- OpenBSD CVS updates.

[ssh.1 ssh.c] - ssh -2 [auth.c channels.c clientloop.c packet.c packet.h serverloop.c] [session.c sshconnect.c] - check payload for (illegal) extra data [ALL] - whitespace cleanup
2000-04-16 11:18:38 +10:00 · 2000-04-16 11:18:38 +10:00 · 4af51306d9
parent 5d1705ecf9
commit 4af51306d9
67 changed files with 779 additions and 646 deletions
--- a/12
+++ b/12
@ -1,7 +1,17 @@
 20000415
 - OpenBSD CVS updates.
   [ssh.1 ssh.c]
   - ssh -2
   [auth.c channels.c clientloop.c packet.c packet.h serverloop.c]
   [session.c sshconnect.c]
   - check payload for (illegal) extra data
   [ALL]
   whitespace cleanup
 20000413
 - INSTALL doc updates
 - Merged OpenBSD updates to include paths.
-
+ 
 20000412
 - OpenBSD CVS updates:
   - [channels.c]
--- a/auth-krb4.c
+++ b/auth-krb4.c
@ -19,7 +19,7 @@ extern ServerOptions options;
 * return 1 on success, 0 on failure, -1 if krb4 is not available
 */
-int 
+int
 auth_krb4_password(struct passwd * pw, const char *password)
 {
 	AUTH_DAT adata;
@ -135,7 +135,7 @@ krb4_cleanup_proc(void *ignore)
 	}
 }
-int 
+int
 krb4_init(uid_t uid)
 {
 	static int cleanup_registered = 0;
@ -179,7 +179,7 @@ krb4_init(uid_t uid)
 	return 0;
 }
-int 
+int
 auth_krb4(const char *server_user, KTEXT auth, char **client)
 {
 	AUTH_DAT adat = {0};
@ -252,7 +252,7 @@ auth_krb4(const char *server_user, KTEXT auth, char **client)
 #endif /* KRB4 */
 #ifdef AFS
-int 
+int
 auth_kerberos_tgt(struct passwd *pw, const char *string)
 {
 	CREDENTIALS creds;
@ -307,7 +307,7 @@ auth_kerberos_tgt_failure:
 	return 0;
 }
-int 
+int
 auth_afs_token(struct passwd *pw, const char *token_string)
 {
 	CREDENTIALS creds;
--- a/auth-passwd.c
+++ b/auth-passwd.c
@ -11,7 +11,7 @@
 #ifndef USE_PAM
-RCSID("$Id: auth-passwd.c,v 1.16 2000/01/22 23:32:03 damien Exp $");
+RCSID("$Id: auth-passwd.c,v 1.17 2000/04/16 01:18:39 damien Exp $");
 #include "packet.h"
 #include "ssh.h"
@ -33,7 +33,7 @@ RCSID("$Id: auth-passwd.c,v 1.16 2000/01/22 23:32:03 damien Exp $");
 * Tries to authenticate the user using password.  Returns true if
 * authentication succeeds.
 */
-int 
+int
 auth_password(struct passwd * pw, const char *password)
 {
 	extern ServerOptions options;
--- a/auth-rh-rsa.c
+++ b/auth-rh-rsa.c
@ -1,21 +1,21 @@
 /*
- * 
+ *
 * auth-rh-rsa.c
- * 
+ *
 * Author: Tatu Ylonen <ylo@cs.hut.fi>
- * 
+ *
 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
 *                    All rights reserved
- * 
+ *
 * Created: Sun May  7 03:08:06 1995 ylo
- * 
+ *
 * Rhosts or /etc/hosts.equiv authentication combined with RSA host
 * authentication.
 *
 */
 #include "includes.h"
-RCSID("$Id: auth-rh-rsa.c,v 1.9 2000/04/13 02:26:35 damien Exp $");
+RCSID("$Id: auth-rh-rsa.c,v 1.10 2000/04/16 01:18:39 damien Exp $");
 #ifdef HAVE_OPENSSL
 #include <openssl/bn.h>
@ -42,7 +42,7 @@ RCSID("$Id: auth-rh-rsa.c,v 1.9 2000/04/13 02:26:35 damien Exp $");
 * its host key.  Returns true if authentication succeeds.
 */
-int 
+int
 auth_rhosts_rsa(struct passwd *pw, const char *client_user, RSA *client_host_key)
 {
 	extern ServerOptions options;
--- a/auth-rhosts.c
+++ b/auth-rhosts.c
@ -1,22 +1,22 @@
 /*
- * 
+ *
 * auth-rhosts.c
- * 
+ *
 * Author: Tatu Ylonen <ylo@cs.hut.fi>
- * 
+ *
 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
 *                    All rights reserved
- * 
+ *
 * Created: Fri Mar 17 05:12:18 1995 ylo
- * 
+ *
 * Rhosts authentication.  This file contains code to check whether to admit
 * the login based on rhosts authentication.  This file also processes
 * /etc/hosts.equiv.
- * 
+ *
 */
 #include "includes.h"
-RCSID("$Id: auth-rhosts.c,v 1.7 1999/12/27 12:54:55 damien Exp $");
+RCSID("$Id: auth-rhosts.c,v 1.8 2000/04/16 01:18:39 damien Exp $");
 #include "packet.h"
 #include "ssh.h"
@ -30,7 +30,7 @@ RCSID("$Id: auth-rhosts.c,v 1.7 1999/12/27 12:54:55 damien Exp $");
 * based on the file, and returns zero otherwise.
 */
-int 
+int
 check_rhosts_file(const char *filename, const char *hostname,
 		  const char *ipaddr, const char *client_user,
 		  const char *server_user)
@ -146,7 +146,7 @@ check_rhosts_file(const char *filename, const char *hostname,
 * /etc/hosts.equiv will be considered (.rhosts and .shosts are ignored).
 */
-int 
+int
 auth_rhosts(struct passwd *pw, const char *client_user)
 {
 	extern ServerOptions options;
--- a/auth-rsa.c
+++ b/auth-rsa.c
@ -1,22 +1,22 @@
 /*
- * 
+ *
 * auth-rsa.c
- * 
+ *
 * Author: Tatu Ylonen <ylo@cs.hut.fi>
- * 
+ *
 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
 *                    All rights reserved
- * 
+ *
 * Created: Mon Mar 27 01:46:52 1995 ylo
- * 
+ *
 * RSA-based authentication.  This code determines whether to admit a login
 * based on RSA authentication.  This file also contains functions to check
 * validity of the host key.
- * 
+ *
 */
 #include "includes.h"
-RCSID("$Id: auth-rsa.c,v 1.15 2000/04/13 02:26:35 damien Exp $");
+RCSID("$Id: auth-rsa.c,v 1.16 2000/04/16 01:18:39 damien Exp $");
 #include "rsa.h"
 #include "packet.h"
@ -244,7 +244,7 @@ auth_rsa(struct passwd *pw, BIGNUM *client_n)
 			debug("%.100s, line %lu: bad key syntax",
 			      SSH_USER_PERMITTED_KEYS, linenum);
 			packet_send_debug("%.100s, line %lu: bad key syntax",
-				          SSH_USER_PERMITTED_KEYS, linenum);
+					  SSH_USER_PERMITTED_KEYS, linenum);
 			continue;
 		}
 		/* cp now points to the comment part. */
--- a/auth-skey.c
+++ b/auth-skey.c
@ -1,7 +1,7 @@
 #include "includes.h"
 #ifdef SKEY
-RCSID("$Id: auth-skey.c,v 1.5 1999/12/06 19:04:57 deraadt Exp $");
+RCSID("$Id: auth-skey.c,v 1.6 2000/04/14 10:30:29 markus Exp $");
 #include "ssh.h"
 #include "packet.h"
@ -15,12 +15,12 @@ RCSID("$Id: auth-skey.c,v 1.5 1999/12/06 19:04:57 deraadt Exp $");
 /* from %OpenBSD: skeylogin.c,v 1.32 1999/08/16 14:46:56 millert Exp % */
-/* 
+/*
 * try skey authentication,
- * return 1 on success, 0 on failure, -1 if skey is not available 
+ * return 1 on success, 0 on failure, -1 if skey is not available
 */
-int 
+int
 auth_skey_password(struct passwd * pw, const char *password)
 {
 	if (strncasecmp(password, "s/key", 5) == 0) {
@ -53,18 +53,18 @@ auth_skey_password(struct passwd * pw, const char *password)
 */
 static u_int32_t
 hash_collapse(s)
-        u_char *s;
+	u_char *s;
 {
-        int len, target;
+	int len, target;
 	u_int32_t i;
 	if ((strlen(s) % sizeof(u_int32_t)) == 0)
-  		target = strlen(s);    /* Multiple of 4 */
+		target = strlen(s);    /* Multiple of 4 */
 	else
 		target = strlen(s) - (strlen(s) % sizeof(u_int32_t));
-  
+
 	for (i = 0, len = 0; len < target; len += 4)
-        	i ^= ROUND(s + len);
+		i ^= ROUND(s + len);
 	return i;
 }
--- a/auth.c
+++ b/auth.c
@ -5,7 +5,7 @@
 */
 #include "includes.h"
-RCSID("$OpenBSD: auth.c,v 1.2 2000/04/06 08:55:22 markus Exp $");
+RCSID("$OpenBSD: auth.c,v 1.4 2000/04/14 10:30:29 markus Exp $");
 #include "xmalloc.h"
 #include "rsa.h"
@ -36,9 +36,9 @@ extern char *forced_command;
 * DenyUsers or user's primary group is listed in DenyGroups, false will
 * be returned. If AllowUsers isn't empty and user isn't listed there, or
 * if AllowGroups isn't empty and user isn't listed there, false will be
- * returned. 
+ * returned.
 * If the user's shell is not executable, false will be returned.
- * Otherwise true is returned. 
+ * Otherwise true is returned.
 */
 static int
 allowed_user(struct passwd * pw)
@ -201,10 +201,10 @@ do_fake_authloop1(char *user)
 				packet_write_wait();
 				continue;
 			} else if (type == SSH_CMSG_AUTH_PASSWORD &&
-			           options.password_authentication &&
+				   options.password_authentication &&
-			           (password = packet_get_string(&dlen)) != NULL &&
+				   (password = packet_get_string(&dlen)) != NULL &&
-			           dlen == 5 &&
+				   dlen == 5 &&
-			           strncasecmp(password, "s/key", 5) == 0 ) {
+				   strncasecmp(password, "s/key", 5) == 0 ) {
 				packet_send_debug(skeyinfo);
 			}
 			if (password != NULL)
@ -457,20 +457,20 @@ do_authloop(struct passwd * pw)
 			break;
 		}
- 		/*
+		/*
- 		 * Check if the user is logging in as root and root logins
+		 * Check if the user is logging in as root and root logins
- 		 * are disallowed.
+		 * are disallowed.
- 		 * Note that root login is allowed for forced commands.
+		 * Note that root login is allowed for forced commands.
- 		 */
+		 */
- 		if (authenticated && pw->pw_uid == 0 && !options.permit_root_login) {
+		if (authenticated && pw->pw_uid == 0 && !options.permit_root_login) {
- 			if (forced_command) {
+			if (forced_command) {
- 				log("Root login accepted for forced command.");
+				log("Root login accepted for forced command.");
- 			} else {
+			} else {
- 				authenticated = 0;
+				authenticated = 0;
- 				log("ROOT LOGIN REFUSED FROM %.200s",
+				log("ROOT LOGIN REFUSED FROM %.200s",
- 				    get_canonical_hostname());
+				    get_canonical_hostname());
- 			}
+			}
-  		}
+		}
 		/* Raise logging level */
 		if (authenticated ||
@ -685,6 +685,7 @@ input_service_request(int type, int plen)
 	unsigned int len;
 	int accept = 0;
 	char *service = packet_get_string(&len);
 	packet_done();
 	if (strcmp(service, "ssh-userauth") == 0) {
 		if (!userauth_success) {
@ -727,6 +728,7 @@ input_userauth_request(int type, int plen)
 	pw = auth_set_user(user, service);
 	if (pw && strcmp(service, "ssh-connection")==0) {
 		if (strcmp(method, "none") == 0 && try == 1) {
 			packet_done();
 #ifdef USE_PAM
 			/* Do PAM auth with password */
 			authenticated = auth_pam_password(pw, "");
@ -740,6 +742,7 @@ input_userauth_request(int type, int plen)
 			if (c)
 				debug("password change not supported");
 			password = packet_get_string(&len);
 			packet_done();
 #ifdef USE_PAM
 			/* Do PAM auth with password */
 			authenticated = auth_pam_password(pw, password);
@ -751,11 +754,19 @@ input_userauth_request(int type, int plen)
 			xfree(password);
 		} else if (strcmp(method, "publickey") == 0) {
 			/* XXX TODO */
-			char *pkalg;
+			char *pkalg, *pkblob, *sig;
-			char *pkblob;
+			int have_sig = packet_get_char();
 			c = packet_get_char();
 			pkalg = packet_get_string(&len);
 			pkblob = packet_get_string(&len);
 			if (have_sig) {
 				sig = packet_get_string(&len);
 				/* test for correct signature */
 				packet_done();
 				xfree(sig);
 			} else {
 				packet_done();
 				/* test whether pkalg/pkblob are acceptable */
 			}
 			xfree(pkalg);
 			xfree(pkblob);
 		}
@ -764,7 +775,6 @@ input_userauth_request(int type, int plen)
 	if (authenticated) {
 		/* turn off userauth */
 		dispatch_set(SSH2_MSG_USERAUTH_REQUEST, &protocol_error);
 		/* success! */
 		packet_start(SSH2_MSG_USERAUTH_SUCCESS);
 		packet_send();
 		packet_write_wait();
@ -782,7 +792,7 @@ input_userauth_request(int type, int plen)
 	xfree(user);
 	xfree(method);
 }
-void 
+void
 do_authentication2()
 {
 	dispatch_init(&protocol_error);
--- a/authfd.c
+++ b/authfd.c
@ -1,20 +1,20 @@
 /*
- * 
+ *
 * authfd.c
- * 
+ *
 * Author: Tatu Ylonen <ylo@cs.hut.fi>
- * 
+ *
 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
 *                    All rights reserved
- * 
+ *
 * Created: Wed Mar 29 01:30:28 1995 ylo
- * 
+ *
 * Functions for connecting the local authentication agent.
- * 
+ *
 */
 #include "includes.h"
-RCSID("$Id: authfd.c,v 1.11 2000/04/13 02:26:35 damien Exp $");
+RCSID("$Id: authfd.c,v 1.12 2000/04/16 01:18:40 damien Exp $");
 #include "ssh.h"
 #include "rsa.h"
@ -69,7 +69,7 @@ ssh_get_authentication_socket()
 * ssh_get_authentication_socket().
 */
-void 
+void
 ssh_close_authentication_socket(int sock)
 {
 	if (getenv(SSH_AUTHSOCKET_ENV_NAME))
@ -113,7 +113,7 @@ ssh_get_authentication_connection()
 * memory.
 */
-void 
+void
 ssh_close_authentication_connection(AuthenticationConnection *ac)
 {
 	buffer_free(&ac->packet);
@ -343,7 +343,7 @@ error_cleanup:
 * be used by normal applications.
 */
-int 
+int
 ssh_add_identity(AuthenticationConnection *auth,
 		 RSA * key, const char *comment)
 {
@ -431,7 +431,7 @@ error_cleanup:
 * meant to be used by normal applications.
 */
-int 
+int
 ssh_remove_identity(AuthenticationConnection *auth, RSA *key)
 {
 	Buffer buffer;
@ -514,7 +514,7 @@ error_cleanup:
 * by normal applications.
 */
-int 
+int
 ssh_remove_all_identities(AuthenticationConnection *auth)
 {
 	Buffer buffer;
--- a/authfd.h
+++ b/authfd.h
@ -1,19 +1,19 @@
 /*
- * 
+ *
 * authfd.h
- * 
+ *
 * Author: Tatu Ylonen <ylo@cs.hut.fi>
- * 
+ *
 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
 *                    All rights reserved
- * 
+ *
 * Created: Wed Mar 29 01:17:41 1995 ylo
- * 
+ *
 * Functions to interface with the SSH_AUTHENTICATION_FD socket.
