From 9278ffaf71c035fe5a50c9704dda36d2f2fd7a06 Mon Sep 17 00:00:00 2001
From: Damien Miller <djm@mindrot.org>
Date: Thu, 26 May 2005 11:59:06 +1000
Subject:  - (djm) OpenBSD CVS Sync    - otto@cvs.openbsd.org 2005/04/05
 13:45:31      [ssh-keygen.c]

---
 ssh-keygen.c | 33 ++++++++++++++++++++-------------
 1 file changed, 20 insertions(+), 13 deletions(-)

(limited to 'ssh-keygen.c')

diff --git a/ssh-keygen.c b/ssh-keygen.c
index 92885506a..6f0713dab 100644
--- a/ssh-keygen.c
+++ b/ssh-keygen.c
@@ -12,7 +12,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: ssh-keygen.c,v 1.122 2005/03/11 14:59:06 markus Exp $");
+RCSID("$OpenBSD: ssh-keygen.c,v 1.123 2005/04/05 13:45:31 otto Exp $");
 
 #include <openssl/evp.h>
 #include <openssl/pem.h>
@@ -959,31 +959,38 @@ usage(void)
 {
 	fprintf(stderr, "Usage: %s [options]\n", __progname);
 	fprintf(stderr, "Options:\n");
+	fprintf(stderr, "  -a trials   Number of trials for screening DH-GEX moduli.\n");
+	fprintf(stderr, "  -B          Show bubblebabble digest of key file.\n");
 	fprintf(stderr, "  -b bits     Number of bits in the key to create.\n");
+	fprintf(stderr, "  -C comment  Provide new comment.\n");
 	fprintf(stderr, "  -c          Change comment in private and public key files.\n");
+#ifdef SMARTCARD
+	fprintf(stderr, "  -D reader   Download public key from smartcard.\n");
+#endif /* SMARTCARD */
 	fprintf(stderr, "  -e          Convert OpenSSH to IETF SECSH key file.\n");
+	fprintf(stderr, "  -F hostname Find hostname in known hosts file.\n");
 	fprintf(stderr, "  -f filename Filename of the key file.\n");
+	fprintf(stderr, "  -G file     Generate candidates for DH-GEX moduli.\n");
 	fprintf(stderr, "  -g          Use generic DNS resource record format.\n");
+	fprintf(stderr, "  -H          Hash names in known_hosts file.\n");
 	fprintf(stderr, "  -i          Convert IETF SECSH to OpenSSH key file.\n");
 	fprintf(stderr, "  -l          Show fingerprint of key file.\n");
-	fprintf(stderr, "  -p          Change passphrase of private key file.\n");
-	fprintf(stderr, "  -q          Quiet.\n");
-	fprintf(stderr, "  -y          Read private key file and print public key.\n");
-	fprintf(stderr, "  -t type     Specify type of key to create.\n");
-	fprintf(stderr, "  -B          Show bubblebabble digest of key file.\n");
-	fprintf(stderr, "  -H          Hash names in known_hosts file\n");
-	fprintf(stderr, "  -F hostname Find hostname in known hosts file\n");
-	fprintf(stderr, "  -C comment  Provide new comment.\n");
+	fprintf(stderr, "  -M memory   Amount of memory (MB) to use for generating DH-GEX moduli.\n");
 	fprintf(stderr, "  -N phrase   Provide new passphrase.\n");
 	fprintf(stderr, "  -P phrase   Provide old passphrase.\n");
+	fprintf(stderr, "  -p          Change passphrase of private key file.\n");
+	fprintf(stderr, "  -q          Quiet.\n");
+	fprintf(stderr, "  -R hostname Remove host from known_hosts file.\n");
 	fprintf(stderr, "  -r hostname Print DNS resource record.\n");
+	fprintf(stderr, "  -S start    Start point (hex) for generating DH-GEX moduli.\n");
+	fprintf(stderr, "  -T file     Screen candidates for DH-GEX moduli.\n");
+	fprintf(stderr, "  -t type     Specify type of key to create.\n");
 #ifdef SMARTCARD
-	fprintf(stderr, "  -D reader   Download public key from smartcard.\n");
 	fprintf(stderr, "  -U reader   Upload private key to smartcard.\n");
 #endif /* SMARTCARD */
-
-	fprintf(stderr, "  -G file     Generate candidates for DH-GEX moduli\n");
-	fprintf(stderr, "  -T file     Screen candidates for DH-GEX moduli\n");
+	fprintf(stderr, "  -v          Verbose.\n");
+	fprintf(stderr, "  -W gen      Generator to use for generating DH-GEX moduli.\n");
+	fprintf(stderr, "  -y          Read private key file and print public key.\n");
 
 	exit(1);
 }
-- 
cgit v1.2.3


From b089fb5fe15a6b1936262a33417265f8cb9b0afb Mon Sep 17 00:00:00 2001
From: Damien Miller <djm@mindrot.org>
Date: Thu, 26 May 2005 12:16:18 +1000
Subject:    - avsm@cvs.openbsd.org 2005/05/23 22:44:01      [moduli.c
 ssh-keygen.c]      - removes signed/unsigned comparisons in moduli generation
      - use strtonum instead of atoi where its easier      - check some
 strlcpy overflow and fatal instead of truncate

---
 ChangeLog    |  7 ++++++-
 moduli.c     | 11 ++++++-----
 ssh-keygen.c | 46 ++++++++++++++++++++++++++++++----------------
 3 files changed, 42 insertions(+), 22 deletions(-)

(limited to 'ssh-keygen.c')

diff --git a/ChangeLog b/ChangeLog
index 82ab680f0..caf31ec86 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -71,6 +71,11 @@
    - jmc@cvs.openbsd.org 2005/05/20 11:23:32
      [ssh_config.5]
      oops - article and spacing;
+   - avsm@cvs.openbsd.org 2005/05/23 22:44:01
+     [moduli.c ssh-keygen.c]
+     - removes signed/unsigned comparisons in moduli generation
+     - use strtonum instead of atoi where its easier
+     - check some strlcpy overflow and fatal instead of truncate
 
