- (tim) [kex.c myproposal.h md-sha256.c openbsd-compat/sha2.c,h] Disable

[openssh.git] / sshconnect1.c

diff --git a/sshconnect1.c b/sshconnect1.c
index c579b01cc39562ce17641dfe999658fc52123469..440d7c5bdb07ce0804f266befe7fcc438a6f2e95 100644 (file)
--- a/sshconnect1.c
+++ b/sshconnect1.c
@@ -13,7 +13,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: sshconnect1.c,v 1.57 2004/05/08 00:21:31 djm Exp $");
+RCSID("$OpenBSD: sshconnect1.c,v 1.62 2005/10/30 08:52:18 djm Exp $");
 
 #include <openssl/bn.h>
 #include <openssl/md5.h>
@@ -24,7 +24,7 @@ RCSID("$OpenBSD: sshconnect1.c,v 1.57 2004/05/08 00:21:31 djm Exp $");
 #include "rsa.h"
 #include "buffer.h"
 #include "packet.h"
-#include "mpaux.h"
+#include "kex.h"
 #include "uidswap.h"
 #include "log.h"
 #include "readconf.h"
@@ -84,7 +84,7 @@ try_agent_authentication(void)
                /* Wait for server's response. */
                type = packet_read();
 
-               /* The server sends failure if it doesn\'t like our key or
+               /* The server sends failure if it doesn't like our key or
                   does not support RSA authentication. */
                if (type == SSH_SMSG_FAILURE) {
                        debug("Server refused our key.");
@@ -162,7 +162,7 @@ respond_to_rsa_challenge(BIGNUM * challenge, RSA * prv)
        /* Compute the response. */
        /* The response is MD5 of decrypted challenge plus session id. */
        len = BN_num_bytes(challenge);
-       if (len <= 0 || len > sizeof(buf))
+       if (len <= 0 || (u_int)len > sizeof(buf))
                packet_disconnect(
                    "respond_to_rsa_challenge: bad challenge length %d", len);
 
@@ -215,8 +215,8 @@ try_rsa_authentication(int idx)
        type = packet_read();
 
        /*
-        * The server responds with failure if it doesn\'t like our key or
-        * doesn\'t support RSA authentication.
+        * The server responds with failure if it doesn't like our key or
+        * doesn't support RSA authentication.
         */
        if (type == SSH_SMSG_FAILURE) {
                debug("Server refused our key.");
@@ -476,7 +476,7 @@ ssh_kex(char *host, struct sockaddr *hostaddr)
        u_char cookie[8];
        u_int supported_ciphers;
        u_int server_flags, client_flags;
-       u_int32_t rand = 0;
+       u_int32_t rnd = 0;
 
        debug("Waiting for server public key.");
 
@@ -528,7 +528,7 @@ ssh_kex(char *host, struct sockaddr *hostaddr)
 
        client_flags = SSH_PROTOFLAG_SCREEN_NUMBER | SSH_PROTOFLAG_HOST_IN_FWD_OPEN;
 
-       compute_session_id(session_id, cookie, host_key->rsa->n, server_key->rsa->n);
+       derive_ssh1_session_id(host_key->rsa->n, server_key->rsa->n, cookie, session_id);
 
        /* Generate a session key. */
        arc4random_stir();
@@ -540,9 +540,9 @@ ssh_kex(char *host, struct sockaddr *hostaddr)
         */
        for (i = 0; i < 32; i++) {
                if (i % 4 == 0)
-                       rand = arc4random();
-               session_key[i] = rand & 0xff;
-               rand >>= 8;
+                       rnd = arc4random();
+               session_key[i] = rnd & 0xff;
+               rnd >>= 8;
        }
 
        /*
@@ -598,7 +598,7 @@ ssh_kex(char *host, struct sockaddr *hostaddr)
        if (options.cipher == SSH_CIPHER_NOT_SET) {
                if (cipher_mask_ssh1(1) & supported_ciphers & (1 << ssh_cipher_default))
                        options.cipher = ssh_cipher_default;
-       } else if (options.cipher == SSH_CIPHER_ILLEGAL ||
+       } else if (options.cipher == SSH_CIPHER_INVALID ||
            !(cipher_mask_ssh1(1) & (1 << options.cipher))) {
                logit("No valid SSH1 cipher, using %.100s instead.",
                    cipher_name(ssh_cipher_default));