diff options
| author | Jan Pechanec <Jan.Pechanec@Sun.COM> | 2008-09-12 11:17:27 -0700 |
|---|---|---|
| committer | Jan Pechanec <Jan.Pechanec@Sun.COM> | 2008-09-12 11:17:27 -0700 |
| commit | cd7d5faf5bbb52336a6f85578a90b31a648ac3fa (patch) | |
| tree | 9ac1635ecfe13f31666944f18e771bc4e9e58373 /usr/src/cmd/ssh/libssh/common/ssh-gss.c | |
| parent | e4da943dc881d5566125b30eda2d8e3dd79a8f59 (diff) | |
| download | illumos-joyent-cd7d5faf5bbb52336a6f85578a90b31a648ac3fa.tar.gz | |
PSARC/2008/520 SunSSH with the OpenSSL PKCS#11 engine support
6445288 ssh needs to be OpenSSL engine aware
6709963 SunSSH server leaks memory during initialization
6687401 ssh monitor shouldn't try to log remote IP when child closed the pipe
6696629 sshd should remove alarm signal handler after authentication
6674088 userland threshold for hw offloading makes it difficult for SSL and SSH protocols
6728450 6708125 prevents parent to use the Crypto Framework after the fork(2)
6742247 ssh debug output with PACKET_DEBUG code could be more readable
Diffstat (limited to 'usr/src/cmd/ssh/libssh/common/ssh-gss.c')
| -rw-r--r-- | usr/src/cmd/ssh/libssh/common/ssh-gss.c | 11 |
1 files changed, 6 insertions, 5 deletions
diff --git a/usr/src/cmd/ssh/libssh/common/ssh-gss.c b/usr/src/cmd/ssh/libssh/common/ssh-gss.c index c784426e90..4de5abb1da 100644 --- a/usr/src/cmd/ssh/libssh/common/ssh-gss.c +++ b/usr/src/cmd/ssh/libssh/common/ssh-gss.c @@ -29,8 +29,6 @@ #ifdef GSSAPI -#pragma ident "%Z%%M% %I% %E% SMI" - #include "ssh.h" #include "ssh2.h" #include "xmalloc.h" @@ -246,6 +244,7 @@ ssh_gssapi_encode_oid_for_kex(const gss_OID oid, char **enc_name) buffer_put_char(&buf, '\0'); debug2("GSS-API Mechanism encoded as %s", encoded); + xfree(encoded); *enc_name = xstrdup(buffer_ptr(&buf)); buffer_free(&buf); @@ -271,6 +270,7 @@ ssh_gssapi_make_kexalgs_list(gss_OID_set mechs, const char *old_kexalgs) len = strlen(old_kexalgs) + strlen(gss_kexalgs) + 2; new_kexalgs = xmalloc(len); (void) snprintf(new_kexalgs, len, "%s,%s", gss_kexalgs, old_kexalgs); + xfree(gss_kexalgs); return (new_kexalgs); } @@ -286,7 +286,7 @@ ssh_gssapi_modify_kex(Kex *kex, gss_OID_set mechs, char **proposal) int i; if (kex == NULL || proposal == NULL || - (orig_kexalgs = proposal[PROPOSAL_KEX_ALGS]) == NULL) { + proposal[PROPOSAL_KEX_ALGS] == NULL) { fatal("INTERNAL ERROR (%s)", __func__); } @@ -340,7 +340,7 @@ mod_offer: (void) gss_release_oid_set(&min, &kex->mechs); /* ok if !kex->mechs */ - /* Not offering GSS kexalgs now -> all done */ + /* Not offering GSS kex algorithms now -> all done */ if (mechs == GSS_C_NULL_OID_SET) return; @@ -358,9 +358,10 @@ mod_offer: } } - /* Add mechs to kexalgs ... */ + /* Add mechs to kex algorithms ... */ proposal[PROPOSAL_KEX_ALGS] = ssh_gssapi_make_kexalgs_list(mechs, kexalgs); + xfree(kexalgs); kex->mechs = dup_mechs; /* remember what we offer now */ /* |