15 files changed, 66 insertions, 60 deletions

diff --git a/ChangeLog b/ChangeLog
index d495190d0..784ddeb8f 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -38,6 +38,10 @@
    - markus@cvs.openbsd.org 2002/02/24 18:31:09
      [uuencode.c]
      typo in comment
+   - markus@cvs.openbsd.org 2002/02/24 19:14:59
+     [auth2.c authfd.c authfd.h authfile.c kexdh.c kexgex.c key.c key.h 
+      ssh-dss.c ssh-dss.h ssh-keygen.c ssh-rsa.c ssh-rsa.h sshconnect2.c]
+     signed vs. unsigned: make size arguments u_int, ok stevesk@
 
 20020225
  - (bal) Last AIX patch.  Moved aix_usrinfo() outside of do_setuserconext()
@@ -7711,4 +7715,4 @@
  - Wrote replacements for strlcpy and mkdtemp
  - Released 1.0pre1
 
-$Id: ChangeLog,v 1.1884 2002/02/26 18:07:26 mouring Exp $
+$Id: ChangeLog,v 1.1885 2002/02/26 18:09:42 mouring Exp $
diff --git a/auth2.c b/auth2.c
index 22b558696..f2a801ecc 100644
--- a/auth2.c
+++ b/auth2.c
@@ -23,7 +23,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: auth2.c,v 1.84 2002/02/04 11:58:10 markus Exp $");
+RCSID("$OpenBSD: auth2.c,v 1.85 2002/02/24 19:14:59 markus Exp $");
 
 #include <openssl/evp.h>
 
@@ -398,7 +398,8 @@ userauth_pubkey(Authctxt *authctxt)
 {
         Buffer b;
         Key *key = NULL;
-        char *pkalg, *pkblob, *sig;
+        char *pkalg;
+        u_char *pkblob, *sig;
         u_int alen, blen, slen;
         int have_sig, pktype;
         int authenticated = 0;
@@ -512,7 +513,8 @@ userauth_hostbased(Authctxt *authctxt)
 {
         Buffer b;
         Key *key = NULL;
-        char *pkalg, *pkblob, *sig, *cuser, *chost, *service;
+        char *pkalg, *cuser, *chost, *service;
+        u_char *pkblob, *sig;
         u_int alen, blen, slen;
         int pktype;
         int authenticated = 0;
@@ -794,4 +796,3 @@ hostbased_key_allowed(struct passwd *pw, const char *cuser, char *chost,
 
         return (host_status == HOST_OK);
 }
-
diff --git a/authfd.c b/authfd.c
index f90676cca..fa764358f 100644
--- a/authfd.c
+++ b/authfd.c
@@ -35,7 +35,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: authfd.c,v 1.47 2002/01/18 18:14:17 stevesk Exp $");
+RCSID("$OpenBSD: authfd.c,v 1.48 2002/02/24 19:14:59 markus Exp $");
 
 #include <openssl/evp.h>
 
@@ -374,8 +374,8 @@ ssh_decrypt_challenge(AuthenticationConnection *auth,
 int
 ssh_agent_sign(AuthenticationConnection *auth,
     Key *key,
-    u_char **sigp, int *lenp,
-    u_char *data, int datalen)
+    u_char **sigp, u_int *lenp,
+    u_char *data, u_int datalen)
 {
         extern int datafellows;
         Buffer msg;
diff --git a/authfd.h b/authfd.h
index 8075a7ebd..f4901f4a1 100644
--- a/authfd.h
+++ b/authfd.h
@@ -11,7 +11,7 @@
  * called by a name other than "ssh" or "Secure Shell".
  */
 
-/* RCSID("$OpenBSD: authfd.h,v 1.21 2001/08/07 10:37:46 markus Exp $"); */
+/* RCSID("$OpenBSD: authfd.h,v 1.22 2002/02/24 19:14:59 markus Exp $"); */
 
