- itojun@cvs.openbsd.org 2001/06/23 15:12:20

[auth1.c auth2.c auth2-chall.c authfd.c authfile.c auth-rhosts.c canohost.c channels.c cipher.c clientloop.c deattack.c dh.c hostfile.c kex.c kexdh.c kexgex.c key.c nchan.c packet.c radix.c readpass.c scp.c servconf.c serverloop.c session.c sftp.c sftp-client.c sftp-glob.c sftp-int.c sftp-server.c ssh-add.c ssh-agent.c ssh.c sshconnect1.c sshconnect2.c sshconnect.c sshd.c ssh-keygen.c ssh-keyscan.c] more strict prototypes. raise warning level in Makefile.inc. markus ok'ed TODO; cleanup headers
2025-07-27 15:54:22 +02:00 · 2001-06-25 05:01:22 +00:00 · 2001-06-25 05:01:22 +00:00 · bba81213b9
commit bba81213b9
parent 34f91883a6
40 changed files with 510 additions and 497 deletions
--- a/13
+++ b/13
@ -67,6 +67,17 @@
     [ssh-keygen.c]
     try to decode ssh-3.0.0 private rsa keys
     (allow migration to openssh, not vice versa), #910
   - itojun@cvs.openbsd.org 2001/06/23 15:12:20
     [auth1.c auth2.c auth2-chall.c authfd.c authfile.c auth-rhosts.c 
      canohost.c channels.c cipher.c clientloop.c deattack.c dh.c 
      hostfile.c kex.c kexdh.c kexgex.c key.c nchan.c packet.c radix.c 
      readpass.c scp.c servconf.c serverloop.c session.c sftp.c 
      sftp-client.c sftp-glob.c sftp-int.c sftp-server.c ssh-add.c 
      ssh-agent.c ssh.c sshconnect1.c sshconnect2.c sshconnect.c sshd.c 
      ssh-keygen.c ssh-keyscan.c]
     more strict prototypes.  raise warning level in Makefile.inc.  
     markus ok'ed
     TODO; cleanup headers
 20010622
 - (stevesk) handle systems without pw_expire and pw_change.
@ -5751,4 +5762,4 @@
 - Wrote replacements for strlcpy and mkdtemp
 - Released 1.0pre1
-$Id: ChangeLog,v 1.1314 2001/06/25 04:47:54 mouring Exp $
+$Id: ChangeLog,v 1.1315 2001/06/25 05:01:22 mouring Exp $
--- a/auth-rhosts.c
+++ b/auth-rhosts.c
@ -14,7 +14,7 @@
 */
 #include "includes.h"
-RCSID("$OpenBSD: auth-rhosts.c,v 1.23 2001/04/12 19:15:24 markus Exp $");
+RCSID("$OpenBSD: auth-rhosts.c,v 1.24 2001/06/23 15:12:17 itojun Exp $");
 #include "packet.h"
 #include "xmalloc.h"
@ -34,7 +34,7 @@ extern ServerOptions options;
 * based on the file, and returns zero otherwise.
 */
-int
+static int
 check_rhosts_file(const char *filename, const char *hostname,
 		  const char *ipaddr, const char *client_user,
 		  const char *server_user)
--- a/auth1.c
+++ b/auth1.c
@ -10,7 +10,7 @@
 */
 #include "includes.h"
-RCSID("$OpenBSD: auth1.c,v 1.23 2001/05/18 14:13:28 markus Exp $");
+RCSID("$OpenBSD: auth1.c,v 1.24 2001/06/23 15:12:17 itojun Exp $");
 #include "xmalloc.h"
 #include "rsa.h"
@ -35,7 +35,7 @@ extern char *aixloginmsg;
 /*
 * convert ssh auth msg type into description
 */
-char *
+static char *
 get_authname(int type)
 {
 	static char buf[1024];
@ -64,7 +64,7 @@ get_authname(int type)
 * read packets, try to authenticate the user and
 * return only if authentication is successful
 */
-void
+static void
 do_authloop(Authctxt *authctxt)
 {
 	int authenticated = 0;
--- a/auth2-chall.c
+++ b/auth2-chall.c
@ -23,7 +23,7 @@
 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 */
 #include "includes.h"
-RCSID("$OpenBSD: auth2-chall.c,v 1.6 2001/06/03 20:06:11 markus Exp $");
+RCSID("$OpenBSD: auth2-chall.c,v 1.7 2001/06/23 15:12:17 itojun Exp $");
 #include "ssh2.h"
 #include "auth.h"
@ -33,9 +33,9 @@ RCSID("$OpenBSD: auth2-chall.c,v 1.6 2001/06/03 20:06:11 markus Exp $");
 #include "auth.h"
 #include "log.h"
-static int auth2_challenge_start(Authctxt *authctxt);
+static int auth2_challenge_start(Authctxt *);
-static int send_userauth_info_request(Authctxt *authctxt);
+static int send_userauth_info_request(Authctxt *);
-static void input_userauth_info_response(int type, int plen, void *ctxt);
+static void input_userauth_info_response(int, int, void *);
 #ifdef BSD_AUTH
 extern KbdintDevice bsdauth_device;
@ -64,7 +64,7 @@ struct KbdintAuthctxt
 	KbdintDevice *device;
 };
-KbdintAuthctxt *
+static KbdintAuthctxt *
 kbdint_alloc(const char *devs)
 {
 	KbdintAuthctxt *kbdintctxt;
@ -89,7 +89,7 @@ kbdint_alloc(const char *devs)
 	return kbdintctxt;
 }
-void
+static void
 kbdint_reset_device(KbdintAuthctxt *kbdintctxt)
 {
 	if (kbdintctxt->ctxt) {
@ -98,7 +98,7 @@ kbdint_reset_device(KbdintAuthctxt *kbdintctxt)
 	}
 	kbdintctxt->device = NULL;
 }
-void
+static void
 kbdint_free(KbdintAuthctxt *kbdintctxt)
 {
 	if (kbdintctxt->device)
@ -110,7 +110,7 @@ kbdint_free(KbdintAuthctxt *kbdintctxt)
 	xfree(kbdintctxt);
 }
 /* get next device */
-int
+static int
 kbdint_next_device(KbdintAuthctxt *kbdintctxt)
 {
 	size_t len;
--- a/auth2.c
+++ b/auth2.c
@ -23,7 +23,7 @@
 */
 #include "includes.h"
-RCSID("$OpenBSD: auth2.c,v 1.65 2001/06/23 03:04:43 markus Exp $");
+RCSID("$OpenBSD: auth2.c,v 1.66 2001/06/23 15:12:17 itojun Exp $");
 #include <openssl/evp.h>
@ -74,25 +74,23 @@ struct Authmethod {
 /* protocol */
-void	input_service_request(int type, int plen, void *ctxt);
+static void input_service_request(int, int, void *);
-void	input_userauth_request(int type, int plen, void *ctxt);
+static void input_userauth_request(int, int, void *);
-void	protocol_error(int type, int plen, void *ctxt);
+static void protocol_error(int, int, void *);
 /* helper */
-Authmethod	*authmethod_lookup(const char *name);
+static Authmethod *authmethod_lookup(const char *);
-char	*authmethods_get(void);
+char *authmethods_get(void);
-int	user_key_allowed(struct passwd *pw, Key *key);
+static int user_key_allowed(struct passwd *, Key *);
-int
+static int hostbased_key_allowed(struct passwd *, const char *, char *, Key *);
 hostbased_key_allowed(struct passwd *pw, const char *cuser, char *chost,
    Key *key);
 /* auth */
-void	userauth_banner(void);
+static void userauth_banner(void);
-int	userauth_none(Authctxt *authctxt);
+static int userauth_none(Authctxt *);
-int	userauth_passwd(Authctxt *authctxt);
+static int userauth_passwd(Authctxt *);
-int	userauth_pubkey(Authctxt *authctxt);
+static int userauth_pubkey(Authctxt *);
-int	userauth_hostbased(Authctxt *authctxt);
+static int userauth_hostbased(Authctxt *);
-int	userauth_kbdint(Authctxt *authctxt);
+static int userauth_kbdint(Authctxt *);
 Authmethod authmethods[] = {
 	{"none",
@ -136,7 +134,7 @@ do_authentication2()
 	do_authenticated(authctxt);
 }
-void
+static void
 protocol_error(int type, int plen, void *ctxt)
 {
 	log("auth: protocol error: type %d plen %d", type, plen);
@ -146,7 +144,7 @@ protocol_error(int type, int plen, void *ctxt)
 	packet_write_wait();
 }
-void
+static void
 input_service_request(int type, int plen, void *ctxt)
 {
 	Authctxt *authctxt = ctxt;
@ -179,7 +177,7 @@ input_service_request(int type, int plen, void *ctxt)
 	xfree(service);
 }
-void
+static void
 input_userauth_request(int type, int plen, void *ctxt)
 {
 	Authctxt *authctxt = ctxt;
@ -297,7 +295,7 @@ userauth_finish(Authctxt *authctxt, int authenticated, char *method)
 	}
 }
-void
+static void
 userauth_banner(void)
 {
 	struct stat st;
@ -328,7 +326,7 @@ done:
 	return;
 }
-int
+static int
 userauth_none(Authctxt *authctxt)
 {
 	/* disable method "none", only allowed one time */
@ -354,7 +352,7 @@ userauth_none(Authctxt *authctxt)
 #endif /* USE_PAM */
 }
-int
+static int
 userauth_passwd(Authctxt *authctxt)
 {
 	char *password;
@ -383,7 +381,7 @@ userauth_passwd(Authctxt *authctxt)
 	return authenticated;
 }
-int
+static int
 userauth_kbdint(Authctxt *authctxt)
 {
 	int authenticated = 0;
@ -411,7 +409,7 @@ userauth_kbdint(Authctxt *authctxt)
 	return authenticated;
 }
-int
+static int
 userauth_pubkey(Authctxt *authctxt)
 {
 	Buffer b;
@ -517,7 +515,7 @@ userauth_pubkey(Authctxt *authctxt)
 	return authenticated;
 }
-int
+static int
 userauth_hostbased(Authctxt *authctxt)
 {
 	Buffer b;
@ -634,7 +632,7 @@ authmethods_get(void)
 	return list;
 }