 20050524
  - (djm) [contrib/caldera/openssh.spec contrib/redhat/openssh.spec]
@@ -2570,4 +2575,4 @@
    - (djm) Trim deprecated options from INSTALL. Mention UsePAM
    - (djm) Fix quote handling in sftp; Patch from admorten AT umich.edu
 
-$Id: ChangeLog,v 1.3782 2005/05/26 02:14:32 djm Exp $
+$Id: ChangeLog,v 1.3783 2005/05/26 02:16:18 djm Exp $
diff --git a/moduli.c b/moduli.c
index 8b05248e2..c13c535d6 100644
--- a/moduli.c
+++ b/moduli.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: moduli.c,v 1.10 2005/01/17 03:25:46 dtucker Exp $ */
+/* $OpenBSD: moduli.c,v 1.11 2005/05/23 22:44:01 avsm Exp $ */
 /*
  * Copyright 1994 Phil Karn <karn@qualcomm.com>
  * Copyright 1996-1998, 2003 William Allen Simpson <wsimpson@greendragon.com>
@@ -144,7 +144,7 @@ static u_int32_t *LargeSieve, largewords, largetries, largenumbers;
 static u_int32_t largebits, largememory;	/* megabytes */
 static BIGNUM *largebase;
 
-int gen_candidates(FILE *, int, int, BIGNUM *);
+int gen_candidates(FILE *, u_int32_t, u_int32_t, BIGNUM *);
 int prime_test(FILE *, FILE *, u_int32_t, u_int32_t);
 
 /*
@@ -241,14 +241,15 @@ sieve_large(u_int32_t s)
  * The list is checked against small known primes (less than 2**30).
  */
 int
-gen_candidates(FILE *out, int memory, int power, BIGNUM *start)
+gen_candidates(FILE *out, u_int32_t memory, u_int32_t power, BIGNUM *start)
 {
 	BIGNUM *q;
 	u_int32_t j, r, s, t;
 	u_int32_t smallwords = TINY_NUMBER >> 6;
 	u_int32_t tinywords = TINY_NUMBER >> 6;
 	time_t time_start, time_stop;
-	int i, ret = 0;
+	u_int32_t i;
+	int ret = 0;
 
 	largememory = memory;
 
@@ -548,7 +549,7 @@ prime_test(FILE *in, FILE *out, u_int32_t trials, u_int32_t generator_wanted)
 		 * due to earlier inconsistencies in interpretation, check
 		 * the proposed bit size.
 		 */
-		if (BN_num_bits(p) != (in_size + 1)) {
+		if ((u_int32_t)BN_num_bits(p) != (in_size + 1)) {
 			debug2("%10u: bit size %u mismatch", count_in, in_size);
 			continue;
 		}
diff --git a/ssh-keygen.c b/ssh-keygen.c
index 6f0713dab..bee431242 100644
--- a/ssh-keygen.c
+++ b/ssh-keygen.c
@@ -12,7 +12,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: ssh-keygen.c,v 1.123 2005/04/05 13:45:31 otto Exp $");
+RCSID("$OpenBSD: ssh-keygen.c,v 1.124 2005/05/23 22:44:01 avsm Exp $");
 
 #include <openssl/evp.h>
 #include <openssl/pem.h>
@@ -36,7 +36,7 @@ RCSID("$OpenBSD: ssh-keygen.c,v 1.123 2005/04/05 13:45:31 otto Exp $");
 #include "dns.h"
 
 /* Number of bits in the RSA/DSA key.  This value can be changed on the command line. */
-int bits = 1024;
+u_int32_t bits = 1024;
 
 /*
  * Flag indicating that we just want to change the passphrase.  This can be
@@ -90,7 +90,7 @@ extern char *__progname;
 char hostname[MAXHOSTNAMELEN];
 
 /* moduli.c */
-int gen_candidates(FILE *, int, int, BIGNUM *);
+int gen_candidates(FILE *, u_int32_t, u_int32_t, BIGNUM *);
 int prime_test(FILE *, FILE *, u_int32_t, u_int32_t);
 
 static void
@@ -1007,8 +1007,8 @@ main(int ac, char **av)
 	Key *private, *public;
 	struct passwd *pw;
 	struct stat st;
-	int opt, type, fd, download = 0, memory = 0;
-	int generator_wanted = 0, trials = 100;
+	int opt, type, fd, download = 0;
+        uint32_t memory = 0, generator_wanted = 0, trials = 100;
 	int do_gen_candidates = 0, do_screen_candidates = 0;
 	int log_level = SYSLOG_LEVEL_INFO;
 	BIGNUM *start = NULL;
@@ -1016,6 +1016,7 @@ main(int ac, char **av)
 
 	extern int optind;
 	extern char *optarg;
+	const char *errstr;
 
 	__progname = ssh_get_progname(av[0]);
 
@@ -1040,9 +1041,9 @@ main(int ac, char **av)
 	    "degiqpclBHvxXyF:b:f:t:U:D:P:N:C:r:g:R:T:G:M:S:a:W:")) != -1) {
 		switch (opt) {
 		case 'b':
-			bits = atoi(optarg);
-			if (bits < 512 || bits > 32768) {
-				printf("Bits has bad value.\n");
+			bits = strtonum(optarg, 512, 32768, &errstr);
+			if (errstr) {
+				printf("Bits has bad value %s (%s)\n", optarg, errstr);
 				exit(1);
 			}
 			break;
@@ -1070,7 +1071,9 @@ main(int ac, char **av)
 			change_comment = 1;
 			break;
 		case 'f':
-			strlcpy(identity_file, optarg, sizeof(identity_file));
+			if (strlcpy(identity_file, optarg, sizeof(identity_file)) >=
+			    sizeof(identity_file))
+				fatal("Identity filename too long");
 			have_identity = 1;
 			break;
 		case 'g':
@@ -1125,23 +1128,34 @@ main(int ac, char **av)
 			rr_hostname = optarg;
 			break;
 		case 'W':
-			generator_wanted = atoi(optarg);
-			if (generator_wanted < 1)
-				fatal("Desired generator has bad value.");
+			generator_wanted = strtonum(optarg, 1, UINT_MAX, &errstr);
+			if (errstr)
+				fatal("Desired generator has bad value: %s (%s)",
+					optarg, errstr);
 			break;
 		case 'a':
-			trials = atoi(optarg);
+			trials = strtonum(optarg, 1, UINT_MAX, &errstr);
+			if (errstr)
+				fatal("Invalid number of trials: %s (%s)",
+					optarg, errstr);
 			break;
 		case 'M':
-			memory = atoi(optarg);
+			memory = strtonum(optarg, 1, UINT_MAX, &errstr);
+			if (errstr) {
+				fatal("Memory limit is %s: %s", errstr, optarg);
+			}
 			break;
 		case 'G':
 			do_gen_candidates = 1;
-			strlcpy(out_file, optarg, sizeof(out_file));
+			if (strlcpy(out_file, optarg, sizeof(out_file)) >=
+			    sizeof(out_file))
+				fatal("Output filename too long");
 			break;
 		case 'T':
 			do_screen_candidates = 1;
-			strlcpy(out_file, optarg, sizeof(out_file));
+			if (strlcpy(out_file, optarg, sizeof(out_file)) >=
+			    sizeof(out_file))
+				fatal("Output filename too long");
 			break;
 		case 'S':
 			/* XXX - also compare length against bits */
-- 
cgit v1.2.3


