5 files changed, 47 insertions, 24 deletions
diff --git a/ChangeLog b/ChangeLog
index 8c7627074..cdf467e39 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -43,6 +43,9 @@
   - deraadt@cvs.openbsd.org 2006/03/19 18:53:12
     [kex.c kex.h monitor.c myproposal.h session.c]
     spacing
+   - deraadt@cvs.openbsd.org 2006/03/19 18:56:41
+     [clientloop.c progressmeter.c serverloop.c sshd.c]
+     ARGSUSED for signal handlers
 20060325
 - OpenBSD CVS Sync
@@ -4300,4 +4303,4 @@
   - (djm) Trim deprecated options from INSTALL. Mention UsePAM
   - (djm) Fix quote handling in sftp; Patch from admorten AT umich.edu
-$Id: ChangeLog,v 1.4253 2006/03/26 02:58:55 djm Exp $
+$Id: ChangeLog,v 1.4254 2006/03/26 02:59:20 djm Exp $
diff --git a/clientloop.c b/clientloop.c
index 6d58a5afb..d321cb8bf 100644
--- a/clientloop.c
+++ b/clientloop.c
@@ -190,7 +190,7 @@ enter_non_blocking(void)
 * Signal handler for the window change signal (SIGWINCH).  This just sets a
 * flag indicating that the window has changed.
 */
+/*ARGSUSED */
 static void
 window_change_handler(int sig)
 {
@@ -202,7 +202,7 @@ window_change_handler(int sig)
 * Signal handler for signals that cause the program to terminate.  These
 * signals must be trapped to restore terminal modes.
 */
+/*ARGSUSED */
 static void
 signal_handler(int sig)
 {
diff --git a/progressmeter.c b/progressmeter.c
index 26b34a3e9..ff99acf71 100644
--- a/progressmeter.c
+++ b/progressmeter.c
@@ -272,6 +272,7 @@ stop_progress_meter(void)
        atomicio(vwrite, STDOUT_FILENO, "\n", 1);
 }
+/*ARGSUSED*/
 static void
 sig_winch(int sig)
 {
diff --git a/serverloop.c b/serverloop.c
index 3efe7d80b..816215e05 100644
--- a/serverloop.c
+++ b/serverloop.c
@@ -147,6 +147,7 @@ notify_done(fd_set *readset)
                        debug2("notify_done: reading");
 }
+/*ARGSUSED*/
 static void
 sigchld_handler(int sig)
 {
@@ -159,6 +160,7 @@ sigchld_handler(int sig)
        errno = save_errno;
 }
+/*ARGSUSED*/
 static void
 sigterm_handler(int sig)
 {
@@ -942,7 +944,7 @@ server_request_tun(void)
        tun = packet_get_int();
        if (forced_tun_device != -1) {
-                if (tun != SSH_TUNID_ANY && forced_tun_device != tun)
+                if (tun != SSH_TUNID_ANY && forced_tun_device != tun)
                        goto done;
                tun = forced_tun_device;
        }
diff --git a/sshd.c b/sshd.c
index e6b1f5496..cfd38906e 100644
--- a/sshd.c
+++ b/sshd.c
@@ -257,6 +257,8 @@ close_startup_pipes(void)
 * the effect is to reread the configuration file (and to regenerate
 * the server key).
 */
+/*ARGSUSED*/
 static void
 sighup_handler(int sig)
 {
@@ -271,6 +273,7 @@ sighup_handler(int sig)
 * Called from the main program after receiving SIGHUP.
 * Restarts the server.
 */
+/*ARGSUSED*/
 static void
 sighup_restart(void)
 {
@@ -286,6 +289,7 @@ sighup_restart(void)
 /*
 * Generic signal handler for terminating signals in the master daemon.
 */
+/*ARGSUSED*/
 static void
 sigterm_handler(int sig)
 {
@@ -296,6 +300,7 @@ sigterm_handler(int sig)
 * SIGCHLD handler.  This is called whenever a child dies.  This will then
 * reap any zombies left by exited children.
 */
+/*ARGSUSED*/
 static void
 main_sigchld_handler(int sig)
 {
@@ -314,6 +319,7 @@ main_sigchld_handler(int sig)
 /*
 * Signal handler for the alarm after the login grace period has expired.