-Authmethod *
+static Authmethod *
 authmethod_lookup(const char *name)
 {
 	Authmethod *method = NULL;
@ -649,7 +647,7 @@ authmethod_lookup(const char *name)
 }
 /* return 1 if user allows given key */
-int
+static int
 user_key_allowed2(struct passwd *pw, Key *key, char *file)
 {
 	char line[8192];
@ -737,7 +735,7 @@ user_key_allowed2(struct passwd *pw, Key *key, char *file)
 }
 /* check whether given key is in .ssh/authorized_keys* */
-int
+static int
 user_key_allowed(struct passwd *pw, Key *key)
 {
 	int success;
@ -757,7 +755,7 @@ user_key_allowed(struct passwd *pw, Key *key)
 }
 /* return 1 if given hostkey is allowed */
-int
+static int
 hostbased_key_allowed(struct passwd *pw, const char *cuser, char *chost,
    Key *key)
 {
--- a/authfd.c
+++ b/authfd.c
@ -35,7 +35,7 @@
 */
 #include "includes.h"
-RCSID("$OpenBSD: authfd.c,v 1.40 2001/06/07 20:23:03 markus Exp $");
+RCSID("$OpenBSD: authfd.c,v 1.41 2001/06/23 15:12:17 itojun Exp $");
 #include <openssl/evp.h>
@ -96,7 +96,7 @@ ssh_get_authentication_socket(void)
 	return sock;
 }
-int
+static int
 ssh_request_reply(AuthenticationConnection *auth, Buffer *request, Buffer *reply)
 {
 	int l, len;
@ -419,7 +419,7 @@ ssh_agent_sign(AuthenticationConnection *auth,
 /* Encode key for a message to the agent. */
-void
+static void
 ssh_encode_identity_rsa1(Buffer *b, RSA *key, const char *comment)
 {
 	buffer_clear(b);
@ -435,7 +435,7 @@ ssh_encode_identity_rsa1(Buffer *b, RSA *key, const char *comment)
 	buffer_put_cstring(b, comment);
 }
-void
+static void
 ssh_encode_identity_ssh2(Buffer *b, Key *key, const char *comment)
 {
 	buffer_clear(b);
--- a/authfile.c
+++ b/authfile.c
@ -36,7 +36,7 @@
 */
 #include "includes.h"
-RCSID("$OpenBSD: authfile.c,v 1.36 2001/06/07 20:23:03 markus Exp $");
+RCSID("$OpenBSD: authfile.c,v 1.37 2001/06/23 15:12:17 itojun Exp $");
 #include <openssl/err.h>
 #include <openssl/evp.h>
@ -62,7 +62,7 @@ static const char authfile_id_string[] =
 * passphrase.
 */
-int
+static int
 key_save_private_rsa1(Key *key, const char *filename, const char *passphrase,
    const char *comment)
 {
@ -159,7 +159,7 @@ key_save_private_rsa1(Key *key, const char *filename, const char *passphrase,
 }
 /* save SSH v2 key in OpenSSL PEM format */
-int
+static int
 key_save_private_pem(Key *key, const char *filename, const char *_passphrase,
    const char *comment)
 {
@ -226,7 +226,7 @@ key_save_private(Key *key, const char *filename, const char *passphrase,
 * otherwise.
 */
-Key *
+static Key *
 key_load_public_rsa1(int fd, const char *filename, char **commentp)
 {
 	Buffer buffer;
@ -306,7 +306,7 @@ key_load_public_type(int type, const char *filename, char **commentp)
 * Assumes we are called under uid of the owner of the file.
 */
-Key *
+static Key *
 key_load_private_rsa1(int fd, const char *filename, const char *passphrase,
    char **commentp)
 {
@ -430,7 +430,7 @@ fail:
 	return NULL;
 }
-Key *
+static Key *
 key_load_private_pem(int fd, int type, const char *passphrase,
    char **commentp)
 {
@ -481,7 +481,7 @@ key_load_private_pem(int fd, int type, const char *passphrase,
 	return prv;
 }
-int
+static int
 key_perm_ok(int fd, const char *filename)
 {
 	struct stat st;
@ -571,7 +571,7 @@ key_load_private(const char *filename, const char *passphrase,
 	return prv;
 }
-int
+static int
 key_try_load_public(Key *k, const char *filename, char **commentp)
 {
 	FILE *f;
--- a/canohost.c
+++ b/canohost.c
@ -12,21 +12,21 @@
 */
 #include "includes.h"
-RCSID("$OpenBSD: canohost.c,v 1.26 2001/04/18 14:15:00 markus Exp $");
+RCSID("$OpenBSD: canohost.c,v 1.27 2001/06/23 15:12:17 itojun Exp $");
 #include "packet.h"
 #include "xmalloc.h"
 #include "log.h"
 #include "canohost.h"
-void	check_ip_options(int socket, char *ipaddr);
+static void check_ip_options(int, char *);
 /*
 * Return the canonical name of the host at the other end of the socket. The
 * caller should free the returned string with xfree.
 */
-char *
+static char *
 get_remote_hostname(int socket, int reverse_mapping_check)
 {
 	struct sockaddr_storage from;
@ -140,7 +140,7 @@ get_remote_hostname(int socket, int reverse_mapping_check)
 * exit here if we detect any IP options.
 */
 /* IPv4 only */
-void
+static void
 check_ip_options(int socket, char *ipaddr)
 {
 	u_char options[200];
@ -202,7 +202,7 @@ get_canonical_hostname(int reverse_mapping_check)
 * Returns the remote IP-address of socket as a string.  The returned
 * string must be freed.
 */
-char *
+static char *
 get_socket_address(int socket, int remote, int flags)
 {
 	struct sockaddr_storage addr;
@ -293,7 +293,7 @@ get_remote_name_or_ip(u_int utmp_len, int reverse_mapping_check)
 /* Returns the local/remote port for the socket. */
-int
+static int
 get_sock_port(int sock, int local)
 {
 	struct sockaddr_storage from;
@ -323,7 +323,7 @@ get_sock_port(int sock, int local)
 /* Returns remote/local port number for the current connection. */
-int
+static int
 get_port(int local)
 {
 	/*
--- a/channels.c
+++ b/channels.c
@ -40,7 +40,7 @@
 */
 #include "includes.h"
-RCSID("$OpenBSD: channels.c,v 1.126 2001/06/20 13:56:39 markus Exp $");
+RCSID("$OpenBSD: channels.c,v 1.127 2001/06/23 15:12:17 itojun Exp $");
 #include "ssh.h"
 #include "ssh1.h"
@ -133,12 +133,11 @@ static u_int x11_fake_data_len;
 static char *auth_sock_name = NULL;
 static char *auth_sock_dir = NULL;
 /* AF_UNSPEC or AF_INET or AF_INET6 */
 extern int IPv4or6;
 /* helper */
-void	port_open_helper(Channel *c, char *rtype);
+static void port_open_helper(Channel *c, char *rtype);
 /* -- channel core */
@ -164,7 +163,7 @@ channel_lookup(int id)
 * when the channel consumer/producer is ready, e.g. shell exec'd
 */
-void
+static void
 channel_register_fds(Channel *c, int rfd, int wfd, int efd,
    int extusage, int nonblock)
 {
@ -270,7 +269,7 @@ channel_new(char *ctype, int type, int rfd, int wfd, int efd,
 /* Close all channel fd/socket. */
-void
+static void
 channel_close_fds(Channel *c)
 {
 	debug3("channel_close_fds: channel %d: r %d w %d e %d",
@ -633,20 +632,20 @@ typedef void chan_fn(Channel *c, fd_set * readset, fd_set * writeset);
 chan_fn *channel_pre[SSH_CHANNEL_MAX_TYPE];
 chan_fn *channel_post[SSH_CHANNEL_MAX_TYPE];
-void
+static void
 channel_pre_listener(Channel *c, fd_set * readset, fd_set * writeset)
 {
 	FD_SET(c->sock, readset);
 }
-void
+static void
 channel_pre_connecting(Channel *c, fd_set * readset, fd_set * writeset)
 {
 	debug3("channel %d: waiting for connection", c->self);
 	FD_SET(c->sock, writeset);
 }
-void
+static void
 channel_pre_open_13(Channel *c, fd_set * readset, fd_set * writeset)
 {
 	if (buffer_len(&c->input) < packet_get_maxsize())
@ -655,7 +654,7 @@ channel_pre_open_13(Channel *c, fd_set * readset, fd_set * writeset)
 		FD_SET(c->sock, writeset);
 }
-void
+static void
 channel_pre_open_15(Channel *c, fd_set * readset, fd_set * writeset)
 {
 	/* test whether sockets are 'alive' for read/write */
@ -672,7 +671,7 @@ channel_pre_open_15(Channel *c, fd_set * readset, fd_set * writeset)
 	}
 }
-void
+static void
 channel_pre_open_20(Channel *c, fd_set * readset, fd_set * writeset)
 {
 	if (c->istate == CHAN_INPUT_OPEN &&
@ -698,7 +697,7 @@ channel_pre_open_20(Channel *c, fd_set * readset, fd_set * writeset)
 	}
 }
-void
+static void
 channel_pre_input_draining(Channel *c, fd_set * readset, fd_set * writeset)
 {
 	if (buffer_len(&c->input) == 0) {
@ -710,7 +709,7 @@ channel_pre_input_draining(Channel *c, fd_set * readset, fd_set * writeset)
 	}
 }
-void
+static void
 channel_pre_output_draining(Channel *c, fd_set * readset, fd_set * writeset)
 {
 	if (buffer_len(&c->output) == 0)
@ -728,7 +727,7 @@ channel_pre_output_draining(Channel *c, fd_set * readset, fd_set * writeset)
 * XXX All this happens at the client side.
