1 files changed, 6 insertions, 10 deletions

diff --git a/kexdhs.c b/kexdhs.c
index f56e88764..269d80900 100644
--- a/kexdhs.c
+++ b/kexdhs.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: kexdhs.c,v 1.12 2010/11/10 01:33:07 djm Exp $ */
+/* $OpenBSD: kexdhs.c,v 1.14 2013/07/19 07:37:48 markus Exp $ */
 /*
  * Copyright (c) 2001 Markus Friedl.  All rights reserved.
  *
@@ -80,9 +80,6 @@ kexdh_server(Kex *kex)
         if (server_host_public == NULL)
                 fatal("Unsupported hostkey type %d", kex->hostkey_type);
         server_host_private = kex->load_host_private_key(kex->hostkey_type);
-        if (server_host_private == NULL)
-                fatal("Missing private key for hostkey type %d",
-                    kex->hostkey_type);
 
         /* key, cert */
         if ((dh_client_pub = BN_new()) == NULL)
@@ -118,7 +115,7 @@ kexdh_server(Kex *kex)
         if (BN_bin2bn(kbuf, kout, shared_secret) == NULL)
                 fatal("kexdh_server: BN_bin2bn failed");
         memset(kbuf, 0, klen);
-        xfree(kbuf);
+        free(kbuf);
 
         key_to_blob(server_host_public, &server_host_key_blob, &sbloblen);
 
@@ -144,9 +141,8 @@ kexdh_server(Kex *kex)
         }
 
         /* sign H */
-        if (PRIVSEP(key_sign(server_host_private, &signature, &slen, hash,
-            hashlen)) < 0)
-                fatal("kexdh_server: key_sign failed");
+        kex->sign(server_host_private, server_host_public, &signature, &slen,
+            hash, hashlen);
 
         /* destroy_sensitive_data(); */
 
@@ -157,8 +153,8 @@ kexdh_server(Kex *kex)
         packet_put_string(signature, slen);
         packet_send();
 
-        xfree(signature);
-        xfree(server_host_key_blob);
+        free(signature);
+        free(server_host_key_blob);
         /* have keys, free DH */
         DH_free(dh);