From 02e754f1f01470c11a175a0d07381361afe37fff Mon Sep 17 00:00:00 2001
From: Damien Miller <djm@mindrot.org>
Date: Thu, 26 May 2005 12:19:39 +1000
Subject:    - avsm@cvs.openbsd.org 2005/05/24 02:05:09      [ssh-keygen.c]    
  some style nits from dmiller@, and use a fatal() instead of a printf()/exit

---
 ChangeLog    |  5 ++++-
 ssh-keygen.c | 13 ++++++-------
 2 files changed, 10 insertions(+), 8 deletions(-)

(limited to 'ssh-keygen.c')

diff --git a/ChangeLog b/ChangeLog
index 0418ae55f..25bac49ab 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -80,6 +80,9 @@
      [cipher.c myproposal.h ssh.1 ssh_config.5 sshd_config.5]
      add support for draft-harris-ssh-arcfour-fixes-02 improved arcfour modes;
      ok markus@
+   - avsm@cvs.openbsd.org 2005/05/24 02:05:09
+     [ssh-keygen.c]
+     some style nits from dmiller@, and use a fatal() instead of a printf()/exit
 
 20050524
  - (djm) [contrib/caldera/openssh.spec contrib/redhat/openssh.spec]
@@ -2579,4 +2582,4 @@
    - (djm) Trim deprecated options from INSTALL. Mention UsePAM
    - (djm) Fix quote handling in sftp; Patch from admorten AT umich.edu
 
-$Id: ChangeLog,v 1.3784 2005/05/26 02:19:17 djm Exp $
+$Id: ChangeLog,v 1.3785 2005/05/26 02:19:39 djm Exp $
diff --git a/ssh-keygen.c b/ssh-keygen.c
index bee431242..05c8f01ef 100644
--- a/ssh-keygen.c
+++ b/ssh-keygen.c
@@ -12,7 +12,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: ssh-keygen.c,v 1.124 2005/05/23 22:44:01 avsm Exp $");
+RCSID("$OpenBSD: ssh-keygen.c,v 1.125 2005/05/24 02:05:09 avsm Exp $");
 
 #include <openssl/evp.h>
 #include <openssl/pem.h>
@@ -1008,15 +1008,15 @@ main(int ac, char **av)
 	struct passwd *pw;
 	struct stat st;
 	int opt, type, fd, download = 0;
-        uint32_t memory = 0, generator_wanted = 0, trials = 100;
+	uint32_t memory = 0, generator_wanted = 0, trials = 100;
 	int do_gen_candidates = 0, do_screen_candidates = 0;
 	int log_level = SYSLOG_LEVEL_INFO;
 	BIGNUM *start = NULL;
 	FILE *f;
+	const char *errstr;
 
 	extern int optind;
 	extern char *optarg;
-	const char *errstr;
 
 	__progname = ssh_get_progname(av[0]);
 
@@ -1042,10 +1042,9 @@ main(int ac, char **av)
 		switch (opt) {
 		case 'b':
 			bits = strtonum(optarg, 512, 32768, &errstr);
-			if (errstr) {
-				printf("Bits has bad value %s (%s)\n", optarg, errstr);
-				exit(1);
-			}
+			if (errstr)
+				fatal("Bits has bad value %s (%s)",
+					optarg, errstr);
 			break;
 		case 'F':
 			find_host = 1;
-- 
cgit v1.2.3


From 2db8ae671eef747f97d3b50eafb525d3778c5dae Mon Sep 17 00:00:00 2001
From: Darren Tucker <dtucker@zip.com.au>
Date: Wed, 1 Jun 2005 23:02:25 +1000
Subject:    - dtucker@cvs.openbsd.org 2005/05/26 09:08:12      [ssh-keygen.c] 
     uint32_t -> u_int32_t for consistency; ok djm@

---
 ChangeLog    | 5 ++++-
 ssh-keygen.c | 4 ++--
 2 files changed, 6 insertions(+), 3 deletions(-)

(limited to 'ssh-keygen.c')

diff --git a/ChangeLog b/ChangeLog
index 845318847..c4420926c 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -10,6 +10,9 @@
      must be a target directory), kill the spawned ssh child before exiting.
      This stops it trying to authenticate and spewing lots of output.
      deraadt@ ok
+   - dtucker@cvs.openbsd.org 2005/05/26 09:08:12
+     [ssh-keygen.c]
+     uint32_t -> u_int32_t for consistency; ok djm@
 
 20050531
  - (dtucker) [contrib/aix/pam.conf] Correct comments.  From davidl at
@@ -2658,4 +2661,4 @@
    - (djm) Trim deprecated options from INSTALL. Mention UsePAM
    - (djm) Fix quote handling in sftp; Patch from admorten AT umich.edu
 
-$Id: ChangeLog,v 1.3805 2005/06/01 13:01:12 dtucker Exp $
+$Id: ChangeLog,v 1.3806 2005/06/01 13:02:25 dtucker Exp $
diff --git a/ssh-keygen.c b/ssh-keygen.c
index 05c8f01ef..246c7d50f 100644
--- a/ssh-keygen.c
+++ b/ssh-keygen.c
@@ -12,7 +12,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: ssh-keygen.c,v 1.125 2005/05/24 02:05:09 avsm Exp $");
+RCSID("$OpenBSD: ssh-keygen.c,v 1.126 2005/05/26 09:08:12 dtucker Exp $");
 