- * 
+ *
 */
-/* RCSID("$Id: authfd.h,v 1.4 1999/11/25 00:54:58 damien Exp $"); */
+/* RCSID("$Id: authfd.h,v 1.5 2000/04/16 01:18:40 damien Exp $"); */
 #ifndef AUTHFD_H
 #define AUTHFD_H
@ -67,7 +67,7 @@ void    ssh_close_authentication_connection(AuthenticationConnection * ac);
 * integers before the call, and free the comment after a successful call
 * (before calling ssh_get_next_identity).
 */
-int 
+int
 ssh_get_first_identity(AuthenticationConnection * connection,
    BIGNUM * e, BIGNUM * n, char **comment);
@ -77,13 +77,13 @@ ssh_get_first_identity(AuthenticationConnection * connection,
 * function.  This returns 0 if there are no more identities.  The caller
 * must free comment after a successful return.
 */
-int 
+int
 ssh_get_next_identity(AuthenticationConnection * connection,
    BIGNUM * e, BIGNUM * n, char **comment);
 /* Requests the agent to decrypt the given challenge.  Returns true if
   the agent claims it was able to decrypt it. */
-int 
+int
 ssh_decrypt_challenge(AuthenticationConnection * auth,
    BIGNUM * e, BIGNUM * n, BIGNUM * challenge,
    unsigned char session_id[16],
@ -95,7 +95,7 @@ ssh_decrypt_challenge(AuthenticationConnection * auth,
 * be used by normal applications.  This returns true if the identity was
 * successfully added.
 */
-int    
+int
 ssh_add_identity(AuthenticationConnection * connection, RSA * key,
    const char *comment);
--- a/authfile.c
+++ b/authfile.c
@ -1,21 +1,21 @@
 /*
- * 
+ *
 * authfile.c
- * 
+ *
 * Author: Tatu Ylonen <ylo@cs.hut.fi>
- * 
+ *
 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
 *                    All rights reserved
- * 
+ *
 * Created: Mon Mar 27 03:52:05 1995 ylo
- * 
+ *
 * This file contains functions for reading and writing identity files, and
 * for reading the passphrase from the user.
- * 
+ *
 */
 #include "includes.h"
-RCSID("$Id: authfile.c,v 1.9 2000/04/13 02:26:36 damien Exp $");
+RCSID("$Id: authfile.c,v 1.10 2000/04/16 01:18:40 damien Exp $");
 #ifdef HAVE_OPENSSL
 #include <openssl/bn.h>
--- a/bufaux.c
+++ b/bufaux.c
@ -1,14 +1,14 @@
 /*
- * 
+ *
 * bufaux.c
- * 
+ *
 * Author: Tatu Ylonen <ylo@cs.hut.fi>
- * 
+ *
 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
 *                    All rights reserved
- * 
+ *
 * Created: Wed Mar 29 02:24:47 1995 ylo
- * 
+ *
 * Auxiliary functions for storing and retrieving various data types to/from
 * Buffers.
 *
@ -17,7 +17,7 @@
 */
 #include "includes.h"
-RCSID("$Id: bufaux.c,v 1.10 2000/04/13 02:26:36 damien Exp $");
+RCSID("$Id: bufaux.c,v 1.11 2000/04/16 01:18:40 damien Exp $");
 #include "ssh.h"
--- a/bufaux.h
+++ b/bufaux.h
@ -1,17 +1,17 @@
 /*
- * 
+ *
 * bufaux.h
- * 
+ *
 * Author: Tatu Ylonen <ylo@cs.hut.fi>
- * 
+ *
 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
 *                    All rights reserved
- * 
+ *
 * Created: Wed Mar 29 02:18:23 1995 ylo
- * 
+ *
 */
-/* RCSID("$Id: bufaux.h,v 1.4 2000/04/01 01:09:23 damien Exp $"); */
+/* RCSID("$Id: bufaux.h,v 1.5 2000/04/16 01:18:40 damien Exp $"); */
 #ifndef BUFAUX_H
 #define BUFAUX_H
--- a/buffer.c
+++ b/buffer.c
@ -1,20 +1,20 @@
 /*
- * 
+ *
 * buffer.c
- * 
+ *
 * Author: Tatu Ylonen <ylo@cs.hut.fi>
- * 
+ *
 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
 *                    All rights reserved
- * 
+ *
 * Created: Sat Mar 18 04:15:33 1995 ylo
- * 
+ *
 * Functions for manipulating fifo buffers (that can grow if needed).
- * 
+ *
 */
 #include "includes.h"
-RCSID("$Id: buffer.c,v 1.4 2000/04/13 02:26:36 damien Exp $");
+RCSID("$Id: buffer.c,v 1.5 2000/04/16 01:18:40 damien Exp $");
 #include "xmalloc.h"
 #include "buffer.h"
@ -22,7 +22,7 @@ RCSID("$Id: buffer.c,v 1.4 2000/04/13 02:26:36 damien Exp $");
 /* Initializes the buffer structure. */
-void 
+void
 buffer_init(Buffer *buffer)
 {
 	buffer->alloc = 4096;
@ -33,7 +33,7 @@ buffer_init(Buffer *buffer)
 /* Frees any memory used for the buffer. */
-void 
+void
 buffer_free(Buffer *buffer)
 {
 	memset(buffer->buf, 0, buffer->alloc);
@ -45,7 +45,7 @@ buffer_free(Buffer *buffer)
 * zero the memory.
 */
-void 
+void
 buffer_clear(Buffer *buffer)
 {
 	buffer->offset = 0;
@ -54,7 +54,7 @@ buffer_clear(Buffer *buffer)
 /* Appends data to the buffer, expanding it if necessary. */
-void 
+void
 buffer_append(Buffer *buffer, const char *data, unsigned int len)
 {
 	char *cp;
@ -68,7 +68,7 @@ buffer_append(Buffer *buffer, const char *data, unsigned int len)
 * to the allocated region.
 */
-void 
+void
 buffer_append_space(Buffer *buffer, char **datap, unsigned int len)
 {
 	/* If the buffer is empty, start using it from the beginning. */
@ -102,7 +102,7 @@ restart:
 /* Returns the number of bytes of data in the buffer. */
-unsigned int 
+unsigned int
 buffer_len(Buffer *buffer)
 {
 	return buffer->end - buffer->offset;
@ -110,7 +110,7 @@ buffer_len(Buffer *buffer)
 /* Gets data from the beginning of the buffer. */
-void 
+void
 buffer_get(Buffer *buffer, char *buf, unsigned int len)
 {
 	if (len > buffer->end - buffer->offset)
@ -121,7 +121,7 @@ buffer_get(Buffer *buffer, char *buf, unsigned int len)
 /* Consumes the given number of bytes from the beginning of the buffer. */
-void 
+void
 buffer_consume(Buffer *buffer, unsigned int bytes)
 {
 	if (bytes > buffer->end - buffer->offset)
@ -131,7 +131,7 @@ buffer_consume(Buffer *buffer, unsigned int bytes)
 /* Consumes the given number of bytes from the end of the buffer. */
-void 
+void
 buffer_consume_end(Buffer *buffer, unsigned int bytes)
 {
 	if (bytes > buffer->end - buffer->offset)
@ -149,7 +149,7 @@ buffer_ptr(Buffer *buffer)
 /* Dumps the contents of the buffer to stderr. */
-void 
+void
 buffer_dump(Buffer *buffer)
 {
 	int i;
--- a/canohost.c
+++ b/canohost.c
@ -1,20 +1,20 @@
 /*
- * 
+ *
 * canohost.c
- * 
+ *
 * Author: Tatu Ylonen <ylo@cs.hut.fi>
- * 
+ *
 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
 *                    All rights reserved
- * 
+ *
 * Created: Sun Jul  2 17:52:22 1995 ylo
- * 
+ *
 * Functions for returning the canonical host name of the remote site.
- * 
+ *
 */
 #include "includes.h"
-RCSID("$Id: canohost.c,v 1.8 2000/03/11 09:45:41 damien Exp $");
+RCSID("$Id: canohost.c,v 1.9 2000/04/16 01:18:40 damien Exp $");
 #include "packet.h"
 #include "xmalloc.h"
@ -265,7 +265,7 @@ get_sock_port(int sock, int local)
 /* Returns remote/local port number for the current connection. */
-int 
+int
 get_port(int local)
 {
 	/*
@ -279,13 +279,13 @@ get_port(int local)
 	return get_sock_port(packet_get_connection_in(), local);
 }
-int 
+int
 get_peer_port(int sock)
 {
 	return get_sock_port(sock, 0);
 }
-int 
+int
 get_remote_port()
 {
 	return get_port(0);
--- a/channels.c
+++ b/channels.c
@ -1,23 +1,23 @@
 /*
- * 
+ *
 * channels.c
- * 
+ *
 * Author: Tatu Ylonen <ylo@cs.hut.fi>
- * 
+ *
 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
 *                    All rights reserved
- * 
+ *
 * Created: Fri Mar 24 16:35:24 1995 ylo
- * 
+ *
 * This file contains functions for generic socket connection forwarding.
 * There is also code for initiating connection forwarding for X11 connections,
 * arbitrary tcp/ip connections, and the authentication agent connection.
- * 
+ *
 * SSH2 support added by Markus Friedl.
 */
 #include "includes.h"
-RCSID("$Id: channels.c,v 1.24 2000/04/12 10:17:38 damien Exp $");
+RCSID("$Id: channels.c,v 1.25 2000/04/16 01:18:41 damien Exp $");
 #include "ssh.h"
 #include "packet.h"
@ -109,7 +109,7 @@ static int have_hostname_in_open = 0;
 /* Sets specific protocol options. */
-void 
+void
 channel_set_options(int hostname_in_open)
 {
 	have_hostname_in_open = hostname_in_open;
@ -121,7 +121,7 @@ channel_set_options(int hostname_in_open)
 * and the server has no way to know but to trust the client anyway.
 */
-void 
+void
 channel_permit_all_opens()
 {
 	all_opens_permitted = 1;
@ -150,7 +150,7 @@ channel_lookup(int id)
 * remote_name to be freed.
 */
-int 
+int
 channel_new(char *ctype, int type, int rfd, int wfd, int efd,
    int window, int maxpack, int extended_usage, char *remote_name)
 {
@ -226,7 +226,7 @@ channel_new(char *ctype, int type, int rfd, int wfd, int efd,
 	debug("channel %d: new [%s]", found, remote_name);
 	return found;
 }
-int 
+int
 channel_allocate(int type, int sock, char *remote_name)
 {
 	return channel_new("", type, sock, sock, -1, 0, 0, 0, remote_name);
@ -234,7 +234,7 @@ channel_allocate(int type, int sock, char *remote_name)
 /* Free the channel and close its socket. */
-void 
+void
 channel_free(int id)
 {
 	Channel *c = channel_lookup(id);
@ -361,7 +361,7 @@ channel_pre_output_draining(Channel *c, fd_set * readset, fd_set * writeset)
 {
 	if (buffer_len(&c->output) == 0)
 		channel_free(c->self);
-	else 
+	else
 		FD_SET(c->sock, writeset);
 }
@ -540,8 +540,10 @@ channel_post_port_listener(Channel *c, fd_set * readset, fd_set * writeset)
 			packet_put_int(newch);
 			packet_put_int(c->local_window_max);
 			packet_put_int(c->local_maxpacket);
 			/* target host and port */
 			packet_put_string(c->path, strlen(c->path));
 			packet_put_int(c->host_port);
 			/* originator host and port */
 			packet_put_cstring(remote_hostname);
 			packet_put_int(remote_port);
 			packet_send();
@ -782,7 +784,7 @@ channel_handler_init(void)
 		channel_handler_init_15();
 }
-void 
+void
 channel_handler(chan_fn *ftab[], fd_set * readset, fd_set * writeset)
 {
 	static int did_init = 0;
@ -804,13 +806,13 @@ channel_handler(chan_fn *ftab[], fd_set * readset, fd_set * writeset)
 	}
 }
-void 
+void
 channel_prepare_select(fd_set * readset, fd_set * writeset)
 {
 	channel_handler(channel_pre, readset, writeset);
 }
-void 
+void
 channel_after_select(fd_set * readset, fd_set * writeset)
 {
 	channel_handler(channel_post, readset, writeset);
@ -818,7 +820,7 @@ channel_after_select(fd_set * readset, fd_set * writeset)
 /* If there is data to send to the connection, send some of it now. */
-void 
+void
 channel_output_poll()
 {
 	int len, i;
@ -909,7 +911,7 @@ channel_output_poll()
 * still there.
 */
-void 
+void
 channel_input_data(int type, int plen)
 {
 	int id;
@ -934,6 +936,7 @@ channel_input_data(int type, int plen)
 	/* Get the data. */
 	data = packet_get_string(&data_len);
 	packet_done();
 	if (compat20){
 		if (data_len > c->local_maxpacket) {
@ -953,7 +956,7 @@ channel_input_data(int type, int plen)
 	buffer_append(&c->output, data, data_len);
 	xfree(data);
 }
-void 
+void
 channel_input_extended_data(int type, int plen)
 {
 	int id;
@ -980,6 +983,7 @@ channel_input_extended_data(int type, int plen)
 		return;
 	}
 	data = packet_get_string(&data_len);
 	packet_done();
 	if (data_len > c->local_window) {
 		log("channel %d: rcvd too much extended_data %d, win %d",
 		    c->self, data_len, c->local_window);
@ -998,7 +1002,7 @@ channel_input_extended_data(int type, int plen)
 * more channel is overfull.
 */
-int 
+int
 channel_not_very_much_buffered_data()
 {
 	unsigned int i;
@ -1022,7 +1026,7 @@ channel_not_very_much_buffered_data()
 	return 1;
 }
-void 
+void
 channel_input_ieof(int type, int plen)
 {
 	int id;
@ -1037,7 +1041,7 @@ channel_input_ieof(int type, int plen)
 	chan_rcvd_ieof(c);
 }
-void 
+void
 channel_input_close(int type, int plen)
 {
 	int id;
@ -1076,7 +1080,7 @@ channel_input_close(int type, int plen)
 }
 /* proto version 1.5 overloads CLOSE_CONFIRMATION with OCLOSE */
-void 
+void
 channel_input_oclose(int type, int plen)
 {
 	int id = packet_get_int();
@ -1087,12 +1091,13 @@ channel_input_oclose(int type, int plen)
 	chan_rcvd_oclose(c);
 }
-void 
+void
 channel_input_close_confirmation(int type, int plen)
 {
 	int id = packet_get_int();
 	Channel *c = channel_lookup(id);
 	packet_done();
 	if (c == NULL)
 		packet_disconnect("Received close confirmation for "
 		    "out-of-range channel %d.", id);
@ -1102,7 +1107,7 @@ channel_input_close_confirmation(int type, int plen)
 	channel_free(c->self);
 }
-void 
+void
 channel_input_open_confirmation(int type, int plen)
 {
 	int id, remote_id;
@ -1125,6 +1130,7 @@ channel_input_open_confirmation(int type, int plen)
 	if (compat20) {
 		c->remote_window = packet_get_int();
 		c->remote_maxpacket = packet_get_int();
 		packet_done();
 		if (c->cb_fn != NULL && c->cb_event == type) {
 			debug("callback start");
 			c->cb_fn(c->self, c->cb_arg);
@ -1135,7 +1141,7 @@ channel_input_open_confirmation(int type, int plen)
 	}
 }
-void 
+void
 channel_input_open_failure(int type, int plen)
 {
 	int id;
@ -1153,8 +1159,11 @@ channel_input_open_failure(int type, int plen)
 	if (compat20) {
 		int reason = packet_get_int();
 		char *msg  = packet_get_string(NULL);
 		char *lang  = packet_get_string(NULL);
 		log("channel_open_failure: %d: reason %d: %s", id, reason, msg);
 		packet_done();
 		xfree(msg);
 		xfree(lang);
 	}
 	/* Free the channel.  This will also close the socket. */
 	channel_free(id);
@ -1185,7 +1194,7 @@ debug("cb_fn %p cb_event %d", c->cb_fn , c->cb_event);
 	}
 }
-void 
+void
 channel_input_window_adjust(int type, int plen)
 {
 	Channel *c;
@ -1204,6 +1213,7 @@ channel_input_window_adjust(int type, int plen)
 		return;
 	}
 	adjust = packet_get_int();
 	packet_done();
 	debug("channel %d: rcvd adjust %d", id, adjust);
 	c->remote_window += adjust;
 }
@ -1213,7 +1223,7 @@ channel_input_window_adjust(int type, int plen)
 * might have.
 */
-void 
+void
 channel_stop_listening()
 {
 	int i;
@ -1240,7 +1250,7 @@ channel_stop_listening()
 * descriptors after a fork.