 * Returns: 0 = need more data, -1 = wrong cookie, 1 = ok
 */
-int
+static int
 x11_open_helper(Buffer *b)
 {
 	u_char *ucp;
@ -786,7 +785,7 @@ x11_open_helper(Buffer *b)
 	return 1;
 }
-void
+static void
 channel_pre_x11_open_13(Channel *c, fd_set * readset, fd_set * writeset)
 {
 	int ret = x11_open_helper(&c->output);
@ -811,7 +810,7 @@ channel_pre_x11_open_13(Channel *c, fd_set * readset, fd_set * writeset)
 	}
 }
-void
+static void
 channel_pre_x11_open(Channel *c, fd_set * readset, fd_set * writeset)
 {
 	int ret = x11_open_helper(&c->output);
@ -830,7 +829,7 @@ channel_pre_x11_open(Channel *c, fd_set * readset, fd_set * writeset)
 }
 /* try to decode a socks4 header */
-int
+static int
 channel_decode_socks4(Channel *c, fd_set * readset, fd_set * writeset)
 {
 	u_char *p, *host;
@ -900,7 +899,7 @@ channel_decode_socks4(Channel *c, fd_set * readset, fd_set * writeset)
 }
 /* dynamic port forwarding */
-void
+static void
 channel_pre_dynamic(Channel *c, fd_set * readset, fd_set * writeset)
 {
 	u_char *p;
@ -940,7 +939,7 @@ channel_pre_dynamic(Channel *c, fd_set * readset, fd_set * writeset)
 }
 /* This is our fake X11 server socket. */
-void
+static void
 channel_post_x11_listener(Channel *c, fd_set * readset, fd_set * writeset)
 {
 	Channel *nc;
@ -998,7 +997,7 @@ channel_post_x11_listener(Channel *c, fd_set * readset, fd_set * writeset)
 	}
 }
-void
+static void
 port_open_helper(Channel *c, char *rtype)
 {
 	int direct;
@ -1052,7 +1051,7 @@ port_open_helper(Channel *c, char *rtype)
 /*
 * This socket is listening for connections to a forwarded TCP/IP port.
 */
-void
+static void
 channel_post_port_listener(Channel *c, fd_set * readset, fd_set * writeset)
 {
 	Channel *nc;
@ -1100,7 +1099,7 @@ channel_post_port_listener(Channel *c, fd_set * readset, fd_set * writeset)
 * This is the authentication agent socket listening for connections from
 * clients.
 */
-void
+static void
 channel_post_auth_listener(Channel *c, fd_set * readset, fd_set * writeset)
 {
 	Channel *nc;
@ -1140,7 +1139,7 @@ channel_post_auth_listener(Channel *c, fd_set * readset, fd_set * writeset)
 	}
 }
-void
+static void
 channel_post_connecting(Channel *c, fd_set * readset, fd_set * writeset)
 {
 	int err = 0;
@ -1187,7 +1186,7 @@ channel_post_connecting(Channel *c, fd_set * readset, fd_set * writeset)
 	}
 }
-int
+static int
 channel_handle_rfd(Channel *c, fd_set * readset, fd_set * writeset)
 {
 	char buf[16*1024];
@ -1225,7 +1224,7 @@ channel_handle_rfd(Channel *c, fd_set * readset, fd_set * writeset)
 	}
 	return 1;
 }
-int
+static int
 channel_handle_wfd(Channel *c, fd_set * readset, fd_set * writeset)
 {
 	struct termios tio;
@ -1273,7 +1272,7 @@ channel_handle_wfd(Channel *c, fd_set * readset, fd_set * writeset)
 	}
 	return 1;
 }
-int
+static int
 channel_handle_efd(Channel *c, fd_set * readset, fd_set * writeset)
 {
 	char buf[16*1024];
@ -1318,7 +1317,7 @@ channel_handle_efd(Channel *c, fd_set * readset, fd_set * writeset)
 	}
 	return 1;
 }
-int
+static int
 channel_check_window(Channel *c)
 {
 	if (c->type == SSH_CHANNEL_OPEN &&
@ -1338,14 +1337,14 @@ channel_check_window(Channel *c)
 	return 1;
 }
-void
+static void
 channel_post_open_1(Channel *c, fd_set * readset, fd_set * writeset)
 {
 	channel_handle_rfd(c, readset, writeset);
 	channel_handle_wfd(c, readset, writeset);
 }
-void
+static void
 channel_post_open_2(Channel *c, fd_set * readset, fd_set * writeset)
 {
 	channel_handle_rfd(c, readset, writeset);
@ -1355,7 +1354,7 @@ channel_post_open_2(Channel *c, fd_set * readset, fd_set * writeset)
 	channel_check_window(c);
 }
-void
+static void
 channel_post_output_drain_13(Channel *c, fd_set * readset, fd_set * writeset)
 {
 	int len;
@ -1370,7 +1369,7 @@ channel_post_output_drain_13(Channel *c, fd_set * readset, fd_set * writeset)
 	}
 }
-void
+static void
 channel_handler_init_20(void)
 {
 	channel_pre[SSH_CHANNEL_OPEN] =			&channel_pre_open_20;
@ -1391,7 +1390,7 @@ channel_handler_init_20(void)
 	channel_post[SSH_CHANNEL_DYNAMIC] =		&channel_post_open_2;
 }
-void
+static void
 channel_handler_init_13(void)
 {
 	channel_pre[SSH_CHANNEL_OPEN] =			&channel_pre_open_13;
@ -1413,7 +1412,7 @@ channel_handler_init_13(void)
 	channel_post[SSH_CHANNEL_DYNAMIC] =		&channel_post_open_1;
 }
-void
+static void
 channel_handler_init_15(void)
 {
 	channel_pre[SSH_CHANNEL_OPEN] =			&channel_pre_open_15;
@ -1432,7 +1431,7 @@ channel_handler_init_15(void)
 	channel_post[SSH_CHANNEL_DYNAMIC] =		&channel_post_open_1;
 }
-void
+static void
 channel_handler_init(void)
 {
 	int i;
@ -1448,7 +1447,7 @@ channel_handler_init(void)
 		channel_handler_init_15();
 }
-void
+static void
 channel_handler(chan_fn *ftab[], fd_set * readset, fd_set * writeset)
 {
 	static int did_init = 0;
@ -1828,7 +1827,7 @@ channel_input_open_confirmation(int type, int plen, void *ctxt)
 	}
 }
-char *
+static char *
 reason2txt(int reason)
 {
 	switch(reason) {
@ -2220,7 +2219,7 @@ channel_clear_permitted_opens(void)
 /* return socket to remote host, port */
-int
+static int
 connect_to(const char *host, u_short port)
 {
 	struct addrinfo hints, *ai, *aitop;
@ -2455,8 +2454,7 @@ x11_create_display_inet(int screen_number, int x11_display_offset)
 #define X_UNIX_PATH "/tmp/.X11-unix/X"
 #endif
-static
+static int
 int
 connect_local_xsocket(u_int dnr)
 {
 	static const char *const x_sockets[] = {
--- a/cipher.c
+++ b/cipher.c
@ -35,7 +35,7 @@
 */
 #include "includes.h"
-RCSID("$OpenBSD: cipher.c,v 1.44 2001/05/28 22:51:10 markus Exp $");
+RCSID("$OpenBSD: cipher.c,v 1.45 2001/06/23 15:12:18 itojun Exp $");
 #include "xmalloc.h"
 #include "log.h"
@ -43,24 +43,23 @@ RCSID("$OpenBSD: cipher.c,v 1.44 2001/05/28 22:51:10 markus Exp $");
 #include <openssl/md5.h>
 /* no encryption */
-void
+static void
 none_setkey(CipherContext *cc, const u_char *key, u_int keylen)
 {
 }
-void
+static void
 none_setiv(CipherContext *cc, const u_char *iv, u_int ivlen)
 {
 }
-void
+static void
 none_crypt(CipherContext *cc, u_char *dest, const u_char *src, u_int len)
 {
 	memcpy(dest, src, len);
 }
 /* DES */
-void
+static void
 des_ssh1_setkey(CipherContext *cc, const u_char *key, u_int keylen)
 {
 	static int dowarn = 1;
@ -71,18 +70,18 @@ des_ssh1_setkey(CipherContext *cc, const u_char *key, u_int keylen)
 	}
 	des_set_key((void *)key, cc->u.des.key);
 }
-void
+static void
 des_ssh1_setiv(CipherContext *cc, const u_char *iv, u_int ivlen)
 {
 	memset(cc->u.des.iv, 0, sizeof(cc->u.des.iv));
 }
-void
+static void
 des_ssh1_encrypt(CipherContext *cc, u_char *dest, const u_char *src, u_int len)