 #include <openssl/evp.h>
 #include <openssl/pem.h>
@@ -1008,7 +1008,7 @@ main(int ac, char **av)
 	struct passwd *pw;
 	struct stat st;
 	int opt, type, fd, download = 0;
-	uint32_t memory = 0, generator_wanted = 0, trials = 100;
+	u_int32_t memory = 0, generator_wanted = 0, trials = 100;
 	int do_gen_candidates = 0, do_screen_candidates = 0;
 	int log_level = SYSLOG_LEVEL_INFO;
 	BIGNUM *start = NULL;
-- 
cgit v1.2.3


From ac7ef6a7360f7b1e417790d288f42f474c4ceb55 Mon Sep 17 00:00:00 2001
From: Damien Miller <djm@mindrot.org>
Date: Thu, 16 Jun 2005 13:19:06 +1000
Subject:    - djm@cvs.openbsd.org 2005/06/08 03:50:00      [ssh-keygen.1
 ssh-keygen.c sshd.8]      increase default rsa/dsa key length from 1024 to
 2048 bits;      ok markus@ deraadt@

---
 ChangeLog    | 6 +++++-
 ssh-keygen.1 | 6 +++---
 ssh-keygen.c | 4 ++--
 sshd.8       | 4 ++--
 4 files changed, 12 insertions(+), 8 deletions(-)

(limited to 'ssh-keygen.c')

diff --git a/ChangeLog b/ChangeLog
index b439cbecd..728026a62 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -7,6 +7,10 @@
      [auth.c auth.h misc.c misc.h ssh.c ssh_config.5 sshconnect.c]
      introduce a generic %foo expansion function. replace existing % expansion 
      and add expansion to ControlPath; ok markus@
+   - djm@cvs.openbsd.org 2005/06/08 03:50:00
+     [ssh-keygen.1 ssh-keygen.c sshd.8]
+     increase default rsa/dsa key length from 1024 to 2048 bits;
+     ok markus@ deraadt@
 
 20050609
  - (dtucker) [cipher.c openbsd-compat/Makefile.in
@@ -2702,4 +2706,4 @@
    - (djm) Trim deprecated options from INSTALL. Mention UsePAM
    - (djm) Fix quote handling in sftp; Patch from admorten AT umich.edu
 
-$Id: ChangeLog,v 1.3817 2005/06/16 03:18:34 djm Exp $
+$Id: ChangeLog,v 1.3818 2005/06/16 03:19:06 djm Exp $
diff --git a/ssh-keygen.1 b/ssh-keygen.1
index ac0b72764..5454d00ce 100644
--- a/ssh-keygen.1
+++ b/ssh-keygen.1
@@ -1,4 +1,4 @@
-.\"	$OpenBSD: ssh-keygen.1,v 1.68 2005/04/21 06:17:50 djm Exp $
+.\"	$OpenBSD: ssh-keygen.1,v 1.69 2005/06/08 03:50:00 djm Exp $
 .\"
 .\"  -*- nroff -*-
 .\"
@@ -188,8 +188,8 @@ Show the bubblebabble digest of specified private or public key file.
 .It Fl b Ar bits
 Specifies the number of bits in the key to create.
 Minimum is 512 bits.
-Generally, 1024 bits is considered sufficient.
-The default is 1024 bits.
+Generally, 2048 bits is considered sufficient.
+The default is 2048 bits.
 .It Fl C Ar comment
 Provides a new comment.
 .It Fl c
diff --git a/ssh-keygen.c b/ssh-keygen.c
index 246c7d50f..828d2be79 100644
--- a/ssh-keygen.c
+++ b/ssh-keygen.c
@@ -12,7 +12,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: ssh-keygen.c,v 1.126 2005/05/26 09:08:12 dtucker Exp $");
+RCSID("$OpenBSD: ssh-keygen.c,v 1.127 2005/06/08 03:50:00 djm Exp $");
 
 #include <openssl/evp.h>
 #include <openssl/pem.h>
@@ -36,7 +36,7 @@ RCSID("$OpenBSD: ssh-keygen.c,v 1.126 2005/05/26 09:08:12 dtucker Exp $");
 #include "dns.h"
 
 /* Number of bits in the RSA/DSA key.  This value can be changed on the command line. */
-u_int32_t bits = 1024;
+u_int32_t bits = 2048;
 
 /*
  * Flag indicating that we just want to change the passphrase.  This can be
diff --git a/sshd.8 b/sshd.8
index 6acdda130..fdff4ac91 100644
--- a/sshd.8
+++ b/sshd.8
@@ -34,7 +34,7 @@
 .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.\" $OpenBSD: sshd.8,v 1.207 2005/04/21 06:17:50 djm Exp $
+.\" $OpenBSD: sshd.8,v 1.208 2005/06/08 03:50:00 djm Exp $
 .Dd September 25, 1999
 .Dt SSHD 8
 .Os
@@ -80,7 +80,7 @@ supports both SSH protocol version 1 and 2 simultaneously.
 works as follows:
 .Ss SSH protocol version 1
 Each host has a host-specific RSA key
-(normally 1024 bits) used to identify the host.
+(normally 2048 bits) used to identify the host.
 Additionally, when
 the daemon starts, it generates a server RSA key (normally 768 bits).
 This key is normally regenerated every hour if it has been used, and
-- 
cgit v1.2.3


From 0dc1bef12d30162ba09bfcc0b1cd6a5535ebdaab Mon Sep 17 00:00:00 2001
From: Damien Miller <djm@mindrot.org>
Date: Sun, 17 Jul 2005 17:22:45 +1000
Subject:    - djm@cvs.openbsd.org 2005/07/17 07:17:55      [auth-rh-rsa.c
 auth-rhosts.c auth2-chall.c auth2-gss.c channels.c]      [cipher-ctr.c
 gss-genr.c gss-serv.c kex.c moduli.c readconf.c]      [serverloop.c session.c
 sftp-client.c sftp.c ssh-add.c ssh-keygen.c]      [sshconnect.c
 sshconnect2.c]      knf says that a 2nd level indent is four (not three or
 five) spaces