 */
-void 
+void
 channel_close_all()
 {
 	int i;
@ -1252,7 +1262,7 @@ channel_close_all()
 /* Returns the maximum file descriptor number used by the channels. */
-int 
+int
 channel_max_fd()
 {
 	return channel_max_fd_value;
@ -1260,7 +1270,7 @@ channel_max_fd()
 /* Returns true if any channel is still open. */
-int 
+int
 channel_still_open()
 {
 	unsigned int i;
@ -1347,7 +1357,7 @@ channel_open_message()
 * channel to host:port from remote side.
 */
-void 
+void
 channel_request_local_forwarding(u_short port, const char *host,
 				 u_short host_port, int gateway_ports)
 {
@ -1435,7 +1445,7 @@ channel_request_local_forwarding(u_short port, const char *host,
 * the secure channel to host:port from local side.
 */
-void 
+void
 channel_request_remote_forwarding(u_short listen_port, const char *host_to_connect,
 				  u_short port_to_connect)
 {
@ -1478,7 +1488,7 @@ channel_request_remote_forwarding(u_short listen_port, const char *host_to_conne
 * message if there was an error).  This never returns if there was an error.
 */
-void 
+void
 channel_input_port_forward_request(int is_root)
 {
 	u_short port, host_port;
@ -1562,7 +1572,7 @@ channel_connect_to(const char *host, u_short host_port)
 * or CHANNEL_OPEN_FAILURE.
 */
-void 
+void
 channel_input_port_open(int type, int plen)
 {
 	u_short host_port;
@ -1807,7 +1817,7 @@ connect_local_xsocket(unsigned int dnr)
 * with either SSH_MSG_OPEN_CONFIRMATION or SSH_MSG_OPEN_FAILURE.
 */
-void 
+void
 x11_input_open(int type, int plen)
 {
 	int remote_channel, display_number, sock = 0, newch;
@ -1911,7 +1921,7 @@ x11_input_open(int type, int plen)
 	}
 	freeaddrinfo(aitop);
 	if (!ai) {
-		error("connect %.100s port %d: %.100s", buf, 6000 + display_number, 
+		error("connect %.100s port %d: %.100s", buf, 6000 + display_number,
 		    strerror(errno));
 		goto fail;
 	}
@ -1945,7 +1955,7 @@ fail:
 * data, and enables authentication spoofing.
 */
-void 
+void
 x11_request_forwarding_with_spoofing(const char *proto, const char *data)
 {
 	unsigned int data_len = (unsigned int) strlen(data) / 2;
@ -2003,7 +2013,7 @@ x11_request_forwarding_with_spoofing(const char *proto, const char *data)
 /* Sends a message to the server to request authentication fd forwarding. */
-void 
+void
 auth_request_forwarding()
 {
 	packet_start(SSH_CMSG_AGENT_REQUEST_FORWARDING);
@ -2025,7 +2035,7 @@ auth_get_socket_name()
 /* removes the agent forwarding socket */
-void 
+void
 cleanup_socket(void)
 {
 	remove(channel_forwarded_auth_socket_name);
@ -2037,7 +2047,7 @@ cleanup_socket(void)
 * This starts forwarding authentication requests.
 */
-void 
+void
 auth_input_request_forwarding(struct passwd * pw)
 {
 	int sock, newch;
@ -2095,7 +2105,7 @@ auth_input_request_forwarding(struct passwd * pw)
 /* This is called to process an SSH_SMSG_AGENT_OPEN message. */
-void 
+void
 auth_input_open_request(int type, int plen)
 {
 	int remch, sock, newch;
--- a/channels.h
+++ b/channels.h
@ -1,4 +1,4 @@
-/* RCSID("$Id: channels.h,v 1.6 2000/04/04 04:39:01 damien Exp $"); */
+/* RCSID("$Id: channels.h,v 1.7 2000/04/16 01:18:41 damien Exp $"); */
 #ifndef CHANNELS_H
 #define CHANNELS_H
@ -149,7 +149,7 @@ char   *channel_open_message(void);
 * channel to host:port from remote side.  This never returns if there was an
 * error.
 */
-void 
+void
 channel_request_local_forwarding(u_short port, const char *host,
    u_short remote_port, int gateway_ports);
@ -159,7 +159,7 @@ channel_request_local_forwarding(u_short port, const char *host,
 * there was an error.  This registers that open requests for that port are
 * permitted.
 */
-void 
+void
 channel_request_remote_forwarding(u_short port, const char *host,
    u_short remote_port);
--- a/cipher.c
+++ b/cipher.c
@ -1,18 +1,18 @@
 /*
- * 
+ *
 * cipher.c
- * 
+ *
 * Author: Tatu Ylonen <ylo@cs.hut.fi>
- * 
+ *
 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
 *                    All rights reserved
- * 
+ *
 * Created: Wed Apr 19 17:41:39 1995 ylo
- * 
+ *
 */
 #include "includes.h"
-RCSID("$Id: cipher.c,v 1.18 2000/04/13 02:26:36 damien Exp $");
+RCSID("$Id: cipher.c,v 1.19 2000/04/16 01:18:41 damien Exp $");
 #include "ssh.h"
 #include "cipher.h"
@ -138,7 +138,7 @@ static char *cipher_names[] =
 * supported cipher.
 */
-unsigned int 
+unsigned int
 cipher_mask1()
 {
 	unsigned int mask = 0;
@ -146,7 +146,7 @@ cipher_mask1()
 	mask |= 1 << SSH_CIPHER_BLOWFISH;
 	return mask;
 }
-unsigned int 
+unsigned int
 cipher_mask2()
 {
 	unsigned int mask = 0;
@ -156,7 +156,7 @@ cipher_mask2()
 	mask |= 1 << SSH_CIPHER_CAST128_CBC;
 	return mask;
 }
-unsigned int 
+unsigned int
 cipher_mask()
 {
 	return cipher_mask1() | cipher_mask2();
@ -218,7 +218,7 @@ cipher_number(const char *name)
 * passphrase and using the resulting 16 bytes as the key.
 */
-void 
+void
 cipher_set_key_string(CipherContext *context, int cipher, const char *passphrase)
 {
 	MD5_CTX md;
@ -236,7 +236,7 @@ cipher_set_key_string(CipherContext *context, int cipher, const char *passphrase
 /* Selects the cipher to use and sets the key. */
-void 
+void
 cipher_set_key(CipherContext *context, int cipher, const unsigned char *key,
    int keylen)
 {
@ -297,9 +297,9 @@ cipher_set_key(CipherContext *context, int cipher, const unsigned char *key,
 	memset(padded, 0, sizeof(padded));
 }
-void 
+void
 cipher_set_key_iv(CipherContext * context, int cipher,
-    const unsigned char *key, int keylen, 
+    const unsigned char *key, int keylen,
    const unsigned char *iv, int ivlen)
 {
 	/* Set cipher type. */
@ -357,7 +357,7 @@ cipher_set_key_iv(CipherContext * context, int cipher,
 /* Encrypts data using the cipher. */
-void 
+void
 cipher_encrypt(CipherContext *context, unsigned char *dest,
 	       const unsigned char *src, unsigned int len)
 {
@ -379,14 +379,14 @@ cipher_encrypt(CipherContext *context, unsigned char *dest,
 	case SSH_CIPHER_BLOWFISH:
 		swap_bytes(src, dest, len);
 		BF_cbc_encrypt(dest, dest, len,
-		               &context->u.bf.key, context->u.bf.iv,
+			       &context->u.bf.key, context->u.bf.iv,
 			       BF_ENCRYPT);
 		swap_bytes(dest, dest, len);
 		break;
 	case SSH_CIPHER_BLOWFISH_CBC:
 		BF_cbc_encrypt((void *)src, dest, len,
-		               &context->u.bf.key, context->u.bf.iv,
+			       &context->u.bf.key, context->u.bf.iv,
 			       BF_ENCRYPT);
 		break;
@ -412,7 +412,7 @@ cipher_encrypt(CipherContext *context, unsigned char *dest,
 /* Decrypts data using the cipher. */
-void 
+void
 cipher_decrypt(CipherContext *context, unsigned char *dest,
 	       const unsigned char *src, unsigned int len)
 {
--- a/cipher.h
+++ b/cipher.h
@ -1,17 +1,17 @@
 /*
- * 
+ *
 * cipher.h
- * 
+ *
 * Author: Tatu Ylonen <ylo@cs.hut.fi>
- * 
+ *
 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
 *                    All rights reserved
- * 
+ *
 * Created: Wed Apr 19 16:50:42 1995 ylo
- * 
+ *
 */
-/* RCSID("$Id: cipher.h,v 1.10 2000/04/13 02:26:36 damien Exp $"); */
+/* RCSID("$Id: cipher.h,v 1.11 2000/04/16 01:18:41 damien Exp $"); */
 #ifndef CIPHER_H
 #define CIPHER_H
@ -95,29 +95,29 @@ int     ciphers_valid(const char *names);
 * Selects the cipher to use and sets the key.  If for_encryption is true,
 * the key is setup for encryption; otherwise it is setup for decryption.
 */
-void 
+void
 cipher_set_key(CipherContext * context, int cipher,
    const unsigned char *key, int keylen);
-void 
+void
 cipher_set_key_iv(CipherContext * context, int cipher,
-    const unsigned char *key, int keylen, 
+    const unsigned char *key, int keylen,
    const unsigned char *iv, int ivlen);
 /*
 * Sets key for the cipher by computing the MD5 checksum of the passphrase,
 * and using the resulting 16 bytes as the key.
 */
-void 
+void
 cipher_set_key_string(CipherContext * context, int cipher,
    const char *passphrase);
 /* Encrypts data using the cipher. */
-void 
+void
 cipher_encrypt(CipherContext * context, unsigned char *dest,
    const unsigned char *src, unsigned int len);
 /* Decrypts data using the cipher. */
-void 
+void
 cipher_decrypt(CipherContext * context, unsigned char *dest,
    const unsigned char *src, unsigned int len);
--- a/clientloop.c
+++ b/clientloop.c
@ -1,22 +1,22 @@
 /*
- * 
+ *
 * clientloop.c
- * 
+ *
 * Author: Tatu Ylonen <ylo@cs.hut.fi>
- * 
+ *
 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
 *                    All rights reserved
- * 
+ *
- * 
+ *
 * Created: Sat Sep 23 12:23:57 1995 ylo
- * 
+ *
 * The main loop for the interactive session (client side).
- * 
+ *
 * SSH2 support added by Markus Friedl.
 */
 #include "includes.h"
-RCSID("$Id: clientloop.c,v 1.10 2000/04/12 10:17:39 damien Exp $");
+RCSID("$Id: clientloop.c,v 1.11 2000/04/16 01:18:41 damien Exp $");
 #include "xmalloc.h"
 #include "ssh.h"
@ -83,7 +83,7 @@ int	session_ident = -1;
 /* Returns the user\'s terminal to normal mode if it had been put in raw mode. */
-void 
+void
 leave_raw_mode()
 {
 	if (!in_raw_mode)
@ -97,7 +97,7 @@ leave_raw_mode()
 /* Puts the user\'s terminal in raw mode. */
-void 
+void
 enter_raw_mode()
 {
 	struct termios tio;
@ -123,7 +123,7 @@ enter_raw_mode()
 /* Restores stdin to blocking mode. */
-void 
+void
 leave_non_blocking()
 {
 	if (in_non_blocking_mode) {
@ -135,7 +135,7 @@ leave_non_blocking()
 /* Puts stdin terminal in non-blocking mode. */
-void 
+void
 enter_non_blocking()
 {
 	in_non_blocking_mode = 1;
@ -148,7 +148,7 @@ enter_non_blocking()
 * flag indicating that the window has changed.
 */
-void 
+void
 window_change_handler(int sig)
 {
 	received_window_change_signal = 1;
@ -160,7 +160,7 @@ window_change_handler(int sig)
 * signals must be trapped to restore terminal modes.
 */
-void 
+void
 signal_handler(int sig)
 {
 	if (in_raw_mode)
@ -177,7 +177,7 @@ signal_handler(int sig)
 * available resolution.
 */
-double 
+double
 get_current_time()
 {
 	struct timeval tv;
@ -191,7 +191,7 @@ get_current_time()
 * not appear to wake up when redirecting from /dev/null.
 */
-void 
+void
 client_check_initial_eof_on_stdin()
 {
 	int len;
@ -245,7 +245,7 @@ client_check_initial_eof_on_stdin()
 * connection.
 */
-void 
+void
 client_make_packets_from_stdin_data()
 {
 	unsigned int len;
@ -276,7 +276,7 @@ client_make_packets_from_stdin_data()
 * appropriate.
 */
-void 
+void
 client_check_window_change()
 {
 	struct winsize ws;
@ -313,7 +313,7 @@ client_check_window_change()
 * one of the file descriptors).
 */
-void 
+void
 client_wait_until_can_do_something(fd_set * readset, fd_set * writeset)
 {
 	/*debug("client_wait_until_can_do_something"); */
@ -380,7 +380,7 @@ client_wait_until_can_do_something(fd_set * readset, fd_set * writeset)
 	}
 }
-void 
+void
 client_suspend_self()
 {
 	struct winsize oldws, newws;
@ -425,7 +425,7 @@ client_suspend_self()
 	enter_raw_mode();
 }
-void 
+void
 client_process_net_input(fd_set * readset)
 {
 	int len;
@ -468,7 +468,7 @@ client_process_net_input(fd_set * readset)
 	}
 }
-void 
+void
 client_process_input(fd_set * readset)
 {
 	int len, pid;
@ -657,7 +657,7 @@ Supported escape sequences:\r\n\
 	}
 }
-void 
+void
 client_process_output(fd_set * writeset)
 {
 	int len;
@ -717,7 +717,7 @@ client_process_output(fd_set * writeset)
 * preparatory phase.
 */
-void 
+void
 client_process_buffered_input_packets()
 {
 	dispatch_run(DISPATCH_NONBLOCK, &quit_pending);
@ -730,7 +730,7 @@ client_process_buffered_input_packets()
 * character for terminating or suspending the session.
 */
-int 
+int
 client_loop(int have_pty, int escape_char_arg)
 {
 	extern Options options;
@ -953,7 +953,7 @@ client_input_exit_status(int type, int plen)
 	quit_pending = 1;
 }
-void 
+void
 client_init_dispatch_20()
 {
 	dispatch_init(&dispatch_protocol_error);
@ -966,7 +966,7 @@ client_init_dispatch_20()
 	dispatch_set(SSH2_MSG_CHANNEL_REQUEST, &channel_input_channel_request);
 	dispatch_set(SSH2_MSG_CHANNEL_WINDOW_ADJUST, &channel_input_window_adjust);
 }
-void 
+void
 client_init_dispatch_13()
 {
 	dispatch_init(NULL);
@ -983,14 +983,14 @@ client_init_dispatch_13()
 	dispatch_set(SSH_SMSG_STDOUT_DATA, &client_input_stdout_data);
 	dispatch_set(SSH_SMSG_X11_OPEN, &x11_input_open);
 }
-void 
+void
 client_init_dispatch_15()
 {
 	client_init_dispatch_13();
 	dispatch_set(SSH_MSG_CHANNEL_CLOSE, &channel_input_ieof);
 	dispatch_set(SSH_MSG_CHANNEL_CLOSE_CONFIRMATION, & channel_input_oclose);
 }
-void 
+void
 client_init_dispatch()
 {
 	if (compat20)
@ -1027,6 +1027,7 @@ client_input_channel_req(int id, void *arg)
 	} else if (strcmp(rtype, "exit-status") == 0) {
 		success = 1;
 		exit_status = packet_get_int();
 		packet_done();
 	}
 	if (reply) {
 		packet_start(success ?
--- a/compat.c
+++ b/compat.c
@ -28,7 +28,7 @@
 */
 #include "includes.h"
-RCSID("$Id: compat.c,v 1.7 2000/04/12 10:17:39 damien Exp $");
+RCSID("$Id: compat.c,v 1.8 2000/04/16 01:18:42 damien Exp $");
 #include "ssh.h"
 #include "packet.h"
@ -39,14 +39,14 @@ int compat13 = 0;
 int compat20 = 0;
 int datafellows = 0;
-void 
+void
 enable_compat20(void)
 {
 	verbose("Enabling compatibility mode for protocol 2.0");
 	compat20 = 1;
 	packet_set_ssh2_format();
 }
-void 
+void
 enable_compat13(void)
 {
 	verbose("Enabling compatibility mode for protocol 1.3");
--- a/compress.c
+++ b/compress.c
@ -1,20 +1,20 @@
 /*
- * 
+ *
 * compress.c
- * 
+ *
 * Author: Tatu Ylonen <ylo@cs.hut.fi>
- * 
+ *
 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
 *                    All rights reserved
- * 
+ *
 * Created: Wed Oct 25 22:12:46 1995 ylo
- * 
+ *
 * Interface to packet compression for ssh.