 */
+/*ARGSUSED*/
 static void
 grace_alarm_handler(int sig)
 {
@@ -356,6 +362,7 @@ generate_ephemeral_server_key(void)
        arc4random_stir();
 }
+/*ARGSUSED*/
 static void
 key_regeneration_alarm(int sig)
 {
@@ -976,7 +983,8 @@ main(int ac, char **av)
                        options.log_level = SYSLOG_LEVEL_QUIET;
                        break;
                case 'b':
-                        options.server_key_bits = atoi(optarg);
+                        options.server_key_bits = (int)strtonum(optarg, 256,
+                            32768, NULL);
                        break;
                case 'p':
                        options.ports_from_cmdline = 1;
@@ -1013,7 +1021,7 @@ main(int ac, char **av)
                        test_flag = 1;
                        break;
                case 'u':
-                        utmp_len = atoi(optarg);
+                        utmp_len = (u_int)strtonum(optarg, 0, MAXHOSTNAMELEN+1, NULL);
                        if (utmp_len > MAXHOSTNAMELEN) {
                                fprintf(stderr, "Invalid utmp length.\n");
                                exit(1);
@@ -1169,10 +1177,9 @@ main(int ac, char **av)
        }
        if (use_privsep) {
-                struct passwd *pw;
                struct stat st;
-                if ((pw = getpwnam(SSH_PRIVSEP_USER)) == NULL)
+                if (getpwnam(SSH_PRIVSEP_USER) == NULL)
                        fatal("Privilege separation user %s does not exist",
                            SSH_PRIVSEP_USER);
                if ((stat(_PATH_PRIVSEP_CHROOT_DIR, &st) == -1) ||
@@ -1444,8 +1451,8 @@ main(int ac, char **av)
                                if (!FD_ISSET(listen_socks[i], fdset))
                                        continue;
                                fromlen = sizeof(from);
-                                newsock = accept(listen_socks[i], (struct sockaddr *)&from,
+                                newsock = accept(listen_socks[i],
-                                    &fromlen);
+                                    (struct sockaddr *)&from, &fromlen);
                                if (newsock < 0) {
                                        if (errno != EINTR && errno != EWOULDBLOCK)
                                                error("accept: %.100s", strerror(errno));
@@ -1516,10 +1523,11 @@ main(int ac, char **av)
                                         */
                                        if ((pid = fork()) == 0) {
                                                /*
-                                                 * Child.  Close the listening and max_startup
+                                                 * Child.  Close the listening and
-                                                 * sockets.  Start using the accepted socket.
+                                                 * max_startup sockets.  Start using
-                                                 * Reinitialize logging (since our pid has
+                                                 * the accepted socket. Reinitialize
-                                                 * changed).  We break out of the loop to handle
+                                                 * logging (since our pid has changed).
+                                                 * We break out of the loop to handle
                                                 * the connection.
                                                 */
                                                startup_pipe = startup_p[1];
@@ -1527,7 +1535,10 @@ main(int ac, char **av)
                                                close_listen_socks();
                                                sock_in = newsock;
                                                sock_out = newsock;
-                                                log_init(__progname, options.log_level, options.log_facility, log_stderr);
+                                                log_init(__progname,
+                                                    options.log_level,
+                                                    options.log_facility,
+                                                    log_stderr);
                                                if (rexec_flag)
                                                        close(config_s[0]);
                                                break;
@@ -1548,7 +1559,10 @@ main(int ac, char **av)
                                        close(config_s[1]);
                                }
-                                /* Mark that the key has been used (it was "given" to the child). */
+                                /*
+                                 * Mark that the key has been used (it
+                                 * was "given" to the child).