---
 ChangeLog     |  8 +++++++-
 auth-rh-rsa.c |  4 ++--
 auth-rhosts.c |  4 ++--
 auth2-chall.c |  4 ++--
 auth2-gss.c   |  7 +++----
 channels.c    | 10 +++++-----
 cipher-ctr.c  |  4 ++--
 gss-genr.c    |  6 +++---
 gss-serv.c    |  6 +++---
 kex.c         |  4 ++--
 moduli.c      | 24 ++++++++++++------------
 readconf.c    |  4 ++--
 serverloop.c  |  4 ++--
 session.c     |  4 ++--
 sftp-client.c |  4 ++--
 sftp.c        |  4 ++--
 ssh-add.c     |  4 ++--
 ssh-keygen.c  |  4 ++--
 sshconnect.c  |  8 ++++----
 sshconnect2.c |  6 +++---
 20 files changed, 64 insertions(+), 59 deletions(-)

(limited to 'ssh-keygen.c')

diff --git a/ChangeLog b/ChangeLog
index 84b82cccc..f1bf43095 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -16,6 +16,12 @@
         the one that made the single connection
      3. Destroy X11 listeners when the session owning them goes away
      testing and ok dtucker@
+   - djm@cvs.openbsd.org 2005/07/17 07:17:55
+     [auth-rh-rsa.c auth-rhosts.c auth2-chall.c auth2-gss.c channels.c]
+     [cipher-ctr.c gss-genr.c gss-serv.c kex.c moduli.c readconf.c]
+     [serverloop.c session.c sftp-client.c sftp.c ssh-add.c ssh-keygen.c]
+     [sshconnect.c sshconnect2.c]
+     knf says that a 2nd level indent is four (not three or five) spaces
 
 20050716
  - (dtucker) [auth-pam.c] Ensure that only one side of the authentication
@@ -2849,4 +2855,4 @@
    - (djm) Trim deprecated options from INSTALL. Mention UsePAM
    - (djm) Fix quote handling in sftp; Patch from admorten AT umich.edu
 
-$Id: ChangeLog,v 1.3850 2005/07/17 07:19:24 djm Exp $
+$Id: ChangeLog,v 1.3851 2005/07/17 07:22:45 djm Exp $
diff --git a/auth-rh-rsa.c b/auth-rh-rsa.c
index 29eb538ec..c31f2b97b 100644
--- a/auth-rh-rsa.c
+++ b/auth-rh-rsa.c
@@ -13,7 +13,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: auth-rh-rsa.c,v 1.37 2003/11/04 08:54:09 djm Exp $");
+RCSID("$OpenBSD: auth-rh-rsa.c,v 1.38 2005/07/17 07:17:54 djm Exp $");
 
 #include "packet.h"
 #include "uidswap.h"
@@ -86,7 +86,7 @@ auth_rhosts_rsa(Authctxt *authctxt, char *cuser, Key *client_host_key)
 	 */
 
 	verbose("Rhosts with RSA host authentication accepted for %.100s, %.100s on %.700s.",
-	   pw->pw_name, cuser, chost);
+	    pw->pw_name, cuser, chost);
 	packet_send_debug("Rhosts with RSA host authentication accepted.");
 	return 1;
 }
diff --git a/auth-rhosts.c b/auth-rhosts.c
index 585246e82..aaba8557e 100644
--- a/auth-rhosts.c
+++ b/auth-rhosts.c
@@ -14,7 +14,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: auth-rhosts.c,v 1.32 2003/11/04 08:54:09 djm Exp $");
+RCSID("$OpenBSD: auth-rhosts.c,v 1.33 2005/07/17 07:17:54 djm Exp $");
 
 #include "packet.h"
 #include "uidswap.h"
@@ -133,7 +133,7 @@ check_rhosts_file(const char *filename, const char *hostname,
 		/* If the entry was negated, deny access. */
 		if (negated) {
 			auth_debug_add("Matched negative entry in %.100s.",
-			     filename);
+			    filename);
 			return 0;
 		}
 		/* Accept authentication. */
diff --git a/auth2-chall.c b/auth2-chall.c
index 1cea15378..b147cadf3 100644
--- a/auth2-chall.c
+++ b/auth2-chall.c
@@ -23,7 +23,7 @@
  * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  */
 #include "includes.h"
-RCSID("$OpenBSD: auth2-chall.c,v 1.23 2005/06/17 02:44:32 djm Exp $");
+RCSID("$OpenBSD: auth2-chall.c,v 1.24 2005/07/17 07:17:54 djm Exp $");
 
 #include "ssh2.h"
 #include "auth.h"
@@ -167,7 +167,7 @@ kbdint_next_device(KbdintAuthctxt *kbdintctxt)
 		kbdintctxt->devices = t[len] ? xstrdup(t+len+1) : NULL;
 		xfree(t);
 		debug2("kbdint_next_device: devices %s", kbdintctxt->devices ?
-		   kbdintctxt->devices : "<empty>");
+		    kbdintctxt->devices : "<empty>");
 	} while (kbdintctxt->devices && !kbdintctxt->device);
 
 	return kbdintctxt->device ? 1 : 0;
diff --git a/auth2-gss.c b/auth2-gss.c
index 855b61b4e..4d468a0e8 100644
--- a/auth2-gss.c
+++ b/auth2-gss.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: auth2-gss.c,v 1.9 2005/06/17 02:44:32 djm Exp $	*/
+/*	$OpenBSD: auth2-gss.c,v 1.10 2005/07/17 07:17:54 djm Exp $	*/
 
 /*
  * Copyright (c) 2001-2003 Simon Wilkinson. All rights reserved.
@@ -82,9 +82,8 @@ userauth_gssapi(Authctxt *authctxt)
 		present = 0;
 		doid = packet_get_string(&len);
 
