- djm@cvs.openbsd.org 2001/12/20 22:50:24

[auth2.c auth2-chall.c channels.c channels.h clientloop.c dispatch.c]
     [dispatch.h kex.c kex.h packet.c packet.h serverloop.c ssh.c]
     [sshconnect2.c]
     Conformance fix: we should send failing packet sequence number when
     responding with a SSH_MSG_UNIMPLEMENTED message. Spotted by
     yakk@yakk.dot.net; ok markus@

ChangeLog

@@ -51,6 +51,13 @@
      [channels.c channels.h session.c]
      setup x11 listen socket for just one connect if the client requests so.
      (v2 only, but the openssh client does not support this feature).
+   - djm@cvs.openbsd.org 2001/12/20 22:50:24
+     [auth2.c auth2-chall.c channels.c channels.h clientloop.c dispatch.c]
+     [dispatch.h kex.c kex.h packet.c packet.h serverloop.c ssh.c]
+     [sshconnect2.c]
+     Conformance fix: we should send failing packet sequence number when
+     responding with a SSH_MSG_UNIMPLEMENTED message. Spotted by
+     yakk@yakk.dot.net; ok markus@
 
 20011219
  - (stevesk) OpenBSD CVS sync X11 localhost display
@@ -7079,4 +7086,4 @@
  - Wrote replacements for strlcpy and mkdtemp
  - Released 1.0pre1
 
-$Id: ChangeLog,v 1.1704 2001/12/21 03:58:35 djm Exp $
+$Id: ChangeLog,v 1.1705 2001/12/21 04:00:19 djm Exp $

auth2-chall.c

@@ -23,7 +23,7 @@
  * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  */
 #include "includes.h"
-RCSID("$OpenBSD: auth2-chall.c,v 1.10 2001/12/19 07:18:56 deraadt Exp $");
+RCSID("$OpenBSD: auth2-chall.c,v 1.11 2001/12/20 22:50:24 djm Exp $");
 
 #include "ssh2.h"
 #include "auth.h"
@@ -35,7 +35,7 @@ RCSID("$OpenBSD: auth2-chall.c,v 1.10 2001/12/19 07:18:56 deraadt Exp $");
 
 static int auth2_challenge_start(Authctxt *);
 static int send_userauth_info_request(Authctxt *);
-static void input_userauth_info_response(int, int, void *);
+static void input_userauth_info_response(int, int, u_int32_t, void *);
 
 #ifdef BSD_AUTH
 extern KbdintDevice bsdauth_device;
@@ -234,7 +234,7 @@ send_userauth_info_request(Authctxt *authctxt)
 }
 
 static void
-input_userauth_info_response(int type, int plen, void *ctxt)
+input_userauth_info_response(int type, int plen, u_int32_t seq, void *ctxt)
 {
 	Authctxt *authctxt = ctxt;
 	KbdintAuthctxt *kbdintctxt;

auth2.c

@@ -23,7 +23,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: auth2.c,v 1.77 2001/12/19 07:18:56 deraadt Exp $");
+RCSID("$OpenBSD: auth2.c,v 1.78 2001/12/20 22:50:24 djm Exp $");
 
 #include <openssl/evp.h>
 
@@ -69,9 +69,9 @@ struct Authmethod {
 
 /* protocol */
 
-static void input_service_request(int, int, void *);
+static void input_service_request(int, int, u_int32_t, void *);
-static void input_userauth_request(int, int, void *);
+static void input_userauth_request(int, int, u_int32_t, void *);
-static void protocol_error(int, int, void *);
+static void protocol_error(int, int, u_int32_t, void *);
 
 /* helper */
 static Authmethod *authmethod_lookup(const char *);
@@ -130,17 +130,17 @@ do_authentication2(void)
 }
 
 static void
-protocol_error(int type, int plen, void *ctxt)
+protocol_error(int type, int plen, u_int32_t seq, void *ctxt)
 {
 	log("auth: protocol error: type %d plen %d", type, plen);
 	packet_start(SSH2_MSG_UNIMPLEMENTED);
-	packet_put_int(0);
+	packet_put_int(seq);
 	packet_send();
 	packet_write_wait();
 }
 
 static void
-input_service_request(int type, int plen, void *ctxt)
+input_service_request(int type, int plen, u_int32_t seq, void *ctxt)
 {
 	Authctxt *authctxt = ctxt;
 	u_int len;
@@ -173,7 +173,7 @@ input_service_request(int type, int plen, void *ctxt)
 }
 
 static void
-input_userauth_request(int type, int plen, void *ctxt)
+input_userauth_request(int type, int plen, u_int32_t seq, void *ctxt)
 {
 	Authctxt *authctxt = ctxt;
 	Authmethod *m = NULL;

channels.c

@@ -39,7 +39,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: channels.c,v 1.149 2001/12/20 16:37:29 markus Exp $");
+RCSID("$OpenBSD: channels.c,v 1.150 2001/12/20 22:50:24 djm Exp $");
 
