diff --git a/include/libssh/priv.h b/include/libssh/priv.h index 2648b606..ece643d0 100644 --- a/include/libssh/priv.h +++ b/include/libssh/priv.h @@ -517,7 +517,7 @@ void ssh_set_error(void *error, int code, const char *descr, ...) PRINTF_ATTRIBU void dh_generate_e(SSH_SESSION *session); void ssh_print_bignum(const char *which,bignum num); int dh_generate_x(SSH_SESSION *session); -void dh_generate_y(SSH_SESSION *session); +int dh_generate_y(SSH_SESSION *session); void dh_generate_f(SSH_SESSION *session); int ssh_crypto_init(void); diff --git a/libssh/dh.c b/libssh/dh.c index 439d1980..f9684215 100644 --- a/libssh/dh.c +++ b/libssh/dh.c @@ -234,18 +234,26 @@ int dh_generate_x(SSH_SESSION *session) { } /* used by server */ -void dh_generate_y(SSH_SESSION *session){ - session->next_crypto->y=bignum_new(); +int dh_generate_y(SSH_SESSION *session) { + session->next_crypto->y = bignum_new(); + if (session->next_crypto->y == NULL) { + return -1; + } + #ifdef HAVE_LIBGCRYPT - bignum_rand(session->next_crypto->y,128); + bignum_rand(session->next_crypto->y, 128); #elif defined HAVE_LIBCRYPTO - bignum_rand(session->next_crypto->y,128,0,-1); + bignum_rand(session->next_crypto->y, 128, 0, -1); #endif - /* not harder than this */ + + /* not harder than this */ #ifdef DEBUG_CRYPTO - ssh_print_bignum("y",session->next_crypto->y); + ssh_print_bignum("y", session->next_crypto->y); #endif + + return 0; } + /* used by server */ void dh_generate_e(SSH_SESSION *session){ #ifdef HAVE_LIBCRYPTO diff --git a/libssh/server.c b/libssh/server.c index b26c75cc..7e3eb448 100644 --- a/libssh/server.c +++ b/libssh/server.c @@ -274,7 +274,10 @@ static int dh_handshake_server(SSH_SESSION *session){ } dh_import_e(session,e); free(e); - dh_generate_y(session); + if (dh_generate_y(session) < 0) { + ssh_set_error(session,SSH_FATAL,"Could not create y number"); + return -1; + } dh_generate_f(session); f=dh_get_f(session); switch(session->hostkeys){