+                                 */
                                if ((options.protocol & SSH_PROTO_1) &&
                                    key_used == 0) {
                                        /* Schedule server key regeneration alarm. */
@@ -1558,8 +1572,6 @@ main(int ac, char **av)
                                }
                                arc4random_stir();
-                                /* Close the new socket (the child is now taking care of it). */
                                close(newsock);
                        }
                        /* child process check (or debug mode) */
@@ -1794,11 +1806,14 @@ ssh1_session_key(BIGNUM *session_key_int)
 {
        int rsafail = 0;
-        if (BN_cmp(sensitive_data.server_key->rsa->n, sensitive_data.ssh1_host_key->rsa->n) > 0) {
+        if (BN_cmp(sensitive_data.server_key->rsa->n,
+            sensitive_data.ssh1_host_key->rsa->n) > 0) {
                /* Server key has bigger modulus. */
                if (BN_num_bits(sensitive_data.server_key->rsa->n) <
-                    BN_num_bits(sensitive_data.ssh1_host_key->rsa->n) + SSH_KEY_BITS_RESERVED) {
+                    BN_num_bits(sensitive_data.ssh1_host_key->rsa->n) +
-                        fatal("do_connection: %s: server_key %d < host_key %d + SSH_KEY_BITS_RESERVED %d",
+                    SSH_KEY_BITS_RESERVED) {
+                        fatal("do_connection: %s: "
+                            "server_key %d < host_key %d + SSH_KEY_BITS_RESERVED %d",
                            get_remote_ipaddr(),
                            BN_num_bits(sensitive_data.server_key->rsa->n),
                            BN_num_bits(sensitive_data.ssh1_host_key->rsa->n),
@@ -1813,8 +1828,10 @@ ssh1_session_key(BIGNUM *session_key_int)
        } else {
                /* Host key has bigger modulus (or they are equal). */
                if (BN_num_bits(sensitive_data.ssh1_host_key->rsa->n) <
-                    BN_num_bits(sensitive_data.server_key->rsa->n) + SSH_KEY_BITS_RESERVED) {
+                    BN_num_bits(sensitive_data.server_key->rsa->n) +
-                        fatal("do_connection: %s: host_key %d < server_key %d + SSH_KEY_BITS_RESERVED %d",
+                    SSH_KEY_BITS_RESERVED) {
+                        fatal("do_connection: %s: "
+                            "host_key %d < server_key %d + SSH_KEY_BITS_RESERVED %d",
                            get_remote_ipaddr(),
                            BN_num_bits(sensitive_data.ssh1_host_key->rsa->n),
                            BN_num_bits(sensitive_data.server_key->rsa->n),
@@ -2035,7 +2052,7 @@ do_ssh2_kex(void)
                myproposal[PROPOSAL_COMP_ALGS_CTOS] =
                myproposal[PROPOSAL_COMP_ALGS_STOC] = "none,zlib@openssh.com";
        }
-        
        myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = list_hostkey_types();
        /* start key exchange */

diff --git a/ChangeLog b/ChangeLog index 8c7627074..cdf467e39 100644 --- a/ChangeLog +++ b/ChangeLog
@@ -43,6 +43,9 @@
43	- deraadt@cvs.openbsd.org 2006/03/19 18:53:12	43	- deraadt@cvs.openbsd.org 2006/03/19 18:53:12
44	[kex.c kex.h monitor.c myproposal.h session.c]	44	[kex.c kex.h monitor.c myproposal.h session.c]
45	spacing	45	spacing
		46	- deraadt@cvs.openbsd.org 2006/03/19 18:56:41
		47	[clientloop.c progressmeter.c serverloop.c sshd.c]
		48	ARGSUSED for signal handlers
46		49
47	20060325	50	20060325
48	- OpenBSD CVS Sync	51	- OpenBSD CVS Sync
@@ -4300,4 +4303,4 @@
4300	- (djm) Trim deprecated options from INSTALL. Mention UsePAM	4303	- (djm) Trim deprecated options from INSTALL. Mention UsePAM
4301	- (djm) Fix quote handling in sftp; Patch from admorten AT umich.edu	4304	- (djm) Fix quote handling in sftp; Patch from admorten AT umich.edu
4302		4305
4303	$Id: ChangeLog,v 1.4253 2006/03/26 02:58:55 djm Exp $	4306	$Id: ChangeLog,v 1.4254 2006/03/26 02:59:20 djm Exp $


diff --git a/clientloop.c b/clientloop.c index 6d58a5afb..d321cb8bf 100644 --- a/clientloop.c +++ b/clientloop.c
@@ -190,7 +190,7 @@ enter_non_blocking(void)
190	* Signal handler for the window change signal (SIGWINCH). This just sets a	190	* Signal handler for the window change signal (SIGWINCH). This just sets a
191	* flag indicating that the window has changed.	191	* flag indicating that the window has changed.
192	*/	192	*/
193		193	/ARGSUSED /
194	static void	194	static void
195	window_change_handler(int sig)	195	window_change_handler(int sig)
196	{	196	{
@@ -202,7 +202,7 @@ window_change_handler(int sig)
202	* Signal handler for signals that cause the program to terminate. These	202	* Signal handler for signals that cause the program to terminate. These
203	* signals must be trapped to restore terminal modes.	203	* signals must be trapped to restore terminal modes.