 #ifndef AUTHFD_H
 #define AUTHFD_H
@@ -74,7 +74,7 @@ ssh_decrypt_challenge(AuthenticationConnection *, Key *, BIGNUM *, u_char[16],
     u_int, u_char[16]);
 
 int
-ssh_agent_sign(AuthenticationConnection *, Key *, u_char **, int *, u_char *,
-    int);
+ssh_agent_sign(AuthenticationConnection *, Key *, u_char **, u_int *, u_char *,
+    u_int);
 
 #endif                          /* AUTHFD_H */
diff --git a/authfile.c b/authfile.c
index e35714e93..50ae9aa78 100644
--- a/authfile.c
+++ b/authfile.c
@@ -36,7 +36,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: authfile.c,v 1.46 2002/02/14 23:41:01 markus Exp $");
+RCSID("$OpenBSD: authfile.c,v 1.47 2002/02/24 19:14:59 markus Exp $");
 
 #include <openssl/err.h>
 #include <openssl/evp.h>
@@ -168,7 +168,7 @@ key_save_private_pem(Key *key, const char *filename, const char *_passphrase,
         int fd;
         int success = 0;
         int len = strlen(_passphrase);
-        char *passphrase = (len > 0) ? (char *)_passphrase : NULL;
+        u_char *passphrase = (len > 0) ? (u_char *)_passphrase : NULL;
         EVP_CIPHER *cipher = (len > 0) ? EVP_des_ede3_cbc() : NULL;
 
         if (len > 0 && len <= 4) {
diff --git a/kexdh.c b/kexdh.c
index 2049d6e1b..cfeb6298a 100644
--- a/kexdh.c
+++ b/kexdh.c
@@ -23,7 +23,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: kexdh.c,v 1.15 2002/02/23 17:59:02 markus Exp $");
+RCSID("$OpenBSD: kexdh.c,v 1.16 2002/02/24 19:14:59 markus Exp $");
 
 #include <openssl/crypto.h>
 #include <openssl/bn.h>
@@ -201,7 +201,7 @@ kexdh_server(Kex *kex)
         Key *server_host_key;
         u_char *kbuf, *hash, *signature = NULL, *server_host_key_blob = NULL;
         u_int sbloblen, klen, kout;
-        int slen;
+        u_int slen;
 
         /* generate server DH public key */
         dh = dh_new_group1();
diff --git a/kexgex.c b/kexgex.c
index ac377aafc..06ed8e5a6 100644
--- a/kexgex.c
+++ b/kexgex.c
@@ -24,7 +24,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: kexgex.c,v 1.18 2002/02/23 17:59:02 markus Exp $");
+RCSID("$OpenBSD: kexgex.c,v 1.19 2002/02/24 19:14:59 markus Exp $");
 
 #include <openssl/bn.h>
 
@@ -261,8 +261,8 @@ kexgex_server(Kex *kex)
         Key *server_host_key;
         DH *dh = dh;
         u_char *kbuf, *hash, *signature = NULL, *server_host_key_blob = NULL;
-        u_int sbloblen, klen, kout;
-        int min = -1, max = -1, nbits = -1, type, slen;
+        u_int sbloblen, klen, kout, slen;
+        int min = -1, max = -1, nbits = -1, type;
 
         if (kex->load_host_key == NULL)
                 fatal("Cannot load hostkey");
diff --git a/key.c b/key.c
index 8b1057e8e..d1355e871 100644
--- a/key.c
+++ b/key.c
@@ -32,7 +32,7 @@
  * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  */
 #include "includes.h"
-RCSID("$OpenBSD: key.c,v 1.39 2002/01/25 22:07:40 markus Exp $");
+RCSID("$OpenBSD: key.c,v 1.40 2002/02/24 19:14:59 markus Exp $");
 