- * 
+ *
 */
 #include "includes.h"
-RCSID("$Id: compress.c,v 1.5 2000/04/01 01:09:24 damien Exp $");
+RCSID("$Id: compress.c,v 1.6 2000/04/16 01:18:42 damien Exp $");
 #include "ssh.h"
 #include "buffer.h"
@ -28,7 +28,7 @@ static z_stream outgoing_stream;
 * (as in gzip).
 */
-void 
+void
 buffer_compress_init(int level)
 {
 	debug("Enabling compression at level %d.", level);
@ -40,7 +40,7 @@ buffer_compress_init(int level)
 /* Frees any data structures allocated for compression. */
-void 
+void
 buffer_compress_uninit()
 {
 	debug("compress outgoing: raw data %lu, compressed %lu, factor %.2f",
@ -64,7 +64,7 @@ buffer_compress_uninit()
 * receiver.  This appends the compressed data to the output buffer.
 */
-void 
+void
 buffer_compress(Buffer * input_buffer, Buffer * output_buffer)
 {
 	char buf[4096];
@ -108,7 +108,7 @@ buffer_compress(Buffer * input_buffer, Buffer * output_buffer)
 * with that.  This appends the uncompressed data to the output buffer.
 */
-void 
+void
 buffer_uncompress(Buffer * input_buffer, Buffer * output_buffer)
 {
 	char buf[4096];
--- a/compress.h
+++ b/compress.h
@ -1,19 +1,19 @@
 /*
- * 
+ *
 * compress.h
- * 
+ *
 * Author: Tatu Ylonen <ylo@cs.hut.fi>
- * 
+ *
 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
 *                    All rights reserved
- * 
+ *
 * Created: Wed Oct 25 22:12:46 1995 ylo
- * 
+ *
 * Interface to packet compression for ssh.
- * 
+ *
 */
-/* RCSID("$Id: compress.h,v 1.3 1999/11/25 00:54:59 damien Exp $"); */
+/* RCSID("$Id: compress.h,v 1.4 2000/04/16 01:18:42 damien Exp $"); */
 #ifndef COMPRESS_H
 #define COMPRESS_H
--- a/crc32.h
+++ b/crc32.h
@ -1,19 +1,19 @@
 /*
- * 
+ *
 * crc32.h
- * 
+ *
 * Author: Tatu Ylonen <ylo@cs.hut.fi>
- * 
+ *
 * Copyright (c) 1992 Tatu Ylonen, Espoo, Finland
 *                    All rights reserved
- * 
+ *
 * Created: Tue Feb 11 14:37:27 1992 ylo
- * 
+ *
 * Functions for computing 32-bit CRC.
- * 
+ *
 */
-/* RCSID("$Id: crc32.h,v 1.3 1999/11/25 00:54:59 damien Exp $"); */
+/* RCSID("$Id: crc32.h,v 1.4 2000/04/16 01:18:42 damien Exp $"); */
 #ifndef CRC32_H
 #define CRC32_H
--- a/dispatch.c
+++ b/dispatch.c
@ -0,0 +1,78 @@
 /*
 * Copyright (c) 2000 Markus Friedl.  All rights reserved.
 *
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions
 * are met:
 * 1. Redistributions of source code must retain the above copyright
 *    notice, this list of conditions and the following disclaimer.
 * 2. Redistributions in binary form must reproduce the above copyright
 *    notice, this list of conditions and the following disclaimer in the
 *    documentation and/or other materials provided with the distribution.
 * 3. All advertising materials mentioning features or use of this software
 *    must display the following acknowledgement:
 *      This product includes software developed by Markus Friedl.
 * 4. The name of the author may not be used to endorse or promote products
 *    derived from this software without specific prior written permission.
 *
 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 */
 #include "includes.h"
 RCSID("$Id: dispatch.c,v 1.3 2000/04/16 01:18:42 damien Exp $");
 #include "ssh.h"
 #include "dispatch.h"
 #include "packet.h"
 #define DISPATCH_MIN	0
 #define DISPATCH_MAX	255
 dispatch_fn *dispatch[DISPATCH_MAX];
 void
 dispatch_protocol_error(int type, int plen)
 {
 	error("Hm, dispatch protocol error: type %d plen %d", type, plen);
 }
 void
 dispatch_init(dispatch_fn *dflt)
 {
 	int i;
 	for (i = 0; i < DISPATCH_MAX; i++)
 		dispatch[i] = dflt;
 }
 void
 dispatch_set(int type, dispatch_fn *fn)
 {
 	dispatch[type] = fn;
 }
 void
 dispatch_run(int mode, int *done)
 {
 	for (;;) {
 		int plen;
 		int type;
 		if (mode == DISPATCH_BLOCK) {
 			type = packet_read(&plen);
 		} else {
 			type = packet_read_poll(&plen);
 			if (type == SSH_MSG_NONE)
 				return;
 		}
 		if (type > 0 && type < DISPATCH_MAX && dispatch[type] != NULL)
 			(*dispatch[type])(type, plen);
 		else
 			packet_disconnect("protocol error: rcvd type %d", type);	
 		if (done != NULL && *done)
 			return;
 	}
 }
--- a/dsa.c
+++ b/dsa.c
@ -28,7 +28,7 @@
 */
 #include "includes.h"
-RCSID("$Id: dsa.c,v 1.3 2000/04/12 09:39:10 markus Exp $");
+RCSID("$Id: dsa.c,v 1.4 2000/04/14 10:30:31 markus Exp $");
 #include "ssh.h"
 #include "xmalloc.h"
@ -108,7 +108,7 @@ dsa_load_private(char *filename)
 	in = BIO_new(BIO_s_file());
 	if (in == NULL)
 		fatal("BIO_new failed");
-	if (BIO_read_filename(in, filename) <= 0) 
+	if (BIO_read_filename(in, filename) <= 0)
 		fatal("BIO_read failed %s: %s", filename, strerror(errno));
 	fprintf(stderr, "read DSA private key\n");
 	dsa = PEM_read_bio_DSAPrivateKey(in,NULL,NULL,NULL);
@ -182,9 +182,9 @@ dsa_sign(
 	sig = DSA_do_sign(digest, evp_md->md_size, key->dsa);
-        rlen = BN_num_bytes(sig->r);
+	rlen = BN_num_bytes(sig->r);
-        slen = BN_num_bytes(sig->s);
+	slen = BN_num_bytes(sig->s);
-        if (rlen > INTBLOB_LEN || slen > INTBLOB_LEN) {
+	if (rlen > INTBLOB_LEN || slen > INTBLOB_LEN) {
 		error("bad sig size %d %d", rlen, slen);
 		DSA_SIG_free(sig);
 		return -1;
--- a/getput.h
+++ b/getput.h
@ -1,19 +1,19 @@
 /*
- * 
+ *
 * getput.h
- * 
+ *
 * Author: Tatu Ylonen <ylo@cs.hut.fi>
- * 
+ *
 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
 *                    All rights reserved
- * 
+ *
 * Created: Wed Jun 28 22:36:30 1995 ylo
- * 
+ *
 * Macros for storing and retrieving data in msb first and lsb first order.
- * 
+ *
 */
-/* RCSID("$Id: getput.h,v 1.2 1999/11/24 13:26:22 damien Exp $"); */
+/* RCSID("$Id: getput.h,v 1.3 2000/04/16 01:18:42 damien Exp $"); */
 #ifndef GETPUT_H
 #define GETPUT_H
@ -21,7 +21,7 @@
 /*------------ macros for storing/extracting msb first words -------------*/
 #define GET_32BIT(cp) (((unsigned long)(unsigned char)(cp)[0] << 24) | \
-  		       ((unsigned long)(unsigned char)(cp)[1] << 16) | \
+		       ((unsigned long)(unsigned char)(cp)[1] << 16) | \
 		       ((unsigned long)(unsigned char)(cp)[2] << 8) | \
 		       ((unsigned long)(unsigned char)(cp)[3]))
--- a/hostfile.c
+++ b/hostfile.c
@ -1,20 +1,20 @@
 /*
- * 
+ *
 * hostfile.c
- * 
+ *
 * Author: Tatu Ylonen <ylo@cs.hut.fi>
- * 
+ *
 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
 *                    All rights reserved
- * 
+ *
 * Created: Thu Jun 29 07:10:56 1995 ylo
- * 
+ *
 * Functions for manipulating the known hosts files.
- * 
+ *
 */
 #include "includes.h"
-RCSID("$OpenBSD: hostfile.c,v 1.15 2000/04/12 09:39:10 markus Exp $");
+RCSID("$OpenBSD: hostfile.c,v 1.16 2000/04/14 10:30:31 markus Exp $");
 #ifdef HAVE_OPENSSL
 #include <openssl/bn.h>
--- a/hostfile.h
+++ b/hostfile.h
@ -10,7 +10,7 @@
 typedef enum {
 	HOST_OK, HOST_NEW, HOST_CHANGED
 }       HostStatus;
-HostStatus 
+HostStatus
 check_host_in_hostfile(const char *filename, const char *host, Key *key, Key *found);
 /*
--- a/includes.h
+++ b/includes.h
@ -1,16 +1,16 @@
 /*
- * 
+ *
 * includes.h
- * 
+ *
 * Author: Tatu Ylonen <ylo@cs.hut.fi>
- * 
+ *
 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
 *                    All rights reserved
- * 
+ *
 * Created: Thu Mar 23 16:29:37 1995 ylo
- * 
+ *
 * This file includes most of the needed system headers.
- * 
+ *
 */
 #ifndef INCLUDES_H
--- a/kex.c
+++ b/kex.c
@ -28,7 +28,7 @@
 */
 #include "includes.h"
-RCSID("$Id: kex.c,v 1.4 2000/04/13 02:26:36 damien Exp $");
+RCSID("$Id: kex.c,v 1.5 2000/04/16 01:18:43 damien Exp $");
 #include "ssh.h"
 #include "ssh2.h"
@ -149,12 +149,12 @@ void
 dump_digest(unsigned char *digest, int len)
 {
 	int i;
-        for (i = 0; i< len; i++){
+	for (i = 0; i< len; i++){
-                fprintf(stderr, "%02x", digest[i]);
+		fprintf(stderr, "%02x", digest[i]);
 		if(i%2!=0)
 			fprintf(stderr, " ");
 	}
-        fprintf(stderr, "\n");
+	fprintf(stderr, "\n");
 }
 unsigned char *
@ -201,7 +201,7 @@ kex_hash(
 	buffer_free(&b);
 #ifdef DEBUG_KEX
-        dump_digest(digest, evp_md->md_size);
+	dump_digest(digest, evp_md->md_size);
 #endif
 	return digest;
 }
@ -345,7 +345,7 @@ choose_kex(Kex *k, char *client, char *server)
 	k->name = get_match(client, server);
 	if (k->name == NULL)
 		fatal("no kex alg");
-    	if (strcmp(k->name, KEX_DH1) != 0)
+	if (strcmp(k->name, KEX_DH1) != 0)
 		fatal("bad kex alg %s", k->name);
 }
 void
--- a/log-client.c
+++ b/log-client.c
@ -1,21 +1,21 @@
 /*
- * 
+ *
 * log-client.c
- * 
+ *
 * Author: Tatu Ylonen <ylo@cs.hut.fi>
- * 
+ *
 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
 *                    All rights reserved
- * 
+ *
 * Created: Mon Mar 20 21:13:40 1995 ylo
- * 
+ *
 * Client-side versions of debug(), log(), etc.  These print to stderr.
 * This is a stripped down version of log-server.c.
- * 
+ *
 */
 #include "includes.h"
-RCSID("$Id: log-client.c,v 1.5 2000/03/09 10:27:50 damien Exp $");
+RCSID("$Id: log-client.c,v 1.6 2000/04/16 01:18:43 damien Exp $");
 #include "xmalloc.h"
 #include "ssh.h"
--- a/log-server.c
+++ b/log-server.c
@ -1,21 +1,21 @@
 /*
- * 
+ *
 * log-server.c
- * 
+ *
 * Author: Tatu Ylonen <ylo@cs.hut.fi>
- * 
+ *
 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
 *                    All rights reserved
- * 
+ *
 * Created: Mon Mar 20 21:19:30 1995 ylo
- * 
+ *
 * Server-side versions of debug(), log(), etc.  These normally send the output
 * to the system log.
- * 
+ *
 */
 #include "includes.h"
-RCSID("$Id: log-server.c,v 1.8 2000/04/01 01:09:24 damien Exp $");
+RCSID("$Id: log-server.c,v 1.9 2000/04/16 01:18:43 damien Exp $");
 #include <syslog.h>
 #include "packet.h"
@ -38,7 +38,7 @@ static int log_facility = LOG_AUTH;
 *   level	logging level
 */
-void 
+void
 log_init(char *av0, LogLevel level, SyslogFacility facility, int on_stderr)
 {
 	switch (level) {
--- a/login.c
+++ b/login.c
@ -1,24 +1,24 @@
 /*
- * 
+ *
 * login.c
- * 
+ *
 * Author: Tatu Ylonen <ylo@cs.hut.fi>
- * 
+ *
 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
 *                    All rights reserved
- * 
+ *
 * Created: Fri Mar 24 14:51:08 1995 ylo
- * 
+ *
 * This file performs some of the things login(1) normally does.  We cannot
 * easily use something like login -p -h host -f user, because there are
 * several different logins around, and it is hard to determined what kind of
 * login the current system has.  Also, we want to be able to execute commands
 * on a tty.
- * 
+ *
 */
 #include "includes.h"
-RCSID("$Id: login.c,v 1.22 2000/02/02 08:17:41 damien Exp $");
+RCSID("$Id: login.c,v 1.23 2000/04/16 01:18:43 damien Exp $");
 #if defined(HAVE_UTMPX_H) && defined(USE_UTMPX)
 # include <utmpx.h>
@ -49,7 +49,7 @@ RCSID("$Id: login.c,v 1.22 2000/02/02 08:17:41 damien Exp $");
 * is found).  The name of the host used last time is returned in buf.
 */
-unsigned long 
+unsigned long
 get_last_login_time(uid_t uid, const char *logname,
 		    char *buf, unsigned int bufsize)
 {
@ -135,7 +135,7 @@ get_last_login_time(uid_t uid, const char *logname,
 * were more standardized.
 */
-void 
+void
 record_login(int pid, const char *ttyname, const char *user, uid_t uid,
 	     const char *host, struct sockaddr * addr)
 {
@ -273,7 +273,7 @@ record_login(int pid, const char *ttyname, const char *user, uid_t uid,
 /* Records that the user has logged out. */
-void 
+void
 record_logout(int pid, const char *ttyname)
 {
 #ifdef HAVE_LIBUTIL_LOGIN
--- a/match.c
+++ b/match.c
@ -1,20 +1,20 @@
 /*
- * 
+ *
 * match.c
- * 
+ *
 * Author: Tatu Ylonen <ylo@cs.hut.fi>
- * 
+ *
 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
 *                    All rights reserved
- * 
+ *
 * Created: Thu Jun 22 01:17:50 1995 ylo
- * 
+ *
 * Simple pattern matching, with '*' and '?' as wildcards.
- * 
+ *
 */
 #include "includes.h"
-RCSID("$Id: match.c,v 1.4 2000/03/26 03:04:53 damien Exp $");
+RCSID("$Id: match.c,v 1.5 2000/04/16 01:18:43 damien Exp $");
 #include "ssh.h"
@ -23,7 +23,7 @@ RCSID("$Id: match.c,v 1.4 2000/03/26 03:04:53 damien Exp $");
 * and * as wildcards), and zero if it does not match.
 */
-int 
+int
 match_pattern(const char *s, const char *pattern)
 {
 	for (;;) {
--- a/mpaux.c
+++ b/mpaux.c
@ -1,21 +1,21 @@
 /*
- * 
+ *
 * mpaux.c
- * 
+ *
 * Author: Tatu Ylonen <ylo@cs.hut.fi>
- * 
+ *
 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
 *                    All rights reserved
- * 
+ *
 * Created: Sun Jul 16 04:29:30 1995 ylo
- * 
+ *
 * This file contains various auxiliary functions related to multiple
 * precision integers.