204	*/	204	*/
205		205	/ARGSUSED /
206	static void	206	static void
207	signal_handler(int sig)	207	signal_handler(int sig)
208	{	208	{


diff --git a/progressmeter.c b/progressmeter.c index 26b34a3e9..ff99acf71 100644 --- a/progressmeter.c +++ b/progressmeter.c
@@ -272,6 +272,7 @@ stop_progress_meter(void)
272	atomicio(vwrite, STDOUT_FILENO, "\n", 1);	272	atomicio(vwrite, STDOUT_FILENO, "\n", 1);
273	}	273	}
274		274
		275	/ARGSUSED/
275	static void	276	static void
276	sig_winch(int sig)	277	sig_winch(int sig)
277	{	278	{


diff --git a/serverloop.c b/serverloop.c index 3efe7d80b..816215e05 100644 --- a/serverloop.c +++ b/serverloop.c
@@ -147,6 +147,7 @@ notify_done(fd_set *readset)
147	debug2("notify_done: reading");	147	debug2("notify_done: reading");
148	}	148	}
149		149
		150	/ARGSUSED/
150	static void	151	static void
151	sigchld_handler(int sig)	152	sigchld_handler(int sig)
152	{	153	{
@@ -159,6 +160,7 @@ sigchld_handler(int sig)
159	errno = save_errno;	160	errno = save_errno;
160	}	161	}
161		162
		163	/ARGSUSED/
162	static void	164	static void
163	sigterm_handler(int sig)	165	sigterm_handler(int sig)
164	{	166	{
@@ -942,7 +944,7 @@ server_request_tun(void)
942		944
943	tun = packet_get_int();	945	tun = packet_get_int();
944	if (forced_tun_device != -1) {	946	if (forced_tun_device != -1) {
945	if (tun != SSH_TUNID_ANY && forced_tun_device != tun)	947	if (tun != SSH_TUNID_ANY && forced_tun_device != tun)
946	goto done;	948	goto done;
947	tun = forced_tun_device;	949	tun = forced_tun_device;
948	}	950	}


diff --git a/sshd.c b/sshd.c index e6b1f5496..cfd38906e 100644 --- a/sshd.c +++ b/sshd.c
@@ -257,6 +257,8 @@ close_startup_pipes(void)
257	* the effect is to reread the configuration file (and to regenerate	257	* the effect is to reread the configuration file (and to regenerate
258	* the server key).	258	* the server key).
259	*/	259	*/
		260
		261	/ARGSUSED/
260	static void	262	static void
261	sighup_handler(int sig)	263	sighup_handler(int sig)
262	{	264	{
@@ -271,6 +273,7 @@ sighup_handler(int sig)
271	* Called from the main program after receiving SIGHUP.	273	* Called from the main program after receiving SIGHUP.
272	* Restarts the server.	274	* Restarts the server.
273	*/	275	*/
		276	/ARGSUSED/
274	static void	277	static void
275	sighup_restart(void)	278	sighup_restart(void)
276	{	279	{
@@ -286,6 +289,7 @@ sighup_restart(void)
286	/*	289	/*
287	* Generic signal handler for terminating signals in the master daemon.	290	* Generic signal handler for terminating signals in the master daemon.
288	*/	291	*/
		292	/ARGSUSED/
289	static void	293	static void
290	sigterm_handler(int sig)	294	sigterm_handler(int sig)
291	{	295	{
@@ -296,6 +300,7 @@ sigterm_handler(int sig)
296	* SIGCHLD handler. This is called whenever a child dies. This will then	300	* SIGCHLD handler. This is called whenever a child dies. This will then
297	* reap any zombies left by exited children.	301	* reap any zombies left by exited children.
298	*/	302	*/
		303	/ARGSUSED/
299	static void	304	static void
300	main_sigchld_handler(int sig)	305	main_sigchld_handler(int sig)
301	{	306	{
@@ -314,6 +319,7 @@ main_sigchld_handler(int sig)
314	/*	319	/*
315	* Signal handler for the alarm after the login grace period has expired.	320	* Signal handler for the alarm after the login grace period has expired.