-		if (len > 2 &&
-		   doid[0] == SSH_GSS_OIDTYPE &&
-		   doid[1] == len - 2) {
+		if (len > 2 && doid[0] == SSH_GSS_OIDTYPE &&
+		    doid[1] == len - 2) {
 			goid.elements = doid + 2;
 			goid.length   = len - 2;
 			gss_test_oid_set_member(&ms, &goid, supported,
diff --git a/channels.c b/channels.c
index 8da399b69..8c7b2b369 100644
--- a/channels.c
+++ b/channels.c
@@ -39,7 +39,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: channels.c,v 1.222 2005/07/17 06:49:04 djm Exp $");
+RCSID("$OpenBSD: channels.c,v 1.223 2005/07/17 07:17:54 djm Exp $");
 
 #include "ssh.h"
 #include "ssh1.h"
@@ -730,8 +730,8 @@ channel_pre_open(Channel *c, fd_set * readset, fd_set * writeset)
 			FD_SET(c->wfd, writeset);
 		} else if (c->ostate == CHAN_OUTPUT_WAIT_DRAIN) {
 			if (CHANNEL_EFD_OUTPUT_ACTIVE(c))
-			       debug2("channel %d: obuf_empty delayed efd %d/(%d)",
-				   c->self, c->efd, buffer_len(&c->extended));
+				debug2("channel %d: obuf_empty delayed efd %d/(%d)",
+				    c->self, c->efd, buffer_len(&c->extended));
 			else
 				chan_obuf_empty(c);
 		}
@@ -1813,8 +1813,8 @@ channel_output_poll(void)
 			 * hack for extended data: delay EOF if EFD still in use.
 			 */
 			if (CHANNEL_EFD_INPUT_ACTIVE(c))
-			       debug2("channel %d: ibuf_empty delayed efd %d/(%d)",
-				   c->self, c->efd, buffer_len(&c->extended));
+				debug2("channel %d: ibuf_empty delayed efd %d/(%d)",
+				    c->self, c->efd, buffer_len(&c->extended));
 			else
 				chan_ibuf_empty(c);
 		}
diff --git a/cipher-ctr.c b/cipher-ctr.c
index 43f1ede57..856177349 100644
--- a/cipher-ctr.c
+++ b/cipher-ctr.c
@@ -14,7 +14,7 @@
  * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
  */
 #include "includes.h"
-RCSID("$OpenBSD: cipher-ctr.c,v 1.5 2004/12/22 02:13:19 djm Exp $");
+RCSID("$OpenBSD: cipher-ctr.c,v 1.6 2005/07/17 07:17:55 djm Exp $");
 
 #include <openssl/evp.h>
 
@@ -95,7 +95,7 @@ ssh_aes_ctr_init(EVP_CIPHER_CTX *ctx, const u_char *key, const u_char *iv,
 	}
 	if (key != NULL)
 		AES_set_encrypt_key(key, EVP_CIPHER_CTX_key_length(ctx) * 8,
-		     &c->aes_ctx);
+		    &c->aes_ctx);
 	if (iv != NULL)
 		memcpy(c->aes_counter, iv, AES_BLOCK_SIZE);
 	return (1);
diff --git a/gss-genr.c b/gss-genr.c
index 3f5727b3e..9bc31aa2a 100644
--- a/gss-genr.c
+++ b/gss-genr.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: gss-genr.c,v 1.3 2003/11/21 11:57:03 djm Exp $	*/
+/*	$OpenBSD: gss-genr.c,v 1.4 2005/07/17 07:17:55 djm Exp $	*/
 
 /*
  * Copyright (c) 2001-2003 Simon Wilkinson. All rights reserved.
@@ -78,8 +78,8 @@ ssh_gssapi_error(Gssctxt *ctxt)
 }
 
 char *
-ssh_gssapi_last_error(Gssctxt *ctxt,
-		      OM_uint32 *major_status, OM_uint32 *minor_status)
+ssh_gssapi_last_error(Gssctxt *ctxt, OM_uint32 *major_status,
+    OM_uint32 *minor_status)
 {
 	OM_uint32 lmin;
 	gss_buffer_desc msg = GSS_C_EMPTY_BUFFER;
diff --git a/gss-serv.c b/gss-serv.c
index e1b843f01..e191eb5a0 100644
--- a/gss-serv.c
+++ b/gss-serv.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: gss-serv.c,v 1.6 2005/06/17 02:44:32 djm Exp $	*/
+/*	$OpenBSD: gss-serv.c,v 1.7 2005/07/17 07:17:55 djm Exp $	*/
 
 /*
  * Copyright (c) 2001-2003 Simon Wilkinson. All rights reserved.
@@ -164,7 +164,7 @@ ssh_gssapi_parse_ename(Gssctxt *ctx, gss_buffer_t ename, gss_buffer_t name)
 	 */
 	if (tok[4] != 0x06 || tok[5] != oidl ||
 	    ename->length < oidl+6 ||
-	   !ssh_gssapi_check_oid(ctx,tok+6,oidl))
+	    !ssh_gssapi_check_oid(ctx,tok+6,oidl))
 		return GSS_S_FAILURE;
 
 	offset = oidl+6;
@@ -267,7 +267,7 @@ ssh_gssapi_do_child(char ***envp, u_int *envsizep)
 		debug("Setting %s to %s", gssapi_client.store.envvar,
 		gssapi_client.store.envval);
 		child_set_env(envp, envsizep, gssapi_client.store.envvar,
-		     gssapi_client.store.envval);
+		    gssapi_client.store.envval);
 	}
 }
 
diff --git a/kex.c b/kex.c
index 32c6d03ea..06a3ad4cc 100644
--- a/kex.c
+++ b/kex.c
@@ -23,7 +23,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: kex.c,v 1.62 2005/07/16 01:35:24 djm Exp $");
+RCSID("$OpenBSD: kex.c,v 1.63 2005/07/17 07:17:55 djm Exp $");
 
 #include <openssl/crypto.h>
 
@@ -392,7 +392,7 @@ kex_choose_conf(Kex *kex)
 