- * 
+ *
 */
 #include "includes.h"
-RCSID("$Id: mpaux.c,v 1.10 2000/04/13 02:26:36 damien Exp $");
+RCSID("$Id: mpaux.c,v 1.11 2000/04/16 01:18:43 damien Exp $");
 #include "getput.h"
 #include "xmalloc.h"
--- a/mpaux.h
+++ b/mpaux.h
@ -1,19 +1,19 @@
 /*
- * 
+ *
 * mpaux.h
- * 
+ *
 * Author: Tatu Ylonen <ylo@cs.hut.fi>
- * 
+ *
 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
 *                    All rights reserved
- * 
+ *
 * Created: Sun Jul 16 04:29:30 1995 ylo
- * 
+ *
 * This file contains various auxiliary functions related to multiple
 * precision integers.
 */
-/* RCSID("$Id: mpaux.h,v 1.4 1999/11/25 00:54:59 damien Exp $"); */
+/* RCSID("$Id: mpaux.h,v 1.5 2000/04/16 01:18:43 damien Exp $"); */
 #ifndef MPAUX_H
 #define MPAUX_H
@ -23,7 +23,7 @@
 * session id is computed by concatenating the linearized, msb first
 * representations of host_key_n, session_key_n, and the cookie.
 */
-void 
+void
 compute_session_id(unsigned char session_id[16],
    unsigned char cookie[8],
    BIGNUM * host_key_n,
--- a/nchan.c
+++ b/nchan.c
@ -28,7 +28,7 @@
 */
 #include "includes.h"
-RCSID("$Id: nchan.c,v 1.7 2000/04/04 04:39:02 damien Exp $");
+RCSID("$Id: nchan.c,v 1.8 2000/04/16 01:18:43 damien Exp $");
 #include "ssh.h"
@ -389,11 +389,11 @@ chan_delete_if_full_closed2(Channel *c)
 		if (!(c->flags & CHAN_CLOSE_SENT)) {
 			chan_send_close2(c);
 		}
-		if ((c->flags & CHAN_CLOSE_SENT) && 
+		if ((c->flags & CHAN_CLOSE_SENT) &&
 		    (c->flags & CHAN_CLOSE_RCVD)) {
 			debug("channel %d: full closed2", c->self);
 			channel_free(c->self);
-		} 
+		}
 	}
 }
--- a/packet.c
+++ b/packet.c
@ -1,14 +1,14 @@
 /*
- * 
+ *
 * packet.c
- * 
+ *
 * Author: Tatu Ylonen <ylo@cs.hut.fi>
- * 
+ *
 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
 *                    All rights reserved
- * 
+ *
 * Created: Sat Mar 18 02:40:40 1995 ylo
- * 
+ *
 * This file contains code implementing the packet protocol and communication
 * with the other side.  This same code is used both on client and server side.
 *
@ -17,7 +17,7 @@
 */
 #include "includes.h"
-RCSID("$Id: packet.c,v 1.17 2000/04/13 02:26:37 damien Exp $");
+RCSID("$Id: packet.c,v 1.18 2000/04/16 01:18:43 damien Exp $");
 #ifdef HAVE_OPENSSL
 # include <openssl/bn.h>
@ -529,7 +529,7 @@ packet_send2()
 	unsigned int packet_length = 0;
 	unsigned int i, padlen, len;
 	u_int32_t rand = 0;
-        static unsigned int seqnr = 0;
+	static unsigned int seqnr = 0;
 	int type;
 	Enc *enc   = NULL;
 	Mac *mac   = NULL;
@ -611,9 +611,9 @@ packet_send2()
 	fprintf(stderr, "encrypted: ");
 	buffer_dump(&output);
 #endif
-        /* increment sequence number for outgoing packets */
+	/* increment sequence number for outgoing packets */
-        if (++seqnr == 0)
+	if (++seqnr == 0)
-                log("outgoing seqnr wraps around");
+		log("outgoing seqnr wraps around");
 	buffer_clear(&outgoing_packet);
 	if (type == SSH2_MSG_NEWKEYS) {
@ -877,7 +877,7 @@ packet_read_poll2(int *payload_len_ptr)
 	 * compute MAC over seqnr and packet,
 	 * increment sequence number for incoming packet
 	 */
-        if (mac && mac->enabled) {
+	if (mac && mac->enabled) {
 		macbuf = hmac( mac->md, seqnr,
 		    (unsigned char *) buffer_ptr(&incoming_packet),
 		    buffer_len(&incoming_packet),
@ -888,8 +888,8 @@ packet_read_poll2(int *payload_len_ptr)
 		DBG(debug("HMAC #%d ok", seqnr));
 		buffer_consume(&input, mac->mac_len);
 	}
-        if (++seqnr == 0)
+	if (++seqnr == 0)
-                log("incoming seqnr wraps around");
+		log("incoming seqnr wraps around");
 	/* get padlen */
 	cp = buffer_ptr(&incoming_packet) + 4;
@ -1063,6 +1063,12 @@ packet_get_raw(int *length_ptr)
 	return buffer_ptr(&incoming_packet);
 }
 int
 packet_remaining(void)
 {
 	return buffer_len(&incoming_packet);
 }
 /*
 * Returns a string from the packet data.  The string is allocated using
 * xmalloc; it is the responsibility of the calling program to free it when
--- a/packet.h
+++ b/packet.h
@ -1,19 +1,19 @@
 /*
- * 
+ *
 * packet.h
- * 
+ *
 * Author: Tatu Ylonen <ylo@cs.hut.fi>
- * 
+ *
 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
 *                    All rights reserved
- * 
+ *
 * Created: Sat Mar 18 02:02:14 1995 ylo
- * 
+ *
 * Interface for the packet protocol functions.
- * 
+ *
 */
-/* RCSID("$Id: packet.h,v 1.13 2000/04/13 02:26:37 damien Exp $"); */
+/* RCSID("$Id: packet.h,v 1.14 2000/04/16 01:18:44 damien Exp $"); */
 #ifndef PACKET_H
 #define PACKET_H
@ -52,7 +52,7 @@ void    packet_close(void);
 * key is used for both sending and reception.  However, both directions are
 * encrypted independently of each other.  Cipher types are defined in ssh.h.
 */
-void 
+void
 packet_set_encryption_key(const unsigned char *key, unsigned int keylen,
    int cipher_type);
@ -201,6 +201,16 @@ do { \
  } \
 } while (0)
 #define packet_done() \
 do { \
 	int _len = packet_remaining(); \
 	if (_len > 0) { \
 		log("Packet integrity error (%d bytes remaining) at %s:%d", \
 		    _len ,__FILE__, __LINE__); \
 		packet_disconnect("Packet integrity error."); \
 	} \
 } while (0)
 /* remote host is connected via a socket/ipv4 */
 int	packet_connection_is_on_socket(void);
 int	packet_connection_is_ipv4(void);
@ -208,4 +218,7 @@ int	packet_connection_is_ipv4(void);
 /* enable SSH2 packet format */
 void	packet_set_ssh2_format(void);
 /* returns remaining payload bytes */
 int	packet_remaining(void);
 #endif				/* PACKET_H */
--- a/pty.c
+++ b/pty.c
@ -1,20 +1,20 @@
 /*
- * 
+ *
 * pty.c
- * 
+ *
 * Author: Tatu Ylonen <ylo@cs.hut.fi>
- * 
+ *
 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
 *                    All rights reserved
- * 
+ *
 * Created: Fri Mar 17 04:37:25 1995 ylo
- * 
+ *
 * Allocating a pseudo-terminal, and making it the controlling tty.
- * 
+ *
 */
 #include "includes.h"
-RCSID("$Id: pty.c,v 1.17 2000/03/17 12:58:59 damien Exp $");
+RCSID("$Id: pty.c,v 1.18 2000/04/16 01:18:44 damien Exp $");
 #ifdef HAVE_UTIL_H
 # include <util.h>
@ -46,7 +46,7 @@ RCSID("$Id: pty.c,v 1.17 2000/03/17 12:58:59 damien Exp $");
 * returned (the buffer must be able to hold at least 64 characters).
 */
-int 
+int
 pty_allocate(int *ptyfd, int *ttyfd, char *namebuf, int namebuflen)
 {
 #if defined(HAVE_OPENPTY) || defined(BSD4_4)
@ -186,7 +186,7 @@ pty_allocate(int *ptyfd, int *ttyfd, char *namebuf, int namebuflen)
 /* Releases the tty.  Its ownership is returned to root, and permissions to 0666. */
-void 
+void
 pty_release(const char *ttyname)
 {
 	if (chown(ttyname, (uid_t) 0, (gid_t) 0) < 0)
@ -197,7 +197,7 @@ pty_release(const char *ttyname)
 /* Makes the tty the processes controlling tty and sets it to sane modes. */
-void 
+void
 pty_make_controlling_tty(int *ttyfd, const char *ttyname)
 {
 	int fd;
@ -250,7 +250,7 @@ pty_make_controlling_tty(int *ttyfd, const char *ttyname)
 /* Changes the window size associated with the pty. */
-void 
+void
 pty_change_window_size(int ptyfd, int row, int col,
 		       int xpixel, int ypixel)
 {
--- a/pty.h
+++ b/pty.h
@ -1,19 +1,19 @@
 /*
- * 
+ *
 * pty.h
- * 
+ *
 * Author: Tatu Ylonen <ylo@cs.hut.fi>
- * 
+ *
 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
 *                    All rights reserved
- * 
+ *
 * Created: Fri Mar 17 05:03:28 1995 ylo
- * 
+ *
 * Functions for allocating a pseudo-terminal and making it the controlling
 * tty.
 */
-/* RCSID("$Id: pty.h,v 1.7 2000/04/01 01:09:25 damien Exp $"); */
+/* RCSID("$Id: pty.h,v 1.8 2000/04/16 01:18:44 damien Exp $"); */
 #ifndef PTY_H
 #define PTY_H
@ -39,7 +39,7 @@ void    pty_release(const char *ttyname);
 void    pty_make_controlling_tty(int *ttyfd, const char *ttyname);
 /* Changes the window size associated with the pty. */
-void 
+void
 pty_change_window_size(int ptyfd, int row, int col,
    int xpixel, int ypixel);
--- a/radix.c
+++ b/radix.c
@ -1,10 +1,10 @@
 /*
 *   radix.c
- * 
+ *
 *   base-64 encoding pinched from lynx2-7-2, who pinched it from rpem.
 *   Originally written by Mark Riordan 12 August 1990 and 17 Feb 1991
 *   and placed in the public domain.
- * 
+ *
 *   Dug Song <dugsong@UMICH.EDU>
 */
@ -23,7 +23,7 @@ char six2pr[64] = {
 unsigned char pr2six[256];
-int 
+int
 uuencode(unsigned char *bufin, unsigned int nbytes, char *bufcoded)
 {
 	/* ENC is the basic 1 character encoding function to make a char printing */
@ -49,7 +49,7 @@ uuencode(unsigned char *bufin, unsigned int nbytes, char *bufcoded)
 	return (outptr - bufcoded);
 }
-int 
+int
 uudecode(const char *bufcoded, unsigned char *bufplain, int outbufsize)
 {
 	/* single character decode */
@ -162,7 +162,7 @@ typedef unsigned short my_u_short;
 }
-int 
+int
 creds_to_radix(CREDENTIALS *creds, unsigned char *buf)
 {
 	char *p, *s;
@ -216,7 +216,7 @@ creds_to_radix(CREDENTIALS *creds, unsigned char *buf)
 	return (uuencode((unsigned char *)temp, len, (char *)buf));
 }
-int 
+int
 radix_to_creds(const char *buf, CREDENTIALS *creds)
 {
--- a/readconf.c
+++ b/readconf.c
@ -1,20 +1,20 @@
 /*
- * 
+ *
 * readconf.c
- * 
+ *
 * Author: Tatu Ylonen <ylo@cs.hut.fi>
- * 
+ *
 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
 *                    All rights reserved
- * 
+ *
 * Created: Sat Apr 22 00:03:10 1995 ylo
- * 
+ *
 * Functions for reading the configuration files.
- * 
+ *
 */
 #include "includes.h"
-RCSID("$Id: readconf.c,v 1.10 2000/04/12 10:17:40 damien Exp $");
+RCSID("$Id: readconf.c,v 1.11 2000/04/16 01:18:44 damien Exp $");
 #include "ssh.h"
 #include "cipher.h"
@ -167,7 +167,7 @@ static struct {
 * error.
 */
-void 
+void
 add_local_forward(Options *options, u_short port, const char *host,
 		  u_short host_port)
 {
@ -188,7 +188,7 @@ add_local_forward(Options *options, u_short port, const char *host,
 * an error.
 */
-void 
+void
 add_remote_forward(Options *options, u_short port, const char *host,
 		   u_short host_port)
 {
@ -207,7 +207,7 @@ add_remote_forward(Options *options, u_short port, const char *host,
 * returns if the token is not known.
 */
-static OpCodes 
+static OpCodes
 parse_token(const char *cp, const char *filename, int linenum)
 {
 	unsigned int i;
@ -567,7 +567,7 @@ parse_int:
 * there is an error.  If the file does not exist, this returns immediately.
 */
-void 
+void
 read_config_file(const char *filename, const char *host, Options *options)
 {
 	FILE *f;
@ -607,7 +607,7 @@ read_config_file(const char *filename, const char *host, Options *options)
 * system config file.  Last, fill_default_options is called.
 */
-void 
+void
 initialize_options(Options * options)
 {
 	memset(options, 'X', sizeof(*options));
@ -658,7 +658,7 @@ initialize_options(Options * options)
 * options for which no value has been specified with their default values.
 */
-void 
+void
 fill_default_options(Options * options)
 {
 	if (options->forward_agent == -1)
--- a/readconf.h
+++ b/readconf.h
@ -1,19 +1,19 @@
 /*
- * 
+ *
 * readconf.h
- * 
+ *
 * Author: Tatu Ylonen <ylo@cs.hut.fi>
- * 
+ *
 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
 *                    All rights reserved
- * 
+ *
 * Created: Sat Apr 22 00:25:29 1995 ylo
- * 
+ *
 * Functions for reading the configuration file.
- * 
+ *
 */
-/* RCSID("$Id: readconf.h,v 1.7 2000/04/12 10:17:40 damien Exp $"); */
+/* RCSID("$Id: readconf.h,v 1.8 2000/04/16 01:18:44 damien Exp $"); */
 #ifndef READCONF_H
 #define READCONF_H
@ -106,7 +106,7 @@ void    fill_default_options(Options * options);
 * only sets those values that have not already been set. Returns 0 for legal
 * options
 */
-int 
+int
 process_config_line(Options * options, const char *host,
    char *line, const char *filename, int linenum,
    int *activep);
@ -116,7 +116,7 @@ process_config_line(Options * options, const char *host,
 * should already be initialized before this call.  This never returns if
 * there is an error.  If the file does not exist, this returns immediately.
 */
-void 
+void
 read_config_file(const char *filename, const char *host,
    Options * options);
@ -124,7 +124,7 @@ read_config_file(const char *filename, const char *host,
 * Adds a local TCP/IP port forward to options.  Never returns if there is an
 * error.
 */
-void 
+void
 add_local_forward(Options * options, u_short port, const char *host,
    u_short host_port);
@ -132,7 +132,7 @@ add_local_forward(Options * options, u_short port, const char *host,
 * Adds a remote TCP/IP port forward to options.  Never returns if there is
 * an error.
 */
-void 
+void
 add_remote_forward(Options * options, u_short port, const char *host,
    u_short host_port);
--- a/readpass.c
+++ b/readpass.c
@ -32,7 +32,7 @@
 */
 #include "includes.h"
-RCSID("$Id: readpass.c,v 1.5 2000/01/22 08:47:21 damien Exp $");
+RCSID("$Id: readpass.c,v 1.6 2000/04/16 01:18:44 damien Exp $");
 #include "xmalloc.h"
 #include "ssh.h"
@ -58,7 +58,7 @@ read_passphrase(const char *prompt, int from_stdin)
 	sigset_t oset, nset;
 	struct sigaction sa, osa;
 	int input, output, echo = 0;
-  
+
 	if (from_stdin) {
 		input = STDIN_FILENO;
 		output = STDERR_FILENO;
--- a/rsa.c
+++ b/rsa.c
@ -1,41 +1,41 @@
 /*
- * 
+ *
 * rsa.c
- * 
+ *
 * Author: Tatu Ylonen <ylo@cs.hut.fi>
- * 
+ *
 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
 *                    All rights reserved
- * 
+ *
 * Created: Fri Mar  3 22:07:06 1995 ylo
- * 
+ *
 * Description of the RSA algorithm can be found e.g. from the following sources:
- * 
+ *
 *   Bruce Schneier: Applied Cryptography.  John Wiley & Sons, 1994.
