diff --git a/ssh2kex-client.c b/ssh2kex-client.c index b4387b0a..ca1ee0c1 100644 --- a/ssh2kex-client.c +++ b/ssh2kex-client.c @@ -256,7 +256,6 @@ void ssh2kex_coroutine(struct ssh2_transport_state *s, bool *aborted) s->init_token_sent = false; s->complete_rcvd = false; s->hkey = NULL; - s->fingerprint = NULL; s->keystr = NULL; /* @@ -721,11 +720,12 @@ void ssh2kex_coroutine(struct ssh2_transport_state *s, bool *aborted) * host key, store it. */ if (s->hkey) { - s->fingerprint = ssh2_fingerprint(s->hkey, SSH_FPTYPE_DEFAULT); + char *fingerprint = ssh2_fingerprint( + s->hkey, SSH_FPTYPE_DEFAULT); ppl_logevent("GSS kex provided fallback host key:"); - ppl_logevent("%s", s->fingerprint); - sfree(s->fingerprint); - s->fingerprint = NULL; + ppl_logevent("%s", fingerprint); + sfree(fingerprint); + ssh_transient_hostkey_cache_add(s->thc, s->hkey); } else if (!ssh_transient_hostkey_cache_non_empty(s->thc)) { /* @@ -779,25 +779,25 @@ void ssh2kex_coroutine(struct ssh2_transport_state *s, bool *aborted) * triggered on purpose to populate the transient cache. */ assert(s->hkey); /* only KEXTYPE_GSS lets this be null */ - s->fingerprint = ssh2_fingerprint(s->hkey, SSH_FPTYPE_DEFAULT); + char *fingerprint = ssh2_fingerprint(s->hkey, SSH_FPTYPE_DEFAULT); if (s->need_gss_transient_hostkey) { ppl_logevent("Post-GSS rekey provided fallback host key:"); - ppl_logevent("%s", s->fingerprint); + ppl_logevent("%s", fingerprint); ssh_transient_hostkey_cache_add(s->thc, s->hkey); s->need_gss_transient_hostkey = false; } else if (!ssh_transient_hostkey_cache_verify(s->thc, s->hkey)) { ppl_logevent("Non-GSS rekey after initial GSS kex " "used host key:"); - ppl_logevent("%s", s->fingerprint); + ppl_logevent("%s", fingerprint); + sfree(fingerprint); ssh_sw_abort(s->ppl.ssh, "Server's host key did not match any " "used in previous GSS kex"); *aborted = true; return; } - sfree(s->fingerprint); - s->fingerprint = NULL; + sfree(fingerprint); } } else #endif /* NO_GSSAPI */ @@ -843,12 +843,12 @@ void ssh2kex_coroutine(struct ssh2_transport_state *s, bool *aborted) * Authenticate remote host: verify host key. (We've already * checked the signature of the exchange hash.) */ - s->fingerprint = ssh2_fingerprint(s->hkey, SSH_FPTYPE_DEFAULT); + char *fingerprint = ssh2_fingerprint(s->hkey, SSH_FPTYPE_DEFAULT); ppl_logevent("Host key fingerprint is:"); - ppl_logevent("%s", s->fingerprint); + ppl_logevent("%s", fingerprint); /* First check against manually configured host keys. */ s->dlgret = verify_ssh_manual_host_key( - s->conf, s->fingerprint, s->hkey); + s->conf, fingerprint, s->hkey); if (s->dlgret == 0) { /* did not match */ ssh_sw_abort(s->ppl.ssh, "Host key did not appear in manually " "configured list"); @@ -857,8 +857,9 @@ void ssh2kex_coroutine(struct ssh2_transport_state *s, bool *aborted) } else if (s->dlgret < 0) { /* none configured; use standard handling */ s->dlgret = seat_verify_ssh_host_key( s->ppl.seat, s->savedhost, s->savedport, - ssh_key_cache_id(s->hkey), s->keystr, s->fingerprint, + ssh_key_cache_id(s->hkey), s->keystr, fingerprint, ssh2_transport_dialog_callback, s); + sfree(fingerprint); #ifdef FUZZING s->dlgret = 1; #endif @@ -870,8 +871,6 @@ void ssh2kex_coroutine(struct ssh2_transport_state *s, bool *aborted) return; } } - sfree(s->fingerprint); - s->fingerprint = NULL; /* * Save this host key, to check against the one presented in * subsequent rekeys. @@ -882,11 +881,11 @@ void ssh2kex_coroutine(struct ssh2_transport_state *s, bool *aborted) assert(s->hkey); assert(ssh_key_alg(s->hkey) == s->cross_certifying); - s->fingerprint = ssh2_fingerprint(s->hkey, SSH_FPTYPE_DEFAULT); + char *fingerprint = ssh2_fingerprint(s->hkey, SSH_FPTYPE_DEFAULT); ppl_logevent("Storing additional host key for this host:"); - ppl_logevent("%s", s->fingerprint); - sfree(s->fingerprint); - s->fingerprint = NULL; + ppl_logevent("%s", fingerprint); + sfree(fingerprint); + store_host_key(s->savedhost, s->savedport, ssh_key_cache_id(s->hkey), s->keystr); /* diff --git a/ssh2transport.c b/ssh2transport.c index 64eb8469..4e1b443d 100644 --- a/ssh2transport.c +++ b/ssh2transport.c @@ -216,7 +216,6 @@ static void ssh2_transport_free(PacketProtocolLayer *ppl) sfree(s->keystr); sfree(s->hostkey_str); strbuf_free(s->hostkeyblob); - sfree(s->fingerprint); if (s->hkey && !s->hostkeys) { ssh_key_free(s->hkey); s->hkey = NULL; diff --git a/ssh2transport.h b/ssh2transport.h index 7321bb29..349c06f0 100644 --- a/ssh2transport.h +++ b/ssh2transport.h @@ -174,7 +174,7 @@ struct ssh2_transport_state { transport_direction in, out, *cstrans, *sctrans; ptrlen hostkeydata, sigdata; strbuf *hostkeyblob; - char *keystr, *fingerprint; + char *keystr; ssh_key *hkey; /* actual host key */ unsigned hkflags; /* signing flags, used in server */ RSAKey *rsa_kex_key; /* for RSA kex */