X-Git-Url: https://git.distorted.org.uk/~mdw/sgt/putty/blobdiff_plain/e8fa8f62da443bfc89c416d3eeafcde69c8c6403..bf02e82ebf5cdbe3eee6b64f6a12b2a55d26fc58:/ssh.c

diff --git a/ssh.c b/ssh.c
index 1b2e7e12..a968e60e 100644
--- a/ssh.c
+++ b/ssh.c
@@ -1719,8 +1719,8 @@ static void ssh_detect_bugs(Ssh ssh, char *vstring)
 
     ssh->remote_bugs = 0;
 
-    if (ssh->cfg.sshbug_ignore1 == BUG_ON ||
-	(ssh->cfg.sshbug_ignore1 == BUG_AUTO &&
+    if (ssh->cfg.sshbug_ignore1 == FORCE_ON ||
+	(ssh->cfg.sshbug_ignore1 == AUTO &&
 	 (!strcmp(imp, "1.2.18") || !strcmp(imp, "1.2.19") ||
 	  !strcmp(imp, "1.2.20") || !strcmp(imp, "1.2.21") ||
 	  !strcmp(imp, "1.2.22") || !strcmp(imp, "Cisco-1.25")))) {
@@ -1733,8 +1733,8 @@ static void ssh_detect_bugs(Ssh ssh, char *vstring)
 	logevent("We believe remote version has SSH1 ignore bug");
     }
 
-    if (ssh->cfg.sshbug_plainpw1 == BUG_ON ||
-	(ssh->cfg.sshbug_plainpw1 == BUG_AUTO &&
+    if (ssh->cfg.sshbug_plainpw1 == FORCE_ON ||
+	(ssh->cfg.sshbug_plainpw1 == AUTO &&
 	 (!strcmp(imp, "Cisco-1.25")))) {
 	/*
 	 * These versions need a plain password sent; they can't
@@ -1745,8 +1745,8 @@ static void ssh_detect_bugs(Ssh ssh, char *vstring)
 	logevent("We believe remote version needs a plain SSH1 password");
     }
 
-    if (ssh->cfg.sshbug_rsa1 == BUG_ON ||
-	(ssh->cfg.sshbug_rsa1 == BUG_AUTO &&
+    if (ssh->cfg.sshbug_rsa1 == FORCE_ON ||
+	(ssh->cfg.sshbug_rsa1 == AUTO &&
 	 (!strcmp(imp, "Cisco-1.25")))) {
 	/*
 	 * These versions apparently have no clue whatever about
@@ -1757,8 +1757,8 @@ static void ssh_detect_bugs(Ssh ssh, char *vstring)
 	logevent("We believe remote version can't handle RSA authentication");
     }
 
-    if (ssh->cfg.sshbug_hmac2 == BUG_ON ||
-	(ssh->cfg.sshbug_hmac2 == BUG_AUTO &&
+    if (ssh->cfg.sshbug_hmac2 == FORCE_ON ||
+	(ssh->cfg.sshbug_hmac2 == AUTO &&
 	 (wc_match("2.1.0*", imp) || wc_match("2.0.*", imp) ||
 	  wc_match("2.2.0*", imp) || wc_match("2.3.0*", imp) ||
 	  wc_match("2.1 *", imp)))) {
@@ -1769,8 +1769,8 @@ static void ssh_detect_bugs(Ssh ssh, char *vstring)
 	logevent("We believe remote version has SSH2 HMAC bug");
     }
 
-    if (ssh->cfg.sshbug_derivekey2 == BUG_ON ||
-	(ssh->cfg.sshbug_derivekey2 == BUG_AUTO &&
+    if (ssh->cfg.sshbug_derivekey2 == FORCE_ON ||
+	(ssh->cfg.sshbug_derivekey2 == AUTO &&
 	 (wc_match("2.0.0*", imp) || wc_match("2.0.1[01]*", imp) ))) {
 	/*
 	 * These versions have the key-derivation bug (failing to
@@ -1781,8 +1781,8 @@ static void ssh_detect_bugs(Ssh ssh, char *vstring)
 	logevent("We believe remote version has SSH2 key-derivation bug");
     }
 
-    if (ssh->cfg.sshbug_rsapad2 == BUG_ON ||
-	(ssh->cfg.sshbug_rsapad2 == BUG_AUTO &&
+    if (ssh->cfg.sshbug_rsapad2 == FORCE_ON ||
+	(ssh->cfg.sshbug_rsapad2 == AUTO &&
 	 (wc_match("OpenSSH_2.[5-9]*", imp) ||
 	  wc_match("OpenSSH_3.[0-2]*", imp)))) {
 	/*
@@ -1792,7 +1792,7 @@ static void ssh_detect_bugs(Ssh ssh, char *vstring)
 	logevent("We believe remote version has SSH2 RSA padding bug");
     }
 