316	*/	321	*/
		322	/ARGSUSED/
317	static void	323	static void
318	grace_alarm_handler(int sig)	324	grace_alarm_handler(int sig)
319	{	325	{
@@ -356,6 +362,7 @@ generate_ephemeral_server_key(void)
356	arc4random_stir();	362	arc4random_stir();
357	}	363	}
358		364
		365	/ARGSUSED/
359	static void	366	static void
360	key_regeneration_alarm(int sig)	367	key_regeneration_alarm(int sig)
361	{	368	{
@@ -976,7 +983,8 @@ main(int ac, char **av)
976	options.log_level = SYSLOG_LEVEL_QUIET;	983	options.log_level = SYSLOG_LEVEL_QUIET;
977	break;	984	break;
978	case 'b':	985	case 'b':
979	options.server_key_bits = atoi(optarg);	986	options.server_key_bits = (int)strtonum(optarg, 256,
		987	32768, NULL);
980	break;	988	break;
981	case 'p':	989	case 'p':
982	options.ports_from_cmdline = 1;	990	options.ports_from_cmdline = 1;
@@ -1013,7 +1021,7 @@ main(int ac, char **av)
1013	test_flag = 1;	1021	test_flag = 1;
1014	break;	1022	break;
1015	case 'u':	1023	case 'u':
1016	utmp_len = atoi(optarg);	1024	utmp_len = (u_int)strtonum(optarg, 0, MAXHOSTNAMELEN+1, NULL);
1017	if (utmp_len > MAXHOSTNAMELEN) {	1025	if (utmp_len > MAXHOSTNAMELEN) {
1018	fprintf(stderr, "Invalid utmp length.\n");	1026	fprintf(stderr, "Invalid utmp length.\n");
1019	exit(1);	1027	exit(1);
@@ -1169,10 +1177,9 @@ main(int ac, char **av)
1169	}	1177	}
1170		1178
1171	if (use_privsep) {	1179	if (use_privsep) {
1172	struct passwd *pw;
1173	struct stat st;	1180	struct stat st;
1174		1181
1175	if ((pw = getpwnam(SSH_PRIVSEP_USER)) == NULL)	1182	if (getpwnam(SSH_PRIVSEP_USER) == NULL)
1176	fatal("Privilege separation user %s does not exist",	1183	fatal("Privilege separation user %s does not exist",
1177	SSH_PRIVSEP_USER);	1184	SSH_PRIVSEP_USER);
1178	if ((stat(_PATH_PRIVSEP_CHROOT_DIR, &st) == -1) \|\|	1185	if ((stat(_PATH_PRIVSEP_CHROOT_DIR, &st) == -1) \|\|
@@ -1444,8 +1451,8 @@ main(int ac, char **av)
1444	if (!FD_ISSET(listen_socks[i], fdset))	1451	if (!FD_ISSET(listen_socks[i], fdset))
1445	continue;	1452	continue;
1446	fromlen = sizeof(from);	1453	fromlen = sizeof(from);
1447	newsock = accept(listen_socks[i], (struct sockaddr *)&from,	1454	newsock = accept(listen_socks[i],
1448	&fromlen);	1455	(struct sockaddr *)&from, &fromlen);
1449	if (newsock < 0) {	1456	if (newsock < 0) {
1450	if (errno != EINTR && errno != EWOULDBLOCK)	1457	if (errno != EINTR && errno != EWOULDBLOCK)
1451	error("accept: %.100s", strerror(errno));	1458	error("accept: %.100s", strerror(errno));
@@ -1516,10 +1523,11 @@ main(int ac, char **av)
1516	*/	1523	*/
1517	if ((pid = fork()) == 0) {	1524	if ((pid = fork()) == 0) {
1518	/*	1525	/*
1519	* Child. Close the listening and max_startup	1526	* Child. Close the listening and
1520	* sockets. Start using the accepted socket.	1527	* max_startup sockets. Start using
1521	* Reinitialize logging (since our pid has	1528	* the accepted socket. Reinitialize
1522	* changed). We break out of the loop to handle	1529	* logging (since our pid has changed).
		1530	* We break out of the loop to handle
1523	* the connection.	1531	* the connection.
1524	*/	1532	*/
1525	startup_pipe = startup_p[1];	1533	startup_pipe = startup_p[1];
@@ -1527,7 +1535,10 @@ main(int ac, char **av)
1527	close_listen_socks();	1535	close_listen_socks();
1528	sock_in = newsock;	1536	sock_in = newsock;
1529	sock_out = newsock;	1537	sock_out = newsock;
1530	log_init(__progname, options.log_level, options.log_facility, log_stderr);	1538	log_init(__progname,
		1539	options.log_level,
		1540	options.log_facility,
		1541	log_stderr);
1531	if (rexec_flag)	1542	if (rexec_flag)
1532	close(config_s[0]);	1543	close(config_s[0]);
1533	break;	1544	break;
@@ -1548,7 +1559,10 @@ main(int ac, char **av)
1548	close(config_s[1]);	1559	close(config_s[1]);
1549	}	1560	}
1550		1561
1551	/* Mark that the key has been used (it was "given" to the child). */	1562	/*
		1563	* Mark that the key has been used (it
		1564	* was "given" to the child).
