default initialisers for mp_ints

--HG--
extra : convert_revision : af69bacb50a31523e383e8f73844d04681f9e394

cli-kex.c

@@ -45,8 +45,8 @@ void send_msg_kexdh_init() {
 
 	cli_ses.dh_e = (mp_int*)m_malloc(sizeof(mp_int));
 	cli_ses.dh_x = (mp_int*)m_malloc(sizeof(mp_int));
-
 	m_mp_init_multi(cli_ses.dh_e, cli_ses.dh_x, NULL);
+
 	gen_kexdh_vals(cli_ses.dh_e, cli_ses.dh_x);
 
 	CHECKCLEARTOWRITE();
@@ -59,13 +59,18 @@ void send_msg_kexdh_init() {
 /* Handle a diffie-hellman key exchange reply. */
 void recv_msg_kexdh_reply() {
 
-	mp_int dh_f;
+	DEF_MP_INT(dh_f);
 	sign_key *hostkey = NULL;
 	unsigned int type, keybloblen;
 	unsigned char* keyblob = NULL;
 
 
 	TRACE(("enter recv_msg_kexdh_reply"));
+
+	if (cli_ses.kex_state != KEXDH_INIT_SENT) {
+		dropbear_exit("Received out-of-order kexdhreply");
+	}
+	m_mp_init(&dh_f);
 	type = ses.newkeys->algo_hostkey;
 	TRACE(("type is %d", type));
 
@@ -83,7 +88,6 @@ void recv_msg_kexdh_reply() {
 		dropbear_exit("Bad KEX packet");
 	}
 
-	m_mp_init(&dh_f);
 	if (buf_getmpint(ses.payload, &dh_f) != DROPBEAR_SUCCESS) {
 		TRACE(("failed getting mpint"));
 		dropbear_exit("Bad KEX packet");
@@ -91,6 +95,9 @@ void recv_msg_kexdh_reply() {
 
 	kexdh_comb_key(cli_ses.dh_e, cli_ses.dh_x, &dh_f, hostkey);
 	mp_clear(&dh_f);
+	mp_clear_multi(cli_ses.dh_e, cli_ses.dh_x, NULL);
+	m_free(cli_ses.dh_e);
+	m_free(cli_ses.dh_x);
 
 	if (buf_verify(ses.payload, hostkey, ses.hash, SHA1_HASH_SIZE) 
 			!= DROPBEAR_SUCCESS) {

common-kex.c

@@ -464,17 +464,18 @@ void recv_msg_kexinit() {
 
 /* Initialises and generate one side of the diffie-hellman key exchange values.
  * See the ietf-secsh-transport draft, section 6, for details */
-/* dh_pub and dh_priv will be initialised by this function, and should be
- * mp_clear()ed after finished */
+/* dh_pub and dh_priv MUST be already initialised */
 void gen_kexdh_vals(mp_int *dh_pub, mp_int *dh_priv) {
 
-	mp_int dh_p, dh_q, dh_g;
+	DEF_MP_INT(dh_p);
+	DEF_MP_INT(dh_q);
+	DEF_MP_INT(dh_g);
 	unsigned char randbuf[DH_P_LEN];
 	int dh_q_len;
 
 	TRACE(("enter send_msg_kexdh_reply"));
 	
-	m_mp_init_multi(&dh_g, &dh_p, &dh_q, dh_priv, dh_pub, NULL);
+	m_mp_init_multi(&dh_g, &dh_p, &dh_q, NULL);
 
 	/* read the prime and generator*/
 	if (mp_read_unsigned_bin(&dh_p, (unsigned char*)dh_p_val, DH_P_LEN)

dss.c

@@ -164,7 +164,10 @@ int buf_dss_verify(buffer* buf, dss_key *key, const unsigned char* data,
 	unsigned char msghash[SHA1_HASH_SIZE];
 	hash_state hs;
 	int ret = DROPBEAR_FAILURE;
-	mp_int val1, val2, val3, val4;
+	DEF_MP_INT(val1);
+	DEF_MP_INT(val2);
+	DEF_MP_INT(val3);
+	DEF_MP_INT(val4);
 	char * string = NULL;
 	int stringlen;
 
@@ -281,13 +284,16 @@ void buf_put_dss_sign(buffer* buf, dss_key *key, const unsigned char* data,
 	unsigned char privkeyhash[SHA512_HASH_SIZE];
 	unsigned char *privkeytmp;
 	unsigned char proto_k[SHA512_HASH_SIZE];
-	mp_int dss_protok;
+	DEF_MP_INT(dss_protok);
 #else
 	unsigned char kbuf[SHA1_HASH_SIZE];
 #endif
-	mp_int dss_k, dss_m;
-	mp_int dss_temp1, dss_temp2;
-	mp_int dss_r, dss_s;
+	DEF_MP_INT(dss_k);
+	DEF_MP_INT(dss_m);
+	DEF_MP_INT(dss_temp1);
+	DEF_MP_INT(dss_temp2);
+	DEF_MP_INT(dss_r);
+	DEF_MP_INT(dss_s);
 	hash_state hs;
 	