 #include "ssh.h"
 #include "ssh1.h"
@@ -1710,7 +1710,7 @@ channel_output_poll(void)
 /* -- protocol input */
 
 void
-channel_input_data(int type, int plen, void *ctxt)
+channel_input_data(int type, int plen, u_int32_t seq, void *ctxt)
 {
 	int id;
 	char *data;
@@ -1756,7 +1756,7 @@ channel_input_data(int type, int plen, void *ctxt)
 }
 
 void
-channel_input_extended_data(int type, int plen, void *ctxt)
+channel_input_extended_data(int type, int plen, u_int32_t seq, void *ctxt)
 {
 	int id;
 	int tcode;
@@ -1796,7 +1796,7 @@ channel_input_extended_data(int type, int plen, void *ctxt)
 }
 
 void
-channel_input_ieof(int type, int plen, void *ctxt)
+channel_input_ieof(int type, int plen, u_int32_t seq, void *ctxt)
 {
 	int id;
 	Channel *c;
@@ -1818,7 +1818,7 @@ channel_input_ieof(int type, int plen, void *ctxt)
 }
 
 void
-channel_input_close(int type, int plen, void *ctxt)
+channel_input_close(int type, int plen, u_int32_t seq, void *ctxt)
 {
 	int id;
 	Channel *c;
@@ -1857,7 +1857,7 @@ channel_input_close(int type, int plen, void *ctxt)
 
 /* proto version 1.5 overloads CLOSE_CONFIRMATION with OCLOSE */
 void
-channel_input_oclose(int type, int plen, void *ctxt)
+channel_input_oclose(int type, int plen, u_int32_t seq, void *ctxt)
 {
 	int id = packet_get_int();
 	Channel *c = channel_lookup(id);
@@ -1868,7 +1868,7 @@ channel_input_oclose(int type, int plen, void *ctxt)
 }
 
 void
-channel_input_close_confirmation(int type, int plen, void *ctxt)
+channel_input_close_confirmation(int type, int plen, u_int32_t seq, void *ctxt)
 {
 	int id = packet_get_int();
 	Channel *c = channel_lookup(id);
@@ -1884,7 +1884,7 @@ channel_input_close_confirmation(int type, int plen, void *ctxt)
 }
 
 void
-channel_input_open_confirmation(int type, int plen, void *ctxt)
+channel_input_open_confirmation(int type, int plen, u_int32_t seq, void *ctxt)
 {
 	int id, remote_id;
 	Channel *c;
@@ -1934,7 +1934,7 @@ reason2txt(int reason)
 }
 
 void
-channel_input_open_failure(int type, int plen, void *ctxt)
+channel_input_open_failure(int type, int plen, u_int32_t seq, void *ctxt)
 {
 	int id, reason;
 	char *msg = NULL, *lang = NULL;
@@ -1968,7 +1968,7 @@ channel_input_open_failure(int type, int plen, void *ctxt)
 }
 
 void
-channel_input_channel_request(int type, int plen, void *ctxt)
+channel_input_channel_request(int type, int plen, u_int32_t seq, void *ctxt)
 {
 	int id;
 	Channel *c;
@@ -1993,7 +1993,7 @@ channel_input_channel_request(int type, int plen, void *ctxt)
 }
 
 void
-channel_input_window_adjust(int type, int plen, void *ctxt)
+channel_input_window_adjust(int type, int plen, u_int32_t seq, void *ctxt)
 {
 	Channel *c;
 	int id, adjust;
@@ -2017,7 +2017,7 @@ channel_input_window_adjust(int type, int plen, void *ctxt)
 }
 
 void
-channel_input_port_open(int type, int plen, void *ctxt)
+channel_input_port_open(int type, int plen, u_int32_t seq, void *ctxt)
 {
 	Channel *c = NULL;
 	u_short host_port;
@@ -2624,7 +2624,7 @@ x11_connect_display(void)
  */
 
 void
-x11_input_open(int type, int plen, void *ctxt)
+x11_input_open(int type, int plen, u_int32_t seq, void *ctxt)
 {
 	Channel *c = NULL;
 	int remote_id, sock = 0;
@@ -2671,7 +2671,7 @@ x11_input_open(int type, int plen, void *ctxt)
 
