From ff515b55282a62cb7c39d7c72d48fa8e1d2b11e4 Mon Sep 17 00:00:00 2001
From: Aris Adamantiadis <aris@0xbadc0de.be>
Date: Tue, 17 Jun 2008 01:06:53 +0000
Subject: gcrypt + SSH1 bug resolved

git-svn-id: svn+ssh://svn.berlios.de/svnroot/repos/libssh/trunk@174 7dcaeef0-15fb-0310-b436-a5af3365683c
---
 libssh/dh.c     | 15 ++++++---------
 libssh/kex.c    |  1 +
 libssh/keys.c   |  2 +-
 libssh/socket.c |  1 +
 4 files changed, 9 insertions(+), 10 deletions(-)

diff --git a/libssh/dh.c b/libssh/dh.c
index bfbab9cd..35d130c2 100644
--- a/libssh/dh.c
+++ b/libssh/dh.c
@@ -67,22 +67,19 @@ static bignum g;
 static bignum p;
 static int ssh_crypto_inited=0;
 
-/* maybe it might be enhanced .... */
-/* XXX Do it. */		
 int ssh_get_random(void *where, int len, int strong){
-    if(strong){
+    
 #ifdef HAVE_LIBGCRYPT
-        gcry_randomize(where,len,GCRY_VERY_STRONG_RANDOM);
-        return 1;
-    } else {
-        gcry_randomize(where,len,GCRY_STRONG_RANDOM);
-        return 1;
+	// not using GCRY_VERY_STRONG_RANDOM which is a bit overkill
+	gcry_randomize(where,len,GCRY_STRONG_RANDOM);
+    return 1;
 #elif defined HAVE_LIBCRYPTO
+    if(strong){
         return RAND_bytes(where,len);
     } else {
         return RAND_pseudo_bytes(where,len);
-#endif
     }
+#endif
 }
 
 
diff --git a/libssh/kex.c b/libssh/kex.c
index f63dbf26..9838a7c5 100644
--- a/libssh/kex.c
+++ b/libssh/kex.c
@@ -497,6 +497,7 @@ int ssh_get_kex1(SSH_SESSION *session){
     }
     session->current_crypto=session->next_crypto;
     session->next_crypto=NULL;
+    ssh_log(session,SSH_LOG_PROTOCOL,"Waiting for a SSH_SMSG_SUCCESS");
     if(packet_wait(session,SSH_SMSG_SUCCESS,1)){
         char buffer[1024];
         snprintf(buffer,sizeof(buffer),"Key exchange failed : %s",ssh_get_error(session));
diff --git a/libssh/keys.c b/libssh/keys.c
index 18d0b372..a40b0df3 100644
--- a/libssh/keys.c
+++ b/libssh/keys.c
@@ -69,7 +69,7 @@ PUBLIC_KEY *publickey_make_dss(SSH_SESSION *session, BUFFER *buffer){
         return NULL;
     }
 #ifdef HAVE_LIBGCRYPT
-    gcry_sexp_build(&key->dsa_pub,session,"(public-key(dsa(p %b)(q %b)(g %b)(y %b)))",string_len(p),p->string,string_len(q),q->string,string_len(g),g->string,string_len(pubkey),pubkey->string);
+    gcry_sexp_build(&key->dsa_pub,NULL,"(public-key(dsa(p %b)(q %b)(g %b)(y %b)))",string_len(p),p->string,string_len(q),q->string,string_len(g),g->string,string_len(pubkey),pubkey->string);
 #elif defined HAVE_LIBCRYPTO
     key->dsa_pub=DSA_new();
     key->dsa_pub->p=make_string_bn(p);
diff --git a/libssh/socket.c b/libssh/socket.c
index 41a16a8d..70c73405 100644
--- a/libssh/socket.c
+++ b/libssh/socket.c
@@ -23,6 +23,7 @@
 #include <unistd.h>
 #include <errno.h>
 #include <string.h>
+#include <stdlib.h>
 #ifdef _WIN32
 #include <winsock2.h>
 #else
-- 
cgit v1.2.3