From ca75d7de569b0fcf28c35bca490048fd7c3fa72c Mon Sep 17 00:00:00 2001
From: dtucker <dtucker>
Date: Tue, 22 Jun 2004 02:56:01 +0000
Subject: [PATCH]    - avsm@cvs.openbsd.org 2004/06/21 17:36:31     
 [auth-rsa.c auth2-gss.c auth2-pubkey.c authfile.c canohost.c channels.c     
 cipher.c dns.c kex.c monitor.c monitor_fdpass.c monitor_wrap.c     
 monitor_wrap.h nchan.c packet.c progressmeter.c scp.c sftp-server.c sftp.c   
   ssh-gss.h ssh-keygen.c ssh.c sshconnect.c sshconnect1.c sshlogin.c     
 sshpty.c]      make ssh -Wshadow clean, no functional changes      markus@ ok

There are also some portable-specific -Wshadow warnings to be fixed in
monitor.c and montior_wrap.c.
---
 ChangeLog        |   8 ++++
 auth-rsa.c       |  10 ++---
 auth2-gss.c      |  12 +++---
 auth2-pubkey.c   |   8 ++--
 authfile.c       |  10 ++---
 canohost.c       |  30 ++++++-------
 channels.c       |  10 ++---
 cipher.c         |  18 ++++----
 dns.c            |   8 ++--
 kex.c            |  10 ++---
 monitor.c        | 110 +++++++++++++++++++++++------------------------
 monitor_fdpass.c |  10 ++---
 monitor_wrap.c   |  28 ++++++------
 monitor_wrap.h   |   8 ++--
 nchan.c          |   6 +--
 packet.c         |  34 +++++++--------
 progressmeter.c  |   6 +--
 scp.c            |  10 ++---
 sftp-server.c    |  18 ++++----
 sftp.c           |   8 ++--
 ssh-gss.h        |  40 ++++++++---------
 ssh-keygen.c     |  10 ++---
 ssh.c            |  10 ++---
 sshconnect.c     |  12 +++---
 sshconnect1.c    |  10 ++---
 sshlogin.c       |  10 ++---
 sshpty.c         |  40 ++++++++---------
 27 files changed, 251 insertions(+), 243 deletions(-)

diff --git a/ChangeLog b/ChangeLog
index 6967285a..466edc4d 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -10,6 +10,14 @@
    - djm@cvs.openbsd.org 2004/06/20 19:28:12
      [sftp.1]
      mention new -n flag
+   - avsm@cvs.openbsd.org 2004/06/21 17:36:31
+     [auth-rsa.c auth2-gss.c auth2-pubkey.c authfile.c canohost.c channels.c
+     cipher.c dns.c kex.c monitor.c monitor_fdpass.c monitor_wrap.c
+     monitor_wrap.h nchan.c packet.c progressmeter.c scp.c sftp-server.c sftp.c
+     ssh-gss.h ssh-keygen.c ssh.c sshconnect.c sshconnect1.c sshlogin.c
+     sshpty.c]
+     make ssh -Wshadow clean, no functional changes
+     markus@ ok
 
 20040620
  - (tim) [configure.ac Makefile.in] Only change TEST_SHELL on broken platforms.
diff --git a/auth-rsa.c b/auth-rsa.c
index 8a02b8a8..16369d47 100644
--- a/auth-rsa.c
+++ b/auth-rsa.c
@@ -14,7 +14,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: auth-rsa.c,v 1.59 2004/05/09 01:19:27 djm Exp $");
+RCSID("$OpenBSD: auth-rsa.c,v 1.60 2004/06/21 17:36:31 avsm Exp $");
 
 #include <openssl/rsa.h>
 #include <openssl/md5.h>
@@ -203,7 +203,7 @@ auth_rsa_key_allowed(struct passwd *pw, BIGNUM *client_n, Key **rkey)
 	 */
 	while (fgets(line, sizeof(line), f)) {
 		char *cp;
-		char *options;
+		char *key_options;
 
 		linenum++;
 
@@ -221,7 +221,7 @@ auth_rsa_key_allowed(struct passwd *pw, BIGNUM *client_n, Key **rkey)
 		 */
 		if (*cp < '0' || *cp > '9') {
 			int quoted = 0;
-			options = cp;
+			key_options = cp;
 			for (; *cp && (quoted || (*cp != ' ' && *cp != '\t')); cp++) {
 				if (*cp == '\\' && cp[1] == '"')
 					cp++;	/* Skip both */
@@ -229,7 +229,7 @@ auth_rsa_key_allowed(struct passwd *pw, BIGNUM *client_n, Key **rkey)
 					quoted = !quoted;
 			}
 		} else
-			options = NULL;
+			key_options = NULL;
 
 		/* Parse the key from the line. */
 		if (hostfile_read_key(&cp, &bits, key) == 0) {
@@ -254,7 +254,7 @@ auth_rsa_key_allowed(struct passwd *pw, BIGNUM *client_n, Key **rkey)
 		 * If our options do not allow this key to be used,
 		 * do not send challenge.
 		 */
-		if (!auth_parse_options(pw, options, file, linenum))
+		if (!auth_parse_options(pw, key_options, file, linenum))
 			continue;
 
 		/* break out, this key is allowed */
diff --git a/auth2-gss.c b/auth2-gss.c
index 9249988d..3289ba18 100644
--- a/auth2-gss.c
+++ b/auth2-gss.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: auth2-gss.c,v 1.7 2003/11/21 11:57:03 djm Exp $	*/
+/*	$OpenBSD: auth2-gss.c,v 1.8 2004/06/21 17:36:31 avsm Exp $	*/
 
 /*
  * Copyright (c) 2001-2003 Simon Wilkinson. All rights reserved.
@@ -54,7 +54,7 @@ static void input_gssapi_errtok(int, u_int32_t, void *);
 static int
 userauth_gssapi(Authctxt *authctxt)
 {
-	gss_OID_desc oid = {0, NULL};
+	gss_OID_desc goid = {0, NULL};
 	Gssctxt *ctxt = NULL;
 	int mechs;
 	gss_OID_set supported;
@@ -85,9 +85,9 @@ userauth_gssapi(Authctxt *authctxt)
 		if (len > 2 &&
 		   doid[0] == SSH_GSS_OIDTYPE &&
 		   doid[1] == len - 2) {
-			oid.elements = doid + 2;
-			oid.length   = len - 2;
-			gss_test_oid_set_member(&ms, &oid, supported,
+			goid.elements = doid + 2;
+			goid.length   = len - 2;
+			gss_test_oid_set_member(&ms, &goid, supported,
 			    &present);
 		} else {
 			logit("Badly formed OID received");
@@ -101,7 +101,7 @@ userauth_gssapi(Authctxt *authctxt)
 		return (0);
 	}
 
-	if (GSS_ERROR(PRIVSEP(ssh_gssapi_server_ctx(&ctxt, &oid)))) {
+	if (GSS_ERROR(PRIVSEP(ssh_gssapi_server_ctx(&ctxt, &goid)))) {
 		xfree(doid);
 		return (0);
 	}
diff --git a/auth2-pubkey.c b/auth2-pubkey.c
index 3063eecc..9898d4a6 100644
--- a/auth2-pubkey.c
+++ b/auth2-pubkey.c
@@ -23,7 +23,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: auth2-pubkey.c,v 1.6 2004/01/19 21:25:15 markus Exp $");
+RCSID("$OpenBSD: auth2-pubkey.c,v 1.7 2004/06/21 17:36:31 avsm Exp $");
 
 #include "ssh2.h"
 #include "xmalloc.h"
@@ -205,7 +205,7 @@ user_key_allowed2(struct passwd *pw, Key *key, char *file)
 	found = key_new(key->type);
 
 	while (fgets(line, sizeof(line), f)) {
-		char *cp, *options = NULL;
+		char *cp, *key_options = NULL;
 		linenum++;
 		/* Skip leading whitespace, empty and comment lines. */
 		for (cp = line; *cp == ' ' || *cp == '\t'; cp++)
@@ -217,7 +217,7 @@ user_key_allowed2(struct passwd *pw, Key *key, char *file)
 			/* no key?  check if there are options for this key */
 			int quoted = 0;
 			debug2("user_key_allowed: check options: '%s'", cp);
-			options = cp;
+			key_options = cp;
 			for (; *cp && (quoted || (*cp != ' ' && *cp != '\t')); cp++) {
 				if (*cp == '\\' && cp[1] == '"')
 					cp++;	/* Skip both */
@@ -234,7 +234,7 @@ user_key_allowed2(struct passwd *pw, Key *key, char *file)
 			}
 		}
 		if (key_equal(found, key) &&
-		    auth_parse_options(pw, options, file, linenum) == 1) {
+		    auth_parse_options(pw, key_options, file, linenum) == 1) {
 			found_key = 1;
 			debug("matching key found: file %s, line %lu",
 			    file, linenum);
diff --git a/authfile.c b/authfile.c
index 305e9473..76a60d02 100644
--- a/authfile.c
+++ b/authfile.c
@@ -36,7 +36,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: authfile.c,v 1.56 2004/05/11 19:01:43 deraadt Exp $");
+RCSID("$OpenBSD: authfile.c,v 1.57 2004/06/21 17:36:31 avsm Exp $");
 
 #include <openssl/err.h>
 #include <openssl/evp.h>
@@ -72,7 +72,7 @@ key_save_private_rsa1(Key *key, const char *filename, const char *passphrase,
 	int fd, i, cipher_num;
 	CipherContext ciphercontext;
 	Cipher *cipher;
-	u_int32_t rand;
+	u_int32_t rnd;
 
