set SHELL in Makefile in case someone makes from a non bourne compatable shell

[openssh.git] / kexdh.c

diff --git a/kexdh.c b/kexdh.c
index f87d5295211dd7efad97de8a6e2cd2f5e5615f65..1e91e2550228134df0a7567149a8a4119e870f4e 100644 (file)
--- a/kexdh.c
+++ b/kexdh.c
@@ -23,7 +23,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: kexdh.c,v 1.14 2002/01/31 13:35:11 markus Exp $");
+RCSID("$OpenBSD: kexdh.c,v 1.18 2002/03/18 17:50:31 provos Exp $");
 
 #include <openssl/crypto.h>
 #include <openssl/bn.h>
@@ -37,6 +37,7 @@ RCSID("$OpenBSD: kexdh.c,v 1.14 2002/01/31 13:35:11 markus Exp $");
 #include "packet.h"
 #include "dh.h"
 #include "ssh2.h"
+#include "monitor_wrap.h"
 
 static u_char *
 kex_dh_hash(
@@ -51,7 +52,7 @@ kex_dh_hash(
 {
        Buffer b;
        static u_char digest[EVP_MAX_MD_SIZE];
-       EVP_MD *evp_md = EVP_sha1();
+       const EVP_MD *evp_md = EVP_sha1();
        EVP_MD_CTX md;
 
        buffer_init(&b);
@@ -201,7 +202,7 @@ kexdh_server(Kex *kex)
        Key *server_host_key;
        u_char *kbuf, *hash, *signature = NULL, *server_host_key_blob = NULL;
        u_int sbloblen, klen, kout;
-       int slen;
+       u_int slen;
 
        /* generate server DH public key */
        dh = dh_new_group1();
@@ -220,6 +221,7 @@ kexdh_server(Kex *kex)
        if ((dh_client_pub = BN_new()) == NULL)
                fatal("dh_client_pub == NULL");
        packet_get_bignum2(dh_client_pub);
+       packet_check_eom();
 
 #ifdef DEBUG_KEXDH
        fprintf(stderr, "dh_client_pub= ");
@@ -274,7 +276,7 @@ kexdh_server(Kex *kex)
 
        /* sign H */
        /* XXX hashlen depends on KEX */
-       key_sign(server_host_key, &signature, &slen, hash, 20);
+       PRIVSEP(key_sign(server_host_key, &signature, &slen, hash, 20));
 
        /* destroy_sensitive_data(); */