- djm@cvs.openbsd.org 2008/01/19 23:09:49

     [readconf.c readconf.h sshconnect2.c]
     promote rekeylimit to a int64 so it can hold the maximum useful limit
     of 2^32; report and patch from Jan.Pechanec AT Sun.COM, ok dtucker@

4 files changed, 13 insertions, 10 deletions

diff --git a/ChangeLog b/ChangeLog
index 3843aeee9..3c5a374dc 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -40,6 +40,10 @@
      and v6 addresses when connected to a server with this quirk, despite
      having set 0.0.0.0 as a bind_address.
      report and patch from Jan.Pechanec AT Sun.COM; ok dtucker@
+   - djm@cvs.openbsd.org 2008/01/19 23:09:49
+     [readconf.c readconf.h sshconnect2.c]
+     promote rekeylimit to a int64 so it can hold the maximum useful limit
+     of 2^32; report and patch from Jan.Pechanec AT Sun.COM, ok dtucker@
 
 20080119
  - (djm) Silence noice from expr in ssh-copy-id; patch from
@@ -3568,4 +3572,4 @@
    OpenServer 6 and add osr5bigcrypt support so when someone migrates
    passwords between UnixWare and OpenServer they will still work. OK dtucker@
 
-$Id: ChangeLog,v 1.4827 2008/02/10 11:25:24 djm Exp $
+$Id: ChangeLog,v 1.4828 2008/02/10 11:25:52 djm Exp $
diff --git a/readconf.c b/readconf.c
index 1d6409fdb..3ddb4d392 100644
--- a/readconf.c
+++ b/readconf.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: readconf.c,v 1.164 2007/12/31 10:41:31 dtucker Exp $ */
+/* $OpenBSD: readconf.c,v 1.165 2008/01/19 23:09:49 djm Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -499,7 +499,6 @@ parse_yesnoask:
                 goto parse_int;
 
         case oRekeyLimit:
-                intptr = &options->rekey_limit;
                 arg = strdelim(&s);
                 if (!arg || *arg == '\0')
                         fatal("%.200s line %d: Missing argument.", filename, linenum);
@@ -527,14 +526,14 @@ parse_yesnoask:
                 }
                 val64 *= scale;
                 /* detect integer wrap and too-large limits */
-                if ((val64 / scale) != orig || val64 > INT_MAX)
+                if ((val64 / scale) != orig || val64 > UINT_MAX)
                         fatal("%.200s line %d: RekeyLimit too large",
                             filename, linenum);
                 if (val64 < 16)
                         fatal("%.200s line %d: RekeyLimit too small",
                             filename, linenum);
-                if (*activep && *intptr == -1)
-                        *intptr = (int)val64;
+                if (*activep && options->rekey_limit == -1)
+                        options->rekey_limit = (u_int32_t)val64;
                 break;
 
         case oIdentityFile:
diff --git a/readconf.h b/readconf.h
index d484f258e..6257f4b2f 100644
--- a/readconf.h
+++ b/readconf.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: readconf.h,v 1.71 2006/08/03 03:34:42 deraadt Exp $ */
+/* $OpenBSD: readconf.h,v 1.72 2008/01/19 23:09:49 djm Exp $ */
 
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
@@ -100,7 +100,7 @@ typedef struct {
         int     clear_forwardings;
 
         int     enable_ssh_keysign;
-        int     rekey_limit;
+        int64_t rekey_limit;
         int     no_host_authentication_for_localhost;
         int     identities_only;
         int     server_alive_interval;
diff --git a/sshconnect2.c b/sshconnect2.c
index 208df078c..5bb772368 100644
--- a/sshconnect2.c
+++ b/sshconnect2.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: sshconnect2.c,v 1.164 2007/05/17 23:53:41 jolan Exp $ */
+/* $OpenBSD: sshconnect2.c,v 1.165 2008/01/19 23:09:49 djm Exp $ */
 /*
  * Copyright (c) 2000 Markus Friedl.  All rights reserved.
  *
@@ -130,7 +130,7 @@ ssh_kex2(char *host, struct sockaddr *hostaddr)
                     options.hostkeyalgorithms;
 
         if (options.rekey_limit)
-                packet_set_rekey_limit(options.rekey_limit);
+                packet_set_rekey_limit((u_int32_t)options.rekey_limit);
 
         /* start key exchange */
         kex = kex_setup(myproposal);