 	/*
 	 * If the passphrase is empty, use SSH_CIPHER_NONE to ease converting
@@ -87,9 +87,9 @@ key_save_private_rsa1(Key *key, const char *filename, const char *passphrase,
 	buffer_init(&buffer);
 
 	/* Put checkbytes for checking passphrase validity. */
-	rand = arc4random();
-	buf[0] = rand & 0xff;
-	buf[1] = (rand >> 8) & 0xff;
+	rnd = arc4random();
+	buf[0] = rnd & 0xff;
+	buf[1] = (rnd >> 8) & 0xff;
 	buf[2] = buf[0];
 	buf[3] = buf[1];
 	buffer_append(&buffer, buf, 4);
diff --git a/canohost.c b/canohost.c
index 54369d49..057f061b 100644
--- a/canohost.c
+++ b/canohost.c
@@ -12,7 +12,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: canohost.c,v 1.39 2004/03/31 21:58:47 djm Exp $");
+RCSID("$OpenBSD: canohost.c,v 1.40 2004/06/21 17:36:31 avsm Exp $");
 
 #include "packet.h"
 #include "xmalloc.h"
@@ -28,7 +28,7 @@ static void ipv64_normalise_mapped(struct sockaddr_storage *, socklen_t *);
  */
 
 static char *
-get_remote_hostname(int socket, int use_dns)
+get_remote_hostname(int sock, int use_dns)
 {
 	struct sockaddr_storage from;
 	int i;
@@ -39,13 +39,13 @@ get_remote_hostname(int socket, int use_dns)
 	/* Get IP address of client. */
 	fromlen = sizeof(from);
 	memset(&from, 0, sizeof(from));
-	if (getpeername(socket, (struct sockaddr *)&from, &fromlen) < 0) {
+	if (getpeername(sock, (struct sockaddr *)&from, &fromlen) < 0) {
 		debug("getpeername failed: %.100s", strerror(errno));
 		cleanup_exit(255);
 	}
 
 	if (from.ss_family == AF_INET)
-		check_ip_options(socket, ntop);
+		check_ip_options(sock, ntop);
 
 	ipv64_normalise_mapped(&from, &fromlen);
 
@@ -138,7 +138,7 @@ get_remote_hostname(int socket, int use_dns)
  */
 /* IPv4 only */
 static void
-check_ip_options(int socket, char *ipaddr)
+check_ip_options(int sock, char *ipaddr)
 {
 #ifdef IP_OPTIONS
 	u_char options[200];
@@ -152,7 +152,7 @@ check_ip_options(int socket, char *ipaddr)
 	else
 		ipproto = IPPROTO_IP;
 	option_size = sizeof(options);
-	if (getsockopt(socket, ipproto, IP_OPTIONS, options,
+	if (getsockopt(sock, ipproto, IP_OPTIONS, options,
 	    &option_size) >= 0 && option_size != 0) {
 		text[0] = '\0';
 		for (i = 0; i < option_size; i++)
@@ -227,7 +227,7 @@ get_canonical_hostname(int use_dns)
  * The returned string must be freed.
  */
 static char *
-get_socket_address(int socket, int remote, int flags)
+get_socket_address(int sock, int remote, int flags)
 {
 	struct sockaddr_storage addr;
 	socklen_t addrlen;
@@ -238,11 +238,11 @@ get_socket_address(int socket, int remote, int flags)
 	memset(&addr, 0, sizeof(addr));
 
 	if (remote) {
-		if (getpeername(socket, (struct sockaddr *)&addr, &addrlen)
+		if (getpeername(sock, (struct sockaddr *)&addr, &addrlen)
 		    < 0)
 			return NULL;
 	} else {
-		if (getsockname(socket, (struct sockaddr *)&addr, &addrlen)
+		if (getsockname(sock, (struct sockaddr *)&addr, &addrlen)
 		    < 0)
 			return NULL;
 	}
@@ -261,29 +261,29 @@ get_socket_address(int socket, int remote, int flags)
 }
 
 char *
-get_peer_ipaddr(int socket)
+get_peer_ipaddr(int sock)
 {
 	char *p;
 
-	if ((p = get_socket_address(socket, 1, NI_NUMERICHOST)) != NULL)
+	if ((p = get_socket_address(sock, 1, NI_NUMERICHOST)) != NULL)
 		return p;
 	return xstrdup("UNKNOWN");
 }
 
 char *
-get_local_ipaddr(int socket)
+get_local_ipaddr(int sock)
 {
 	char *p;
 
-	if ((p = get_socket_address(socket, 0, NI_NUMERICHOST)) != NULL)
+	if ((p = get_socket_address(sock, 0, NI_NUMERICHOST)) != NULL)
 		return p;
 	return xstrdup("UNKNOWN");
 }
 
 char *
-get_local_name(int socket)
+get_local_name(int sock)
 {
-	return get_socket_address(socket, 0, NI_NAMEREQD);
+	return get_socket_address(sock, 0, NI_NAMEREQD);
 }
 
 /*
diff --git a/channels.c b/channels.c
index 68d85438..a72d9b93 100644
--- a/channels.c
+++ b/channels.c
@@ -39,7 +39,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: channels.c,v 1.206 2004/06/18 11:11:54 djm Exp $");
+RCSID("$OpenBSD: channels.c,v 1.207 2004/06/21 17:36:31 avsm Exp $");
 
 #include "ssh.h"
 #include "ssh1.h"
@@ -2903,7 +2903,7 @@ x11_request_forwarding_with_spoofing(int client_session_id,
 	char *new_data;
 	int screen_number;
 	const char *cp;
-	u_int32_t rand = 0;
+	u_int32_t rnd = 0;
 
 	cp = getenv("DISPLAY");
 	if (cp)
@@ -2928,10 +2928,10 @@ x11_request_forwarding_with_spoofing(int client_session_id,
 		if (sscanf(data + 2 * i, "%2x", &value) != 1)
 			fatal("x11_request_forwarding: bad authentication data: %.100s", data);
 		if (i % 4 == 0)
-			rand = arc4random();
+			rnd = arc4random();
 		x11_saved_data[i] = value;
-		x11_fake_data[i] = rand & 0xff;
-		rand >>= 8;
+		x11_fake_data[i] = rnd & 0xff;
+		rnd >>= 8;
 	}
 	x11_saved_data_len = data_len;
 	x11_fake_data_len = data_len;
diff --git a/cipher.c b/cipher.c
index c13ff586..255f840a 100644
--- a/cipher.c
+++ b/cipher.c
@@ -35,7 +35,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: cipher.c,v 1.68 2004/01/23 19:26:33 hshoexer Exp $");
+RCSID("$OpenBSD: cipher.c,v 1.69 2004/06/21 17:36:31 avsm Exp $");
 
 #include "xmalloc.h"
 #include "log.h"
@@ -166,25 +166,25 @@ int
 ciphers_valid(const char *names)
 {
 	Cipher *c;
-	char *ciphers, *cp;
+	char *cipher_list, *cp;
 	char *p;
 
 	if (names == NULL || strcmp(names, "") == 0)
 		return 0;
-	ciphers = cp = xstrdup(names);
+	cipher_list = cp = xstrdup(names);
 	for ((p = strsep(&cp, CIPHER_SEP)); p && *p != '\0';
 	    (p = strsep(&cp, CIPHER_SEP))) {
 		c = cipher_by_name(p);
 		if (c == NULL || c->number != SSH_CIPHER_SSH2) {
 			debug("bad cipher %s [%s]", p, names);
-			xfree(ciphers);
+			xfree(cipher_list);
 			return 0;
 		} else {
 			debug3("cipher ok: %s [%s]", p, names);
 		}
 	}
 	debug3("ciphers ok: [%s]", names);
-	xfree(ciphers);
+	xfree(cipher_list);
 	return 1;
 }
 
@@ -213,7 +213,7 @@ cipher_name(int id)
 void
 cipher_init(CipherContext *cc, Cipher *cipher,
     const u_char *key, u_int keylen, const u_char *iv, u_int ivlen,
-    int encrypt)
+    int do_encrypt)
 {
 	static int dowarn = 1;
 #ifdef SSH_OLD_EVP
@@ -255,7 +255,7 @@ cipher_init(CipherContext *cc, Cipher *cipher,
 	    (encrypt == CIPHER_ENCRYPT));
 #else
 	if (EVP_CipherInit(&cc->evp, type, NULL, (u_char *)iv,
-	    (encrypt == CIPHER_ENCRYPT)) == 0)
+	    (do_encrypt == CIPHER_ENCRYPT)) == 0)
 		fatal("cipher_init: EVP_CipherInit failed for %s",
 		    cipher->name);
 	klen = EVP_CIPHER_CTX_key_length(&cc->evp);
@@ -302,7 +302,7 @@ cipher_cleanup(CipherContext *cc)
 
 void
 cipher_set_key_string(CipherContext *cc, Cipher *cipher,
-    const char *passphrase, int encrypt)
+    const char *passphrase, int do_encrypt)
 {
 	MD5_CTX md;
 	u_char digest[16];
@@ -311,7 +311,7 @@ cipher_set_key_string(CipherContext *cc, Cipher *cipher,
 	MD5_Update(&md, (const u_char *)passphrase, strlen(passphrase));
 	MD5_Final(digest, &md);
 