 #include <openssl/evp.h>
 
@@ -176,7 +176,7 @@ key_fingerprint_raw(Key *k, enum fp_type dgst_type, u_int *dgst_raw_length)
         EVP_MD_CTX ctx;
         u_char *blob = NULL;
         u_char *retval = NULL;
-        int len = 0;
+        u_int len = 0;
         int nlen, elen;
 
         *dgst_raw_length = 0;
@@ -488,8 +488,9 @@ key_read(Key *ret, char **cpp)
 int
 key_write(Key *key, FILE *f)
 {
-        int success = 0;
-        u_int bits = 0;
+        int n, success = 0;
+        u_int len, bits = 0;
+        u_char *blob, *uu;
 
         if (key->type == KEY_RSA1 && key->rsa != NULL) {
                 /* size of modulus 'n' */
@@ -503,8 +504,6 @@ key_write(Key *key, FILE *f)
                 }
         } else if ((key->type == KEY_DSA && key->dsa != NULL) ||
             (key->type == KEY_RSA && key->rsa != NULL)) {
-                int len, n;
-                u_char *blob, *uu;
                 key_to_blob(key, &blob, &len);
                 uu = xmalloc(2*len);
                 n = uuencode(blob, len, uu, 2*len);
@@ -763,8 +762,8 @@ key_to_blob(Key *key, u_char **blobp, u_int *lenp)
 int
 key_sign(
     Key *key,
-    u_char **sigp, int *lenp,
-    u_char *data, int datalen)
+    u_char **sigp, u_int *lenp,
+    u_char *data, u_int datalen)
 {
         switch (key->type) {
         case KEY_DSA:
@@ -783,8 +782,8 @@ key_sign(
 int
 key_verify(
     Key *key,
-    u_char *signature, int signaturelen,
-    u_char *data, int datalen)
+    u_char *signature, u_int signaturelen,
+    u_char *data, u_int datalen)
 {
         if (signaturelen == 0)
                 return -1;
diff --git a/key.h b/key.h
index 00eebb7f1..a2257731a 100644
--- a/key.h
+++ b/key.h
@@ -1,4 +1,4 @@
-/*      $OpenBSD: key.h,v 1.17 2001/09/17 19:27:15 stevesk Exp $        */
+/*      $OpenBSD: key.h,v 1.18 2002/02/24 19:14:59 markus Exp $ */
 
 /*
  * Copyright (c) 2000, 2001 Markus Friedl.  All rights reserved.
@@ -74,7 +74,7 @@ int	 key_to_blob(Key *, u_char **, u_int *);
 char    *key_ssh_name(Key *);
 int      key_names_valid2(const char *);
 
-int      key_sign(Key *, u_char **, int *, u_char *, int);
-int      key_verify(Key *, u_char *, int, u_char *, int);
+int      key_sign(Key *, u_char **, u_int *, u_char *, u_int);
+int      key_verify(Key *, u_char *, u_int, u_char *, u_int);
 
 #endif
diff --git a/ssh-dss.c b/ssh-dss.c
index b81b8347d..e7aa64134 100644
--- a/ssh-dss.c
+++ b/ssh-dss.c
@@ -23,7 +23,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: ssh-dss.c,v 1.12 2002/01/25 21:42:11 markus Exp $");
+RCSID("$OpenBSD: ssh-dss.c,v 1.13 2002/02/24 19:14:59 markus Exp $");
 