-    if (ssh->cfg.sshbug_dhgex2 == BUG_ON) {
+    if (ssh->cfg.sshbug_dhgex2 == FORCE_ON) {
 	/*
 	 * User specified the SSH2 DH GEX bug.
 	 */
@@ -4031,6 +4031,7 @@ static int do_ssh2_transport(Ssh ssh, unsigned char *in, int inlen, int ispkt)
     SHA_Final(&ssh->exhash, s->exchange_hash);
 
     dh_cleanup(ssh->kex_ctx);
+    ssh->kex_ctx = NULL;
 
 #if 0
     debug(("Exchange hash is:\n"));
@@ -5902,6 +5903,7 @@ static char *ssh_init(void *frontend_handle, void **backend_handle,
     ssh->sccomp = NULL;
     ssh->sc_comp_ctx = NULL;
     ssh->kex = NULL;
+    ssh->kex_ctx = NULL;
     ssh->hostkey = NULL;
     ssh->exitcode = -1;
     ssh->state = SSH_STATE_PREPACKET;
@@ -5948,6 +5950,9 @@ static char *ssh_init(void *frontend_handle, void **backend_handle,
     ssh->term_width = ssh->cfg.width;
     ssh->term_height = ssh->cfg.height;
 
+    ssh->channels = NULL;
+    ssh->rportfwds = NULL;
+
     ssh->send_ok = 0;
     ssh->editing = 0;
     ssh->echoing = 0;
@@ -5964,6 +5969,65 @@ static char *ssh_init(void *frontend_handle, void **backend_handle,
     return NULL;
 }
 
+static void ssh_free(void *handle)
+{
+    Ssh ssh = (Ssh) handle;
+    struct ssh_channel *c;
+    struct ssh_rportfwd *pf;
+
+    if (ssh->v1_cipher_ctx)
+	ssh->cipher->free_context(ssh->v1_cipher_ctx);
+    if (ssh->cs_cipher_ctx)
+	ssh->cscipher->free_context(ssh->cs_cipher_ctx);
+    if (ssh->sc_cipher_ctx)
+	ssh->sccipher->free_context(ssh->sc_cipher_ctx);
+    if (ssh->cs_mac_ctx)
+	ssh->csmac->free_context(ssh->cs_mac_ctx);
+    if (ssh->sc_mac_ctx)
+	ssh->scmac->free_context(ssh->sc_mac_ctx);
+    if (ssh->cs_comp_ctx)
+	ssh->cscomp->compress_cleanup(ssh->cs_comp_ctx);
+    if (ssh->sc_comp_ctx)
+	ssh->sccomp->compress_cleanup(ssh->sc_comp_ctx);
+    if (ssh->kex_ctx)
+	dh_cleanup(ssh->kex_ctx);
+    sfree(ssh->savedhost);
+
+    if (ssh->channels) {
+	while ((c = delpos234(ssh->channels, 0)) != NULL) {
+	    switch (c->type) {
+	      case CHAN_X11:
+		if (c->u.x11.s != NULL)
+		    x11_close(c->u.x11.s);
+		break;
+	      case CHAN_SOCKDATA:
+		if (c->u.pfd.s != NULL)
+		    pfd_close(c->u.pfd.s);
+		break;
+	    }
+	    sfree(c);
+	}
+	freetree234(ssh->channels);
+    }
+
+    if (ssh->rportfwds) {
+	while ((pf = delpos234(ssh->rportfwds, 0)) != NULL)
+	    sfree(pf);
+	freetree234(ssh->rportfwds);
+    }
+    sfree(ssh->deferred_send_data);
+    if (ssh->x11auth)
+	x11_free_auth(ssh->x11auth);
+    sfree(ssh->do_ssh_init_state);
+    sfree(ssh->do_ssh1_login_state);
+    sfree(ssh->do_ssh2_transport_state);
+    sfree(ssh->do_ssh2_authconn_state);
+    
+    if (ssh->s)
+	sk_close(ssh->s);
+    sfree(ssh);
+}
+
 /*
  * Reconfigure the SSH backend.
  * 
@@ -6236,6 +6300,7 @@ extern int ssh_fallback_cmd(void *handle)
 
 Backend ssh_backend = {
     ssh_init,
+    ssh_free,
     ssh_reconfig,
     ssh_send,
     ssh_sendbuffer,