 /* dummy protocol handler that denies SSH-1 requests (agent/x11) */
 void
-deny_input_open(int type, int plen, void *ctxt)
+deny_input_open(int type, int plen, u_int32_t seq, void *ctxt)
 {
 	int rchan = packet_get_int();
 	switch (type) {
@@ -2882,7 +2882,7 @@ auth_input_request_forwarding(struct passwd * pw)
 /* This is called to process an SSH_SMSG_AGENT_OPEN message. */
 
 void
-auth_input_open_request(int type, int plen, void *ctxt)
+auth_input_open_request(int type, int plen, u_int32_t seq, void *ctxt)
 {
 	Channel *c = NULL;
 	int remote_id, sock;

channels.h

@@ -32,7 +32,7 @@
  * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
  * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  */
-/* RCSID("$OpenBSD: channels.h,v 1.54 2001/12/20 16:37:29 markus Exp $"); */
+/* RCSID("$OpenBSD: channels.h,v 1.55 2001/12/20 22:50:24 djm Exp $"); */
 
 #ifndef CHANNEL_H
 #define CHANNEL_H
@@ -157,17 +157,17 @@ int	 channel_close_fd(int *);
 
 /* protocol handler */
 
-void	 channel_input_channel_request(int, int, void *);
+void	 channel_input_channel_request(int, int, u_int32_t, void *);
-void	 channel_input_close(int, int, void *);
+void	 channel_input_close(int, int, u_int32_t, void *);
-void	 channel_input_close_confirmation(int, int, void *);
+void	 channel_input_close_confirmation(int, int, u_int32_t, void *);
-void	 channel_input_data(int, int, void *);
+void	 channel_input_data(int, int, u_int32_t, void *);
-void	 channel_input_extended_data(int, int, void *);
+void	 channel_input_extended_data(int, int, u_int32_t, void *);
-void	 channel_input_ieof(int, int, void *);
+void	 channel_input_ieof(int, int, u_int32_t, void *);
-void	 channel_input_oclose(int, int, void *);
+void	 channel_input_oclose(int, int, u_int32_t, void *);
-void	 channel_input_open_confirmation(int, int, void *);
+void	 channel_input_open_confirmation(int, int, u_int32_t, void *);
-void	 channel_input_open_failure(int, int, void *);
+void	 channel_input_open_failure(int, int, u_int32_t, void *);
-void	 channel_input_port_open(int, int, void *);
+void	 channel_input_port_open(int, int, u_int32_t, void *);
-void	 channel_input_window_adjust(int, int, void *);
+void	 channel_input_window_adjust(int, int, u_int32_t, void *);
 
 /* file descriptor handling (read/write) */
 
@@ -199,9 +199,9 @@ channel_request_forwarding(const char *, u_short, const char *, u_short, int,
 
 int	 x11_connect_display(void);
 int	 x11_create_display_inet(int, int, int);
-void     x11_input_open(int, int, void *);
+void     x11_input_open(int, int, u_int32_t, void *);
 void	 x11_request_forwarding_with_spoofing(int, const char *, const char *);
-void	 deny_input_open(int, int, void *);
+void	 deny_input_open(int, int, u_int32_t, void *);
 
 /* agent forwarding */
 
@@ -209,7 +209,7 @@ void	 auth_request_forwarding(void);
 char	*auth_get_socket_name(void);
 void	 auth_sock_cleanup_proc(void *);
 int	 auth_input_request_forwarding(struct passwd *);
-void	 auth_input_open_request(int, int, void *);
+void	 auth_input_open_request(int, int, u_int32_t, void *);
 
 /* channel close */
 

clientloop.c

@@ -59,7 +59,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: clientloop.c,v 1.90 2001/12/19 07:18:56 deraadt Exp $");
+RCSID("$OpenBSD: clientloop.c,v 1.91 2001/12/20 22:50:24 djm Exp $");
 