 {
 	des_ncbc_encrypt(src, dest, len, cc->u.des.key, &cc->u.des.iv,
 	    DES_ENCRYPT);
 }
-void
+static void
 des_ssh1_decrypt(CipherContext *cc, u_char *dest, const u_char *src, u_int len)
 {
 	des_ncbc_encrypt(src, dest, len, cc->u.des.key, &cc->u.des.iv,
@ -90,14 +89,14 @@ des_ssh1_decrypt(CipherContext *cc, u_char *dest, const u_char *src, u_int len)
 }
 /* 3DES */
-void
+static void
 des3_setkey(CipherContext *cc, const u_char *key, u_int keylen)
 {
 	des_set_key((void *) key, cc->u.des3.key1);
 	des_set_key((void *) (key+8), cc->u.des3.key2);
 	des_set_key((void *) (key+16), cc->u.des3.key3);
 }
-void
+static void
 des3_setiv(CipherContext *cc, const u_char *iv, u_int ivlen)
 {
 	memset(cc->u.des3.iv1, 0, sizeof(cc->u.des3.iv1));
@ -107,14 +106,14 @@ des3_setiv(CipherContext *cc, const u_char *iv, u_int ivlen)
 		return;
 	memcpy(cc->u.des3.iv3, (char *)iv, 8);
 }
-void
+static void
 des3_cbc_encrypt(CipherContext *cc, u_char *dest, const u_char *src, u_int len)
 {
 	des_ede3_cbc_encrypt(src, dest, len,
 	    cc->u.des3.key1, cc->u.des3.key2, cc->u.des3.key3,
 	    &cc->u.des3.iv3, DES_ENCRYPT);
 }
-void
+static void
 des3_cbc_decrypt(CipherContext *cc, u_char *dest, const u_char *src, u_int len)
 {
 	des_ede3_cbc_encrypt(src, dest, len,
@ -136,7 +135,7 @@ des3_cbc_decrypt(CipherContext *cc, u_char *dest, const u_char *src, u_int len)
 * result of that there is no longer any known iv1 to use when
 * choosing the X block.
 */
-void
+static void
 des3_ssh1_setkey(CipherContext *cc, const u_char *key, u_int keylen)
 {
 	des_set_key((void *) key, cc->u.des3.key1);
@ -146,7 +145,7 @@ des3_ssh1_setkey(CipherContext *cc, const u_char *key, u_int keylen)
 	else
 		des_set_key((void *) (key+16), cc->u.des3.key3);
 }
-void
+static void
 des3_ssh1_encrypt(CipherContext *cc, u_char *dest, const u_char *src,
    u_int len)
 {
@ -157,7 +156,7 @@ des3_ssh1_encrypt(CipherContext *cc, u_char *dest, const u_char *src,
 	des_ncbc_encrypt(dest, dest, len, cc->u.des3.key3, &cc->u.des3.iv3,
 	    DES_ENCRYPT);
 }
-void
+static void
 des3_ssh1_decrypt(CipherContext *cc, u_char *dest, const u_char *src,
    u_int len)
 {
@ -170,12 +169,12 @@ des3_ssh1_decrypt(CipherContext *cc, u_char *dest, const u_char *src,
 }
 /* Blowfish */
-void
+static void
 blowfish_setkey(CipherContext *cc, const u_char *key, u_int keylen)
 {
 	BF_set_key(&cc->u.bf.key, keylen, (u_char *)key);
 }
-void
+static void
 blowfish_setiv(CipherContext *cc, const u_char *iv, u_int ivlen)
 {
 	if (iv == NULL)
@ -183,14 +182,14 @@ blowfish_setiv(CipherContext *cc, const u_char *iv, u_int ivlen)
 	else
 		memcpy(cc->u.bf.iv, (char *)iv, 8);
 }
-void
+static void
 blowfish_cbc_encrypt(CipherContext *cc, u_char *dest, const u_char *src,
     u_int len)
 {
 	BF_cbc_encrypt((void *)src, dest, len, &cc->u.bf.key, cc->u.bf.iv,
 	    BF_ENCRYPT);
 }
-void
+static void
 blowfish_cbc_decrypt(CipherContext *cc, u_char *dest, const u_char *src,
     u_int len)
 {
@ -221,7 +220,7 @@ swap_bytes(const u_char *src, u_char *dst, int n)
 	}
 }
-void
+static void
 blowfish_ssh1_encrypt(CipherContext *cc, u_char *dest, const u_char *src,
    u_int len)
 {
@ -230,7 +229,7 @@ blowfish_ssh1_encrypt(CipherContext *cc, u_char *dest, const u_char *src,
 	    BF_ENCRYPT);
 	swap_bytes(dest, dest, len);
 }
-void
+static void
 blowfish_ssh1_decrypt(CipherContext *cc, u_char *dest, const u_char *src,
    u_int len)
 {
@ -241,37 +240,37 @@ blowfish_ssh1_decrypt(CipherContext *cc, u_char *dest, const u_char *src,
 }
 /* alleged rc4 */
-void
+static void
 arcfour_setkey(CipherContext *cc, const u_char *key, u_int keylen)
 {
 	RC4_set_key(&cc->u.rc4, keylen, (u_char *)key);
 }
-void
+static void
 arcfour_crypt(CipherContext *cc, u_char *dest, const u_char *src, u_int len)
 {
 	RC4(&cc->u.rc4, len, (u_char *)src, dest);
 }
 /* CAST */
-void
+static void
 cast_setkey(CipherContext *cc, const u_char *key, u_int keylen)
 {
 	CAST_set_key(&cc->u.cast.key, keylen, (u_char *) key);
 }
-void
+static void
 cast_setiv(CipherContext *cc, const u_char *iv, u_int ivlen)
 {
 	if (iv == NULL)
 		fatal("no IV for %s.", cc->cipher->name);
 	memcpy(cc->u.cast.iv, (char *)iv, 8);
 }
-void
+static void
 cast_cbc_encrypt(CipherContext *cc, u_char *dest, const u_char *src, u_int len)
 {
 	CAST_cbc_encrypt(src, dest, len, &cc->u.cast.key, cc->u.cast.iv,
 	    CAST_ENCRYPT);
 }
-void
+static void
 cast_cbc_decrypt(CipherContext *cc, u_char *dest, const u_char *src, u_int len)
 {
 	CAST_cbc_encrypt(src, dest, len, &cc->u.cast.key, cc->u.cast.iv,
@ -281,20 +280,20 @@ cast_cbc_decrypt(CipherContext *cc, u_char *dest, const u_char *src, u_int len)
 /* RIJNDAEL */
 #define RIJNDAEL_BLOCKSIZE 16
-void
+static void
 rijndael_setkey(CipherContext *cc, const u_char *key, u_int keylen)
 {
 	rijndael_set_key(&cc->u.rijndael.enc, (u4byte *)key, 8*keylen, 1);
 	rijndael_set_key(&cc->u.rijndael.dec, (u4byte *)key, 8*keylen, 0);
 }
-void
+static void
 rijndael_setiv(CipherContext *cc, const u_char *iv, u_int ivlen)
 {
 	if (iv == NULL)
 		fatal("no IV for %s.", cc->cipher->name);
 	memcpy((u_char *)cc->u.rijndael.iv, iv, RIJNDAEL_BLOCKSIZE);
 }
-void
+static void
 rijndael_cbc_encrypt(CipherContext *cc, u_char *dest, const u_char *src,
    u_int len)
 {
@ -321,7 +320,7 @@ rijndael_cbc_encrypt(CipherContext *cc, u_char *dest, const u_char *src,
 	memcpy(iv, cprev, RIJNDAEL_BLOCKSIZE);
 }
-void
+static void
 rijndael_cbc_decrypt(CipherContext *cc, u_char *dest, const u_char *src,
    u_int len)
 {
--- a/clientloop.c
+++ b/clientloop.c
@ -59,7 +59,7 @@
 */
 #include "includes.h"
-RCSID("$OpenBSD: clientloop.c,v 1.76 2001/06/20 13:56:39 markus Exp $");
+RCSID("$OpenBSD: clientloop.c,v 1.77 2001/06/23 15:12:18 itojun Exp $");
 #include "ssh.h"
 #include "ssh1.h"
@ -124,7 +124,7 @@ static int connection_out;	/* Connection to server (output). */
 static int need_rekeying;	/* Set to non-zero if rekeying is requested. */
 static int session_closed = 0;	/* In SSH2: login session closed. */
-void	client_init_dispatch(void);
+static void client_init_dispatch(void);
 int	session_ident = -1;
 /*XXX*/
@ -132,7 +132,7 @@ extern Kex *xxx_kex;
 /* Restores stdin to blocking mode. */
-void
+static void
 leave_non_blocking(void)
 {
 	if (in_non_blocking_mode) {
@ -144,7 +144,7 @@ leave_non_blocking(void)
 /* Puts stdin terminal in non-blocking mode. */
-void
+static void
 enter_non_blocking(void)
 {
 	in_non_blocking_mode = 1;
@ -157,7 +157,7 @@ enter_non_blocking(void)
 * flag indicating that the window has changed.