- * 
+ *
 *   Jennifer Seberry and Josed Pieprzyk: Cryptography: An Introduction to
 *   Computer Security.  Prentice-Hall, 1989.
- * 
+ *
 *   Man Young Rhee: Cryptography and Secure Data Communications.  McGraw-Hill,
 *   1994.
- * 
+ *
 *   R. Rivest, A. Shamir, and L. M. Adleman: Cryptographic Communications
 *   System and Method.  US Patent 4,405,829, 1983.
- * 
+ *
 *   Hans Riesel: Prime Numbers and Computer Methods for Factorization.
 *   Birkhauser, 1994.
- * 
+ *
 *   The RSA Frequently Asked Questions document by RSA Data Security, Inc., 1995.
- * 
+ *
 *   RSA in 3 lines of perl by Adam Back <aba@atlax.ex.ac.uk>, 1995, as included
 *   below:
- * 
+ *
 *     [gone - had to be deleted - what a pity]
- * 
+ *
 */
 #include "includes.h"
-RCSID("$Id: rsa.c,v 1.13 2000/04/04 04:57:08 damien Exp $");
+RCSID("$Id: rsa.c,v 1.14 2000/04/16 01:18:45 damien Exp $");
 #include "rsa.h"
 #include "ssh.h"
--- a/rsa.h
+++ b/rsa.h
@ -1,19 +1,19 @@
 /*
- * 
+ *
 * rsa.h
- * 
+ *
 * Author: Tatu Ylonen <ylo@cs.hut.fi>
- * 
+ *
 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
 *                    All rights reserved
- * 
+ *
 * Created: Fri Mar  3 22:01:06 1995 ylo
- * 
+ *
 * RSA key generation, encryption and decryption.
- * 
+ *
 */
-/* RCSID("$Id: rsa.h,v 1.7 2000/04/13 02:26:37 damien Exp $"); */
+/* RCSID("$Id: rsa.h,v 1.8 2000/04/16 01:18:45 damien Exp $"); */
 #ifndef RSA_H
 #define RSA_H
--- a/scp.c
+++ b/scp.c
@ -1,13 +1,13 @@
 /*
- * 
+ *
 * scp - secure remote copy.  This is basically patched BSD rcp which uses ssh
 * to do the data transfer (instead of using rcmd).
- * 
+ *
 * NOTE: This version should NOT be suid root.  (This uses ssh to do the transfer
 * and ssh has the necessary privileges.)
- * 
+ *
 * 1995 Timo Rinne <tri@iki.fi>, Tatu Ylonen <ylo@cs.hut.fi>
- * 
+ *
 */
 /*
@ -45,7 +45,7 @@
 */
 #include "includes.h"
-RCSID("$Id: scp.c,v 1.18 2000/03/17 12:40:16 damien Exp $");
+RCSID("$Id: scp.c,v 1.19 2000/04/16 01:18:45 damien Exp $");
 #include "ssh.h"
 #include "xmalloc.h"
@ -109,7 +109,7 @@ char *port = NULL;
 * assigns the input and output file descriptors on success.
 */
-int 
+int
 do_cmd(char *host, char *remuser, char *cmd, int *fdin, int *fdout)
 {
 	int pin[2], pout[2], reserved[2];
@ -194,7 +194,7 @@ do_cmd(char *host, char *remuser, char *cmd, int *fdin, int *fdout)
 	return 0;
 }
-void 
+void
 fatal(const char *fmt,...)
 {
 	va_list ap;
@ -257,10 +257,10 @@ main(argc, argv)
 		switch (ch) {
 		/* User-visible flags. */
 		case '4':
-	       		IPv4 = 1;
+			IPv4 = 1;
 			break;
 		case '6':
-	       		IPv6 = 1;
+			IPv6 = 1;
 			break;
 		case 'p':
 			pflag = 1;
@ -1008,7 +1008,7 @@ run_err(const char *fmt,...)
 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
 * SUCH DAMAGE.
 *
- *	$Id: scp.c,v 1.18 2000/03/17 12:40:16 damien Exp $
+ *	$Id: scp.c,v 1.19 2000/04/16 01:18:45 damien Exp $
 */
 char *
--- a/servconf.c
+++ b/servconf.c
@ -1,18 +1,18 @@
 /*
- * 
+ *
 * servconf.c
- * 
+ *
 * Author: Tatu Ylonen <ylo@cs.hut.fi>
- * 
+ *
 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
 *                    All rights reserved
- * 
+ *
 * Created: Mon Aug 21 15:48:58 1995 ylo
- * 
+ *
 */
 #include "includes.h"
-RCSID("$Id: servconf.c,v 1.11 2000/04/12 10:17:40 damien Exp $");
+RCSID("$Id: servconf.c,v 1.12 2000/04/16 01:18:45 damien Exp $");
 #include "ssh.h"
 #include "servconf.h"
@ -24,7 +24,7 @@ void add_listen_addr(ServerOptions *options, char *addr);
 /* Initializes the server options to their default values. */
-void 
+void
 initialize_server_options(ServerOptions *options)
 {
 	memset(options, 0, sizeof(*options));
@ -73,7 +73,7 @@ initialize_server_options(ServerOptions *options)
 	options->protocol = SSH_PROTO_UNKNOWN;
 }
-void 
+void
 fill_default_server_options(ServerOptions *options)
 {
 	if (options->num_ports == 0)
@ -226,7 +226,7 @@ static struct {
 * returns if the token is not known.
 */
-static ServerOpCodes 
+static ServerOpCodes
 parse_token(const char *cp, const char *filename,
 	    int linenum)
 {
@ -244,7 +244,7 @@ parse_token(const char *cp, const char *filename,
 /*
 * add listen address
 */
-void 
+void
 add_listen_addr(ServerOptions *options, char *addr)
 {
 	extern int IPv4or6;
@ -274,7 +274,7 @@ add_listen_addr(ServerOptions *options, char *addr)
 /* Reads the server configuration file. */
-void 
+void
 read_server_config(ServerOptions *options, const char *filename)
 {
 	FILE *f;
@ -310,7 +310,7 @@ read_server_config(ServerOptions *options, const char *filename)
 				    "ListenAdress.\n", filename, linenum);
 			if (options->num_ports >= MAX_PORTS)
 				fatal("%s line %d: too many ports.\n",
-			            filename, linenum);
+				    filename, linenum);
 			cp = strtok(NULL, WHITESPACE);
 			if (!cp)
 				fatal("%s line %d: missing port number.\n",
--- a/servconf.h
+++ b/servconf.h
@ -1,19 +1,19 @@
 /*
- * 
+ *
 * servconf.h
- * 
+ *
 * Author: Tatu Ylonen <ylo@cs.hut.fi>
- * 
+ *
 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
 *                    All rights reserved
- * 
+ *
 * Created: Mon Aug 21 15:35:03 1995 ylo
- * 
+ *
 * Definitions for server configuration data and for the functions reading it.
- * 
+ *
 */
-/* RCSID("$Id: servconf.h,v 1.8 2000/04/12 10:17:40 damien Exp $"); */
+/* RCSID("$Id: servconf.h,v 1.9 2000/04/16 01:18:45 damien Exp $"); */
 #ifndef SERVCONF_H
 #define SERVCONF_H
--- a/serverloop.c
+++ b/serverloop.c
@ -59,7 +59,7 @@ static volatile int child_wait_status;	/* Status from wait(). */
 void	server_init_dispatch(void);
-void 
+void
 sigchld_handler(int sig)
 {
 	int save_errno = errno;
@ -78,7 +78,7 @@ sigchld_handler(int sig)
 	signal(SIGCHLD, sigchld_handler);
 	errno = save_errno;
 }
-void 
+void
 sigchld_handler2(int sig)
 {
 	int save_errno = errno;
@ -92,7 +92,7 @@ sigchld_handler2(int sig)
 * Make packets from buffered stderr data, and buffer it for sending
 * to the client.
 */
-void 
+void
 make_packets_from_stderr_data()
 {
 	int len;
@ -121,7 +121,7 @@ make_packets_from_stderr_data()
 * Make packets from buffered stdout data, and buffer it for sending to the
 * client.
 */
-void 
+void
 make_packets_from_stdout_data()
 {
 	int len;
@ -152,7 +152,7 @@ make_packets_from_stdout_data()
 * have data or can accept data.  Optionally, a maximum time can be specified
 * for the duration of the wait (0 = infinite).
 */
-void 
+void
 wait_until_can_do_something(fd_set * readset, fd_set * writeset,
 			    unsigned int max_time_milliseconds)
 {
@ -246,7 +246,7 @@ retry_select:
 * Processes input from the client and the program.  Input data is stored
 * in buffers and processed later.
 */
-void 
+void
 process_input(fd_set * readset)
 {
 	int len;
@ -299,7 +299,7 @@ process_input(fd_set * readset)
 /*
 * Sends data from internal buffers to client program stdin.
 */
-void 
+void
 process_output(fd_set * writeset)
 {
 	int len;
@ -334,7 +334,7 @@ process_output(fd_set * writeset)
 * Wait until all buffered output has been sent to the client.
 * This is used when the program terminates.
 */
-void 
+void
 drain_output()
 {
 	/* Send any buffered stdout data to the client. */
@ -359,7 +359,7 @@ drain_output()
 	packet_write_wait();
 }
-void 
+void
 process_buffered_input_packets()
 {
 	dispatch_run(DISPATCH_NONBLOCK, NULL);
@ -372,7 +372,7 @@ process_buffered_input_packets()
 * stdin (of the child program), and reads from stdout and stderr (of the
 * child program).
 */
-void 
+void
 server_loop(int pid, int fdin_arg, int fdout_arg, int fderr_arg)
 {
 	int wait_status, wait_pid;	/* Status and pid returned by wait(). */
@ -604,7 +604,7 @@ server_loop(int pid, int fdin_arg, int fdout_arg, int fderr_arg)
 	/* NOTREACHED */
 }
-void 
+void
 server_loop2(void)
 {
 	fd_set readset, writeset;
@ -697,16 +697,17 @@ int
 input_direct_tcpip(void)
 {
 	int sock;
-	char *host, *originator;
+	char *target, *originator;
-	int host_port, originator_port;
+	int target_port, originator_port;
-	host = packet_get_string(NULL);
+	target = packet_get_string(NULL);
-	host_port = packet_get_int();
+	target_port = packet_get_int();
 	originator = packet_get_string(NULL);
 	originator_port = packet_get_int();
 	packet_done();
 	/* XXX check permission */
-	sock = channel_connect_to(host, host_port);
+	sock = channel_connect_to(target, target_port);
-	xfree(host);
+	xfree(target);
 	xfree(originator);
 	if (sock < 0)
 		return -1;
@ -714,7 +715,7 @@ input_direct_tcpip(void)
 	    sock, sock, -1, 4*1024, 32*1024, 0, xstrdup("direct-tcpip"));
 }
-void 
+void
 server_input_channel_open(int type, int plen)
 {
 	Channel *c = NULL;
@ -735,6 +736,7 @@ server_input_channel_open(int type, int plen)
 	if (strcmp(ctype, "session") == 0) {
 		debug("open session");
 		packet_done();
 		/*
 		 * A server session has no fd to read or write
 		 * until a CHANNEL_REQUEST for a shell is made,
@ -783,7 +785,7 @@ server_input_channel_open(int type, int plen)
 	xfree(ctype);
 }
-void 
+void
 server_init_dispatch_20()
 {
 	debug("server_init_dispatch_20");
@ -798,7 +800,7 @@ server_init_dispatch_20()
 	dispatch_set(SSH2_MSG_CHANNEL_REQUEST, &channel_input_channel_request);
 	dispatch_set(SSH2_MSG_CHANNEL_WINDOW_ADJUST, &channel_input_window_adjust);
 }
-void 
+void
 server_init_dispatch_13()
 {
 	debug("server_init_dispatch_13");
@ -813,7 +815,7 @@ server_init_dispatch_13()
 	dispatch_set(SSH_MSG_CHANNEL_OPEN_FAILURE, &channel_input_open_failure);
 	dispatch_set(SSH_MSG_PORT_OPEN, &channel_input_port_open);
 }
-void 
+void
 server_init_dispatch_15()
 {
 	server_init_dispatch_13();
@ -821,7 +823,7 @@ server_init_dispatch_15()
 	dispatch_set(SSH_MSG_CHANNEL_CLOSE, &channel_input_ieof);
 	dispatch_set(SSH_MSG_CHANNEL_CLOSE_CONFIRMATION, &channel_input_oclose);
 }
-void 
+void
 server_init_dispatch()
 {
 	if (compat20)
--- a/session.c
+++ b/session.c
@ -8,7 +8,7 @@
 */
 #include "includes.h"
-RCSID("$OpenBSD: session.c,v 1.2 2000/04/06 08:55:22 markus Exp $");
+RCSID("$OpenBSD: session.c,v 1.4 2000/04/14 10:30:33 markus Exp $");
 #include "xmalloc.h"
 #include "ssh.h"
@ -113,7 +113,7 @@ xauthfile_cleanup_proc(void *ignore)
 * Function to perform cleanup if we get aborted abnormally (e.g., due to a
 * dropped connection).
 */
-void 
+void
 pty_cleanup_proc(void *session)
 {
 	Session *s=session;
@ -136,7 +136,7 @@ pty_cleanup_proc(void *session)
 * terminals are allocated, X11, TCP/IP, and authentication agent forwardings
 * are requested, etc.
 */
-void 
+void
 do_authenticated(struct passwd * pw)
 {
 	Session *s;
@ -366,7 +366,7 @@ do_authenticated(struct passwd * pw)
 * will call do_child from the child, and server_loop from the parent after
 * setting up file descriptors and such.
 */
-void 
+void
 do_exec_no_pty(Session *s, const char *command, struct passwd * pw)
 {
 	int pid;
@ -487,7 +487,7 @@ do_exec_no_pty(Session *s, const char *command, struct passwd * pw)
 * setting up file descriptors, controlling tty, updating wtmp, utmp,
 * lastlog, and other such operations.
 */
-void 
+void
 do_exec_pty(Session *s, const char *command, struct passwd * pw)
 {
 	FILE *f;
@ -660,7 +660,7 @@ do_exec_pty(Session *s, const char *command, struct passwd * pw)
 * Sets the value of the given variable in the environment.  If the variable
 * already exists, its value is overriden.
 */
-void 
+void
 child_set_env(char ***envp, unsigned int *envsizep, const char *name,
 	      const char *value)
 {
@ -701,7 +701,7 @@ child_set_env(char ***envp, unsigned int *envsizep, const char *name,
 * Otherwise, it must consist of empty lines, comments (line starts with '#')
 * and assignments of the form name=value.  No other forms are allowed.
 */
-void 
+void
 read_environment_file(char ***env, unsigned int *envsize,
 		      const char *filename)
 {
@ -770,7 +770,7 @@ void do_pam_environment(char ***env, int *envsize)
 * environment, closing extra file descriptors, setting the user and group
 * ids, and executing the command or shell.
