1 files changed, 5 insertions, 4 deletions

diff --git a/authfd.c b/authfd.c
index 9ce5b5ea8..8976616b4 100644
--- a/authfd.c
+++ b/authfd.c
@@ -35,7 +35,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: authfd.c,v 1.65 2005/05/24 17:32:43 avsm Exp $");
+RCSID("$OpenBSD: authfd.c,v 1.66 2005/06/17 02:44:32 djm Exp $");
 
 #include <openssl/evp.h>
 
@@ -114,8 +114,7 @@ ssh_get_authentication_socket(void)
 static int
 ssh_request_reply(AuthenticationConnection *auth, Buffer *request, Buffer *reply)
 {
-        int l;
-        u_int len;
+        u_int l, len;
         char buf[1024];
 
         /* Get the length of the message, and format it in the buffer. */
@@ -302,6 +301,7 @@ ssh_get_first_identity(AuthenticationConnection *auth, char **comment, int versi
 Key *
 ssh_get_next_identity(AuthenticationConnection *auth, char **comment, int version)
 {
+        int keybits;
         u_int bits;
         u_char *blob;
         u_int blen;
@@ -322,7 +322,8 @@ ssh_get_next_identity(AuthenticationConnection *auth, char **comment, int versio
                 buffer_get_bignum(&auth->identities, key->rsa->e);
                 buffer_get_bignum(&auth->identities, key->rsa->n);
                 *comment = buffer_get_string(&auth->identities, NULL);
-                if (bits != BN_num_bits(key->rsa->n))
+                keybits = BN_num_bits(key->rsa->n);
+                if (keybits < 0 || bits != (u_int)keybits)
                         logit("Warning: identity keysize mismatch: actual %d, announced %u",
                             BN_num_bits(key->rsa->n), bits);
                 break;