 */
-void
+static void
 window_change_handler(int sig)
 {
 	received_window_change_signal = 1;
@ -169,7 +169,7 @@ window_change_handler(int sig)
 * signals must be trapped to restore terminal modes.
 */
-void
+static void
 signal_handler(int sig)
 {
 	received_signal = sig;
@ -181,7 +181,7 @@ signal_handler(int sig)
 * available resolution.
 */
-double
+static double
 get_current_time(void)
 {
 	struct timeval tv;
@ -195,7 +195,7 @@ get_current_time(void)
 * not appear to wake up when redirecting from /dev/null.
 */
-void
+static void
 client_check_initial_eof_on_stdin(void)
 {
 	int len;
@ -247,7 +247,7 @@ client_check_initial_eof_on_stdin(void)
 * connection.
 */
-void
+static void
 client_make_packets_from_stdin_data(void)
 {
 	u_int len;
@ -279,7 +279,7 @@ client_make_packets_from_stdin_data(void)
 * appropriate.
 */
-void
+static void
 client_check_window_change(void)
 {
 	struct winsize ws;
@ -316,7 +316,7 @@ client_check_window_change(void)
 * one of the file descriptors).
 */
-void
+static void
 client_wait_until_can_do_something(fd_set **readsetp, fd_set **writesetp,
    int *maxfdp, int rekeying)
 {
@ -384,7 +384,7 @@ client_wait_until_can_do_something(fd_set **readsetp, fd_set **writesetp,
 	}
 }
-void
+static void
 client_suspend_self(Buffer *bin, Buffer *bout, Buffer *berr)
 {
 	struct winsize oldws, newws;
@ -427,7 +427,7 @@ client_suspend_self(Buffer *bin, Buffer *bout, Buffer *berr)
 	enter_raw_mode();
 }
-void
+static void
 client_process_net_input(fd_set * readset)
 {
 	int len;
@ -468,7 +468,7 @@ client_process_net_input(fd_set * readset)
 }
 /* process the characters one by one */
-int
+static int
 process_escapes(Buffer *bin, Buffer *bout, Buffer *berr, char *buf, int len)
 {
 	char string[1024];
@ -618,7 +618,7 @@ Supported escape sequences:\r\n\
 	return bytes;
 }
-void
+static void
 client_process_input(fd_set * readset)
 {
 	int len;
@ -671,7 +671,7 @@ client_process_input(fd_set * readset)
 	}
 }
-void
+static void
 client_process_output(fd_set * writeset)
 {
 	int len;
@ -732,7 +732,7 @@ client_process_output(fd_set * writeset)
 * preparatory phase.
 */
-void
+static void
 client_process_buffered_input_packets(void)
 {
 	dispatch_run(DISPATCH_NONBLOCK, &quit_pending, compat20 ? xxx_kex : NULL);
@ -740,14 +740,14 @@ client_process_buffered_input_packets(void)
 /* scan buf[] for '~' before sending data to the peer */
-int
+static int
 simple_escape_filter(Channel *c, char *buf, int len)
 {
 	/* XXX we assume c->extended is writeable */
 	return process_escapes(&c->input, &c->output, &c->extended, buf, len);
 }
-void
+static void
 client_channel_closed(int id, void *arg)
 {
 	if (id != session_ident)
@ -1000,7 +1000,7 @@ client_loop(int have_pty, int escape_char_arg, int ssh2_chan_id)
 /*********/
-void
+static void
 client_input_stdout_data(int type, int plen, void *ctxt)
 {
 	u_int data_len;
@ -1010,7 +1010,7 @@ client_input_stdout_data(int type, int plen, void *ctxt)
 	memset(data, 0, data_len);
 	xfree(data);
 }
-void
+static void
 client_input_stderr_data(int type, int plen, void *ctxt)
 {
 	u_int data_len;
@ -1020,7 +1020,7 @@ client_input_stderr_data(int type, int plen, void *ctxt)
 	memset(data, 0, data_len);
 	xfree(data);
 }
-void
+static void
 client_input_exit_status(int type, int plen, void *ctxt)
 {
 	packet_integrity_check(plen, 4, type);
@ -1037,7 +1037,7 @@ client_input_exit_status(int type, int plen, void *ctxt)
 	quit_pending = 1;
 }
-Channel *
+static Channel *
 client_request_forwarded_tcpip(const char *request_type, int rchan)
 {
 	Channel* c = NULL;
@ -1074,7 +1074,7 @@ client_request_forwarded_tcpip(const char *request_type, int rchan)
 	return c;
 }
-Channel*
+static Channel*
 client_request_x11(const char *request_type, int rchan)
 {
 	Channel *c = NULL;
@ -1113,7 +1113,7 @@ client_request_x11(const char *request_type, int rchan)
 	return c;
 }
-Channel*
+static Channel*
 client_request_agent(const char *request_type, int rchan)
 {
 	Channel *c = NULL;
@ -1139,7 +1139,7 @@ client_request_agent(const char *request_type, int rchan)
 }
 /* XXXX move to generic input handler */
-void
+static void
 client_input_channel_open(int type, int plen, void *ctxt)
 {
 	Channel *c = NULL;
@ -1191,7 +1191,7 @@ client_input_channel_open(int type, int plen, void *ctxt)
 	}
 	xfree(ctype);
 }
-void
+static void
 client_input_channel_req(int type, int plen, void *ctxt)
 {
 	Channel *c = NULL;
@ -1228,7 +1228,7 @@ client_input_channel_req(int type, int plen, void *ctxt)
 	xfree(rtype);
 }
-void
+static void
 client_init_dispatch_20(void)
 {
 	dispatch_init(&dispatch_protocol_error);
@ -1245,7 +1245,7 @@ client_init_dispatch_20(void)
 	/* rekeying */
 	dispatch_set(SSH2_MSG_KEXINIT, &kex_input_kexinit);
 }
-void
+static void
 client_init_dispatch_13(void)
 {
 	dispatch_init(NULL);
@ -1264,7 +1264,7 @@ client_init_dispatch_13(void)
 	dispatch_set(SSH_SMSG_X11_OPEN, options.forward_x11 ?
 	    &x11_input_open : &deny_input_open);
 }
-void
+static void
 client_init_dispatch_15(void)
 {
 	client_init_dispatch_13();
--- a/deattack.c
+++ b/deattack.c
@ -1,4 +1,4 @@
-/*	$OpenBSD: deattack.c,v 1.13 2001/03/01 02:45:10 deraadt Exp $	*/
+/*	$OpenBSD: deattack.c,v 1.14 2001/06/23 15:12:18 itojun Exp $	*/
 /*
 * Cryptographic attack detector for ssh - source code
@ -46,8 +46,7 @@
 #define CMP(a, b)	(memcmp(a, b, SSH_BLOCKSIZE))
-
+static void
 void
 crc_update(u_int32_t *a, u_int32_t b)
 {
 	b ^= *a;
@ -55,7 +54,7 @@ crc_update(u_int32_t *a, u_int32_t b)
 }
 /* detect if a block is used in a particular pattern */
-int
+static int
 check_crc(u_char *S, u_char *buf, u_int32_t len,
 	  u_char *IV)
 {
--- a/dh.c
+++ b/dh.c
@ -23,7 +23,7 @@
 */
 #include "includes.h"
-RCSID("$OpenBSD: dh.c,v 1.16 2001/06/22 21:57:59 provos Exp $");
+RCSID("$OpenBSD: dh.c,v 1.17 2001/06/23 15:12:18 itojun Exp $");
 #include "xmalloc.h"
@ -39,7 +39,7 @@ RCSID("$OpenBSD: dh.c,v 1.16 2001/06/22 21:57:59 provos Exp $");
 #include "log.h"
 #include "misc.h"
-int
+static int
 parse_prime(int linenum, char *line, struct dhgroup *dhg)
 {
 	char *cp, *arg;
--- a/hostfile.c
+++ b/hostfile.c
@ -36,7 +36,7 @@
 */
 #include "includes.h"
-RCSID("$OpenBSD: hostfile.c,v 1.26 2001/04/12 19:15:24 markus Exp $");
+RCSID("$OpenBSD: hostfile.c,v 1.27 2001/06/23 15:12:18 itojun Exp $");
 #include "packet.h"
 #include "match.h"
@ -49,7 +49,7 @@ RCSID("$OpenBSD: hostfile.c,v 1.26 2001/04/12 19:15:24 markus Exp $");
 * pointer over the key.  Skips any whitespace at the beginning and at end.