 #include "ssh.h"
 #include "ssh1.h"
@@ -1008,7 +1008,7 @@ client_loop(int have_pty, int escape_char_arg, int ssh2_chan_id)
 /*********/
 
 static void
-client_input_stdout_data(int type, int plen, void *ctxt)
+client_input_stdout_data(int type, int plen, u_int32_t seq, void *ctxt)
 {
 	u_int data_len;
 	char *data = packet_get_string(&data_len);
@@ -1018,7 +1018,7 @@ client_input_stdout_data(int type, int plen, void *ctxt)
 	xfree(data);
 }
 static void
-client_input_stderr_data(int type, int plen, void *ctxt)
+client_input_stderr_data(int type, int plen, u_int32_t seq, void *ctxt)
 {
 	u_int data_len;
 	char *data = packet_get_string(&data_len);
@@ -1028,7 +1028,7 @@ client_input_stderr_data(int type, int plen, void *ctxt)
 	xfree(data);
 }
 static void
-client_input_exit_status(int type, int plen, void *ctxt)
+client_input_exit_status(int type, int plen, u_int32_t seq, void *ctxt)
 {
 	packet_integrity_check(plen, 4, type);
 	exit_status = packet_get_int();
@@ -1149,7 +1149,7 @@ client_request_agent(const char *request_type, int rchan)
 
 /* XXXX move to generic input handler */
 static void
-client_input_channel_open(int type, int plen, void *ctxt)
+client_input_channel_open(int type, int plen, u_int32_t seq, void *ctxt)
 {
 	Channel *c = NULL;
 	char *ctype;
@@ -1201,7 +1201,7 @@ client_input_channel_open(int type, int plen, void *ctxt)
 	xfree(ctype);
 }
 static void
-client_input_channel_req(int type, int plen, void *ctxt)
+client_input_channel_req(int type, int plen, u_int32_t seq, void *ctxt)
 {
 	Channel *c = NULL;
 	int id, reply, success = 0;

dispatch.c

@@ -22,7 +22,7 @@
  * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  */
 #include "includes.h"
-RCSID("$OpenBSD: dispatch.c,v 1.11 2001/06/10 11:29:20 markus Exp $");
+RCSID("$OpenBSD: dispatch.c,v 1.12 2001/12/20 22:50:24 djm Exp $");
 
 #include "ssh1.h"
 #include "ssh2.h"
@@ -37,9 +37,10 @@ RCSID("$OpenBSD: dispatch.c,v 1.11 2001/06/10 11:29:20 markus Exp $");
 dispatch_fn *dispatch[DISPATCH_MAX];
 
 void
-dispatch_protocol_error(int type, int plen, void *ctxt)
+dispatch_protocol_error(int type, int plen, u_int32_t seq, void *ctxt)
 {
-	fatal("dispatch_protocol_error: type %d plen %d", type, plen);
+	fatal("dispatch_protocol_error: type %d seq %u plen %d", type, 
+	    seq, plen);
 }
 void
 dispatch_init(dispatch_fn *dflt)
@@ -59,16 +60,17 @@ dispatch_run(int mode, int *done, void *ctxt)
 	for (;;) {
 		int plen;
 		int type;
+		u_int32_t seqnr;
 
 		if (mode == DISPATCH_BLOCK) {
-			type = packet_read(&plen);
+			type = packet_read_seqnr(&plen, &seqnr);
 		} else {
-			type = packet_read_poll(&plen);
+			type = packet_read_poll_seqnr(&plen, &seqnr);
 			if (type == SSH_MSG_NONE)
 				return;
 		}
 		if (type > 0 && type < DISPATCH_MAX && dispatch[type] != NULL)
-			(*dispatch[type])(type, plen, ctxt);
+			(*dispatch[type])(type, plen, seqnr, ctxt);
 		else
 			packet_disconnect("protocol error: rcvd type %d", type);
 		if (done != NULL && *done)

dispatch.h

@@ -1,4 +1,4 @@
-/*	$OpenBSD: dispatch.h,v 1.6 2001/06/26 17:27:23 markus Exp $	*/
+/*	$OpenBSD: dispatch.h,v 1.7 2001/12/20 22:50:24 djm Exp $	*/
 
 /*
  * Copyright (c) 2000 Markus Friedl.  All rights reserved.
@@ -28,9 +28,9 @@ enum {
 	DISPATCH_NONBLOCK
 };
 
