minimize diffs with Simon's patch

diff --git a/openssh/Makefile.in b/openssh/Makefile.in
index 4a6c1e51c08964896b59cbe87957733542bf89da..4d7f6e8c062a8c9c84a4fda6d2795bbe4c8a9968 100644 (file)
--- a/openssh/Makefile.in
+++ b/openssh/Makefile.in
@@ -85,7 +85,8 @@ SSHDOBJS=sshd.o auth-rhosts.o auth-passwd.o auth-rsa.o auth-rh-rsa.o \
        auth2-none.o auth2-passwd.o auth2-pubkey.o \
        monitor_mm.o monitor.o monitor_wrap.o kexdhs.o kexgexs.o \
        auth-krb5.o \
-       auth2-gss.o gss-serv.o gss-serv-krb5.o gss-serv-gsi.o kexgsss.o \
+       auth2-gss.o gss-serv.o gss-serv-krb5.o kexgsss.o\
+       gss-serv-gsi.o \
        loginrec.o auth-pam.o auth-shadow.o auth-sia.o md5crypt.o \
        audit.o audit-bsm.o
 

diff --git a/openssh/channels.c b/openssh/channels.c
index b7f36d0f52cb0b9419681142f7e60e9e6cae6995..eead4bd94f274ad177701b881b1ca1d5b9646c17 100644 (file)
--- a/openssh/channels.c
+++ b/openssh/channels.c
@@ -749,7 +749,7 @@ static void
 channel_pre_open(Channel *c, fd_set * readset, fd_set * writeset)
 {
        u_int limit = compat20 ? c->remote_window : packet_get_maxsize();
-       
+
        /* check buffer limits */
        limit = MIN(limit, (BUFFER_MAX_HPN_LEN - BUFFER_MAX_CHUNK - CHAN_RBUF));
 

diff --git a/openssh/gss-genr.c b/openssh/gss-genr.c
index 12ceb04e39fc174d56af5f55444f6899739f6ba1..9bc2a84a3bde3df18c573bf2b688f9e53caa5744 100644 (file)
--- a/openssh/gss-genr.c
+++ b/openssh/gss-genr.c
@@ -29,13 +29,8 @@
 #ifdef GSSAPI
 
 #include "xmalloc.h"
-#include "buffer.h"
 #include "bufaux.h"
-#include "compat.h"
-#include <openssl/evp.h>
-#include "kex.h"
 #include "log.h"
-#include "monitor_wrap.h"
 #include "canohost.h"
 #include "ssh2.h"
 #include <openssl/evp.h>
@@ -90,7 +85,7 @@ ssh_gssapi_kex_mechs(gss_OID_set gss_supported, ssh_gssapi_check_fn *check,
        size_t i;
        int oidpos, enclen;
        char *mechs, *encoded;
-       unsigned char digest[EVP_MAX_MD_SIZE];
+       u_char digest[EVP_MAX_MD_SIZE];
        char deroid[2];
        const EVP_MD *evp_md = EVP_md5();
        EVP_MD_CTX md;

diff --git a/openssh/kexgssc.c b/openssh/kexgssc.c
index f5a769c6432db4b7519547dde7f59adeaf251679..8793f401359e92ff8e9a50d7397aba6d2cc5b583 100644 (file)
--- a/openssh/kexgssc.c
+++ b/openssh/kexgssc.c
@@ -46,24 +46,20 @@ kexgss_client(Kex *kex) {
         gss_buffer_desc recv_tok, gssbuf, msg_tok, *token_ptr;
        Gssctxt *ctxt;
        OM_uint32 maj_status, min_status, ret_flags;
-       unsigned int klen, kout;
+       u_int klen, kout, slen = 0, hashlen, strlen;
        DH *dh; 
        BIGNUM *dh_server_pub = NULL;
        BIGNUM *shared_secret = NULL;
        BIGNUM *p = NULL;
        BIGNUM *g = NULL;       
-       unsigned char *kbuf;
-       unsigned char *hash;
-       unsigned int hashlen;
-       unsigned char *serverhostkey = NULL;
+       u_char *kbuf, *hash;
+       u_char *serverhostkey = NULL;
        char *msg;
        char *lang;
        int type = 0;
        int first = 1;
-       unsigned int slen = 0;
        int gex = 0;
-       int nbits = -1, min = -1, max = -1;
-       u_int strlen;
+       int nbits = 0, min = DH_GRP_MIN, max = DH_GRP_MAX;
 