-	cipher_init(cc, cipher, digest, 16, NULL, 0, encrypt);
+	cipher_init(cc, cipher, digest, 16, NULL, 0, do_encrypt);
 
 	memset(digest, 0, sizeof(digest));
 	memset(&md, 0, sizeof(md));
diff --git a/dns.c b/dns.c
index ad634f1f..140ab604 100644
--- a/dns.c
+++ b/dns.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: dns.c,v 1.9 2003/11/21 11:57:03 djm Exp $	*/
+/*	$OpenBSD: dns.c,v 1.10 2004/06/21 17:36:31 avsm Exp $	*/
 
 /*
  * Copyright (c) 2003 Wesley Griffin. All rights reserved.
@@ -43,7 +43,7 @@
 #include "uuencode.h"
 
 extern char *__progname;
-RCSID("$OpenBSD: dns.c,v 1.9 2003/11/21 11:57:03 djm Exp $");
+RCSID("$OpenBSD: dns.c,v 1.10 2004/06/21 17:36:31 avsm Exp $");
 
 #ifndef LWRES
 static const char *errset_text[] = {
@@ -56,9 +56,9 @@ static const char *errset_text[] = {
 };
 
 static const char *
-dns_result_totext(unsigned int error)
+dns_result_totext(unsigned int res)
 {
-	switch (error) {
+	switch (res) {
 	case ERRSET_SUCCESS:
 		return errset_text[ERRSET_SUCCESS];
 	case ERRSET_NOMEMORY:
diff --git a/kex.c b/kex.c
index cda8bf9b..a668346c 100644
--- a/kex.c
+++ b/kex.c
@@ -23,7 +23,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: kex.c,v 1.59 2004/06/13 12:53:24 djm Exp $");
+RCSID("$OpenBSD: kex.c,v 1.60 2004/06/21 17:36:31 avsm Exp $");
 
 #include <openssl/crypto.h>
 
@@ -148,7 +148,7 @@ kex_finish(Kex *kex)
 void
 kex_send_kexinit(Kex *kex)
 {
-	u_int32_t rand = 0;
+	u_int32_t rnd = 0;
 	u_char *cookie;
 	int i;
 
@@ -168,9 +168,9 @@ kex_send_kexinit(Kex *kex)
 	cookie = buffer_ptr(&kex->my);
 	for (i = 0; i < KEX_COOKIE_LEN; i++) {
 		if (i % 4 == 0)
-			rand = arc4random();
-		cookie[i] = rand;
-		rand >>= 8;
+			rnd = arc4random();
+		cookie[i] = rnd;
+		rnd >>= 8;
 	}
 	packet_start(SSH2_MSG_KEXINIT);
 	packet_put_raw(buffer_ptr(&kex->my), buffer_len(&kex->my));
diff --git a/monitor.c b/monitor.c
index c287a2da..28872755 100644
--- a/monitor.c
+++ b/monitor.c
@@ -25,7 +25,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: monitor.c,v 1.58 2004/06/13 12:53:24 djm Exp $");
+RCSID("$OpenBSD: monitor.c,v 1.59 2004/06/21 17:36:31 avsm Exp $");
 
 #include <openssl/dh.h>
 
@@ -350,9 +350,9 @@ monitor_set_child_handler(pid_t pid)
 }
 
 static void
-monitor_child_handler(int signal)
+monitor_child_handler(int sig)
 {
-	kill(monitor_child_pid, signal);
+	kill(monitor_child_pid, sig);
 }
 
 void
@@ -467,7 +467,7 @@ monitor_reset_key_state(void)
 }
 
 int
-mm_answer_moduli(int socket, Buffer *m)
+mm_answer_moduli(int sock, Buffer *m)
 {
 	DH *dh;
 	int min, want, max;
@@ -497,12 +497,12 @@ mm_answer_moduli(int socket, Buffer *m)
 
 		DH_free(dh);
 	}
-	mm_request_send(socket, MONITOR_ANS_MODULI, m);
+	mm_request_send(sock, MONITOR_ANS_MODULI, m);
 	return (0);
 }
 
 int
-mm_answer_sign(int socket, Buffer *m)
+mm_answer_sign(int sock, Buffer *m)
 {
 	Key *key;
 	u_char *p;
@@ -538,7 +538,7 @@ mm_answer_sign(int socket, Buffer *m)
 	xfree(p);
 	xfree(signature);
 
-	mm_request_send(socket, MONITOR_ANS_SIGN, m);
+	mm_request_send(sock, MONITOR_ANS_SIGN, m);
 
 	/* Turn on permissions for getpwnam */
 	monitor_permit(mon_dispatch, MONITOR_REQ_PWNAM, 1);
@@ -549,7 +549,7 @@ mm_answer_sign(int socket, Buffer *m)
 /* Retrieves the password entry and also checks if the user is permitted */
 
 int
-mm_answer_pwnamallow(int socket, Buffer *m)
+mm_answer_pwnamallow(int sock, Buffer *m)
 {
 	char *login;
 	struct passwd *pwent;
@@ -593,7 +593,7 @@ mm_answer_pwnamallow(int socket, Buffer *m)
 
  out:
 	debug3("%s: sending MONITOR_ANS_PWNAM: %d", __func__, allowed);
-	mm_request_send(socket, MONITOR_ANS_PWNAM, m);
+	mm_request_send(sock, MONITOR_ANS_PWNAM, m);
 
 	/* For SSHv1 allow authentication now */
 	if (!compat20)
@@ -612,14 +612,14 @@ mm_answer_pwnamallow(int socket, Buffer *m)
 	return (0);
 }
 
-int mm_answer_auth2_read_banner(int socket, Buffer *m)
+int mm_answer_auth2_read_banner(int sock, Buffer *m)
 {
 	char *banner;
 
 	buffer_clear(m);
 	banner = auth2_read_banner();
 	buffer_put_cstring(m, banner != NULL ? banner : "");
-	mm_request_send(socket, MONITOR_ANS_AUTH2_READ_BANNER, m);
+	mm_request_send(sock, MONITOR_ANS_AUTH2_READ_BANNER, m);
 
 	if (banner != NULL)
 		xfree(banner);
@@ -628,7 +628,7 @@ int mm_answer_auth2_read_banner(int socket, Buffer *m)
 }
 
 int
-mm_answer_authserv(int socket, Buffer *m)
+mm_answer_authserv(int sock, Buffer *m)
 {
 	monitor_permit_authentications(1);
 
@@ -646,7 +646,7 @@ mm_answer_authserv(int socket, Buffer *m)
 }
 
 int
-mm_answer_authpassword(int socket, Buffer *m)
+mm_answer_authpassword(int sock, Buffer *m)
 {
 	static int call_count;
 	char *passwd;
@@ -664,7 +664,7 @@ mm_answer_authpassword(int socket, Buffer *m)
 	buffer_put_int(m, authenticated);
 
 	debug3("%s: sending result %d", __func__, authenticated);
-	mm_request_send(socket, MONITOR_ANS_AUTHPASSWORD, m);
+	mm_request_send(sock, MONITOR_ANS_AUTHPASSWORD, m);
 
 	call_count++;
 	if (plen == 0 && call_count == 1)
@@ -678,7 +678,7 @@ mm_answer_authpassword(int socket, Buffer *m)
 
 #ifdef BSD_AUTH
 int
-mm_answer_bsdauthquery(int socket, Buffer *m)
+mm_answer_bsdauthquery(int sock, Buffer *m)
 {
 	char *name, *infotxt;
 	u_int numprompts;
@@ -695,7 +695,7 @@ mm_answer_bsdauthquery(int socket, Buffer *m)
 		buffer_put_cstring(m, prompts[0]);
 
 	debug3("%s: sending challenge success: %u", __func__, success);
-	mm_request_send(socket, MONITOR_ANS_BSDAUTHQUERY, m);
+	mm_request_send(sock, MONITOR_ANS_BSDAUTHQUERY, m);
 
 	if (success) {
 		xfree(name);
@@ -708,7 +708,7 @@ mm_answer_bsdauthquery(int socket, Buffer *m)
 }
 
 int
-mm_answer_bsdauthrespond(int socket, Buffer *m)
+mm_answer_bsdauthrespond(int sock, Buffer *m)
 {
 	char *response;
 	int authok;
@@ -727,7 +727,7 @@ mm_answer_bsdauthrespond(int socket, Buffer *m)
 	buffer_put_int(m, authok);
 
 	debug3("%s: sending authenticated: %d", __func__, authok);
-	mm_request_send(socket, MONITOR_ANS_BSDAUTHRESPOND, m);
+	mm_request_send(sock, MONITOR_ANS_BSDAUTHRESPOND, m);
 
 	auth_method = "bsdauth";
 
@@ -737,7 +737,7 @@ mm_answer_bsdauthrespond(int socket, Buffer *m)
 
 #ifdef SKEY
 int
-mm_answer_skeyquery(int socket, Buffer *m)
+mm_answer_skeyquery(int sock, Buffer *m)
 {
 	struct skey skey;
 	char challenge[1024];
@@ -752,13 +752,13 @@ mm_answer_skeyquery(int socket, Buffer *m)
 		buffer_put_cstring(m, challenge);
 
 	debug3("%s: sending challenge success: %u", __func__, success);
-	mm_request_send(socket, MONITOR_ANS_SKEYQUERY, m);
+	mm_request_send(sock, MONITOR_ANS_SKEYQUERY, m);
 
 	return (0);
 }
 
 int
-mm_answer_skeyrespond(int socket, Buffer *m)
+mm_answer_skeyrespond(int sock, Buffer *m)
 {
 	char *response;
 	int authok;
@@ -776,7 +776,7 @@ mm_answer_skeyrespond(int socket, Buffer *m)
 	buffer_put_int(m, authok);
 
 	debug3("%s: sending authenticated: %d", __func__, authok);
-	mm_request_send(socket, MONITOR_ANS_SKEYRESPOND, m);
+	mm_request_send(sock, MONITOR_ANS_SKEYRESPOND, m);
 
 	auth_method = "skey";
 