-typedef void dispatch_fn(int, int, void *);
+typedef void dispatch_fn(int, int, u_int32_t, void *);
 
 void	 dispatch_init(dispatch_fn *);
 void	 dispatch_set(int, dispatch_fn *);
 void	 dispatch_run(int, int *, void *);
-void	 dispatch_protocol_error(int, int, void *);
+void	 dispatch_protocol_error(int, int, u_int32_t, void *);

kex.c

@@ -23,7 +23,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: kex.c,v 1.37 2001/12/05 10:06:12 deraadt Exp $");
+RCSID("$OpenBSD: kex.c,v 1.38 2001/12/20 22:50:24 djm Exp $");
 
 #include <openssl/crypto.h>
 
@@ -107,7 +107,7 @@ kex_prop_free(char **proposal)
 }
 
 static void
-kex_protocol_error(int type, int plen, void *ctxt)
+kex_protocol_error(int type, int plen, u_int32_t seq, void *ctxt)
 {
 	error("Hm, kex protocol error: type %d plen %d", type, plen);
 }
@@ -166,7 +166,7 @@ kex_send_kexinit(Kex *kex)
 }
 
 void
-kex_input_kexinit(int type, int plen, void *ctxt)
+kex_input_kexinit(int type, int plen, u_int32_t seq, void *ctxt)
 {
 	char *ptr;
 	int dlen;

kex.h

@@ -1,4 +1,4 @@
-/*	$OpenBSD: kex.h,v 1.26 2001/06/26 17:27:23 markus Exp $	*/
+/*	$OpenBSD: kex.h,v 1.27 2001/12/20 22:50:24 djm Exp $	*/
 
 /*
  * Copyright (c) 2000, 2001 Markus Friedl.  All rights reserved.
@@ -115,7 +115,7 @@ Kex	*kex_setup(char *[PROPOSAL_MAX]);
 void	 kex_finish(Kex *);
 
 void	 kex_send_kexinit(Kex *);
-void	 kex_input_kexinit(int, int, void *);
+void	 kex_input_kexinit(int, int, u_int32_t, void *);
 void	 kex_derive_keys(Kex *, u_char *, BIGNUM *);
 
 void	 kexdh(Kex *);

packet.c

@@ -37,7 +37,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: packet.c,v 1.76 2001/12/19 17:16:13 stevesk Exp $");
+RCSID("$OpenBSD: packet.c,v 1.77 2001/12/20 22:50:24 djm Exp $");
 
 #include "xmalloc.h"
 #include "buffer.h"
@@ -610,7 +610,7 @@ packet_send(void)
  */
 
 int
-packet_read(int *payload_len_ptr)
+packet_read_seqnr(int *payload_len_ptr, u_int32_t *seqnr_p)
 {
 	int type, len;
 	fd_set *setp;
@@ -626,7 +626,7 @@ packet_read(int *payload_len_ptr)
 	/* Stay in the loop until we have received a complete packet. */
 	for (;;) {
 		/* Try to read a packet from the buffer. */
-		type = packet_read_poll(payload_len_ptr);
+		type = packet_read_poll_seqnr(payload_len_ptr, seqnr_p);
 		if (!compat20 && (
 		    type == SSH_SMSG_SUCCESS
 		    || type == SSH_SMSG_FAILURE
@@ -665,6 +665,12 @@ packet_read(int *payload_len_ptr)
 	/* NOTREACHED */
 }
 
+int
+packet_read(int *payload_len_ptr)
+{
+	return packet_read_seqnr(payload_len_ptr, NULL);
+}
+
 /*
  * Waits until a packet has been received, verifies that its type matches
  * that given, and gives a fatal error and exits if there is a mismatch.
@@ -753,7 +759,7 @@ packet_read_poll1(int *payload_len_ptr)
 
 	/* Test check bytes. */
 	if (len != buffer_len(&incoming_packet))
-		packet_disconnect("packet_read_poll: len %d != buffer_len %d.",
+		packet_disconnect("packet_read_poll1: len %d != buffer_len %d.",
 		    len, buffer_len(&incoming_packet));
 
 	ucp = (u_char *) buffer_ptr(&incoming_packet) + len - 4;
@@ -775,7 +781,7 @@ packet_read_poll1(int *payload_len_ptr)
 }
 
 static int
-packet_read_poll2(int *payload_len_ptr)
+packet_read_poll2(int *payload_len_ptr, u_int32_t *seqnr_p)
 {
 	static u_int32_t seqnr = 0;
 	static u_int packet_length = 0;
@@ -848,6 +854,8 @@ packet_read_poll2(int *payload_len_ptr)
 		DBG(debug("MAC #%d ok", seqnr));
 		buffer_consume(&input, mac->mac_len);
 	}
+	if (seqnr_p != NULL)
+		*seqnr_p = seqnr;
 	if (++seqnr == 0)
 		log("incoming seqnr wraps around");
 