 */
-void 
+void
 do_child(const char *command, struct passwd * pw, const char *term,
 	 const char *display, const char *auth_proto,
 	 const char *auth_data, const char *ttyname)
@ -1202,6 +1202,7 @@ session_window_change_req(Session *s)
 	s->row = packet_get_int();
 	s->xpixel = packet_get_int();
 	s->ypixel = packet_get_int();
 	packet_done();
 	pty_change_window_size(s->ptyfd, s->row, s->col, s->xpixel, s->ypixel);
 	return 1;
 }
@ -1210,14 +1211,17 @@ int
 session_pty_req(Session *s)
 {
 	unsigned int len;
 	char *term_modes;	/* encoded terminal modes */
 	if (s->ttyfd != -1)
-		return -1;
+		return 0;
 	s->term = packet_get_string(&len);
 	s->col = packet_get_int();
 	s->row = packet_get_int();
 	s->xpixel = packet_get_int();
 	s->ypixel = packet_get_int();
 	term_modes = packet_get_string(&len);
 	packet_done();
 	if (strcmp(s->term, "") == 0) {
 		xfree(s->term);
@ -1230,7 +1234,8 @@ session_pty_req(Session *s)
 		s->ptyfd = -1;
 		s->ttyfd = -1;
 		error("session_pty_req: session %d alloc failed", s->self);
-		return -1;
+		xfree(term_modes);
 		return 0;
 	}
 	debug("session_pty_req: session %d alloc %s", s->self, s->tty);
 	/*
--- a/ssh-agent.c
+++ b/ssh-agent.c
@ -1,4 +1,4 @@
-/*	$OpenBSD: ssh-agent.c,v 1.27 2000/04/12 09:39:10 markus Exp $	*/
+/*	$OpenBSD: ssh-agent.c,v 1.28 2000/04/14 10:30:33 markus Exp $	*/
 /*
 * Author: Tatu Ylonen <ylo@cs.hut.fi>
@ -9,7 +9,7 @@
 */
 #include "includes.h"
-RCSID("$OpenBSD: ssh-agent.c,v 1.27 2000/04/12 09:39:10 markus Exp $");
+RCSID("$OpenBSD: ssh-agent.c,v 1.28 2000/04/14 10:30:33 markus Exp $");
 #include "ssh.h"
 #include "rsa.h"
@ -412,7 +412,7 @@ prepare_select(fd_set *readset, fd_set *writeset)
 		}
 }
-void 
+void
 after_select(fd_set *readset, fd_set *writeset)
 {
 	unsigned int i;
@ -646,8 +646,8 @@ main(int ac, char **av)
 	}
 	signal(SIGINT, SIG_IGN);
 	signal(SIGPIPE, SIG_IGN);
-	signal(SIGHUP, cleanup_exit);                                          
+	signal(SIGHUP, cleanup_exit);
-	signal(SIGTERM, cleanup_exit);                                          
+	signal(SIGTERM, cleanup_exit);
 	while (1) {
 		FD_ZERO(&readset);
 		FD_ZERO(&writeset);
--- a/ssh-keygen.c
+++ b/ssh-keygen.c
@ -7,7 +7,7 @@
 */
 #include "includes.h"
-RCSID("$Id: ssh-keygen.c,v 1.12 2000/03/17 12:40:17 damien Exp $");
+RCSID("$Id: ssh-keygen.c,v 1.13 2000/04/16 01:18:46 damien Exp $");
 #include "rsa.h"
 #include "ssh.h"
@ -508,7 +508,7 @@ passphrase_again:
 	if (identity_comment) {
 		strlcpy(comment, identity_comment, sizeof(comment));
 	} else {
-	  	/* Create default commend field for the passphrase. */
+		/* Create default commend field for the passphrase. */
 		if (gethostname(hostname, sizeof(hostname)) < 0) {
 			perror("gethostname");
 			exit(1);
--- a/ssh.1
+++ b/ssh.1
@ -9,7 +9,7 @@
 .\"
 .\" Created: Sat Apr 22 21:55:14 1995 ylo
 .\"
-.\" $Id: ssh.1,v 1.21 2000/04/13 02:26:37 damien Exp $
+.\" $Id: ssh.1,v 1.22 2000/04/16 01:18:46 damien Exp $
 .\"
 .Dd September 25, 1999
 .Dt SSH 1
@ -24,7 +24,7 @@
 .Op Ar command
 .Pp
 .Nm ssh
-.Op Fl afgknqtvxCPX46
+.Op Fl afgknqtvxCPX246
 .Op Fl c Ar blowfish | 3des
 .Op Fl e Ar escape_char
 .Op Fl i Ar identity_file
@ -455,6 +455,10 @@ from the local machine.
 Port forwardings can also be specified in the configuration file.
 Privileged ports can be forwarded only when
 logging in as root on the remote machine.
 .It Fl 2
 Forces
 .Nm
 to use protocol version 2 only.
 .It Fl 4
 Forces
 .Nm
--- a/ssh.c
+++ b/ssh.c
@ -11,7 +11,7 @@
 */
 #include "includes.h"
-RCSID("$Id: ssh.c,v 1.25 2000/04/12 10:17:40 damien Exp $");
+RCSID("$Id: ssh.c,v 1.26 2000/04/16 01:18:46 damien Exp $");
 #include "xmalloc.h"
 #include "ssh.h"
@ -138,6 +138,7 @@ usage()
 	fprintf(stderr, "  -g          Allow remote hosts to connect to forwarded ports.\n");
 	fprintf(stderr, "  -4          Use IPv4 only.\n");
 	fprintf(stderr, "  -6          Use IPv6 only.\n");
 	fprintf(stderr, "  -2          Force protocol version 2.\n");
 	fprintf(stderr, "  -o 'option' Process the option as if it was read from a configuration file.\n");
 	exit(1);
 }
@ -251,8 +252,8 @@ main(int ac, char **av)
 			if (host)
 				break;
 			if ((cp = strchr(av[optind], '@'))) {
-			        if(cp == av[optind])
+				if(cp == av[optind])
-				        usage();
+					usage();
 				options.user = av[optind];
 				*cp = '\0';
 				host = ++cp;
@ -276,39 +277,34 @@ main(int ac, char **av)
 			optarg = NULL;
 		}
 		switch (opt) {
 		case '2':
 			options.protocol = SSH_PROTO_2;
 			break;
 		case '4':
 			IPv4or6 = AF_INET;
 			break;
 		case '6':
 			IPv4or6 = AF_INET6;
 			break;
 		case 'n':
 			stdin_null_flag = 1;
 			break;
 		case 'f':
 			fork_after_authentication_flag = 1;
 			stdin_null_flag = 1;
 			break;
 		case 'x':
 			options.forward_x11 = 0;
 			break;
 		case 'X':
 			options.forward_x11 = 1;
 			break;
 		case 'g':
 			options.gateway_ports = 1;
 			break;
 		case 'P':
 			options.use_privileged_port = 0;
 			break;
 		case 'a':
 			options.forward_agent = 0;
 			break;
@ -330,11 +326,9 @@ main(int ac, char **av)
 			options.identity_files[options.num_identity_files++] =
 				xstrdup(optarg);
 			break;
 		case 't':
 			tty_flag = 1;
 			break;
 		case 'v':
 		case 'V':
 			fprintf(stderr, "SSH Version %s, protocol versions %d.%d/%d.%d.\n",
@ -347,11 +341,9 @@ main(int ac, char **av)
 			debug_flag = 1;
 			options.log_level = SYSLOG_LEVEL_DEBUG;
 			break;
 		case 'q':
 			options.log_level = SYSLOG_LEVEL_QUIET;
 			break;
 		case 'e':
 			if (optarg[0] == '^' && optarg[2] == 0 &&
 			    (unsigned char) optarg[1] >= 64 && (unsigned char) optarg[1] < 128)
@ -365,7 +357,6 @@ main(int ac, char **av)
 				exit(1);
 			}
 			break;
 		case 'c':
 			options.cipher = cipher_number(optarg);
 			if (options.cipher == -1) {
@ -373,15 +364,12 @@ main(int ac, char **av)
 				exit(1);
 			}
 			break;
 		case 'p':
 			options.port = atoi(optarg);
 			break;
 		case 'l':
 			options.user = optarg;
 			break;
 		case 'R':
 			if (sscanf(optarg, "%hu/%255[^/]/%hu", &fwd_port, buf,
 			    &fwd_host_port) != 3 &&
@ -393,7 +381,6 @@ main(int ac, char **av)
 			}
 			add_remote_forward(&options, fwd_port, buf, fwd_host_port);
 			break;
 		case 'L':
 			if (sscanf(optarg, "%hu/%255[^/]/%hu", &fwd_port, buf,
 			    &fwd_host_port) != 3 &&
@ -405,27 +392,22 @@ main(int ac, char **av)
 			}
 			add_local_forward(&options, fwd_port, buf, fwd_host_port);
 			break;
 		case 'C':
 			options.compression = 1;
 			break;
 		case 'N':
 			no_shell_flag = 1;
 			no_tty_flag = 1;
 			break;
 		case 'T':
 			no_tty_flag = 1;
 			break;
 		case 'o':
 			dummy = 1;
 			if (process_config_line(&options, host ? host : "", optarg,
 					 "command-line", 0, &dummy) != 0)
 				exit(1);
 			break;
 		default:
 			usage();
 		}
@ -634,7 +616,7 @@ main(int ac, char **av)
 	/* Expand ~ in known host file names. */
 	options.system_hostfile = tilde_expand_filename(options.system_hostfile,
-						        original_real_uid);
+							original_real_uid);
 	options.user_hostfile = tilde_expand_filename(options.user_hostfile,
 						      original_real_uid);
@ -803,7 +785,7 @@ ssh_session(void)
 		      options.local_forwards[i].host,
 		      options.local_forwards[i].host_port);
 		channel_request_local_forwarding(options.local_forwards[i].port,
-					  	 options.local_forwards[i].host,
+						 options.local_forwards[i].host,
 						 options.local_forwards[i].host_port,
 						 options.gateway_ports);
 	}
@ -816,11 +798,11 @@ ssh_session(void)
 		      options.remote_forwards[i].host_port);
 		channel_request_remote_forwarding(options.remote_forwards[i].port,
 						  options.remote_forwards[i].host,
-				   		  options.remote_forwards[i].host_port);
+						  options.remote_forwards[i].host_port);
 	}
 	/* If requested, let ssh continue in the background. */
-	if (fork_after_authentication_flag) 
+	if (fork_after_authentication_flag)
 		if (daemon(1, 1) < 0)
 			fatal("daemon() failed: %.200s", strerror(errno));
@ -859,7 +841,7 @@ init_local_fwd(void)
 		      options.local_forwards[i].host,
 		      options.local_forwards[i].host_port);
 		channel_request_local_forwarding(options.local_forwards[i].port,
-					  	 options.local_forwards[i].host,
+						 options.local_forwards[i].host,
 						 options.local_forwards[i].host_port,
 						 options.gateway_ports);
 	}
--- a/ssh.h
+++ b/ssh.h
@ -1,19 +1,19 @@
 /*
- * 
+ *
 * ssh.h
- * 
+ *
 * Author: Tatu Ylonen <ylo@cs.hut.fi>
- * 
+ *
 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
 *                    All rights reserved
- * 
+ *
 * Created: Fri Mar 17 17:09:37 1995 ylo
- * 
+ *
 * Generic header file for ssh.
- * 
+ *
 */
-/* RCSID("$Id: ssh.h,v 1.31 2000/04/12 10:17:41 damien Exp $"); */
+/* RCSID("$Id: ssh.h,v 1.32 2000/04/16 01:18:47 damien Exp $"); */
 #ifndef SSH_H
 #define SSH_H
@ -279,7 +279,7 @@
 * information is not available.  This must be called before record_login.
 * The host from which the user logged in is stored in buf.
 */
-unsigned long 
+unsigned long
 get_last_login_time(uid_t uid, const char *logname,
    char *buf, unsigned int bufsize);
@ -287,7 +287,7 @@ get_last_login_time(uid_t uid, const char *logname,
 * Records that the user has logged in.  This does many things normally done
 * by login(1).
 */
-void 
+void
 record_login(int pid, const char *ttyname, const char *user, uid_t uid,
    const char *host, struct sockaddr *addr);
@ -308,7 +308,7 @@ void    record_logout(int pid, const char *ttyname);
 * and zero on failure.  If the connection is successful, this calls
 * packet_set_connection for the connection.
 */
-int 
+int
 ssh_connect(const char *host, struct sockaddr_storage * hostaddr,
    u_short port, int connection_attempts,
    int anonymous, uid_t original_real_uid,
@ -323,7 +323,7 @@ ssh_connect(const char *host, struct sockaddr_storage * hostaddr,
 * references from the packet module).
 */
-void 
+void
 ssh_login(int host_key_valid, RSA * host_key, const char *host,
    struct sockaddr * hostaddr, uid_t original_real_uid);
@ -340,7 +340,7 @@ int     auth_rhosts(struct passwd * pw, const char *client_user);
 * Tries to authenticate the user using the .rhosts file and the host using
 * its host key.  Returns true if authentication succeeds.
 */
-int 
+int
 auth_rhosts_rsa(struct passwd * pw, const char *client_user, RSA* client_host_key);
 /*
@ -409,7 +409,7 @@ char   *read_passphrase(const char *prompt, int from_stdin);
 * precede the key to provide identification of the key without needing a
 * passphrase.
 */
-int 
+int
 save_private_key(const char *filename, const char *passphrase,
    RSA * private_key, const char *comment);
@ -419,7 +419,7 @@ save_private_key(const char *filename, const char *passphrase,
 * comment of the key is returned in comment_return if it is non-NULL; the
 * caller must free the value with xfree.
 */
-int 
+int
 load_public_key(const char *filename, RSA * pub,
    char **comment_return);
@ -430,7 +430,7 @@ load_public_key(const char *filename, RSA * pub,
 * comment_return if it is non-NULL; the caller must free the value with
 * xfree.