@@ -925,7 +925,7 @@ mm_append_debug(Buffer *m)
 }
 
 int
-mm_answer_keyallowed(int socket, Buffer *m)
+mm_answer_keyallowed(int sock, Buffer *m)
 {
 	Key *key;
 	char *cuser, *chost;
@@ -995,7 +995,7 @@ mm_answer_keyallowed(int socket, Buffer *m)
 
 	mm_append_debug(m);
 
-	mm_request_send(socket, MONITOR_ANS_KEYALLOWED, m);
+	mm_request_send(sock, MONITOR_ANS_KEYALLOWED, m);
 
 	if (type == MM_RSAHOSTKEY)
 		monitor_permit(mon_dispatch, MONITOR_REQ_RSACHALLENGE, allowed);
@@ -1116,7 +1116,7 @@ monitor_valid_hostbasedblob(u_char *data, u_int datalen, char *cuser,
 }
 
 int
-mm_answer_keyverify(int socket, Buffer *m)
+mm_answer_keyverify(int sock, Buffer *m)
 {
 	Key *key;
 	u_char *signature, *data, *blob;
@@ -1166,7 +1166,7 @@ mm_answer_keyverify(int socket, Buffer *m)
 
 	buffer_clear(m);
 	buffer_put_int(m, verified);
-	mm_request_send(socket, MONITOR_ANS_KEYVERIFY, m);
+	mm_request_send(sock, MONITOR_ANS_KEYVERIFY, m);
 
 	return (verified);
 }
@@ -1208,7 +1208,7 @@ mm_session_close(Session *s)
 }
 
 int
-mm_answer_pty(int socket, Buffer *m)
+mm_answer_pty(int sock, Buffer *m)
 {
 	extern struct monitor *pmonitor;
 	Session *s;
@@ -1230,10 +1230,10 @@ mm_answer_pty(int socket, Buffer *m)
 
 	buffer_put_int(m, 1);
 	buffer_put_cstring(m, s->tty);
-	mm_request_send(socket, MONITOR_ANS_PTY, m);
+	mm_request_send(sock, MONITOR_ANS_PTY, m);
 
-	mm_send_fd(socket, s->ptyfd);
-	mm_send_fd(socket, s->ttyfd);
+	mm_send_fd(sock, s->ptyfd);
+	mm_send_fd(sock, s->ttyfd);
 
 	/* We need to trick ttyslot */
 	if (dup2(s->ttyfd, 0) == -1)
@@ -1264,12 +1264,12 @@ mm_answer_pty(int socket, Buffer *m)
 	if (s != NULL)
 		mm_session_close(s);
 	buffer_put_int(m, 0);
-	mm_request_send(socket, MONITOR_ANS_PTY, m);
+	mm_request_send(sock, MONITOR_ANS_PTY, m);
 	return (0);
 }
 
 int
-mm_answer_pty_cleanup(int socket, Buffer *m)
+mm_answer_pty_cleanup(int sock, Buffer *m)
 {
 	Session *s;
 	char *tty;
@@ -1285,7 +1285,7 @@ mm_answer_pty_cleanup(int socket, Buffer *m)
 }
 
 int
-mm_answer_sesskey(int socket, Buffer *m)
+mm_answer_sesskey(int sock, Buffer *m)
 {
 	BIGNUM *p;
 	int rsafail;
@@ -1306,7 +1306,7 @@ mm_answer_sesskey(int socket, Buffer *m)
 
 	BN_clear_free(p);
 
-	mm_request_send(socket, MONITOR_ANS_SESSKEY, m);
+	mm_request_send(sock, MONITOR_ANS_SESSKEY, m);
 
 	/* Turn on permissions for sessid passing */
 	monitor_permit(mon_dispatch, MONITOR_REQ_SESSID, 1);
@@ -1315,7 +1315,7 @@ mm_answer_sesskey(int socket, Buffer *m)
 }
 
 int
-mm_answer_sessid(int socket, Buffer *m)
+mm_answer_sessid(int sock, Buffer *m)
 {
 	int i;
 
@@ -1333,7 +1333,7 @@ mm_answer_sessid(int socket, Buffer *m)
 }
 
 int
-mm_answer_rsa_keyallowed(int socket, Buffer *m)
+mm_answer_rsa_keyallowed(int sock, Buffer *m)
 {
 	BIGNUM *client_n;
 	Key *key = NULL;
@@ -1373,7 +1373,7 @@ mm_answer_rsa_keyallowed(int socket, Buffer *m)
 
 	mm_append_debug(m);
 
-	mm_request_send(socket, MONITOR_ANS_RSAKEYALLOWED, m);
+	mm_request_send(sock, MONITOR_ANS_RSAKEYALLOWED, m);
 
 	monitor_permit(mon_dispatch, MONITOR_REQ_RSACHALLENGE, allowed);
 	monitor_permit(mon_dispatch, MONITOR_REQ_RSARESPONSE, 0);
@@ -1381,7 +1381,7 @@ mm_answer_rsa_keyallowed(int socket, Buffer *m)
 }
 
 int
-mm_answer_rsa_challenge(int socket, Buffer *m)
+mm_answer_rsa_challenge(int sock, Buffer *m)
 {
 	Key *key = NULL;
 	u_char *blob;
@@ -1407,7 +1407,7 @@ mm_answer_rsa_challenge(int socket, Buffer *m)
 	buffer_put_bignum2(m, ssh1_challenge);
 
 	debug3("%s sending reply", __func__);
-	mm_request_send(socket, MONITOR_ANS_RSACHALLENGE, m);
+	mm_request_send(sock, MONITOR_ANS_RSACHALLENGE, m);
 
 	monitor_permit(mon_dispatch, MONITOR_REQ_RSARESPONSE, 1);
 
@@ -1417,7 +1417,7 @@ mm_answer_rsa_challenge(int socket, Buffer *m)
 }
 
 int
-mm_answer_rsa_response(int socket, Buffer *m)
+mm_answer_rsa_response(int sock, Buffer *m)
 {
 	Key *key = NULL;
 	u_char *blob, *response;
@@ -1456,13 +1456,13 @@ mm_answer_rsa_response(int socket, Buffer *m)
 
 	buffer_clear(m);
 	buffer_put_int(m, success);
-	mm_request_send(socket, MONITOR_ANS_RSARESPONSE, m);
+	mm_request_send(sock, MONITOR_ANS_RSARESPONSE, m);
 
 	return (success);
 }
 
 int
-mm_answer_term(int socket, Buffer *req)
+mm_answer_term(int sock, Buffer *req)
 {
 	extern struct monitor *pmonitor;
 	int res, status;
@@ -1740,23 +1740,23 @@ monitor_reinit(struct monitor *mon)
 
 #ifdef GSSAPI
 int
-mm_answer_gss_setup_ctx(int socket, Buffer *m)
+mm_answer_gss_setup_ctx(int sock, Buffer *m)
 {
-	gss_OID_desc oid;
+	gss_OID_desc goid;
 	OM_uint32 major;
 	u_int len;
 
-	oid.elements = buffer_get_string(m, &len);
-	oid.length = len;
+	goid.elements = buffer_get_string(m, &len);
+	goid.length = len;
 
-	major = ssh_gssapi_server_ctx(&gsscontext, &oid);
+	major = ssh_gssapi_server_ctx(&gsscontext, &goid);
 
-	xfree(oid.elements);
+	xfree(goid.elements);
 
 	buffer_clear(m);
 	buffer_put_int(m, major);
 
-	mm_request_send(socket,MONITOR_ANS_GSSSETUP, m);
+	mm_request_send(sock,MONITOR_ANS_GSSSETUP, m);
 
 	/* Now we have a context, enable the step */
 	monitor_permit(mon_dispatch, MONITOR_REQ_GSSSTEP, 1);
@@ -1765,7 +1765,7 @@ mm_answer_gss_setup_ctx(int socket, Buffer *m)
 }
 
 int
-mm_answer_gss_accept_ctx(int socket, Buffer *m)
+mm_answer_gss_accept_ctx(int sock, Buffer *m)
 {
 	gss_buffer_desc in;
 	gss_buffer_desc out = GSS_C_EMPTY_BUFFER;
@@ -1782,7 +1782,7 @@ mm_answer_gss_accept_ctx(int socket, Buffer *m)
 	buffer_put_int(m, major);
 	buffer_put_string(m, out.value, out.length);
 	buffer_put_int(m, flags);
-	mm_request_send(socket, MONITOR_ANS_GSSSTEP, m);
+	mm_request_send(sock, MONITOR_ANS_GSSSTEP, m);
 
 	gss_release_buffer(&minor, &out);
 
@@ -1795,7 +1795,7 @@ mm_answer_gss_accept_ctx(int socket, Buffer *m)
 }
 
 int
-mm_answer_gss_checkmic(int socket, Buffer *m)
+mm_answer_gss_checkmic(int sock, Buffer *m)
 {
 	gss_buffer_desc gssbuf, mic;
 	OM_uint32 ret;
@@ -1814,7 +1814,7 @@ mm_answer_gss_checkmic(int socket, Buffer *m)
 	buffer_clear(m);
 	buffer_put_int(m, ret);
 