 */
-int
+static int
 hostfile_read_key(char **cpp, u_int *bitsp, Key *ret)
 {
 	char *cp;
@ -82,7 +82,7 @@ auth_rsa_read_key(char **cpp, u_int *bitsp, BIGNUM * e, BIGNUM * n)
 	return ret;
 }
-int
+static int
 hostfile_check_key(int bits, Key *key, const char *host, const char *filename, int linenum)
 {
 	if (key == NULL || key->type != KEY_RSA1 || key->rsa == NULL)
--- a/kex.c
+++ b/kex.c
@ -23,7 +23,7 @@
 */
 #include "includes.h"
-RCSID("$OpenBSD: kex.c,v 1.34 2001/04/30 15:50:46 markus Exp $");
+RCSID("$OpenBSD: kex.c,v 1.35 2001/06/23 15:12:18 itojun Exp $");
 #include <openssl/crypto.h>
@ -43,11 +43,12 @@ RCSID("$OpenBSD: kex.c,v 1.34 2001/04/30 15:50:46 markus Exp $");
 #define KEX_COOKIE_LEN	16
-void	kex_kexinit_finish(Kex *kex);
+/* prototype */
-void	kex_choose_conf(Kex *k);
+static void kex_kexinit_finish(Kex *);
 static void kex_choose_conf(Kex *);
 /* put algorithm proposal into buffer */
-void
+static void
 kex_prop2buf(Buffer *b, char *proposal[PROPOSAL_MAX])
 {
 	u_int32_t rand = 0;
@ -67,7 +68,7 @@ kex_prop2buf(Buffer *b, char *proposal[PROPOSAL_MAX])
 }
 /* parse buffer and return algorithm proposal */
-char **
+static char **
 kex_buf2prop(Buffer *raw)
 {
 	Buffer b;
@ -95,7 +96,7 @@ kex_buf2prop(Buffer *raw)
 	return proposal;
 }
-void
+static void
 kex_prop_free(char **proposal)
 {
 	int i;
@ -105,13 +106,13 @@ kex_prop_free(char **proposal)
 	xfree(proposal);
 }
-void
+static void
 kex_protocol_error(int type, int plen, void *ctxt)
 {
 	error("Hm, kex protocol error: type %d plen %d", type, plen);
 }
-void
+static void
 kex_clear_dispatch(void)
 {
 	int i;
@ -210,7 +211,7 @@ kex_setup(char *proposal[PROPOSAL_MAX])
 	return kex;
 }
-void
+static void
 kex_kexinit_finish(Kex *kex)
 {
 	if (!(kex->flags & KEX_INIT_SENT))
@ -230,7 +231,7 @@ kex_kexinit_finish(Kex *kex)
 	}
 }
-void
+static void
 choose_enc(Enc *enc, char *client, char *server)
 {
 	char *name = match_list(client, server, NULL);
@ -244,7 +245,7 @@ choose_enc(Enc *enc, char *client, char *server)
 	enc->iv = NULL;
 	enc->key = NULL;
 }
-void
+static void
 choose_mac(Mac *mac, char *client, char *server)
 {
 	char *name = match_list(client, server, NULL);
@ -259,7 +260,7 @@ choose_mac(Mac *mac, char *client, char *server)
 	mac->key = NULL;
 	mac->enabled = 0;
 }
-void
+static void
 choose_comp(Comp *comp, char *client, char *server)
 {
 	char *name = match_list(client, server, NULL);
@ -274,7 +275,7 @@ choose_comp(Comp *comp, char *client, char *server)
 	}
 	comp->name = name;
 }
-void
+static void
 choose_kex(Kex *k, char *client, char *server)
 {
 	k->name = match_list(client, server, NULL);
@ -287,7 +288,7 @@ choose_kex(Kex *k, char *client, char *server)
 	} else
 		fatal("bad kex alg %s", k->name);
 }
-void
+static void
 choose_hostkeyalg(Kex *k, char *client, char *server)
 {
 	char *hostkeyalg = match_list(client, server, NULL);
@ -299,7 +300,7 @@ choose_hostkeyalg(Kex *k, char *client, char *server)
 	xfree(hostkeyalg);
 }
-void
+static void
 kex_choose_conf(Kex *kex)
 {
 	Newkeys *newkeys;
@ -359,7 +360,7 @@ kex_choose_conf(Kex *kex)
 	kex_prop_free(peer);
 }
-u_char *
+static u_char *
 derive_key(Kex *kex, int id, int need, u_char *hash, BIGNUM *shared_secret)
 {
 	Buffer b;
--- a/kexdh.c
+++ b/kexdh.c
@ -23,7 +23,7 @@
 */
 #include "includes.h"
-RCSID("$OpenBSD: kexdh.c,v 1.5 2001/06/23 02:34:29 markus Exp $");
+RCSID("$OpenBSD: kexdh.c,v 1.6 2001/06/23 15:12:18 itojun Exp $");
 #include <openssl/crypto.h>
 #include <openssl/bn.h>
@ -38,7 +38,7 @@ RCSID("$OpenBSD: kexdh.c,v 1.5 2001/06/23 02:34:29 markus Exp $");
 #include "dh.h"
 #include "ssh2.h"
-u_char *
+static u_char *
 kex_dh_hash(
    char *client_version_string,
    char *server_version_string,
@ -88,7 +88,7 @@ kex_dh_hash(
 /* client */
-void
+static void
 kexdh_client(Kex *kex)
 {
 	BIGNUM *dh_server_pub = NULL, *shared_secret = NULL;
@ -193,7 +193,7 @@ kexdh_client(Kex *kex)
 /* server */
-void
+static void
 kexdh_server(Kex *kex)
 {
 	BIGNUM *shared_secret = NULL, *dh_client_pub = NULL;
--- a/kexgex.c
+++ b/kexgex.c
@ -24,7 +24,7 @@
 */
 #include "includes.h"
-RCSID("$OpenBSD: kexgex.c,v 1.7 2001/06/23 02:34:29 markus Exp $");
+RCSID("$OpenBSD: kexgex.c,v 1.8 2001/06/23 15:12:19 itojun Exp $");
 #include <openssl/bn.h>
@ -39,7 +39,7 @@ RCSID("$OpenBSD: kexgex.c,v 1.7 2001/06/23 02:34:29 markus Exp $");
 #include "ssh2.h"
 #include "compat.h"
-u_char *
+static u_char *
 kexgex_hash(
    char *client_version_string,
    char *server_version_string,
@ -99,7 +99,7 @@ kexgex_hash(
 /* client */
-void
+static void
 kexgex_client(Kex *kex)
 {
 	BIGNUM *dh_server_pub = NULL, *shared_secret = NULL;
@ -253,7 +253,7 @@ kexgex_client(Kex *kex)
 /* server */
-void
+static void
 kexgex_server(Kex *kex)
 {
 	BIGNUM *shared_secret = NULL, *dh_client_pub = NULL;
--- a/key.c
+++ b/key.c
@ -32,7 +32,7 @@
 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 */
 #include "includes.h"
-RCSID("$OpenBSD: key.c,v 1.26 2001/06/23 05:26:02 markus Exp $");
+RCSID("$OpenBSD: key.c,v 1.27 2001/06/23 15:12:19 itojun Exp $");
 #include <openssl/evp.h>
@ -153,7 +153,7 @@ key_equal(Key *a, Key *b)
 	return 0;
 }
-u_char*
+static u_char*
 key_fingerprint_raw(Key *k, enum fp_type dgst_type, size_t *dgst_raw_length)
 {
 	EVP_MD *md = NULL;
@ -210,7 +210,7 @@ key_fingerprint_raw(Key *k, enum fp_type dgst_type, size_t *dgst_raw_length)
 	return retval;
 }
-char*
+static char*
 key_fingerprint_hex(u_char* dgst_raw, size_t dgst_raw_len)
 {
 	char *retval;
@ -227,7 +227,7 @@ key_fingerprint_hex(u_char* dgst_raw, size_t dgst_raw_len)
 	return retval;
 }
-char*
+static char*
 key_fingerprint_bubblebabble(u_char* dgst_raw, size_t dgst_raw_len)
 {
 	char vowels[] = { 'a', 'e', 'i', 'o', 'u', 'y' };
@ -308,7 +308,7 @@ key_fingerprint(Key *k, enum fp_type dgst_type, enum fp_rep dgst_rep)
 * last processed (and maybe modified) character.  Note that this may modify
 * the buffer containing the number.
