commit 48bd7c118a25b950842864c7eb87ef666cbc342d
author Ben Lindstrom <mouring@eviladmin.org> Tue Jan 09 00:35:42 2001 +0000
committer Ben Lindstrom <mouring@eviladmin.org> Tue Jan 09 00:35:42 2001 +0000
tree b678668f292f8a8bb5e00b9b8f89d86370a8e11f
parent 99a0563fd59e1d3e1b79a1a9dd38ce9f6b5059ee

 - (bal) OpenBSD Sync
   - markus@cvs.openbsd.org 2001/01/08 22:29:05
     [auth2.c compat.c compat.h servconf.c servconf.h sshd.8
      sshd_config version.h]
     implement option 'Banner /etc/issue.net' for ssh2, move version to
     2.3.1 (needed for bugcompat detection, 2.3.0 would fail if Banner
     is enabled).
   - markus@cvs.openbsd.org 2001/01/08 22:03:23
     [channels.c ssh-keyscan.c]
     O_NDELAY -> O_NONBLOCK; thanks stevesk@pobox.com
   - markus@cvs.openbsd.org 2001/01/08 21:55:41
     [sshconnect1.c]
     more cleanups and fixes from stevesk@pobox.com:
     1) try_agent_authentication() for loop will overwrite key just
        allocated with key_new(); don't alloc
     2) call ssh_close_authentication_connection() before exit
        try_agent_authentication()
     3) free mem on bad passphrase in try_rsa_authentication()
   - markus@cvs.openbsd.org 2001/01/08 21:48:17
     [kex.c]
     missing free; thanks stevesk@pobox.com

sshconnect1.c

diff --git a/sshconnect1.c b/sshconnect1.c
index d623052..09d0210 100644
--- a/sshconnect1.c
+++ b/sshconnect1.c
@@ -13,7 +13,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: sshconnect1.c,v 1.13 2000/12/19 23:17:58 markus Exp $");
+RCSID("$OpenBSD: sshconnect1.c,v 1.14 2001/01/08 21:55:41 markus Exp $");
 
 #include <openssl/bn.h>
 #include <openssl/dsa.h>
@@ -62,7 +62,6 @@
 		return 0;
 
 	challenge = BN_new();
-	key = key_new(KEY_RSA1);
 
 	/* Loop through identities served by the agent. */
 	for (key = ssh_get_first_identity(auth, &comment, 1);
@@ -125,6 +124,7 @@
 
 		/* The server returns success if it accepted the authentication. */
 		if (type == SSH_SMSG_SUCCESS) {
+			ssh_close_authentication_connection(auth);
 			BN_clear_free(challenge);
 			debug("RSA authentication accepted by server.");
 			return 1;
@@ -134,6 +134,7 @@
 			packet_disconnect("Protocol error waiting RSA auth response: %d",
 					  type);
 	}
+	ssh_close_authentication_connection(auth);
 	BN_clear_free(challenge);
 	debug("RSA authentication using agent refused.");
 	return 0;
@@ -270,6 +271,8 @@
 			/* Expect the server to reject it... */
 			packet_read_expect(&plen, SSH_SMSG_FAILURE);
 			xfree(comment);
+			key_free(private);
+			BN_clear_free(challenge);
 			return 0;
 		}
 		/* Destroy the passphrase. */