		1565	*/
1552	if ((options.protocol & SSH_PROTO_1) &&	1566	if ((options.protocol & SSH_PROTO_1) &&
1553	key_used == 0) {	1567	key_used == 0) {
1554	/* Schedule server key regeneration alarm. */	1568	/* Schedule server key regeneration alarm. */
@@ -1558,8 +1572,6 @@ main(int ac, char **av)
1558	}	1572	}
1559		1573
1560	arc4random_stir();	1574	arc4random_stir();
1561
1562	/* Close the new socket (the child is now taking care of it). */
1563	close(newsock);	1575	close(newsock);
1564	}	1576	}
1565	/* child process check (or debug mode) */	1577	/* child process check (or debug mode) */
@@ -1794,11 +1806,14 @@ ssh1_session_key(BIGNUM *session_key_int)
1794	{	1806	{
1795	int rsafail = 0;	1807	int rsafail = 0;
1796		1808
1797	if (BN_cmp(sensitive_data.server_key->rsa->n, sensitive_data.ssh1_host_key->rsa->n) > 0) {	1809	if (BN_cmp(sensitive_data.server_key->rsa->n,
		1810	sensitive_data.ssh1_host_key->rsa->n) > 0) {
1798	/* Server key has bigger modulus. */	1811	/* Server key has bigger modulus. */
1799	if (BN_num_bits(sensitive_data.server_key->rsa->n) <	1812	if (BN_num_bits(sensitive_data.server_key->rsa->n) <
1800	BN_num_bits(sensitive_data.ssh1_host_key->rsa->n) + SSH_KEY_BITS_RESERVED) {	1813	BN_num_bits(sensitive_data.ssh1_host_key->rsa->n) +
1801	fatal("do_connection: %s: server_key %d < host_key %d + SSH_KEY_BITS_RESERVED %d",	1814	SSH_KEY_BITS_RESERVED) {
		1815	fatal("do_connection: %s: "
		1816	"server_key %d < host_key %d + SSH_KEY_BITS_RESERVED %d",
1802	get_remote_ipaddr(),	1817	get_remote_ipaddr(),
1803	BN_num_bits(sensitive_data.server_key->rsa->n),	1818	BN_num_bits(sensitive_data.server_key->rsa->n),
1804	BN_num_bits(sensitive_data.ssh1_host_key->rsa->n),	1819	BN_num_bits(sensitive_data.ssh1_host_key->rsa->n),
@@ -1813,8 +1828,10 @@ ssh1_session_key(BIGNUM *session_key_int)
1813	} else {	1828	} else {
1814	/* Host key has bigger modulus (or they are equal). */	1829	/* Host key has bigger modulus (or they are equal). */
1815	if (BN_num_bits(sensitive_data.ssh1_host_key->rsa->n) <	1830	if (BN_num_bits(sensitive_data.ssh1_host_key->rsa->n) <
1816	BN_num_bits(sensitive_data.server_key->rsa->n) + SSH_KEY_BITS_RESERVED) {	1831	BN_num_bits(sensitive_data.server_key->rsa->n) +
1817	fatal("do_connection: %s: host_key %d < server_key %d + SSH_KEY_BITS_RESERVED %d",	1832	SSH_KEY_BITS_RESERVED) {
		1833	fatal("do_connection: %s: "
		1834	"host_key %d < server_key %d + SSH_KEY_BITS_RESERVED %d",
1818	get_remote_ipaddr(),	1835	get_remote_ipaddr(),
1819	BN_num_bits(sensitive_data.ssh1_host_key->rsa->n),	1836	BN_num_bits(sensitive_data.ssh1_host_key->rsa->n),
1820	BN_num_bits(sensitive_data.server_key->rsa->n),	1837	BN_num_bits(sensitive_data.server_key->rsa->n),
@@ -2035,7 +2052,7 @@ do_ssh2_kex(void)
2035	myproposal[PROPOSAL_COMP_ALGS_CTOS] =	2052	myproposal[PROPOSAL_COMP_ALGS_CTOS] =
2036	myproposal[PROPOSAL_COMP_ALGS_STOC] = "none,zlib@openssh.com";	2053	myproposal[PROPOSAL_COMP_ALGS_STOC] = "none,zlib@openssh.com";
2037	}	2054	}
2038		2055
2039	myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = list_hostkey_types();	2056	myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = list_hostkey_types();
2040		2057
2041	/* start key exchange */	2058	/* start key exchange */