-	mm_request_send(socket, MONITOR_ANS_GSSCHECKMIC, m);
+	mm_request_send(sock, MONITOR_ANS_GSSCHECKMIC, m);
 
 	if (!GSS_ERROR(ret))
 		monitor_permit(mon_dispatch, MONITOR_REQ_GSSUSEROK, 1);
@@ -1823,7 +1823,7 @@ mm_answer_gss_checkmic(int socket, Buffer *m)
 }
 
 int
-mm_answer_gss_userok(int socket, Buffer *m)
+mm_answer_gss_userok(int sock, Buffer *m)
 {
 	int authenticated;
 
@@ -1833,7 +1833,7 @@ mm_answer_gss_userok(int socket, Buffer *m)
 	buffer_put_int(m, authenticated);
 
 	debug3("%s: sending result %d", __func__, authenticated);
-	mm_request_send(socket, MONITOR_ANS_GSSUSEROK, m);
+	mm_request_send(sock, MONITOR_ANS_GSSUSEROK, m);
 
 	auth_method="gssapi-with-mic";
 
diff --git a/monitor_fdpass.c b/monitor_fdpass.c
index 22b7882b..f0dd88e7 100644
--- a/monitor_fdpass.c
+++ b/monitor_fdpass.c
@@ -24,7 +24,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: monitor_fdpass.c,v 1.4 2002/06/26 14:50:04 deraadt Exp $");
+RCSID("$OpenBSD: monitor_fdpass.c,v 1.5 2004/06/21 17:36:31 avsm Exp $");
 
 #include <sys/uio.h>
 
@@ -32,7 +32,7 @@ RCSID("$OpenBSD: monitor_fdpass.c,v 1.4 2002/06/26 14:50:04 deraadt Exp $");
 #include "monitor_fdpass.h"
 
 void
-mm_send_fd(int socket, int fd)
+mm_send_fd(int sock, int fd)
 {
 #if defined(HAVE_SENDMSG) && (defined(HAVE_ACCRIGHTS_IN_MSGHDR) || defined(HAVE_CONTROL_IN_MSGHDR))
 	struct msghdr msg;
@@ -63,7 +63,7 @@ mm_send_fd(int socket, int fd)
 	msg.msg_iov = &vec;
 	msg.msg_iovlen = 1;
 
-	if ((n = sendmsg(socket, &msg, 0)) == -1)
+	if ((n = sendmsg(sock, &msg, 0)) == -1)
 		fatal("%s: sendmsg(%d): %s", __func__, fd,
 		    strerror(errno));
 	if (n != 1)
@@ -76,7 +76,7 @@ mm_send_fd(int socket, int fd)
 }
 
 int
-mm_receive_fd(int socket)
+mm_receive_fd(int sock)
 {
 #if defined(HAVE_RECVMSG) && (defined(HAVE_ACCRIGHTS_IN_MSGHDR) || defined(HAVE_CONTROL_IN_MSGHDR))
 	struct msghdr msg;
@@ -102,7 +102,7 @@ mm_receive_fd(int socket)
 	msg.msg_controllen = sizeof(tmp);
 #endif
 
-	if ((n = recvmsg(socket, &msg, 0)) == -1)
+	if ((n = recvmsg(sock, &msg, 0)) == -1)
 		fatal("%s: recvmsg: %s", __func__, strerror(errno));
 	if (n != 1)
 		fatal("%s: recvmsg: expected received 1 got %ld",
diff --git a/monitor_wrap.c b/monitor_wrap.c
index ee2dc202..d9cbd9e3 100644
--- a/monitor_wrap.c
+++ b/monitor_wrap.c
@@ -25,7 +25,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: monitor_wrap.c,v 1.35 2003/11/17 11:06:07 markus Exp $");
+RCSID("$OpenBSD: monitor_wrap.c,v 1.36 2004/06/21 17:36:31 avsm Exp $");
 
 #include <openssl/bn.h>
 #include <openssl/dh.h>
@@ -83,7 +83,7 @@ mm_is_monitor(void)
 }
 
 void
-mm_request_send(int socket, enum monitor_reqtype type, Buffer *m)
+mm_request_send(int sock, enum monitor_reqtype type, Buffer *m)
 {
 	u_int mlen = buffer_len(m);
 	u_char buf[5];
@@ -92,14 +92,14 @@ mm_request_send(int socket, enum monitor_reqtype type, Buffer *m)
 
 	PUT_32BIT(buf, mlen + 1);
 	buf[4] = (u_char) type;		/* 1st byte of payload is mesg-type */
-	if (atomicio(vwrite, socket, buf, sizeof(buf)) != sizeof(buf))
+	if (atomicio(vwrite, sock, buf, sizeof(buf)) != sizeof(buf))
 		fatal("%s: write", __func__);
-	if (atomicio(vwrite, socket, buffer_ptr(m), mlen) != mlen)
+	if (atomicio(vwrite, sock, buffer_ptr(m), mlen) != mlen)
 		fatal("%s: write", __func__);
 }
 
 void
-mm_request_receive(int socket, Buffer *m)
+mm_request_receive(int sock, Buffer *m)
 {
 	u_char buf[4];
 	u_int msg_len;
@@ -107,7 +107,7 @@ mm_request_receive(int socket, Buffer *m)
 
 	debug3("%s entering", __func__);
 
-	res = atomicio(read, socket, buf, sizeof(buf));
+	res = atomicio(read, sock, buf, sizeof(buf));
 	if (res != sizeof(buf)) {
 		if (res == 0)
 			cleanup_exit(255);
@@ -118,19 +118,19 @@ mm_request_receive(int socket, Buffer *m)
 		fatal("%s: read: bad msg_len %d", __func__, msg_len);
 	buffer_clear(m);
 	buffer_append_space(m, msg_len);
-	res = atomicio(read, socket, buffer_ptr(m), msg_len);
+	res = atomicio(read, sock, buffer_ptr(m), msg_len);
 	if (res != msg_len)
 		fatal("%s: read: %ld != msg_len", __func__, (long)res);
 }
 
 void
-mm_request_receive_expect(int socket, enum monitor_reqtype type, Buffer *m)
+mm_request_receive_expect(int sock, enum monitor_reqtype type, Buffer *m)
 {
 	u_char rtype;
 
 	debug3("%s entering: type %d", __func__, type);
 
-	mm_request_receive(socket, m);
+	mm_request_receive(sock, m);
 	rtype = buffer_get_char(m);
 	if (rtype != type)
 		fatal("%s: read: rtype %d != type %d", __func__,
@@ -544,7 +544,7 @@ mm_send_kex(Buffer *m, Kex *kex)
 }
 
 void
-mm_send_keystate(struct monitor *pmonitor)
+mm_send_keystate(struct monitor *monitor)
 {
 	Buffer m;
 	u_char *blob, *p;
@@ -580,7 +580,7 @@ mm_send_keystate(struct monitor *pmonitor)
 		goto skip;
 	} else {
 		/* Kex for rekeying */
-		mm_send_kex(&m, *pmonitor->m_pkex);
+		mm_send_kex(&m, *monitor->m_pkex);
 	}
 
 	debug3("%s: Sending new keys: %p %p",
@@ -632,7 +632,7 @@ mm_send_keystate(struct monitor *pmonitor)
 	buffer_put_string(&m, buffer_ptr(&input), buffer_len(&input));
 	buffer_put_string(&m, buffer_ptr(&output), buffer_len(&output));
 
-	mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_KEYEXPORT, &m);
+	mm_request_send(monitor->m_recvfd, MONITOR_REQ_KEYEXPORT, &m);
 	debug3("%s: Finished sending state", __func__);
 
 	buffer_free(&m);
@@ -1093,7 +1093,7 @@ mm_auth_rsa_verify_response(Key *key, BIGNUM *p, u_char response[16])
 
 #ifdef GSSAPI
 OM_uint32
-mm_ssh_gssapi_server_ctx(Gssctxt **ctx, gss_OID oid)
+mm_ssh_gssapi_server_ctx(Gssctxt **ctx, gss_OID goid)
 {
 	Buffer m;
 	OM_uint32 major;
@@ -1102,7 +1102,7 @@ mm_ssh_gssapi_server_ctx(Gssctxt **ctx, gss_OID oid)
 	*ctx = NULL;
 
 	buffer_init(&m);
-	buffer_put_string(&m, oid->elements, oid->length);
+	buffer_put_string(&m, goid->elements, goid->length);
 
 	mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_GSSSETUP, &m);
 	mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_GSSSETUP, &m);
diff --git a/monitor_wrap.h b/monitor_wrap.h
index 2170b132..e5cf5718 100644
--- a/monitor_wrap.h
+++ b/monitor_wrap.h
@@ -1,4 +1,4 @@
-/*	$OpenBSD: monitor_wrap.h,v 1.13 2003/11/17 11:06:07 markus Exp $	*/
+/*	$OpenBSD: monitor_wrap.h,v 1.14 2004/06/21 17:36:31 avsm Exp $	*/
 
 /*
  * Copyright 2002 Niels Provos <provos@citi.umich.edu>
@@ -58,9 +58,9 @@ BIGNUM *mm_auth_rsa_generate_challenge(Key *);
 