 	TRACE(("enter buf_put_dss_sign"));

gendss.c

@@ -89,7 +89,10 @@ static void getq(dss_key *key) {
 
 static void getp(dss_key *key, unsigned int size) {
 
-	mp_int tempX, tempC, tempP, temp2q;
+	DEF_MP_INT(tempX);
+	DEF_MP_INT(tempC);
+	DEF_MP_INT(tempP);
+	DEF_MP_INT(temp2q);
 	int result;
 	unsigned char *buf;
 
@@ -148,7 +151,9 @@ static void getp(dss_key *key, unsigned int size) {
 static void getg(dss_key * key) {
 
 	char printbuf[1000];
-	mp_int div, h, val;
+	DEF_MP_INT(div);
+	DEF_MP_INT(h);
+	DEF_MP_INT(val);
 
 	m_mp_init_multi(&div, &h, &val, NULL);
 
@@ -185,7 +190,7 @@ static void getg(dss_key * key) {
 
 static void getx(dss_key *key) {
 
-	mp_int val;
+	DEF_MP_INT(val);
 	char buf[QSIZE];
 	
 	m_mp_init(&val);

genrsa.c

@@ -40,7 +40,9 @@ static void getrsaprime(mp_int* prime, mp_int *primeminus,
 rsa_key * gen_rsa_priv_key(unsigned int size) {
 
 	rsa_key * key;
-	mp_int pminus, qminus, lcm;
+	DEF_MP_INT(pminus);
+	DEF_MP_INT(qminus);
+	DEF_MP_INT(lcm);
 
 	key = (rsa_key*)m_malloc(sizeof(rsa_key));
 
@@ -95,7 +97,7 @@ static void getrsaprime(mp_int* prime, mp_int *primeminus,
 		mp_int* rsa_e, unsigned int size) {
 
 	unsigned char *buf;
-	mp_int temp_gcd;
+	DEF_MP_INT(temp_gcd);
 
 	buf = (unsigned char*)m_malloc(size+1);
 

options.h

@@ -139,7 +139,7 @@ etc) slower (perhaps by 50%). Recommended for most small systems. */
 #define ENABLE_CLI_PUBKEY_AUTH
 
 /* Random device to use - you must specify _one only_.
- * DEV_RANDOM is recommended on hosts with a good /dev/urandom, otherwise use
+ * DEV_URANDOM is recommended on hosts with a good /dev/urandom, otherwise use
  * PRNGD and run prngd, specifying the socket. This device must be able to
  * produce a large amount of random data, so using /dev/random or Entropy
  * Gathering Daemon (egd) may result in halting, as it waits for more random

rsa.c

@@ -201,7 +201,8 @@ int buf_rsa_verify(buffer * buf, rsa_key *key, const unsigned char* data,
 		unsigned int len) {
 
 	unsigned int slen;
-	mp_int rsa_s, rsa_mdash;
+	DEF_MP_INT(rsa_s);
+	DEF_MP_INT(rsa_mdash);
 	mp_int *rsa_em = NULL;
 	int ret = DROPBEAR_FAILURE;
 
@@ -262,7 +263,7 @@ void buf_put_rsa_sign(buffer* buf, rsa_key *key, const unsigned char* data,
 
 	unsigned int nsize, ssize;
 	unsigned int i;
-	mp_int rsa_s;
+	DEF_MP_INT(rsa_s);
 	mp_int *rsa_em = NULL;
 	
 	TRACE(("enter buf_put_rsa_sign"));

svr-kex.c

@@ -44,7 +44,7 @@ static void send_msg_kexdh_reply(mp_int *dh_e);
  * that function, then brings the new keys into use */
 void recv_msg_kexdh_init() {
 
-	mp_int dh_e;
+	DEF_MP_INT(dh_e);
 
 	TRACE(("enter recv_msg_kexdh_init"));
 	if (!ses.kexstate.recvkexinit) {
@@ -71,9 +71,11 @@ void recv_msg_kexdh_init() {
  * See the ietf-secsh-transport draft, section 6, for details */
 static void send_msg_kexdh_reply(mp_int *dh_e) {
 
-	mp_int dh_y, dh_f;
+	DEF_MP_INT(dh_y);
+	DEF_MP_INT(dh_f);
 
 	TRACE(("enter send_msg_kexdh_reply"));
+	m_mp_init_multi(&dh_y, &dh_f, NULL);
 	
 	gen_kexdh_vals(&dh_f, &dh_y);