuf_put_stringb"); } skip = sshbuf_len(b); if ((r = sshbuf_put_u8(b, SSH2_MSG_USERAUTH_REQUEST)) != 0 || @@ -2172,7 +2166,7 @@ userauth_hostbased(struct ssh *ssh) error_fr(r, "sshkey_to_blob"); goto out; } - if ((r = sshbuf_put_string(b, session_id2, session_id2_len)) != 0 || + if ((r = sshbuf_put_stringb(b, ssh->kex->session_id)) != 0 || (r = sshbuf_put_u8(b, SSH2_MSG_USERAUTH_REQUEST)) != 0 || (r = sshbuf_put_cstring(b, authctxt->server_user)) != 0 || (r = sshbuf_put_cstring(b, authctxt->service)) != 0 || |