 #ifdef GSSAPI
 #include "ssh-gss.h"
-OM_uint32 mm_ssh_gssapi_server_ctx(Gssctxt **ctxt, gss_OID oid);
-OM_uint32 mm_ssh_gssapi_accept_ctx(Gssctxt *ctxt,
-   gss_buffer_desc *recv, gss_buffer_desc *send, OM_uint32 *flags);
+OM_uint32 mm_ssh_gssapi_server_ctx(Gssctxt **, gss_OID);
+OM_uint32 mm_ssh_gssapi_accept_ctx(Gssctxt *,
+   gss_buffer_desc *, gss_buffer_desc *, OM_uint32 *);
 int mm_ssh_gssapi_userok(char *user);
 OM_uint32 mm_ssh_gssapi_checkmic(Gssctxt *, gss_buffer_t, gss_buffer_t);
 #endif
diff --git a/nchan.c b/nchan.c
index 3138cdd1..ecf59c5d 100644
--- a/nchan.c
+++ b/nchan.c
@@ -23,7 +23,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: nchan.c,v 1.49 2003/08/29 10:04:36 markus Exp $");
+RCSID("$OpenBSD: nchan.c,v 1.50 2004/06/21 17:36:31 avsm Exp $");
 
 #include "ssh1.h"
 #include "ssh2.h"
@@ -395,7 +395,7 @@ chan_mark_dead(Channel *c)
 }
 
 int
-chan_is_dead(Channel *c, int send)
+chan_is_dead(Channel *c, int do_send)
 {
 	if (c->type == SSH_CHANNEL_ZOMBIE) {
 		debug2("channel %d: zombie", c->self);
@@ -416,7 +416,7 @@ chan_is_dead(Channel *c, int send)
 		return 0;
 	}
 	if (!(c->flags & CHAN_CLOSE_SENT)) {
-		if (send) {
+		if (do_send) {
 			chan_send_close2(c);
 		} else {
 			/* channel would be dead if we sent a close */
diff --git a/packet.c b/packet.c
index fca0075e..82a56940 100644
--- a/packet.c
+++ b/packet.c
@@ -37,7 +37,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: packet.c,v 1.114 2004/06/14 01:44:39 djm Exp $");
+RCSID("$OpenBSD: packet.c,v 1.115 2004/06/21 17:36:31 avsm Exp $");
 
 #include "openbsd-compat/sys-queue.h"
 
@@ -507,7 +507,7 @@ packet_send1(void)
 	u_char buf[8], *cp;
 	int i, padding, len;
 	u_int checksum;
-	u_int32_t rand = 0;
+	u_int32_t rnd = 0;
 
 	/*
 	 * If using packet compression, compress the payload of the outgoing
@@ -533,9 +533,9 @@ packet_send1(void)
 		cp = buffer_ptr(&outgoing_packet);
 		for (i = 0; i < padding; i++) {
 			if (i % 4 == 0)
-				rand = arc4random();
-			cp[7 - i] = rand & 0xff;
-			rand >>= 8;
+				rnd = arc4random();
+			cp[7 - i] = rnd & 0xff;
+			rnd >>= 8;
 		}
 	}
 	buffer_consume(&outgoing_packet, 8 - padding);
@@ -580,18 +580,18 @@ set_newkeys(int mode)
 	Comp *comp;
 	CipherContext *cc;
 	u_int64_t *max_blocks;
-	int encrypt;
+	int crypt_type;
 
 	debug2("set_newkeys: mode %d", mode);
 
 	if (mode == MODE_OUT) {
 		cc = &send_context;
-		encrypt = CIPHER_ENCRYPT;
+		crypt_type = CIPHER_ENCRYPT;
 		p_send.packets = p_send.blocks = 0;
 		max_blocks = &max_blocks_out;
 	} else {
 		cc = &receive_context;
-		encrypt = CIPHER_DECRYPT;
+		crypt_type = CIPHER_DECRYPT;
 		p_read.packets = p_read.blocks = 0;
 		max_blocks = &max_blocks_in;
 	}
@@ -620,7 +620,7 @@ set_newkeys(int mode)
 		mac->enabled = 1;
 	DBG(debug("cipher_init_context: %d", mode));
 	cipher_init(cc, enc->cipher, enc->key, enc->key_len,
-	    enc->iv, enc->block_size, encrypt);
+	    enc->iv, enc->block_size, crypt_type);
 	/* Deleting the keys does not gain extra security */
 	/* memset(enc->iv,  0, enc->block_size);
 	   memset(enc->key, 0, enc->key_len); */
@@ -654,7 +654,7 @@ packet_send2_wrapped(void)
 	u_char padlen, pad;
 	u_int packet_length = 0;
 	u_int i, len;
-	u_int32_t rand = 0;
+	u_int32_t rnd = 0;
 	Enc *enc   = NULL;
 	Mac *mac   = NULL;
 	Comp *comp = NULL;
@@ -713,9 +713,9 @@ packet_send2_wrapped(void)
 		/* random padding */
 		for (i = 0; i < padlen; i++) {
 			if (i % 4 == 0)
-				rand = arc4random();
-			cp[i] = rand & 0xff;
-			rand >>= 8;
+				rnd = arc4random();
+			cp[i] = rnd & 0xff;
+			rnd >>= 8;
 		}
 	} else {
 		/* clear padding */
@@ -1489,16 +1489,16 @@ packet_add_padding(u_char pad)
 void
 packet_send_ignore(int nbytes)
 {
-	u_int32_t rand = 0;
+	u_int32_t rnd = 0;
 	int i;
 
 	packet_start(compat20 ? SSH2_MSG_IGNORE : SSH_MSG_IGNORE);
 	packet_put_int(nbytes);
 	for (i = 0; i < nbytes; i++) {
 		if (i % 4 == 0)
-			rand = arc4random();
-		packet_put_char(rand & 0xff);
-		rand >>= 8;
+			rnd = arc4random();
+		packet_put_char(rnd & 0xff);
+		rnd >>= 8;
 	}
 }
 
diff --git a/progressmeter.c b/progressmeter.c
index e74f4785..629a536b 100644
--- a/progressmeter.c
+++ b/progressmeter.c
@@ -23,7 +23,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: progressmeter.c,v 1.20 2004/05/11 19:01:43 deraadt Exp $");
+RCSID("$OpenBSD: progressmeter.c,v 1.21 2004/06/21 17:36:31 avsm Exp $");
 
 #include "progressmeter.h"
 #include "atomicio.h"
@@ -224,7 +224,7 @@ update_progress_meter(int ignore)
 }
 
 void
-start_progress_meter(char *f, off_t filesize, off_t *stat)
+start_progress_meter(char *f, off_t filesize, off_t *ctr)
 {
 	struct winsize winsize;
 
@@ -232,7 +232,7 @@ start_progress_meter(char *f, off_t filesize, off_t *stat)
 	file = f;
 	end_pos = filesize;
 	cur_pos = 0;
-	counter = stat;
+	counter = ctr;
 	stalled = 0;
 	bytes_per_second = 0;
 
diff --git a/scp.c b/scp.c
index 8621a440..3ae17c9a 100644
--- a/scp.c
+++ b/scp.c
@@ -71,7 +71,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: scp.c,v 1.114 2004/04/01 12:19:57 markus Exp $");
+RCSID("$OpenBSD: scp.c,v 1.115 2004/06/21 17:36:31 avsm Exp $");
 
 #include "xmalloc.h"
 #include "atomicio.h"
@@ -663,7 +663,7 @@ bwlimit(int amount)
 {
 	static struct timeval bwstart, bwend;
 	static int lamt, thresh = 16384;
-	u_int64_t wait;
+	u_int64_t waitlen;
 	struct timespec ts, rm;
 
 	if (!timerisset(&bwstart)) {
@@ -681,10 +681,10 @@ bwlimit(int amount)
 		return;
 
 	lamt *= 8;
-	wait = (double)1000000L * lamt / limit_rate;
+	waitlen = (double)1000000L * lamt / limit_rate;
 
-	bwstart.tv_sec = wait / 1000000L;
-	bwstart.tv_usec = wait % 1000000L;
+	bwstart.tv_sec = waitlen / 1000000L;
+	bwstart.tv_usec = waitlen % 1000000L;
 
 	if (timercmp(&bwstart, &bwend, >)) {
 		timersub(&bwstart, &bwend, &bwend);
diff --git a/sftp-server.c b/sftp-server.c
index 1d13e97b..8349c176 100644
--- a/sftp-server.c
+++ b/sftp-server.c
@@ -14,7 +14,7 @@
  * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
  */
 #include "includes.h"
-RCSID("$OpenBSD: sftp-server.c,v 1.45 2004/02/19 21:15:04 markus Exp $");
+RCSID("$OpenBSD: sftp-server.c,v 1.46 2004/06/21 17:36:31 avsm Exp $");
 
 #include "buffer.h"
 #include "bufaux.h"
@@ -260,7 +260,7 @@ send_msg(Buffer *m)
 }
 
 static void
-send_status(u_int32_t id, u_int32_t error)
+send_status(u_int32_t id, u_int32_t status)
 {
 	Buffer msg;
 	const char *status_messages[] = {
@@ -276,14 +276,14 @@ send_status(u_int32_t id, u_int32_t error)
 		"Unknown error"			/* Others */
 	};
 
-	TRACE("sent status id %u error %u", id, error);
+	TRACE("sent status id %u error %u", id, status);
 	buffer_init(&msg);
 	buffer_put_char(&msg, SSH2_FXP_STATUS);
 	buffer_put_int(&msg, id);
-	buffer_put_int(&msg, error);
+	buffer_put_int(&msg, status);
 	if (version >= 3) {
 		buffer_put_cstring(&msg,
-		    status_messages[MIN(error,SSH2_FX_MAX)]);
+		    status_messages[MIN(status,SSH2_FX_MAX)]);
 		buffer_put_cstring(&msg, "");
 	}
 	send_msg(&msg);
@@ -863,20 +863,20 @@ process_readlink(void)
 {
 	u_int32_t id;
 	int len;
-	char link[MAXPATHLEN];
+	char buf[MAXPATHLEN];
 	char *path;
 
 	id = get_int();
 	path = get_string(NULL);
 	TRACE("readlink id %u path %s", id, path);
-	if ((len = readlink(path, link, sizeof(link) - 1)) == -1)
+	if ((len = readlink(path, buf, sizeof(buf) - 1)) == -1)
 		send_status(id, errno_to_portable(errno));
 	else {
 		Stat s;
 