 #include <openssl/bn.h>
 #include <openssl/evp.h>
@@ -42,8 +42,8 @@ RCSID("$OpenBSD: ssh-dss.c,v 1.12 2002/01/25 21:42:11 markus Exp $");
 int
 ssh_dss_sign(
     Key *key,
-    u_char **sigp, int *lenp,
-    u_char *data, int datalen)
+    u_char **sigp, u_int *lenp,
+    u_char *data, u_int datalen)
 {
         DSA_SIG *sig;
         EVP_MD *evp_md = EVP_sha1();
@@ -106,8 +106,8 @@ ssh_dss_sign(
 int
 ssh_dss_verify(
     Key *key,
-    u_char *signature, int signaturelen,
-    u_char *data, int datalen)
+    u_char *signature, u_int signaturelen,
+    u_char *data, u_int datalen)
 {
         DSA_SIG *sig;
         EVP_MD *evp_md = EVP_sha1();
diff --git a/ssh-dss.h b/ssh-dss.h
index 0613acba3..94961b1e8 100644
--- a/ssh-dss.h
+++ b/ssh-dss.h
@@ -1,4 +1,4 @@
-/*      $OpenBSD: ssh-dss.h,v 1.5 2001/06/26 17:27:25 markus Exp $      */
+/*      $OpenBSD: ssh-dss.h,v 1.6 2002/02/24 19:14:59 markus Exp $      */
 
 /*
  * Copyright (c) 2000 Markus Friedl.  All rights reserved.
@@ -26,7 +26,7 @@
 #ifndef DSA_H
 #define DSA_H
 
-int      ssh_dss_sign(Key *, u_char **, int *, u_char *, int);
-int      ssh_dss_verify(Key *, u_char *, int, u_char *, int);
+int      ssh_dss_sign(Key *, u_char **, u_int *, u_char *, u_int);
+int      ssh_dss_verify(Key *, u_char *, u_int, u_char *, u_int);
 
 #endif
diff --git a/ssh-keygen.c b/ssh-keygen.c
index ddd03ff5d..4560a3ffe 100644
--- a/ssh-keygen.c
+++ b/ssh-keygen.c
@@ -12,7 +12,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: ssh-keygen.c,v 1.92 2002/02/16 20:40:08 stevesk Exp $");
+RCSID("$OpenBSD: ssh-keygen.c,v 1.93 2002/02/24 19:14:59 markus Exp $");
 
 #include <openssl/evp.h>
 #include <openssl/pem.h>
@@ -196,7 +196,7 @@ buffer_get_bignum_bits(Buffer *b, BIGNUM *value)
 }
 
 static Key *
-do_convert_private_ssh2_from_blob(u_char *blob, int blen)
+do_convert_private_ssh2_from_blob(u_char *blob, u_int blen)
 {
         Buffer b;
         Key *key = NULL;
diff --git a/ssh-rsa.c b/ssh-rsa.c
index c4339b95b..8e79d4e1d 100644
--- a/ssh-rsa.c
+++ b/ssh-rsa.c
@@ -23,7 +23,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: ssh-rsa.c,v 1.15 2002/01/25 21:42:11 markus Exp $");
+RCSID("$OpenBSD: ssh-rsa.c,v 1.16 2002/02/24 19:14:59 markus Exp $");
 
 #include <openssl/evp.h>
 #include <openssl/err.h>
@@ -40,8 +40,8 @@ RCSID("$OpenBSD: ssh-rsa.c,v 1.15 2002/01/25 21:42:11 markus Exp $");
 int
 ssh_rsa_sign(
     Key *key,
-    u_char **sigp, int *lenp,
-    u_char *data, int datalen)
+    u_char **sigp, u_int *lenp,
+    u_char *data, u_int datalen)
 {
         const EVP_MD *evp_md;
         EVP_MD_CTX md;
@@ -110,8 +110,8 @@ ssh_rsa_sign(
 int
 ssh_rsa_verify(
     Key *key,
-    u_char *signature, int signaturelen,
-    u_char *data, int datalen)
+    u_char *signature, u_int signaturelen,
+    u_char *data, u_int datalen)
 {
         Buffer b;
         const EVP_MD *evp_md;
diff --git a/ssh-rsa.h b/ssh-rsa.h
index 11d355d58..7177a3f92 100644
--- a/ssh-rsa.h
+++ b/ssh-rsa.h
@@ -1,4 +1,4 @@
-/*      $OpenBSD: ssh-rsa.h,v 1.5 2001/06/26 17:27:25 markus Exp $      */
+/*      $OpenBSD: ssh-rsa.h,v 1.6 2002/02/24 19:14:59 markus Exp $      */
 
