diff --git a/include/libssh/priv.h b/include/libssh/priv.h index 247c4017..2648b606 100644 --- a/include/libssh/priv.h +++ b/include/libssh/priv.h @@ -516,7 +516,7 @@ void ssh_set_error(void *error, int code, const char *descr, ...) PRINTF_ATTRIBU /* DH key generation */ void dh_generate_e(SSH_SESSION *session); void ssh_print_bignum(const char *which,bignum num); -void dh_generate_x(SSH_SESSION *session); +int dh_generate_x(SSH_SESSION *session); void dh_generate_y(SSH_SESSION *session); void dh_generate_f(SSH_SESSION *session); diff --git a/libssh/client.c b/libssh/client.c index cfcaf96c..57cbd18e 100644 --- a/libssh/client.c +++ b/libssh/client.c @@ -201,7 +201,9 @@ static int dh_handshake(SSH_SESSION *session) { goto error; } - dh_generate_x(session); + if (dh_generate_x(session) < 0) { + goto error; + } dh_generate_e(session); e = dh_get_e(session); diff --git a/libssh/dh.c b/libssh/dh.c index 376408f2..439d1980 100644 --- a/libssh/dh.c +++ b/libssh/dh.c @@ -213,18 +213,26 @@ void ssh_print_hexa(const char *descr, const unsigned char *what, size_t len) { printf("%s: %s\n", descr, hexa); } -void dh_generate_x(SSH_SESSION *session){ - session->next_crypto->x=bignum_new(); +int dh_generate_x(SSH_SESSION *session) { + session->next_crypto->x = bignum_new(); + if (session->next_crypto->x == NULL) { + return -1; + } + #ifdef HAVE_LIBGCRYPT - bignum_rand(session->next_crypto->x,128); + bignum_rand(session->next_crypto->x, 128); #elif defined HAVE_LIBCRYPTO - bignum_rand(session->next_crypto->x,128,0,-1); + bignum_rand(session->next_crypto->x, 128, 0, -1); #endif - /* not harder than this */ + + /* not harder than this */ #ifdef DEBUG_CRYPTO - ssh_print_bignum("x",session->next_crypto->x); + ssh_print_bignum("x", session->next_crypto->x); #endif + + return 0; } + /* used by server */ void dh_generate_y(SSH_SESSION *session){ session->next_crypto->y=bignum_new();