 	/* ignore the next message if the proposals do not match */
 	if (first_kex_follows && !proposals_match(my, peer) &&
-	   !(datafellows & SSH_BUG_FIRSTKEX)) {
+	    !(datafellows & SSH_BUG_FIRSTKEX)) {
 		type = packet_read();
 		debug2("skipping next packet (type %u)", type);
 	}
diff --git a/moduli.c b/moduli.c
index c13c535d6..d53806ea6 100644
--- a/moduli.c
+++ b/moduli.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: moduli.c,v 1.11 2005/05/23 22:44:01 avsm Exp $ */
+/* $OpenBSD: moduli.c,v 1.12 2005/07/17 07:17:55 djm Exp $ */
 /*
  * Copyright 1994 Phil Karn <karn@qualcomm.com>
  * Copyright 1996-1998, 2003 William Allen Simpson <wsimpson@greendragon.com>
@@ -112,22 +112,22 @@
 #define TINY_NUMBER	(1UL<<16)
 
 /* Ensure enough bit space for testing 2*q. */
-#define TEST_MAXIMUM    (1UL<<16)
-#define TEST_MINIMUM    (QSIZE_MINIMUM + 1)
-/* real TEST_MINIMUM    (1UL << (SHIFT_WORD - TEST_POWER)) */
-#define TEST_POWER      (3)	/* 2**n, n < SHIFT_WORD */
+#define TEST_MAXIMUM	(1UL<<16)
+#define TEST_MINIMUM	(QSIZE_MINIMUM + 1)
+/* real TEST_MINIMUM	(1UL << (SHIFT_WORD - TEST_POWER)) */
+#define TEST_POWER	(3)	/* 2**n, n < SHIFT_WORD */
 
 /* bit operations on 32-bit words */
-#define BIT_CLEAR(a,n)  ((a)[(n)>>SHIFT_WORD] &= ~(1L << ((n) & 31)))
-#define BIT_SET(a,n)    ((a)[(n)>>SHIFT_WORD] |= (1L << ((n) & 31)))
-#define BIT_TEST(a,n)   ((a)[(n)>>SHIFT_WORD] & (1L << ((n) & 31)))
+#define BIT_CLEAR(a,n)	((a)[(n)>>SHIFT_WORD] &= ~(1L << ((n) & 31)))
+#define BIT_SET(a,n)	((a)[(n)>>SHIFT_WORD] |= (1L << ((n) & 31)))
+#define BIT_TEST(a,n)	((a)[(n)>>SHIFT_WORD] & (1L << ((n) & 31)))
 
 /*
  * Prime testing defines
  */
 
 /* Minimum number of primality tests to perform */
-#define TRIAL_MINIMUM           (4)
+#define TRIAL_MINIMUM	(4)
 
 /*
  * Sieving data (XXX - move to struct)
@@ -254,7 +254,7 @@ gen_candidates(FILE *out, u_int32_t memory, u_int32_t power, BIGNUM *start)
 	largememory = memory;
 
 	if (memory != 0 &&
-	   (memory < LARGE_MINIMUM || memory > LARGE_MAXIMUM)) {
+	    (memory < LARGE_MINIMUM || memory > LARGE_MAXIMUM)) {
 		error("Invalid memory amount (min %ld, max %ld)",
 		    LARGE_MINIMUM, LARGE_MAXIMUM);
 		return (-1);
@@ -372,8 +372,8 @@ gen_candidates(FILE *out, u_int32_t memory, u_int32_t power, BIGNUM *start)
 	 * fencepost errors, the last pass is skipped.
 	 */
 	for (smallbase = TINY_NUMBER + 3;
-	     smallbase < (SMALL_MAXIMUM - TINY_NUMBER);
-	     smallbase += TINY_NUMBER) {
+	    smallbase < (SMALL_MAXIMUM - TINY_NUMBER);
+	    smallbase += TINY_NUMBER) {
 		for (i = 0; i < tinybits; i++) {
 			if (BIT_TEST(TinySieve, i))
 				continue; /* 2*i+3 is composite */
diff --git a/readconf.c b/readconf.c
index 5ec89e2f0..1e3c13239 100644
--- a/readconf.c
+++ b/readconf.c
@@ -12,7 +12,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: readconf.c,v 1.141 2005/06/08 11:25:09 djm Exp $");
+RCSID("$OpenBSD: readconf.c,v 1.142 2005/07/17 07:17:55 djm Exp $");
 
 #include "ssh.h"
 #include "xmalloc.h"
@@ -839,7 +839,7 @@ parse_int:
 	/* Check that there is no garbage at end of line. */
 	if ((arg = strdelim(&s)) != NULL && *arg != '\0') {
 		fatal("%.200s line %d: garbage at end of line; \"%.200s\".",
-		     filename, linenum, arg);
+		    filename, linenum, arg);
 	}
 	return 0;
 }
diff --git a/serverloop.c b/serverloop.c
index eee1e7959..b0c4aafa0 100644
--- a/serverloop.c
+++ b/serverloop.c
@@ -35,7 +35,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: serverloop.c,v 1.117 2004/08/11 21:43:05 avsm Exp $");
+RCSID("$OpenBSD: serverloop.c,v 1.118 2005/07/17 07:17:55 djm Exp $");
 
 #include "xmalloc.h"
 #include "packet.h"
@@ -865,7 +865,7 @@ server_request_direct_tcpip(void)
 	packet_check_eom();
 
 	debug("server_request_direct_tcpip: originator %s port %d, target %s port %d",
-	   originator, originator_port, target, target_port);
+	    originator, originator_port, target, target_port);
 
 	/* XXX check permission */
 	sock = channel_connect_to(target, target_port);
diff --git a/session.c b/session.c
index 81d7d53e8..171c239e2 100644
--- a/session.c
+++ b/session.c
@@ -33,7 +33,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: session.c,v 1.184 2005/07/17 06:49:04 djm Exp $");
+RCSID("$OpenBSD: session.c,v 1.185 2005/07/17 07:17:55 djm Exp $");
 
 #include "ssh.h"
 #include "ssh1.h"
@@ -1530,7 +1530,7 @@ do_child(Session *s, const char *command)
 	 */
 
 	if (options.kerberos_get_afs_token && k_hasafs() &&
-	     (s->authctxt->krb5_ctx != NULL)) {
+	    (s->authctxt->krb5_ctx != NULL)) {
 		char cell[64];
 
 		debug("Getting AFS token");
diff --git a/sftp-client.c b/sftp-client.c
index ce15fc0a3..e4f95b0e5 100644
--- a/sftp-client.c
+++ b/sftp-client.c
@@ -20,7 +20,7 @@
 /* XXX: copy between two remote sites */
 
