- djm@cvs.openbsd.org 2008/01/19 23:09:49

[readconf.c readconf.h sshconnect2.c]
     promote rekeylimit to a int64 so it can hold the maximum useful limit
     of 2^32; report and patch from Jan.Pechanec AT Sun.COM, ok dtucker@

ChangeLog

@@ -40,6 +40,10 @@
      and v6 addresses when connected to a server with this quirk, despite
      having set 0.0.0.0 as a bind_address.
      report and patch from Jan.Pechanec AT Sun.COM; ok dtucker@
+   - djm@cvs.openbsd.org 2008/01/19 23:09:49
+     [readconf.c readconf.h sshconnect2.c]
+     promote rekeylimit to a int64 so it can hold the maximum useful limit
+     of 2^32; report and patch from Jan.Pechanec AT Sun.COM, ok dtucker@
 
 20080119
  - (djm) Silence noice from expr in ssh-copy-id; patch from
@@ -3568,4 +3572,4 @@
    OpenServer 6 and add osr5bigcrypt support so when someone migrates
    passwords between UnixWare and OpenServer they will still work. OK dtucker@
 
-$Id: ChangeLog,v 1.4827 2008/02/10 11:25:24 djm Exp $
+$Id: ChangeLog,v 1.4828 2008/02/10 11:25:52 djm Exp $

readconf.c

@@ -1,4 +1,4 @@
-/* $OpenBSD: readconf.c,v 1.164 2007/12/31 10:41:31 dtucker Exp $ */
+/* $OpenBSD: readconf.c,v 1.165 2008/01/19 23:09:49 djm Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -499,7 +499,6 @@ parse_yesnoask:
 		goto parse_int;
 
 	case oRekeyLimit:
-		intptr = &options->rekey_limit;
 		arg = strdelim(&s);
 		if (!arg || *arg == '\0')
 			fatal("%.200s line %d: Missing argument.", filename, linenum);
@@ -527,14 +526,14 @@ parse_yesnoask:
 		}
 		val64 *= scale;
 		/* detect integer wrap and too-large limits */
-		if ((val64 / scale) != orig || val64 > INT_MAX)
+		if ((val64 / scale) != orig || val64 > UINT_MAX)
 			fatal("%.200s line %d: RekeyLimit too large",
 			    filename, linenum);
 		if (val64 < 16)
 			fatal("%.200s line %d: RekeyLimit too small",
 			    filename, linenum);
-		if (*activep && *intptr == -1)
-			*intptr = (int)val64;
+		if (*activep && options->rekey_limit == -1)
+			options->rekey_limit = (u_int32_t)val64;
 		break;
 
 	case oIdentityFile:

readconf.h

@@ -1,4 +1,4 @@
-/* $OpenBSD: readconf.h,v 1.71 2006/08/03 03:34:42 deraadt Exp $ */
+/* $OpenBSD: readconf.h,v 1.72 2008/01/19 23:09:49 djm Exp $ */
 
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
@@ -100,7 +100,7 @@ typedef struct {
 	int	clear_forwardings;
 
 	int	enable_ssh_keysign;
-	int	rekey_limit;
+	int64_t rekey_limit;
 	int	no_host_authentication_for_localhost;
 	int	identities_only;
 	int	server_alive_interval;

sshconnect2.c

@@ -1,4 +1,4 @@
-/* $OpenBSD: sshconnect2.c,v 1.164 2007/05/17 23:53:41 jolan Exp $ */
+/* $OpenBSD: sshconnect2.c,v 1.165 2008/01/19 23:09:49 djm Exp $ */
 /*
  * Copyright (c) 2000 Markus Friedl.  All rights reserved.
  *
@@ -130,7 +130,7 @@ ssh_kex2(char *host, struct sockaddr *hostaddr)
 		    options.hostkeyalgorithms;
 
 	if (options.rekey_limit)
-		packet_set_rekey_limit(options.rekey_limit);
+		packet_set_rekey_limit((u_int32_t)options.rekey_limit);
 
 	/* start key exchange */
 	kex = kex_setup(myproposal);