 /*
  * Copyright (c) 2000 Markus Friedl.  All rights reserved.
@@ -26,7 +26,7 @@
 #ifndef SSH_RSA_H
 #define SSH_RSA_H
 
-int      ssh_rsa_sign(Key *, u_char **, int *, u_char *, int);
-int      ssh_rsa_verify(Key *, u_char *, int, u_char *, int);
+int      ssh_rsa_sign(Key *, u_char **, u_int *, u_char *, u_int);
+int      ssh_rsa_verify(Key *, u_char *, u_int, u_char *, u_int);
 
 #endif
diff --git a/sshconnect2.c b/sshconnect2.c
index ea8cfa6da..374eab570 100644
--- a/sshconnect2.c
+++ b/sshconnect2.c
@@ -23,7 +23,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: sshconnect2.c,v 1.95 2002/02/03 17:59:23 markus Exp $");
+RCSID("$OpenBSD: sshconnect2.c,v 1.96 2002/02/24 19:14:59 markus Exp $");
 
 #include "ssh.h"
 #include "ssh2.h"
@@ -138,7 +138,7 @@ typedef struct Authmethod Authmethod;
 
 typedef int sign_cb_fn(
     Authctxt *authctxt, Key *key,
-    u_char **sigp, int *lenp, u_char *data, int datalen);
+    u_char **sigp, u_int *lenp, u_char *data, u_int datalen);
 
 struct Authctxt {
         const char *server_user;
@@ -353,8 +353,10 @@ input_userauth_pk_ok(int type, u_int32_t seq, void *ctxt)
         Authctxt *authctxt = ctxt;
         Key *key = NULL;
         Buffer b;
-        int pktype, alen, blen, sent = 0;
-        char *pkalg, *pkblob, *fp;
+        int pktype, sent = 0;
+        u_int alen, blen;
+        char *pkalg, *fp;
+        u_char *pkblob;
 
         if (authctxt == NULL)
                 fatal("input_userauth_pk_ok: no authentication context");
@@ -480,7 +482,7 @@ sign_and_send_pubkey(Authctxt *authctxt, Key *k, sign_cb_fn *sign_callback)
 {
         Buffer b;
         u_char *blob, *signature;
-        int bloblen, slen;
+        u_int bloblen, slen;
         int skip = 0;
         int ret = -1;
         int have_sig = 1;
@@ -632,8 +634,8 @@ load_identity_file(char *filename)
 }
 
 static int
-identity_sign_cb(Authctxt *authctxt, Key *key, u_char **sigp, int *lenp,
-    u_char *data, int datalen)
+identity_sign_cb(Authctxt *authctxt, Key *key, u_char **sigp, u_int *lenp,
+    u_char *data, u_int datalen)
 {
         Key *private;
         int idx, ret;
@@ -655,15 +657,15 @@ identity_sign_cb(Authctxt *authctxt, Key *key, u_char **sigp, int *lenp,
 }
 
 static int
-agent_sign_cb(Authctxt *authctxt, Key *key, u_char **sigp, int *lenp,
-    u_char *data, int datalen)
+agent_sign_cb(Authctxt *authctxt, Key *key, u_char **sigp, u_int *lenp,
+    u_char *data, u_int datalen)
 {
         return ssh_agent_sign(authctxt->agent, key, sigp, lenp, data, datalen);
 }
 
 static int
-key_sign_cb(Authctxt *authctxt, Key *key, u_char **sigp, int *lenp,
-    u_char *data, int datalen)
+key_sign_cb(Authctxt *authctxt, Key *key, u_char **sigp, u_int *lenp,
+    u_char *data, u_int datalen)
 {
         return key_sign(key, sigp, lenp, data, datalen);
 }