- markus@cvs.openbsd.org 2001/06/06 23:13:54

     [ssh-dss.c ssh-rsa.c]
     cleanup, remove old code

diff --git a/ChangeLog b/ChangeLog
index 34dc143502d6d938606da88641a6e9e4e9ca4b4c..da3c1b264c1ae5e9f84931499373b8586f5a7c29 100644 (file)
--- a/ChangeLog
+++ b/ChangeLog
@@ -56,6 +56,9 @@
    - markus@cvs.openbsd.org 2001/06/05 16:46:19
      [session.c]
      let session_close() delete the pty.  deny x11fwd if xauthfile is set.
+   - markus@cvs.openbsd.org 2001/06/06 23:13:54
+     [ssh-dss.c ssh-rsa.c]
+     cleanup, remove old code
 
 20010606
  - OpenBSD CVS Sync

diff --git a/ssh-dss.c b/ssh-dss.c
index adc8f983e0927085aeb116a6bf8b8a02122c0844..5cf0076672bc832fc243b2c584d81919e0a84844 100644 (file)
--- a/ssh-dss.c
+++ b/ssh-dss.c
@@ -23,7 +23,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: ssh-dss.c,v 1.6 2001/02/08 19:30:52 itojun Exp $");
+RCSID("$OpenBSD: ssh-dss.c,v 1.7 2001/06/06 23:13:54 markus Exp $");
 
 #include <openssl/bn.h>
 #include <openssl/evp.h>
@@ -45,15 +45,11 @@ ssh_dss_sign(
     u_char **sigp, int *lenp,
     u_char *data, int datalen)
 {
-       u_char *digest;
-       u_char *ret;
        DSA_SIG *sig;
        EVP_MD *evp_md = EVP_sha1();
        EVP_MD_CTX md;
-       u_int rlen;
-       u_int slen;
-       u_int len, dlen;
-       u_char sigblob[SIGBLOB_LEN];
+       u_char *digest, *ret, sigblob[SIGBLOB_LEN];
+       u_int rlen, slen, len, dlen;
        Buffer b;
 
        if (key == NULL || key->type != KEY_DSA || key->dsa == NULL) {
@@ -67,11 +63,13 @@ ssh_dss_sign(
        EVP_DigestFinal(&md, digest, NULL);
 
        sig = DSA_do_sign(digest, dlen, key->dsa);
-       if (sig == NULL) {
-               fatal("ssh_dss_sign: cannot sign");
-       }
+
        memset(digest, 0, dlen);
        xfree(digest);
+       if (sig == NULL) {
+               error("ssh_dss_sign: sign failed");
+               return -1;
+       }
 
        rlen = BN_num_bytes(sig->r);
        slen = BN_num_bytes(sig->s);
@@ -80,15 +78,12 @@ ssh_dss_sign(
                DSA_SIG_free(sig);
                return -1;
        }
-       debug("sig size %d %d", rlen, slen);
-
        memset(sigblob, 0, SIGBLOB_LEN);
        BN_bn2bin(sig->r, sigblob+ SIGBLOB_LEN - INTBLOB_LEN - rlen);
        BN_bn2bin(sig->s, sigblob+ SIGBLOB_LEN - slen);
        DSA_SIG_free(sig);
 
        if (datafellows & SSH_BUG_SIGBLOB) {
-               debug("datafellows");
                ret = xmalloc(SIGBLOB_LEN);
                memcpy(ret, sigblob, SIGBLOB_LEN);
                if (lenp != NULL)
@@ -117,34 +112,19 @@ ssh_dss_verify(
     u_char *signature, int signaturelen,
     u_char *data, int datalen)
 {
-       Buffer b;
-       u_char *digest;
        DSA_SIG *sig;
        EVP_MD *evp_md = EVP_sha1();
        EVP_MD_CTX md;
-       u_char *sigblob;
-       char *txt;
+       u_char *digest, *sigblob;
        u_int len, dlen;
-       int rlen;
-       int ret;
+       int rlen, ret;
+       Buffer b;
 
        if (key == NULL || key->type != KEY_DSA || key->dsa == NULL) {
                error("ssh_dss_verify: no DSA key");
                return -1;
        }
 
-       if (!(datafellows & SSH_BUG_SIGBLOB) &&
-           signaturelen == SIGBLOB_LEN) {
-               datafellows |= ~SSH_BUG_SIGBLOB;
-               log("autodetect SSH_BUG_SIGBLOB");
-       } else if ((datafellows & SSH_BUG_SIGBLOB) &&
-           signaturelen != SIGBLOB_LEN) {
-               log("autoremove SSH_BUG_SIGBLOB");
-               datafellows &= ~SSH_BUG_SIGBLOB;
-       }
-
-       debug("len %d datafellows %d", signaturelen, datafellows);
-
        /* fetch signature */
        if (datafellows & SSH_BUG_SIGBLOB) {
                sigblob = signature;
@@ -200,18 +180,7 @@ ssh_dss_verify(
        xfree(digest);
        DSA_SIG_free(sig);
 
-       switch (ret) {
-       case 1:
-               txt = "correct";
-               break;
-       case 0:
-               txt = "incorrect";
-               break;
-       case -1:
-       default:
-               txt = "error";
-               break;
-       }
-       debug("ssh_dss_verify: signature %s", txt);
+       debug("ssh_dss_verify: signature %s",
+           ret == 1 ? "correct" : ret == 0 ? "incorrect" : "error");
        return ret;
 }

diff --git a/ssh-rsa.c b/ssh-rsa.c
index b502ddb6e0dcf8e2476222da78e5e7f71efde60c..a4ab3c51680eca03c842c84ca97bc43500620fff 100644 (file)
--- a/ssh-rsa.c
+++ b/ssh-rsa.c
@@ -23,7 +23,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: ssh-rsa.c,v 1.8 2001/03/27 10:57:00 markus Exp $");
+RCSID("$OpenBSD: ssh-rsa.c,v 1.9 2001/06/06 23:13:54 markus Exp $");
 
 #include <openssl/evp.h>
 #include <openssl/err.h>
@@ -103,7 +103,6 @@ ssh_rsa_sign(
                *lenp = len;
        if (sigp != NULL)
                *sigp = ret;
-       debug2("ssh_rsa_sign: done");
        return 0;
 }