 */
-int
+static int
 read_bignum(char **cpp, BIGNUM * value)
 {
 	char *cp = *cpp;
@ -344,7 +344,7 @@ read_bignum(char **cpp, BIGNUM * value)
 	*cpp = cp;
 	return 1;
 }
-int
+static int
 write_bignum(FILE *f, BIGNUM *num)
 {
 	char *buf = BN_bn2dec(num);
@ -544,7 +544,7 @@ key_size(Key *k){
 	return 0;
 }
-RSA *
+static RSA *
 rsa_generate_private_key(u_int bits)
 {
 	RSA *private;
@ -554,7 +554,7 @@ rsa_generate_private_key(u_int bits)
 	return private;
 }
-DSA*
+static DSA*
 dsa_generate_private_key(u_int bits)
 {
 	DSA *private = DSA_generate_parameters(bits, NULL, 0, NULL, NULL, NULL, NULL);
--- a/nchan.c
+++ b/nchan.c
@ -23,7 +23,7 @@
 */
 #include "includes.h"
-RCSID("$OpenBSD: nchan.c,v 1.28 2001/05/31 10:30:16 markus Exp $");
+RCSID("$OpenBSD: nchan.c,v 1.29 2001/06/23 15:12:19 itojun Exp $");
 #include "ssh1.h"
 #include "ssh2.h"
@ -74,14 +74,14 @@ chan_event_fn *chan_obuf_empty			= NULL;
 /*
 * ACTIONS: should never update the channel states
 */
-static void	chan_send_ieof1(Channel *c);
+static void	chan_send_ieof1(Channel *);
-static void	chan_send_oclose1(Channel *c);
+static void	chan_send_oclose1(Channel *);
-static void	chan_send_close2(Channel *c);
+static void	chan_send_close2(Channel *);
-static void	chan_send_eof2(Channel *c);
+static void	chan_send_eof2(Channel *);
 /* helper */
-static void	chan_shutdown_write(Channel *c);
+static void	chan_shutdown_write(Channel *);
-static void	chan_shutdown_read(Channel *c);
+static void	chan_shutdown_read(Channel *);
 /*
 * SSH1 specific implementation of event functions
--- a/packet.c
+++ b/packet.c
@ -37,7 +37,7 @@
 */
 #include "includes.h"
-RCSID("$OpenBSD: packet.c,v 1.67 2001/06/20 13:56:39 markus Exp $");
+RCSID("$OpenBSD: packet.c,v 1.68 2001/06/23 15:12:19 itojun Exp $");
 #include "xmalloc.h"
 #include "buffer.h"
@ -260,8 +260,8 @@ packet_get_protocol_flags()
 * Level is compression level 1 (fastest) - 9 (slow, best) as in gzip.
 */
-void
+static void
-packet_init_compression()
+packet_init_compression(void)
 {
 	if (compression_buffer_ready == 1)
 		return;
@ -356,7 +356,7 @@ packet_put_bignum2(BIGNUM * value)
 * encrypts the packet before sending.
 */
-void
+static void
 packet_send1(void)
 {
 	char buf[8], *cp;
@ -427,7 +427,7 @@ packet_send1(void)
 	 */
 }
-void
+static void
 set_newkeys(int mode)
 {
 	Enc *enc;
@ -480,7 +480,7 @@ set_newkeys(int mode)
 /*
 * Finalize packet in SSH2 format (compress, mac, encrypt, enqueue)
 */
-void
+static void
 packet_send2(void)
 {
 	static u_int32_t seqnr = 0;
@ -683,7 +683,7 @@ packet_read_expect(int *payload_len_ptr, int expected_type)
 * 	Check bytes
 */
-int
+static int
 packet_read_poll1(int *payload_len_ptr)
 {
 	u_int len, padded_len;
@ -761,7 +761,7 @@ packet_read_poll1(int *payload_len_ptr)
 	return type;
 }
-int
+static int
 packet_read_poll2(int *payload_len_ptr)
 {
 	static u_int32_t seqnr = 0;
--- a/radix.c
+++ b/radix.c
@ -25,11 +25,13 @@
 #include "includes.h"
 #include "uuencode.h"
-RCSID("$OpenBSD: radix.c,v 1.15 2001/01/16 23:58:09 deraadt Exp $");
+RCSID("$OpenBSD: radix.c,v 1.16 2001/06/23 15:12:19 itojun Exp $");
 #ifdef AFS
 #include <krb.h>
 #include <radix.h>
 typedef u_char my_u_char;
 typedef u_int my_u_int32_t;
 typedef u_short my_u_short;
--- a/readpass.c
+++ b/readpass.c
@ -32,7 +32,7 @@
 */
 #include "includes.h"
-RCSID("$OpenBSD: readpass.c,v 1.17 2001/05/06 17:52:07 mouring Exp $");
+RCSID("$OpenBSD: readpass.c,v 1.18 2001/06/23 15:12:19 itojun Exp $");
 #include "xmalloc.h"
 #include "cli.h"
@ -42,7 +42,7 @@ RCSID("$OpenBSD: readpass.c,v 1.17 2001/05/06 17:52:07 mouring Exp $");
 #include "atomicio.h"
 #include "ssh.h"
-char *
+static char *
 ssh_askpass(char *askpass, const char *msg)
 {
 	pid_t pid;
--- a/scp.c
+++ b/scp.c
@ -75,7 +75,7 @@
 */
 #include "includes.h"
-RCSID("$OpenBSD: scp.c,v 1.75 2001/06/23 00:16:16 deraadt Exp $");
+RCSID("$OpenBSD: scp.c,v 1.76 2001/06/23 15:12:19 itojun Exp $");
 #include "xmalloc.h"
 #include "atomicio.h"
@ -210,6 +210,7 @@ int pflag, iamremote, iamrecursive, targetshouldbedirectory;
 #define	CMDNEEDS	64
 char cmd[CMDNEEDS];		/* must hold "rcp -r -p -d\0" */
 int main(int, char *[]);
 int response(void);
 void rsource(char *, struct stat *);
 void sink(int, char *[]);
@ -1060,7 +1061,7 @@ lostconn(signo)
 }
-void
+static void
 alarmtimer(int wait)
 {
 	struct itimerval itv;
@ -1071,7 +1072,7 @@ alarmtimer(int wait)
 	setitimer(ITIMER_REAL, &itv, NULL);
 }
-void
+static void
 updateprogressmeter(int ignore)
 {
 	int save_errno = errno;
@ -1080,7 +1081,7 @@ updateprogressmeter(int ignore)
 	errno = save_errno;
 }
-int
+static int
 foregroundproc(void)
 {
 	static pid_t pgrp = -1;
--- a/servconf.c
+++ b/servconf.c
@ -10,7 +10,7 @@
 */
 #include "includes.h"
-RCSID("$OpenBSD: servconf.c,v 1.83 2001/06/08 15:25:40 markus Exp $");
+RCSID("$OpenBSD: servconf.c,v 1.84 2001/06/23 15:12:19 itojun Exp $");
 #ifdef KRB4
 #include <krb.h>
@ -31,8 +31,8 @@ RCSID("$OpenBSD: servconf.c,v 1.83 2001/06/08 15:25:40 markus Exp $");
 #include "kex.h"
 #include "mac.h"
-void add_listen_addr(ServerOptions *options, char *addr, u_short port);
+static void add_listen_addr(ServerOptions *, char *, u_short);
-void add_one_listen_addr(ServerOptions *options, char *addr, u_short port);
+static void add_one_listen_addr(ServerOptions *, char *, u_short);
 /* AF_UNSPEC or AF_INET or AF_INET6 */
 extern int IPv4or6;
@ -333,7 +333,7 @@ parse_token(const char *cp, const char *filename,
 	return sBadOption;
 }
-void
+static void
 add_listen_addr(ServerOptions *options, char *addr, u_short port)
 {
 	int i;
@ -347,7 +347,7 @@ add_listen_addr(ServerOptions *options, char *addr, u_short port)
 		add_one_listen_addr(options, addr, port);
 }
-void
+static void
 add_one_listen_addr(ServerOptions *options, char *addr, u_short port)
 {
 	struct addrinfo hints, *ai, *aitop;
--- a/serverloop.c
+++ b/serverloop.c
@ -35,7 +35,7 @@
 */
 #include "includes.h"
-RCSID("$OpenBSD: serverloop.c,v 1.69 2001/06/20 13:56:39 markus Exp $");
+RCSID("$OpenBSD: serverloop.c,v 1.70 2001/06/23 15:12:19 itojun Exp $");
 #include "xmalloc.h"
 #include "packet.h"
@ -84,13 +84,15 @@ static u_int buffer_high;	/* "Soft" max buffer size. */
 * This SIGCHLD kludge is used to detect when the child exits.  The server
 * will exit after that, as soon as forwarded connections have terminated.