 */
-int 
+int
 load_private_key(const char *filename, const char *passphrase,
    RSA * private_key, char **comment_return);
--- a/ssh2.h
+++ b/ssh2.h
@ -1,31 +1,31 @@
 /*
- * draft-ietf-secsh-architecture-04.txt 
+ * draft-ietf-secsh-architecture-04.txt
 *
 *   Transport layer protocol:
- * 
+ *
 *     1-19     Transport layer generic (e.g. disconnect, ignore, debug,
 *              etc)
 *     20-29    Algorithm negotiation
 *     30-49    Key exchange method specific (numbers can be reused for
 *              different authentication methods)
- * 
+ *
 *   User authentication protocol:
- * 
+ *
 *     50-59    User authentication generic
 *     60-79    User authentication method specific (numbers can be reused
 *              for different authentication methods)
- * 
+ *
 *   Connection protocol:
- * 
+ *
 *     80-89    Connection protocol generic
 *     90-127   Channel related messages
- * 
+ *
 *   Reserved for client protocols:
- * 
+ *
 *     128-191  Reserved
- * 
+ *
 *   Local extensions:
- * 
+ *
 *     192-255  Local extensions
 */
--- a/sshconnect.c
+++ b/sshconnect.c
@ -10,7 +10,7 @@
 */
 #include "includes.h"
-RCSID("$OpenBSD: sshconnect.c,v 1.66 2000/04/12 09:39:10 markus Exp $");
+RCSID("$OpenBSD: sshconnect.c,v 1.68 2000/04/14 10:30:33 markus Exp $");
 #ifdef HAVE_OPENSSL
 #include <openssl/bn.h>
@ -250,7 +250,7 @@ ssh_connect(const char *host, struct sockaddr_storage * hostaddr,
 			debug("Trying again...");
 		/* Loop through addresses for this host, and try each one in
- 		   sequence until the connection succeeds. */
+		   sequence until the connection succeeds. */
 		for (ai = aitop; ai; ai = ai->ai_next) {
 			if (ai->ai_family != AF_INET && ai->ai_family != AF_INET6)
 				continue;
@ -264,7 +264,7 @@ ssh_connect(const char *host, struct sockaddr_storage * hostaddr,
 				host, ntop, strport);
 			/* Create a socket for connecting. */
-			sock = ssh_create_socket(original_real_uid, 
+			sock = ssh_create_socket(original_real_uid,
 			    !anonymous && geteuid() == 0 && port < IPPORT_RESERVED,
 			    ai->ai_family);
 			if (sock < 0)
@ -1059,7 +1059,7 @@ ssh_exchange_identification()
 			break;
 		}
 		/* FALLTHROUGH */
-	default: 
+	default:
 		mismatch = 1;
 		break;
 	}
@ -1363,13 +1363,13 @@ ssh_kex2(char *host, struct sockaddr *hostaddr)
 	debug("Sending KEX init.");
 	if (options.ciphers != NULL) {
-		myproposal[PROPOSAL_ENC_ALGS_CTOS] = 
+		myproposal[PROPOSAL_ENC_ALGS_CTOS] =
 		myproposal[PROPOSAL_ENC_ALGS_STOC] = options.ciphers;
 	} else if (
 	    options.cipher == SSH_CIPHER_ARCFOUR ||
-            options.cipher == SSH_CIPHER_3DES_CBC ||
+	    options.cipher == SSH_CIPHER_3DES_CBC ||
-            options.cipher == SSH_CIPHER_CAST128_CBC ||
+	    options.cipher == SSH_CIPHER_CAST128_CBC ||
-            options.cipher == SSH_CIPHER_BLOWFISH_CBC) {
+	    options.cipher == SSH_CIPHER_BLOWFISH_CBC) {
 		myproposal[PROPOSAL_ENC_ALGS_CTOS] =
 		myproposal[PROPOSAL_ENC_ALGS_STOC] = cipher_name(options.cipher);
 	}
@ -1411,6 +1411,7 @@ ssh_kex2(char *host, struct sockaddr *hostaddr)
 	debug("first kex follow == %d", i);
 	i = packet_get_int();
 	debug("reserved == %d", i);
 	packet_done();
 	debug("done read kexinit");
 	kex = kex_choose_conf(cprop, sprop, 0);
@ -1434,7 +1435,7 @@ ssh_kex2(char *host, struct sockaddr *hostaddr)
 	fprintf(stderr, "\npub= ");
 	bignum_print(dh->pub_key);
 	fprintf(stderr, "\n");
-        DHparams_print_fp(stderr, dh);
+	DHparams_print_fp(stderr, dh);
 #endif
 	debug("Wait SSH2_MSG_KEXDH_REPLY.");
@ -1466,6 +1467,7 @@ ssh_kex2(char *host, struct sockaddr *hostaddr)
 	/* signed H */
 	signature = packet_get_string(&slen);
 	packet_done();
 	if (!dh_pub_is_valid(dh, dh_server_pub))
 		packet_disconnect("bad server public DH value");
@ -1475,14 +1477,14 @@ ssh_kex2(char *host, struct sockaddr *hostaddr)
 	kout = DH_compute_key(kbuf, dh_server_pub, dh);
 #ifdef DEBUG_KEXDH
 	debug("shared secret: len %d/%d", klen, kout);
-        fprintf(stderr, "shared secret == ");
+	fprintf(stderr, "shared secret == ");
-        for (i = 0; i< kout; i++)
+	for (i = 0; i< kout; i++)
-                fprintf(stderr, "%02x", (kbuf[i])&0xff);
+		fprintf(stderr, "%02x", (kbuf[i])&0xff);
-        fprintf(stderr, "\n");
+	fprintf(stderr, "\n");
 #endif
-        shared_secret = BN_new();
+	shared_secret = BN_new();
-        BN_bin2bn(kbuf, kout, shared_secret);
+	BN_bin2bn(kbuf, kout, shared_secret);
 	memset(kbuf, 0, klen);
 	xfree(kbuf);
@ -1502,10 +1504,10 @@ ssh_kex2(char *host, struct sockaddr *hostaddr)
 	xfree(client_kexinit);
 	xfree(server_kexinit);
 #ifdef DEBUG_KEXDH
-        fprintf(stderr, "hash == ");
+	fprintf(stderr, "hash == ");
-        for (i = 0; i< 20; i++)
+	for (i = 0; i< 20; i++)
-                fprintf(stderr, "%02x", (hash[i])&0xff);
+		fprintf(stderr, "%02x", (hash[i])&0xff);
-        fprintf(stderr, "\n");
+	fprintf(stderr, "\n");
 #endif
 	dsa_verify(server_host_key, (unsigned char *)signature, slen, hash, 20);
 	key_free(server_host_key);
@ -1518,6 +1520,7 @@ ssh_kex2(char *host, struct sockaddr *hostaddr)
 	debug("Wait SSH2_MSG_NEWKEYS.");
 	packet_read_expect(&payload_len, SSH2_MSG_NEWKEYS);
 	packet_done();
 	debug("GOT SSH2_MSG_NEWKEYS.");
 	debug("send SSH2_MSG_NEWKEYS.");
@ -1551,7 +1554,7 @@ ssh_userauth2(int host_key_valid, RSA *own_host_key,
 	char *server_user, *local_user;
 	char *auths;
 	char *password;
-	char *service = "ssh-connection";		// service name
+	char *service = "ssh-connection";		/* service name */
 	debug("send SSH2_MSG_SERVICE_REQUEST");
 	packet_start(SSH2_MSG_SERVICE_REQUEST);
@ -1563,8 +1566,15 @@ ssh_userauth2(int host_key_valid, RSA *own_host_key,
 	if (type != SSH2_MSG_SERVICE_ACCEPT) {
 		fatal("denied SSH2_MSG_SERVICE_ACCEPT: %d", type);
 	}
-	/* payload empty for ssh-2.0.13 ?? */
+	if (packet_remaining() > 0) {
-	/* reply = packet_get_string(&payload_len); */
+		char *reply = packet_get_string(&plen);
 		debug("service_accept: %s", reply);
 		xfree(reply);
 	} else {
 		/* payload empty for ssh-2.0.13 ?? */
 		log("buggy server: service_accept w/o service");
 	}
 	packet_done();
 	debug("got SSH2_MSG_SERVICE_ACCEPT");
 	/*XX COMMONCODE: */
@ -1593,6 +1603,7 @@ ssh_userauth2(int host_key_valid, RSA *own_host_key,
 		auths = packet_get_string(&dlen);
 		debug("authentications that can continue: %s", auths);
 		partial = packet_get_char();
 		packet_done();
 		if (partial)
 			debug("partial success");
 		if (strstr(auths, "password") == NULL)
@ -1613,6 +1624,7 @@ ssh_userauth2(int host_key_valid, RSA *own_host_key,
 		packet_send();
 		packet_write_wait();
 	}
 	packet_done();
 	debug("ssh-userauth2 successfull");
 }
--- a/sshd.c
+++ b/sshd.c
@ -14,7 +14,7 @@
 */
 #include "includes.h"
-RCSID("$OpenBSD: sshd.c,v 1.104 2000/04/12 09:39:10 markus Exp $");
+RCSID("$OpenBSD: sshd.c,v 1.105 2000/04/14 10:30:33 markus Exp $");
 #include "xmalloc.h"
 #include "rsa.h"
@ -67,7 +67,7 @@ ServerOptions options;
 /* Name of the server configuration file. */
 char *config_file_name = SERVER_CONFIG_FILE;
-/* 
+/*
 * Flag indicating whether IPv4 or IPv6.  This can be set on the command line.
 * Default value is AF_UNSPEC means both IPv4 and IPv6.
 */
@ -162,7 +162,7 @@ close_listen_socks(void)
 * the effect is to reread the configuration file (and to regenerate
 * the server key).
 */
-void 
+void
 sighup_handler(int sig)
 {
 	received_sighup = 1;
@ -173,7 +173,7 @@ sighup_handler(int sig)
 * Called from the main program after receiving SIGHUP.
 * Restarts the server.
 */
-void 
+void
 sighup_restart()
 {
 	log("Received SIGHUP; restarting.");
@ -188,7 +188,7 @@ sighup_restart()
 * These close the listen socket; not closing it seems to cause "Address
 * already in use" problems on some machines, which is inconvenient.
 */
-void 
+void
 sigterm_handler(int sig)
 {
 	log("Received signal %d; terminating.", sig);
@ -200,7 +200,7 @@ sigterm_handler(int sig)
 * SIGCHLD handler.  This is called whenever a child dies.  This will then
 * reap any zombies left by exited c.
 */
-void 
+void
 main_sigchld_handler(int sig)
 {
 	int save_errno = errno;
@ -216,7 +216,7 @@ main_sigchld_handler(int sig)
 /*
 * Signal handler for the alarm after the login grace period has expired.
 */
-void 
+void
 grace_alarm_handler(int sig)
 {
 	/* Close the connection. */
@ -233,7 +233,7 @@ grace_alarm_handler(int sig)
 * Thus there should be no concurrency control/asynchronous execution
 * problems.
 */
-void 
+void
 key_regeneration_alarm(int sig)
 {
 	int save_errno = errno;
@ -266,15 +266,15 @@ key_regeneration_alarm(int sig)
 char *
 chop(char *s)
 {
-        char *t = s;
+	char *t = s;
-        while (*t) {
+	while (*t) {
-                if(*t == '\n' || *t == '\r') {
+		if(*t == '\n' || *t == '\r') {
-                        *t = '\0';
+			*t = '\0';
-                        return s;
+			return s;
-                }
+		}
-                t++;
+		t++;
-        }
+	}
-        return s;
+	return s;
 }
@ -337,7 +337,7 @@ sshd_exchange_identification(int sock_in, int sock_out)
 	 */
 	if (sscanf(client_version_string, "SSH-%d.%d-%[^\n]\n",
 	    &remote_major, &remote_minor, remote_version) != 3) {
- 		s = "Protocol mismatch.\n";
+		s = "Protocol mismatch.\n";
 		(void) atomicio(write, sock_out, s, strlen(s));
 		close(sock_in);
 		close(sock_out);
@ -377,7 +377,7 @@ sshd_exchange_identification(int sock_in, int sock_out)
 			break;
 		}
 		/* FALLTHROUGH */
-	default: 
+	default:
 		mismatch = 1;
 		break;
 	}
@ -719,8 +719,8 @@ main(int ac, char **av)
 		for (i = 0; i < num_listen_socks; i++)
 			if (listen_socks[i] > maxfd)
 				maxfd = listen_socks[i];
-		fdsetsz = howmany(maxfd, NFDBITS) * sizeof(fd_mask);         
+		fdsetsz = howmany(maxfd, NFDBITS) * sizeof(fd_mask);
-		fdset = (fd_set *)xmalloc(fdsetsz);                                  
+		fdset = (fd_set *)xmalloc(fdsetsz);
 		/*
 		 * Stay listening for connections until the system crashes or
@ -1018,7 +1018,7 @@ do_ssh1_kex()
 	/* Get cipher type and check whether we accept this. */
 	cipher_type = packet_get_char();
-        if (!(cipher_mask() & (1 << cipher_type)))
+	if (!(cipher_mask() & (1 << cipher_type)))
 		packet_disconnect("Warning: client selects unsupported cipher.");
 	/* Get check bytes from the packet.  These must match those we
@ -1145,7 +1145,7 @@ do_ssh2_kex()
 /* KEXINIT */
 	if (options.ciphers != NULL) {
-		myproposal[PROPOSAL_ENC_ALGS_CTOS] = 
+		myproposal[PROPOSAL_ENC_ALGS_CTOS] =
 		myproposal[PROPOSAL_ENC_ALGS_STOC] = options.ciphers;
 	}
@ -1258,10 +1258,10 @@ do_ssh2_kex()
 	xfree(client_kexinit);
 	xfree(server_kexinit);
 #ifdef DEBUG_KEXDH
-        fprintf(stderr, "hash == ");
+	fprintf(stderr, "hash == ");
-        for (i = 0; i< 20; i++)
+	for (i = 0; i< 20; i++)
-                fprintf(stderr, "%02x", (hash[i])&0xff);
+		fprintf(stderr, "%02x", (hash[i])&0xff);
-        fprintf(stderr, "\n");
+	fprintf(stderr, "\n");
 #endif
 	/* sign H */
 	dsa_sign(server_host_key, &signature, &slen, hash, 20);
--- a/ttymodes.c
+++ b/ttymodes.c
@ -10,7 +10,7 @@
 */
 #include "includes.h"
-RCSID("$Id: ttymodes.c,v 1.3 1999/11/25 00:54:59 damien Exp $");
+RCSID("$Id: ttymodes.c,v 1.4 2000/04/16 01:18:49 damien Exp $");
 #include "packet.h"
 #include "ssh.h"
@ -23,7 +23,7 @@ RCSID("$Id: ttymodes.c,v 1.3 1999/11/25 00:54:59 damien Exp $");
 * Converts POSIX speed_t to a baud rate.  The values of the
 * constants for speed_t are not themselves portable.
 */
-static int 
+static int
 speed_to_baud(speed_t speed)
 {
 	switch (speed) {
@ -112,7 +112,7 @@ speed_to_baud(speed_t speed)
 /*
 * Converts a numeric baud rate to a POSIX speed_t.
 */
-static speed_t 
+static speed_t
 baud_to_speed(int baud)
 {
 	switch (baud) {
@ -203,7 +203,7 @@ baud_to_speed(int baud)
 * in a portable manner, and appends the modes to a packet
 * being constructed.
 */
-void 
+void
 tty_make_modes(int fd)
 {
 	struct termios tio;
@ -247,7 +247,7 @@ tty_make_modes(int fd)
 * Decodes terminal modes for the terminal referenced by fd in a portable
 * manner from a packet being read.
 */
-void 
+void
 tty_parse_modes(int fd, int *n_bytes_ptr)
 {
 	struct termios tio;
--- a/ttymodes.h
+++ b/ttymodes.h
@ -1,18 +1,18 @@
 /*
- * 
+ *
 * ttymodes.h
- * 
+ *
 * Author: Tatu Ylonen <ylo@cs.hut.fi>
 * 	SGTTY stuff contributed by Janne Snabb <snabb@niksula.hut.fi>
- * 
+ *
 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
 *                    All rights reserved
- * 
+ *
 * Created: Tue Mar 21 15:42:09 1995 ylo
- * 
+ *
 */
-/* RCSID("$Id: ttymodes.h,v 1.3 1999/11/25 00:54:59 damien Exp $"); */
+/* RCSID("$Id: ttymodes.h,v 1.4 2000/04/16 01:18:49 damien Exp $"); */
 /* The tty mode description is a stream of bytes.  The stream consists of
 * opcode-arguments pairs.  It is terminated by opcode TTY_OP_END (0).
--- a/uidswap.c
+++ b/uidswap.c
@ -7,7 +7,7 @@
 */
 #include "includes.h"
-RCSID("$Id: uidswap.c,v 1.4 2000/01/20 13:18:16 damien Exp $");
+RCSID("$Id: uidswap.c,v 1.5 2000/04/16 01:18:49 damien Exp $");
 #include "ssh.h"
 #include "uidswap.h"
@ -35,7 +35,7 @@ static uid_t saved_euid = 0;
 * Temporarily changes to the given uid.  If the effective user
 * id is not root, this does nothing.  This call cannot be nested.
 */
-void 
+void
 temporarily_use_uid(uid_t uid)
 {
 #ifdef SAVED_IDS_WORK_WITH_SETEUID
@ -59,7 +59,7 @@ temporarily_use_uid(uid_t uid)
 /*
 * Restores to the original uid.
 */
-void 
+void
 restore_uid()
 {
 #ifdef SAVED_IDS_WORK_WITH_SETEUID
@ -80,7 +80,7 @@ restore_uid()
 * Permanently sets all uids to the given uid.  This cannot be
 * called while temporarily_use_uid is effective.
 */
-void 
+void
 permanently_set_uid(uid_t uid)
 {
 	if (setuid(uid) < 0)
--- a/uidswap.h
+++ b/uidswap.h
@ -1,15 +1,15 @@
 /*
- * 
+ *
 * uidswap.h
- * 
+ *
 * Author: Tatu Ylonen <ylo@cs.hut.fi>
- * 
+ *
 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
 *                    All rights reserved
- * 
+ *
 * Created: Sat Sep  9 01:43:15 1995 ylo
 * Last modified: Sat Sep  9 02:34:04 1995 ylo
- * 
+ *
 */
 #ifndef UIDSWAP_H
--- a/xmalloc.c
+++ b/xmalloc.c
@ -8,7 +8,7 @@
 */
 #include "includes.h"
-RCSID("$Id: xmalloc.c,v 1.2 1999/11/24 13:26:23 damien Exp $");
+RCSID("$Id: xmalloc.c,v 1.3 2000/04/16 01:18:49 damien Exp $");
 #include "ssh.h"
@ -34,7 +34,7 @@ xrealloc(void *ptr, size_t new_size)
 	return new_ptr;
 }
-void 
+void
 xfree(void *ptr)
 {
 	if (ptr == NULL)
--- a/xmalloc.h
+++ b/xmalloc.h
@ -1,20 +1,20 @@
 /*
- * 
+ *
 * xmalloc.h
- * 
+ *
 * Author: Tatu Ylonen <ylo@cs.hut.fi>
- * 
+ *
 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
 *                    All rights reserved
- * 
+ *
 * Created: Mon Mar 20 22:09:17 1995 ylo
- * 
+ *
 * Versions of malloc and friends that check their results, and never return
 * failure (they call fatal if they encounter an error).
- * 
+ *
 */
-/* RCSID("$Id: xmalloc.h,v 1.2 1999/11/24 13:26:23 damien Exp $"); */
+/* RCSID("$Id: xmalloc.h,v 1.3 2000/04/16 01:18:49 damien Exp $"); */
 #ifndef XMALLOC_H
 #define XMALLOC_H