-		link[len] = '\0';
+		buf[len] = '\0';
 		attrib_clear(&s.attrib);
-		s.name = s.long_name = link;
+		s.name = s.long_name = buf;
 		send_names(id, 1, &s);
 	}
 	xfree(path);
diff --git a/sftp.c b/sftp.c
index df2aff65..d818ef84 100644
--- a/sftp.c
+++ b/sftp.c
@@ -16,7 +16,7 @@
 
 #include "includes.h"
 
-RCSID("$OpenBSD: sftp.c,v 1.50 2004/06/20 18:53:39 djm Exp $");
+RCSID("$OpenBSD: sftp.c,v 1.51 2004/06/21 17:36:31 avsm Exp $");
 
 #include "buffer.h"
 #include "xmalloc.h"
@@ -277,13 +277,13 @@ path_append(char *p1, char *p2)
 static char *
 make_absolute(char *p, char *pwd)
 {
-	char *abs;
+	char *abs_str;
 
 	/* Derelativise */
 	if (p && p[0] != '/') {
-		abs = path_append(pwd, p);
+		abs_str = path_append(pwd, p);
 		xfree(p);
-		return(abs);
+		return(abs_str);
 	} else
 		return(p);
 }
diff --git a/ssh-gss.h b/ssh-gss.h
index 4f032aa8..52fb49a6 100644
--- a/ssh-gss.h
+++ b/ssh-gss.h
@@ -1,4 +1,4 @@
-/*	$OpenBSD: ssh-gss.h,v 1.4 2003/11/17 11:06:07 markus Exp $	*/
+/*	$OpenBSD: ssh-gss.h,v 1.5 2004/06/21 17:36:31 avsm Exp $	*/
 /*
  * Copyright (c) 2001-2003 Simon Wilkinson. All rights reserved.
  *
@@ -100,31 +100,31 @@ typedef struct {
 
 extern ssh_gssapi_mech *supported_mechs[];
 
-int  ssh_gssapi_check_oid(Gssctxt *ctx, void *data, size_t len);
-void ssh_gssapi_set_oid_data(Gssctxt *ctx, void *data, size_t len);
-void ssh_gssapi_set_oid(Gssctxt *ctx, gss_OID oid);
-void ssh_gssapi_supported_oids(gss_OID_set *oidset);
-ssh_gssapi_mech *ssh_gssapi_get_ctype(Gssctxt *ctxt);
-
-OM_uint32 ssh_gssapi_import_name(Gssctxt *ctx, const char *host);
-OM_uint32 ssh_gssapi_acquire_cred(Gssctxt *ctx);
-OM_uint32 ssh_gssapi_init_ctx(Gssctxt *ctx, int deleg_creds,
-    gss_buffer_desc *recv_tok, gss_buffer_desc *send_tok, OM_uint32 *flags);
-OM_uint32 ssh_gssapi_accept_ctx(Gssctxt *ctx,
-    gss_buffer_desc *recv_tok, gss_buffer_desc *send_tok, OM_uint32 *flags);
-OM_uint32 ssh_gssapi_getclient(Gssctxt *ctx, ssh_gssapi_client *);
-void ssh_gssapi_error(Gssctxt *ctx);
-char *ssh_gssapi_last_error(Gssctxt *ctxt, OM_uint32 *maj, OM_uint32 *min);
-void ssh_gssapi_build_ctx(Gssctxt **ctx);
-void ssh_gssapi_delete_ctx(Gssctxt **ctx);
+int  ssh_gssapi_check_oid(Gssctxt *, void *, size_t);
+void ssh_gssapi_set_oid_data(Gssctxt *, void *, size_t);
+void ssh_gssapi_set_oid(Gssctxt *, gss_OID);
+void ssh_gssapi_supported_oids(gss_OID_set *);
+ssh_gssapi_mech *ssh_gssapi_get_ctype(Gssctxt *);
+
+OM_uint32 ssh_gssapi_import_name(Gssctxt *, const char *);
+OM_uint32 ssh_gssapi_acquire_cred(Gssctxt *);
+OM_uint32 ssh_gssapi_init_ctx(Gssctxt *, int,
+    gss_buffer_desc *, gss_buffer_desc *, OM_uint32 *);
+OM_uint32 ssh_gssapi_accept_ctx(Gssctxt *,
+    gss_buffer_desc *, gss_buffer_desc *, OM_uint32 *);
+OM_uint32 ssh_gssapi_getclient(Gssctxt *, ssh_gssapi_client *);
+void ssh_gssapi_error(Gssctxt *);
+char *ssh_gssapi_last_error(Gssctxt *, OM_uint32 *, OM_uint32 *);
+void ssh_gssapi_build_ctx(Gssctxt **);
+void ssh_gssapi_delete_ctx(Gssctxt **);
 OM_uint32 ssh_gssapi_sign(Gssctxt *, gss_buffer_t, gss_buffer_t);
-OM_uint32 ssh_gssapi_server_ctx(Gssctxt **ctx, gss_OID oid);
+OM_uint32 ssh_gssapi_server_ctx(Gssctxt **, gss_OID);
 void ssh_gssapi_buildmic(Buffer *, const char *, const char *, const char *);
 
 /* In the server */
 int ssh_gssapi_userok(char *name);
 OM_uint32 ssh_gssapi_checkmic(Gssctxt *, gss_buffer_t, gss_buffer_t);
-void ssh_gssapi_do_child(char ***envp, u_int *envsizep);
+void ssh_gssapi_do_child(char ***, u_int *);
 void ssh_gssapi_cleanup_creds(void);
 void ssh_gssapi_storecreds(void);
 
diff --git a/ssh-keygen.c b/ssh-keygen.c
index 5539fe17..d4d19d3a 100644
--- a/ssh-keygen.c
+++ b/ssh-keygen.c
@@ -12,7 +12,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: ssh-keygen.c,v 1.115 2004/05/09 00:06:47 djm Exp $");
+RCSID("$OpenBSD: ssh-keygen.c,v 1.116 2004/06/21 17:36:31 avsm Exp $");
 
 #include <openssl/evp.h>
 #include <openssl/pem.h>
@@ -192,8 +192,8 @@ do_convert_to_ssh2(struct passwd *pw)
 static void
 buffer_get_bignum_bits(Buffer *b, BIGNUM *value)
 {
-	u_int bits = buffer_get_int(b);
-	u_int bytes = (bits + 7) / 8;
+	u_int bignum_bits = buffer_get_int(b);
+	u_int bytes = (bignum_bits + 7) / 8;
 
 	if (buffer_len(b) < bytes)
 		fatal("buffer_get_bignum_bits: input buffer too small: "
@@ -630,7 +630,7 @@ do_change_passphrase(struct passwd *pw)
  * Print the SSHFP RR.
  */
 static void
-do_print_resource_record(struct passwd *pw, char *hostname)
+do_print_resource_record(struct passwd *pw, char *hname)
 {
 	Key *public;
 	char *comment = NULL;
@@ -644,7 +644,7 @@ do_print_resource_record(struct passwd *pw, char *hostname)
 	}
 	public = key_load_public(identity_file, &comment);
 	if (public != NULL) {
-		export_dns_rr(hostname, public, stdout, print_generic);
+		export_dns_rr(hname, public, stdout, print_generic);
 		key_free(public);
 		xfree(comment);
 		exit(0);
diff --git a/ssh.c b/ssh.c
index b9bd8c0d..9e3f7355 100644
--- a/ssh.c
+++ b/ssh.c
@@ -40,7 +40,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: ssh.c,v 1.220 2004/06/20 17:36:59 djm Exp $");
+RCSID("$OpenBSD: ssh.c,v 1.221 2004/06/21 17:36:31 avsm Exp $");
 
 #include <openssl/evp.h>
 #include <openssl/err.h>
@@ -807,17 +807,17 @@ x11_get_proto(char **_proto, char **_data)
 	 * for the local connection.
 	 */
 	if (!got_data) {
-		u_int32_t rand = 0;
+		u_int32_t rnd = 0;
 
 		logit("Warning: No xauth data; "
 		    "using fake authentication data for X11 forwarding.");
 		strlcpy(proto, SSH_X11_PROTO, sizeof proto);
 		for (i = 0; i < 16; i++) {
 			if (i % 4 == 0)
-				rand = arc4random();
+				rnd = arc4random();
 			snprintf(data + 2 * i, sizeof data - 2 * i, "%02x",
-			    rand & 0xff);
-			rand >>= 8;
+			    rnd & 0xff);
+			rnd >>= 8;
 		}
 	}
 }
diff --git a/sshconnect.c b/sshconnect.c
index 95bb527b..11008e54 100644
--- a/sshconnect.c
+++ b/sshconnect.c
@@ -13,7 +13,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: sshconnect.c,v 1.157 2004/05/08 00:21:31 djm Exp $");
+RCSID("$OpenBSD: sshconnect.c,v 1.158 2004/06/21 17:36:31 avsm Exp $");
 