        /* Initialise our GSSAPI world */       
        ssh_gssapi_build_ctx(&ctxt);
@@ -76,8 +72,6 @@ kexgss_client(Kex *kex) {
        if (gex) {
                debug("Doing group exchange\n");
                nbits = dh_estimate(kex->we_need * 8);
-               min = DH_GRP_MIN;
-               max = DH_GRP_MAX;
                packet_start(SSH2_MSG_KEXGSS_GROUPREQ);
                packet_put_int(min);
                packet_put_int(nbits);
@@ -274,7 +268,7 @@ kexgss_client(Kex *kex) {
         }
 
        gssbuf.value = hash;
-       gssbuf.length = 20;
+       gssbuf.length = hashlen;
 
         /* Verify that the hash matches the MIC we just got. */
        if (GSS_ERROR(ssh_gssapi_checkmic(ctxt, &gssbuf, &msg_tok)))
@@ -289,7 +283,7 @@ kexgss_client(Kex *kex) {
 
        /* save session id */
        if (kex->session_id == NULL) {
-               kex->session_id_len = 20;
+               kex->session_id_len = hashlen;
                kex->session_id = xmalloc(kex->session_id_len);
                memcpy(kex->session_id, hash, kex->session_id_len);
        }

diff --git a/openssh/kexgsss.c b/openssh/kexgsss.c
index a860409bdea8a6610f6a9bcd4374a9821d9f890e..4e93cb87b96a887c14cb279d6220b2949ff471fa 100644 (file)
--- a/openssh/kexgsss.c
+++ b/openssh/kexgsss.c
@@ -58,15 +58,14 @@ kexgss_server(Kex *kex)
        gss_buffer_desc gssbuf, recv_tok, msg_tok;
        gss_buffer_desc send_tok = GSS_C_EMPTY_BUFFER;
        Gssctxt *ctxt = NULL;
-       unsigned int klen, kout, hashlen;
-       unsigned char *kbuf, *hash;
+       u_int slen, klen, kout, hashlen;
+       u_char *kbuf, *hash;
        DH *dh;
        int min = -1, max = -1, nbits = -1;
        BIGNUM *shared_secret = NULL;
        BIGNUM *dh_client_pub = NULL;
        int type = 0;
        int gex;
-       u_int slen;
        gss_OID oid;
        
        /* Initialise GSSAPI */

diff --git a/openssh/readconf.c b/openssh/readconf.c
index 1585570d50d267804fe672d023c1c5f77a858d4d..2377bb15b5ebd8dbd206e3cc8d2dee22f665d1c6 100644 (file)
--- a/openssh/readconf.c
+++ b/openssh/readconf.c
@@ -108,7 +108,8 @@ typedef enum {
        oHostKeyAlgorithms, oBindAddress, oSmartcardDevice,
        oClearAllForwardings, oNoHostAuthenticationForLocalhost,
        oEnableSSHKeysign, oRekeyLimit, oVerifyHostKeyDNS, oConnectTimeout,
-       oAddressFamily, oGssAuthentication, oGssKeyEx, oGssDelegateCreds,
+       oAddressFamily, oGssAuthentication, oGssDelegateCreds,
+       oGssKeyEx,
        oGssTrustDns,
        oServerAliveInterval, oServerAliveCountMax, oIdentitiesOnly,
        oSendEnv, oControlPath, oControlMaster, oHashKnownHosts,