@@ -890,7 +898,7 @@ packet_read_poll2(int *payload_len_ptr)
 }
 
 int
-packet_read_poll(int *payload_len_ptr)
+packet_read_poll_seqnr(int *payload_len_ptr, u_int32_t *seqnr_p)
 {
 	int reason;
 	u_char type;
@@ -898,7 +906,7 @@ packet_read_poll(int *payload_len_ptr)
 
 	for (;;) {
 		if (compat20) {
-			type = packet_read_poll2(payload_len_ptr);
+			type = packet_read_poll2(payload_len_ptr, seqnr_p);
 			if (type)
 				DBG(debug("received packet type %d", type));
 			switch (type) {
@@ -951,6 +959,12 @@ packet_read_poll(int *payload_len_ptr)
 	}
 }
 
+int
+packet_read_poll(int *payload_len_ptr)
+{
+	return packet_read_poll_seqnr(payload_len_ptr, NULL);
+}
+
 /*
  * Buffers the given amount of input characters.  This is intended to be used
  * together with packet_read_poll.

packet.h

@@ -11,7 +11,7 @@
  * called by a name other than "ssh" or "Secure Shell".
  */
 
-/* RCSID("$OpenBSD: packet.h,v 1.27 2001/12/19 17:16:13 stevesk Exp $"); */
+/* RCSID("$OpenBSD: packet.h,v 1.28 2001/12/20 22:50:24 djm Exp $"); */
 
 #ifndef PACKET_H
 #define PACKET_H
@@ -44,6 +44,8 @@ int      packet_read(int *payload_len_ptr);
 void     packet_read_expect(int *payload_len_ptr, int type);
 int      packet_read_poll(int *packet_len_ptr);
 void     packet_process_incoming(const char *buf, u_int len);
+int      packet_read_seqnr(int *payload_len_ptr, u_int32_t *seqnr_p);
+int      packet_read_poll_seqnr(int *packet_len_ptr, u_int32_t *seqnr_p);
 
 u_int	 packet_get_char(void);
 u_int	 packet_get_int(void);

serverloop.c

@@ -35,7 +35,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: serverloop.c,v 1.87 2001/12/19 16:09:39 markus Exp $");
+RCSID("$OpenBSD: serverloop.c,v 1.88 2001/12/20 22:50:24 djm Exp $");
 
 #include "xmalloc.h"
 #include "packet.h"
@@ -791,7 +791,7 @@ server_loop2(Authctxt *authctxt)
 }
 
 static void
-server_input_channel_failure(int type, int plen, void *ctxt)
+server_input_channel_failure(int type, int plen, u_int32_t seq, void *ctxt)
 {
 	debug("Got CHANNEL_FAILURE for keepalive");
 	/*
@@ -804,7 +804,7 @@ server_input_channel_failure(int type, int plen, void *ctxt)
 
 
 static void
-server_input_stdin_data(int type, int plen, void *ctxt)
+server_input_stdin_data(int type, int plen, u_int32_t seq, void *ctxt)
 {
 	char *data;
 	u_int data_len;
@@ -821,7 +821,7 @@ server_input_stdin_data(int type, int plen, void *ctxt)
 }
 
 static void
-server_input_eof(int type, int plen, void *ctxt)
+server_input_eof(int type, int plen, u_int32_t seq, void *ctxt)
 {
 	/*
 	 * Eof from the client.  The stdin descriptor to the
@@ -834,7 +834,7 @@ server_input_eof(int type, int plen, void *ctxt)
 }
 
 static void
-server_input_window_size(int type, int plen, void *ctxt)
+server_input_window_size(int type, int plen, u_int32_t seq, void *ctxt)
 {
 	int row = packet_get_int();
 	int col = packet_get_int();
@@ -912,7 +912,7 @@ server_request_session(char *ctype)
 }
 
 static void
-server_input_channel_open(int type, int plen, void *ctxt)
+server_input_channel_open(int type, int plen, u_int32_t seq, void *ctxt)
 {
 	Channel *c = NULL;
 	char *ctype;
@@ -962,7 +962,7 @@ server_input_channel_open(int type, int plen, void *ctxt)
 }
 
 static void
-server_input_global_request(int type, int plen, void *ctxt)
+server_input_global_request(int type, int plen, u_int32_t seq, void *ctxt)
 {
 	char *rtype;
 	int want_reply;

ssh.c

@@ -39,7 +39,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: ssh.c,v 1.152 2001/12/19 17:16:13 stevesk Exp $");
+RCSID("$OpenBSD: ssh.c,v 1.153 2001/12/20 22:50:24 djm Exp $");
 
