From 94021dcdb5bfb3d06104dafaad60c86176bd9631 Mon Sep 17 00:00:00 2001
From: Andreas Schneider <mail@cynapses.org>
Date: Thu, 16 Apr 2009 14:10:41 +0000
Subject: Add error checks to ssh_crypto_init().

git-svn-id: svn+ssh://svn.berlios.de/svnroot/repos/libssh/trunk@493 7dcaeef0-15fb-0310-b436-a5af3365683c
---
 include/libssh/priv.h |  3 +--
 libssh/client.c       |  5 ++++-
 libssh/dh.c           | 56 ++++++++++++++++++++++++++++++++++-----------------
 3 files changed, 43 insertions(+), 21 deletions(-)

diff --git a/include/libssh/priv.h b/include/libssh/priv.h
index 50b82f63..68fe69b5 100644
--- a/include/libssh/priv.h
+++ b/include/libssh/priv.h
@@ -520,8 +520,7 @@ void dh_generate_x(SSH_SESSION *session);
 void dh_generate_y(SSH_SESSION *session);
 void dh_generate_f(SSH_SESSION *session);
 
-/* FIXME: replace me with a thread safe function */
-void ssh_crypto_init(void);
+int ssh_crypto_init(void);
 void ssh_crypto_finalize(void);
 
 STRING *dh_get_e(SSH_SESSION *session);
diff --git a/libssh/client.c b/libssh/client.c
index 09f522ae..15e67da9 100644
--- a/libssh/client.c
+++ b/libssh/client.c
@@ -449,7 +449,10 @@ int ssh_connect(SSH_SESSION *session) {
   session->alive = 0;
   session->client = 1;
 
-  ssh_crypto_init();
+  if (ssh_crypto_init() < 0) {
+    leave_function();
+    return SSH_ERROR;
+  }
   ssh_socket_init();
 
   if (options->fd == -1 && options->host == NULL) {
diff --git a/libssh/dh.c b/libssh/dh.c
index 1d825b2e..b77aff92 100644
--- a/libssh/dh.c
+++ b/libssh/dh.c
@@ -95,28 +95,48 @@ int ssh_get_random(void *where, int len, int strong){
 }
 
 
-/* it inits the values g and p which are used for DH key agreement */
-void ssh_crypto_init(void){
-    if(ssh_crypto_inited == 0){
+/*
+ * This inits the values g and p which are used for DH key agreement
+ * FIXME: Make the function thread safe by adding a semaphore or mutex.
+ */
+int ssh_crypto_init(void) {
+  if (ssh_crypto_inited == 0) {
 #ifdef HAVE_LIBGCRYPT
-        gcry_check_version(NULL);
-	if (!gcry_control(GCRYCTL_INITIALIZATION_FINISHED_P,0))
-	{
-	  gcry_control(GCRYCTL_INIT_SECMEM, 4096);
-	  gcry_control(GCRYCTL_INITIALIZATION_FINISHED,0);
-	}
-#endif
-        g=bignum_new();
-        bignum_set_word(g,g_int);
+    gcry_check_version(NULL);
+
+    if (!gcry_control(GCRYCTL_INITIALIZATION_FINISHED_P,0)) {
+      gcry_control(GCRYCTL_INIT_SECMEM, 4096);
+      gcry_control(GCRYCTL_INITIALIZATION_FINISHED,0);
+    }
+#endif
+
+    g = bignum_new();
+    if (g == NULL) {
+      return -1;
+    }
+    bignum_set_word(g,g_int);
+
 #ifdef HAVE_LIBGCRYPT
-        bignum_bin2bn(p_value,P_LEN,&p);
+    bignum_bin2bn(p_value, P_LEN, &p);
+    if (p == NULL) {
+      bignum_free(g);
+      g = NULL;
+      return -1;
+    }
 #elif defined HAVE_LIBCRYPTO
-        p=bignum_new();
-        bignum_bin2bn(p_value,P_LEN,p);
-        OpenSSL_add_all_algorithms();
-#endif
-        ssh_crypto_inited++;
+    p = bignum_new();
+    if (p == NULL) {
+      bignum_free(g);
+      g = NULL;
+      return -1;
     }
+    bignum_bin2bn(p_value, P_LEN, p);
+    OpenSSL_add_all_algorithms();
+#endif
+    ssh_crypto_inited++;
+  }
+
+  return 0;
 }
 
 void ssh_crypto_finalize(void){
-- 
cgit