 #include "includes.h"
-RCSID("$OpenBSD: sftp-client.c,v 1.55 2005/06/17 02:44:33 djm Exp $");
+RCSID("$OpenBSD: sftp-client.c,v 1.56 2005/07/17 07:17:55 djm Exp $");
 
 #include "openbsd-compat/sys-queue.h"
 
@@ -1126,7 +1126,7 @@ do_upload(struct sftp_conn *conn, char *local_path, char *remote_path,
 				goto done;
 			}
 			debug3("In write loop, ack for %u %u bytes at %llu",
-			   ack->id, ack->len, (unsigned long long)ack->offset);
+			    ack->id, ack->len, (unsigned long long)ack->offset);
 			++ackid;
 			xfree(ack);
 		}
diff --git a/sftp.c b/sftp.c
index 6dff39ede..9d2360743 100644
--- a/sftp.c
+++ b/sftp.c
@@ -16,7 +16,7 @@
 
 #include "includes.h"
 
-RCSID("$OpenBSD: sftp.c,v 1.64 2005/06/17 02:44:33 djm Exp $");
+RCSID("$OpenBSD: sftp.c,v 1.65 2005/07/17 07:17:55 djm Exp $");
 
 #ifdef USE_LIBEDIT
 #include <histedit.h>
@@ -1476,7 +1476,7 @@ main(int argc, char **argv)
 
 			/* Allow "-" as stdin */
 			if (strcmp(optarg, "-") != 0 &&
-			   (infile = fopen(optarg, "r")) == NULL)
+			    (infile = fopen(optarg, "r")) == NULL)
 				fatal("%s (%s).", strerror(errno), optarg);
 			showprogress = 0;
 			batchmode = 1;
diff --git a/ssh-add.c b/ssh-add.c
index a796647a7..a3428769c 100644
--- a/ssh-add.c
+++ b/ssh-add.c
@@ -35,7 +35,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: ssh-add.c,v 1.71 2005/03/10 22:01:06 deraadt Exp $");
+RCSID("$OpenBSD: ssh-add.c,v 1.72 2005/07/17 07:17:55 djm Exp $");
 
 #include <openssl/evp.h>
 
@@ -145,7 +145,7 @@ add_file(AuthenticationConnection *ac, const char *filename)
 		/* clear passphrase since it did not work */
 		clear_pass();
 		snprintf(msg, sizeof msg, "Enter passphrase for %.200s: ",
-		   comment);
+		    comment);
 		for (;;) {
 			pass = read_passphrase(msg, RP_ALLOW_STDIN);
 			if (strcmp(pass, "") == 0) {
diff --git a/ssh-keygen.c b/ssh-keygen.c
index 828d2be79..b17851946 100644
--- a/ssh-keygen.c
+++ b/ssh-keygen.c
@@ -12,7 +12,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: ssh-keygen.c,v 1.127 2005/06/08 03:50:00 djm Exp $");
+RCSID("$OpenBSD: ssh-keygen.c,v 1.128 2005/07/17 07:17:55 djm Exp $");
 
 #include <openssl/evp.h>
 #include <openssl/pem.h>
@@ -738,7 +738,7 @@ do_known_hosts(struct passwd *pw, const char *name)
 			fprintf(stderr, "WARNING: %s contains unhashed "
 			    "entries\n", old);
 			fprintf(stderr, "Delete this file to ensure privacy "
-			     "of hostnames\n");
+			    "of hostnames\n");
 		}
 	}
 
diff --git a/sshconnect.c b/sshconnect.c
index 84f287145..ba7b9b71e 100644
--- a/sshconnect.c
+++ b/sshconnect.c
@@ -13,7 +13,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: sshconnect.c,v 1.167 2005/07/16 01:35:24 djm Exp $");
+RCSID("$OpenBSD: sshconnect.c,v 1.168 2005/07/17 07:17:55 djm Exp $");
 
 #include <openssl/bn.h>
 
@@ -547,7 +547,7 @@ check_host_key(char *host, struct sockaddr *hostaddr, Key *host_key,
 	switch (hostaddr->sa_family) {
 	case AF_INET:
 		local = (ntohl(((struct sockaddr_in *)hostaddr)->
-		   sin_addr.s_addr) >> 24) == IN_LOOPBACKNET;
+		    sin_addr.s_addr) >> 24) == IN_LOOPBACKNET;
 		salen = sizeof(struct sockaddr_in);
 		break;
 	case AF_INET6:
@@ -680,8 +680,8 @@ check_host_key(char *host, struct sockaddr *hostaddr, Key *host_key,
 
 			if (show_other_keys(host, host_key))
 				snprintf(msg1, sizeof(msg1),
-				   "\nbut keys of different type are already"
-				   " known for this host.");
+				    "\nbut keys of different type are already"
+				    " known for this host.");
 			else
 				snprintf(msg1, sizeof(msg1), ".");
 			/* The default */
diff --git a/sshconnect2.c b/sshconnect2.c
index 60afd6d3d..012ce2b42 100644
--- a/sshconnect2.c
+++ b/sshconnect2.c
@@ -23,7 +23,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: sshconnect2.c,v 1.139 2005/06/17 02:44:33 djm Exp $");
+RCSID("$OpenBSD: sshconnect2.c,v 1.140 2005/07/17 07:17:55 djm Exp $");
 
 #include "openbsd-compat/sys-queue.h"
 
@@ -352,7 +352,7 @@ void
 input_userauth_error(int type, u_int32_t seq, void *ctxt)
 {
 	fatal("input_userauth_error: bad message during authentication: "
-	   "type %d", type);
+	    "type %d", type);
 }
 
 void
@@ -679,7 +679,7 @@ input_gssapi_errtok(int type, u_int32_t plen, void *ctxt)
 
 	/* Stick it into GSSAPI and see what it says */
 	status = ssh_gssapi_init_ctx(gssctxt, options.gss_deleg_creds,
-				     &recv_tok, &send_tok, NULL);
+	    &recv_tok, &send_tok, NULL);
 
 	xfree(recv_tok.value);
 	gss_release_buffer(&ms, &send_tok);
-- 
cgit v1.2.3