 #include <openssl/bn.h>
 
@@ -767,19 +767,19 @@ check_host_key(char *host, struct sockaddr *hostaddr, Key *host_key,
 		break;
 	case HOST_CHANGED:
 		if (options.check_host_ip && host_ip_differ) {
-			char *msg;
+			char *key_msg;
 			if (ip_status == HOST_NEW)
-				msg = "is unknown";
+				key_msg = "is unknown";
 			else if (ip_status == HOST_OK)
-				msg = "is unchanged";
+				key_msg = "is unchanged";
 			else
-				msg = "has a different value";
+				key_msg = "has a different value";
 			error("@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@");
 			error("@       WARNING: POSSIBLE DNS SPOOFING DETECTED!          @");
 			error("@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@");
 			error("The %s host key for %s has changed,", type, host);
 			error("and the key for the according IP address %s", ip);
-			error("%s. This could either mean that", msg);
+			error("%s. This could either mean that", key_msg);
 			error("DNS SPOOFING is happening or the IP address for the host");
 			error("and its host key have changed at the same time.");
 			if (ip_status != HOST_NEW)
diff --git a/sshconnect1.c b/sshconnect1.c
index ae33ab39..61fecab1 100644
--- a/sshconnect1.c
+++ b/sshconnect1.c
@@ -13,7 +13,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: sshconnect1.c,v 1.58 2004/05/09 01:19:28 djm Exp $");
+RCSID("$OpenBSD: sshconnect1.c,v 1.59 2004/06/21 17:36:31 avsm Exp $");
 
 #include <openssl/bn.h>
 #include <openssl/md5.h>
@@ -476,7 +476,7 @@ ssh_kex(char *host, struct sockaddr *hostaddr)
 	u_char cookie[8];
 	u_int supported_ciphers;
 	u_int server_flags, client_flags;
-	u_int32_t rand = 0;
+	u_int32_t rnd = 0;
 
 	debug("Waiting for server public key.");
 
@@ -540,9 +540,9 @@ ssh_kex(char *host, struct sockaddr *hostaddr)
 	 */
 	for (i = 0; i < 32; i++) {
 		if (i % 4 == 0)
-			rand = arc4random();
-		session_key[i] = rand & 0xff;
-		rand >>= 8;
+			rnd = arc4random();
+		session_key[i] = rnd & 0xff;
+		rnd >>= 8;
 	}
 
 	/*
diff --git a/sshlogin.c b/sshlogin.c
index e1cc4cc8..22cfd344 100644
--- a/sshlogin.c
+++ b/sshlogin.c
@@ -39,7 +39,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: sshlogin.c,v 1.7 2003/06/12 07:57:38 markus Exp $");
+RCSID("$OpenBSD: sshlogin.c,v 1.8 2004/06/21 17:36:31 avsm Exp $");
 
 #include "loginrec.h"
 
@@ -64,12 +64,12 @@ get_last_login_time(uid_t uid, const char *logname,
  * systems were more standardized.
  */
 void
-record_login(pid_t pid, const char *ttyname, const char *user, uid_t uid,
+record_login(pid_t pid, const char *tty, const char *user, uid_t uid,
     const char *host, struct sockaddr * addr, socklen_t addrlen)
 {
 	struct logininfo *li;
 
-	li = login_alloc_entry(pid, user, host, ttyname);
+	li = login_alloc_entry(pid, user, host, tty);
 	login_set_addr(li, addr, addrlen);
 	login_login(li);
 	login_free_entry(li);
@@ -91,11 +91,11 @@ record_utmp_only(pid_t pid, const char *ttyname, const char *user,
 
 /* Records that the user has logged out. */
 void
-record_logout(pid_t pid, const char *ttyname, const char *user)
+record_logout(pid_t pid, const char *tty, const char *user)
 {
 	struct logininfo *li;
 
-	li = login_alloc_entry(pid, user, NULL, ttyname);
+	li = login_alloc_entry(pid, user, NULL, tty);
 	login_logout(li);
 	login_free_entry(li);
 }
diff --git a/sshpty.c b/sshpty.c
index 0fe3891b..efd1dfef 100644
--- a/sshpty.c
+++ b/sshpty.c
@@ -12,7 +12,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: sshpty.c,v 1.11 2004/01/11 21:55:06 deraadt Exp $");
+RCSID("$OpenBSD: sshpty.c,v 1.12 2004/06/21 17:36:31 avsm Exp $");
 
 #ifdef HAVE_UTIL_H
 # include <util.h>
@@ -60,18 +60,18 @@ pty_allocate(int *ptyfd, int *ttyfd, char *namebuf, int namebuflen)
 /* Releases the tty.  Its ownership is returned to root, and permissions to 0666. */
 
 void
-pty_release(const char *ttyname)
+pty_release(const char *tty)
 {
-	if (chown(ttyname, (uid_t) 0, (gid_t) 0) < 0)
-		error("chown %.100s 0 0 failed: %.100s", ttyname, strerror(errno));
-	if (chmod(ttyname, (mode_t) 0666) < 0)
-		error("chmod %.100s 0666 failed: %.100s", ttyname, strerror(errno));
+	if (chown(tty, (uid_t) 0, (gid_t) 0) < 0)
+		error("chown %.100s 0 0 failed: %.100s", tty, strerror(errno));
+	if (chmod(tty, (mode_t) 0666) < 0)
+		error("chmod %.100s 0666 failed: %.100s", tty, strerror(errno));
 }
 
 /* Makes the tty the process's controlling tty and sets it to sane modes. */
 
 void
-pty_make_controlling_tty(int *ttyfd, const char *ttyname)
+pty_make_controlling_tty(int *ttyfd, const char *tty)
 {
 	int fd;
 #ifdef USE_VHANGUP
@@ -82,7 +82,7 @@ pty_make_controlling_tty(int *ttyfd, const char *ttyname)
 	if (setsid() < 0)
 		error("setsid: %.100s", strerror(errno));
 
-	fd = open(ttyname, O_RDWR|O_NOCTTY);
+	fd = open(tty, O_RDWR|O_NOCTTY);
 	if (fd != -1) {
 		signal(SIGHUP, SIG_IGN);
 		ioctl(fd, TCVHUP, (char *)NULL);
@@ -97,7 +97,7 @@ pty_make_controlling_tty(int *ttyfd, const char *ttyname)
 	ioctl(*ttyfd, TCSETCTTY, NULL);
 	fd = open("/dev/tty", O_RDWR);
 	if (fd < 0)
-		error("%.100s: %.100s", ttyname, strerror(errno));
+		error("%.100s: %.100s", tty, strerror(errno));
 	close(*ttyfd);
 	*ttyfd = fd;
 #else /* _UNICOS */
@@ -137,9 +137,9 @@ pty_make_controlling_tty(int *ttyfd, const char *ttyname)
 	vhangup();
 	signal(SIGHUP, old);
 #endif /* USE_VHANGUP */
-	fd = open(ttyname, O_RDWR);
+	fd = open(tty, O_RDWR);
 	if (fd < 0) {
-		error("%.100s: %.100s", ttyname, strerror(errno));
+		error("%.100s: %.100s", tty, strerror(errno));
 	} else {
 #ifdef USE_VHANGUP
 		close(*ttyfd);
@@ -174,7 +174,7 @@ pty_change_window_size(int ptyfd, int row, int col,
 }
 
 void
-pty_setowner(struct passwd *pw, const char *ttyname)
+pty_setowner(struct passwd *pw, const char *tty)
 {
 	struct group *grp;
 	gid_t gid;
@@ -196,33 +196,33 @@ pty_setowner(struct passwd *pw, const char *ttyname)
 	 * Warn but continue if filesystem is read-only and the uids match/
 	 * tty is owned by root.
 	 */
-	if (stat(ttyname, &st))
-		fatal("stat(%.100s) failed: %.100s", ttyname,
+	if (stat(tty, &st))
+		fatal("stat(%.100s) failed: %.100s", tty,
 		    strerror(errno));
 
 	if (st.st_uid != pw->pw_uid || st.st_gid != gid) {
-		if (chown(ttyname, pw->pw_uid, gid) < 0) {
+		if (chown(tty, pw->pw_uid, gid) < 0) {
 			if (errno == EROFS &&
 			    (st.st_uid == pw->pw_uid || st.st_uid == 0))
 				debug("chown(%.100s, %u, %u) failed: %.100s",
-				    ttyname, (u_int)pw->pw_uid, (u_int)gid,
+				    tty, (u_int)pw->pw_uid, (u_int)gid,
 				    strerror(errno));
 			else
 				fatal("chown(%.100s, %u, %u) failed: %.100s",
-				    ttyname, (u_int)pw->pw_uid, (u_int)gid,
+				    tty, (u_int)pw->pw_uid, (u_int)gid,
 				    strerror(errno));
 		}
 	}
 
 	if ((st.st_mode & (S_IRWXU|S_IRWXG|S_IRWXO)) != mode) {
-		if (chmod(ttyname, mode) < 0) {
+		if (chmod(tty, mode) < 0) {
 			if (errno == EROFS &&
 			    (st.st_mode & (S_IRGRP | S_IROTH)) == 0)
 				debug("chmod(%.100s, 0%o) failed: %.100s",
-				    ttyname, (u_int)mode, strerror(errno));
+				    tty, (u_int)mode, strerror(errno));
 			else
 				fatal("chmod(%.100s, 0%o) failed: %.100s",
-				    ttyname, (u_int)mode, strerror(errno));
+				    tty, (u_int)mode, strerror(errno));
 		}
 	}
 }
-- 
2.45.2