 #include <openssl/evp.h>
 #include <openssl/err.h>
@@ -1015,7 +1015,7 @@ ssh_session(void)
 }
 
 static void
-client_subsystem_reply(int type, int plen, void *ctxt)
+client_subsystem_reply(int type, int plen, u_int32_t seq, void *ctxt)
 {
 	int id, len;
 

sshconnect2.c

@@ -23,7 +23,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: sshconnect2.c,v 1.88 2001/12/19 07:18:56 deraadt Exp $");
+RCSID("$OpenBSD: sshconnect2.c,v 1.89 2001/12/20 22:50:24 djm Exp $");
 
 #include <openssl/bn.h>
 #include <openssl/md5.h>
@@ -174,12 +174,12 @@ struct Authmethod {
 	int	*batch_flag;	/* flag in option struct that disables method */
 };
 
-void	input_userauth_success(int, int, void *);
+void	input_userauth_success(int, int, u_int32_t, void *);
-void	input_userauth_failure(int, int, void *);
+void	input_userauth_failure(int, int, u_int32_t, void *);
-void	input_userauth_banner(int, int, void *);
+void	input_userauth_banner(int, int, u_int32_t, void *);
-void	input_userauth_error(int, int, void *);
+void	input_userauth_error(int, int, u_int32_t, void *);
-void	input_userauth_info_req(int, int, void *);
+void	input_userauth_info_req(int, int, u_int32_t, void *);
-void	input_userauth_pk_ok(int, int, void *);
+void	input_userauth_pk_ok(int, int, u_int32_t, void *);
 
 int	userauth_none(Authctxt *);
 int	userauth_pubkey(Authctxt *);
@@ -308,13 +308,13 @@ userauth(Authctxt *authctxt, char *authlist)
 	}
 }
 void
-input_userauth_error(int type, int plen, void *ctxt)
+input_userauth_error(int type, int plen, u_int32_t seq, void *ctxt)
 {
 	fatal("input_userauth_error: bad message during authentication: "
 	   "type %d", type);
 }
 void
-input_userauth_banner(int type, int plen, void *ctxt)
+input_userauth_banner(int type, int plen, u_int32_t seq, void *ctxt)
 {
 	char *msg, *lang;
 	debug3("input_userauth_banner");
@@ -325,7 +325,7 @@ input_userauth_banner(int type, int plen, void *ctxt)
 	xfree(lang);
 }
 void
-input_userauth_success(int type, int plen, void *ctxt)
+input_userauth_success(int type, int plen, u_int32_t seq, void *ctxt)
 {
 	Authctxt *authctxt = ctxt;
 	if (authctxt == NULL)
@@ -336,7 +336,7 @@ input_userauth_success(int type, int plen, void *ctxt)
 	authctxt->success = 1;			/* break out */
 }
 void
-input_userauth_failure(int type, int plen, void *ctxt)
+input_userauth_failure(int type, int plen, u_int32_t seq, void *ctxt)
 {
 	Authctxt *authctxt = ctxt;
 	char *authlist = NULL;
@@ -357,7 +357,7 @@ input_userauth_failure(int type, int plen, void *ctxt)
 	userauth(authctxt, authlist);
 }
 void
-input_userauth_pk_ok(int type, int plen, void *ctxt)
+input_userauth_pk_ok(int type, int plen, u_int32_t seq, void *ctxt)
 {
 	Authctxt *authctxt = ctxt;
 	Key *key = NULL;
@@ -768,7 +768,7 @@ userauth_kbdint(Authctxt *authctxt)
  * parse INFO_REQUEST, prompt user and send INFO_RESPONSE
  */
 void
-input_userauth_info_req(int type, int plen, void *ctxt)
+input_userauth_info_req(int type, int plen, u_int32_t seq, void *ctxt)
 {
 	Authctxt *authctxt = ctxt;
 	char *name, *inst, *lang, *prompt, *response;