 */
 static volatile int child_terminated;	/* The child has terminated. */
-void	server_init_dispatch(void);
+/* prototypes */
 static void server_init_dispatch(void);
 int client_alive_timeouts = 0;
-void
+static void
 sigchld_handler(int sig)
 {
 	int save_errno = errno;
@ -104,7 +106,7 @@ sigchld_handler(int sig)
 * Make packets from buffered stderr data, and buffer it for sending
 * to the client.
 */
-void
+static void
 make_packets_from_stderr_data(void)
 {
 	int len;
@ -133,7 +135,7 @@ make_packets_from_stderr_data(void)
 * Make packets from buffered stdout data, and buffer it for sending to the
 * client.
 */
-void
+static void
 make_packets_from_stdout_data(void)
 {
 	int len;
@ -164,7 +166,7 @@ make_packets_from_stdout_data(void)
 * have data or can accept data.  Optionally, a maximum time can be specified
 * for the duration of the wait (0 = infinite).
 */
-void
+static void
 wait_until_can_do_something(fd_set **readsetp, fd_set **writesetp, int *maxfdp,
    u_int max_time_milliseconds)
 {
@ -286,7 +288,7 @@ retry_select:
 * Processes input from the client and the program.  Input data is stored
 * in buffers and processed later.
 */
-void
+static void
 process_input(fd_set * readset)
 {
 	int len;
@ -342,7 +344,7 @@ process_input(fd_set * readset)
 /*
 * Sends data from internal buffers to client program stdin.
 */
-void
+static void
 process_output(fd_set * writeset)
 {
 	struct termios tio;
@ -390,7 +392,7 @@ process_output(fd_set * writeset)
 * Wait until all buffered output has been sent to the client.
 * This is used when the program terminates.
 */
-void
+static void
 drain_output(void)
 {
 	/* Send any buffered stdout data to the client. */
@ -415,7 +417,7 @@ drain_output(void)
 	packet_write_wait();
 }
-void
+static void
 process_buffered_input_packets(void)
 {
 	dispatch_run(DISPATCH_NONBLOCK, NULL, compat20 ? xxx_kex : NULL);
@ -706,7 +708,7 @@ server_loop2(void)
 		session_close_by_pid(pid, status);
 }
-void
+static void
 server_input_channel_failure(int type, int plen, void *ctxt)
 {
 	debug("Got CHANNEL_FAILURE for keepalive");
@ -719,7 +721,7 @@ server_input_channel_failure(int type, int plen, void *ctxt)
 }
-void
+static void
 server_input_stdin_data(int type, int plen, void *ctxt)
 {
 	char *data;
@ -736,7 +738,7 @@ server_input_stdin_data(int type, int plen, void *ctxt)
 	xfree(data);
 }
-void
+static void
 server_input_eof(int type, int plen, void *ctxt)
 {
 	/*
@ -749,7 +751,7 @@ server_input_eof(int type, int plen, void *ctxt)
 	stdin_eof = 1;
 }
-void
+static void
 server_input_window_size(int type, int plen, void *ctxt)
 {
 	int row = packet_get_int();
@ -763,7 +765,7 @@ server_input_window_size(int type, int plen, void *ctxt)
 		pty_change_window_size(fdin, row, col, xpixel, ypixel);
 }
-Channel *
+static Channel *
 server_request_direct_tcpip(char *ctype)
 {
 	Channel *c;
@ -796,7 +798,7 @@ server_request_direct_tcpip(char *ctype)
 	return c;
 }
-Channel *
+static Channel *
 server_request_session(char *ctype)
 {
 	Channel *c;
@ -827,7 +829,7 @@ server_request_session(char *ctype)
 	return c;
 }
-void
+static void
 server_input_channel_open(int type, int plen, void *ctxt)
 {
 	Channel *c = NULL;
@ -877,7 +879,7 @@ server_input_channel_open(int type, int plen, void *ctxt)
 	xfree(ctype);
 }
-void
+static void
 server_input_global_request(int type, int plen, void *ctxt)
 {
 	char *rtype;
@ -927,7 +929,7 @@ server_input_global_request(int type, int plen, void *ctxt)
 	xfree(rtype);
 }
-void
+static void
 server_init_dispatch_20(void)
 {
 	debug("server_init_dispatch_20");
@ -947,7 +949,7 @@ server_init_dispatch_20(void)
 	/* rekeying */
 	dispatch_set(SSH2_MSG_KEXINIT, &kex_input_kexinit);
 }
-void
+static void
 server_init_dispatch_13(void)
 {
 	debug("server_init_dispatch_13");
@ -962,7 +964,7 @@ server_init_dispatch_13(void)
 	dispatch_set(SSH_MSG_CHANNEL_OPEN_FAILURE, &channel_input_open_failure);
 	dispatch_set(SSH_MSG_PORT_OPEN, &channel_input_port_open);
 }
-void
+static void
 server_init_dispatch_15(void)
 {
 	server_init_dispatch_13();
@ -970,7 +972,7 @@ server_init_dispatch_15(void)
 	dispatch_set(SSH_MSG_CHANNEL_CLOSE, &channel_input_ieof);
 	dispatch_set(SSH_MSG_CHANNEL_CLOSE_CONFIRMATION, &channel_input_oclose);
 }
-void
+static void
 server_init_dispatch(void)
 {
 	if (compat20)
--- a/session.c
+++ b/session.c
@ -33,7 +33,7 @@
 */
 #include "includes.h"
-RCSID("$OpenBSD: session.c,v 1.93 2001/06/21 21:08:25 markus Exp $");
+RCSID("$OpenBSD: session.c,v 1.94 2001/06/23 15:12:20 itojun Exp $");
 #include "ssh.h"
 #include "ssh1.h"
@ -120,25 +120,22 @@ struct Session {
 /* func */
 Session *session_new(void);
-void	session_set_fds(Session *s, int fdin, int fdout, int fderr);
+void  session_set_fds(Session *, int, int, int);
-void	session_pty_cleanup(void *session);
+static void   session_pty_cleanup(void *);
-int	session_pty_req(Session *s);
+void  session_proctitle(Session *);
-void	session_proctitle(Session *s);
+int   session_setup_x11fwd(Session *);
-int	session_setup_x11fwd(Session *s);
+void  do_exec_pty(Session *, const char *);
-void	session_close(Session *s);
+void  do_exec_no_pty(Session *, const char *);
-void	do_exec_pty(Session *s, const char *command);
+void  do_exec(Session *, const char *);
-void	do_exec_no_pty(Session *s, const char *command);
+void  do_login(Session *, const char *);
-void	do_exec(Session *s, const char *command);
+void  do_child(Session *, const char *);
 void	do_login(Session *s, const char *command);
 #ifdef LOGIN_NEEDS_UTMPX
 void	do_pre_login(Session *s);
 #endif
 void	do_child(Session *s, const char *command);
 void	do_motd(void);
 int	check_quietlogin(Session *s, const char *command);
-void	do_authenticated1(Authctxt *authctxt);
+static void do_authenticated1(Authctxt *);
-void	do_authenticated2(Authctxt *authctxt);
+static void do_authenticated2(Authctxt *);
 static void session_close(Session *);
 static int session_pty_req(Session *);
 /* import */
 extern ServerOptions options;
@ -209,7 +206,7 @@ do_authenticated(Authctxt *authctxt)
 * terminals are allocated, X11, TCP/IP, and authentication agent forwardings
 * are requested, etc.
 */
-void
+static void
 do_authenticated1(Authctxt *authctxt)
 {
 	Session *s;
@ -738,7 +735,7 @@ check_quietlogin(Session *s, const char *command)
 * Sets the value of the given variable in the environment.  If the variable
 * already exists, its value is overriden.
 */
-void
+static void
 child_set_env(char ***envp, u_int *envsizep, const char *name,
 	      const char *value)
 {
@ -779,7 +776,7 @@ child_set_env(char ***envp, u_int *envsizep, const char *name,
 * Otherwise, it must consist of empty lines, comments (line starts with '#')
 * and assignments of the form name=value.  No other forms are allowed.
 */
-void
+static void
 read_environment_file(char ***env, u_int *envsize,
 		      const char *filename)
 {
@ -1488,7 +1485,7 @@ session_new(void)
 	return NULL;
 }
-void
+static void
 session_dump(void)
 {
 	int i;
@ -1520,7 +1517,7 @@ session_open(int chanid)
 	return 1;
 }
-Session *
+static Session *
 session_by_channel(int id)
 {
 	int i;
@ -1536,7 +1533,7 @@ session_by_channel(int id)
 	return NULL;
 }
-Session *
+static Session *
 session_by_pid(pid_t pid)
 {
 	int i;
@ -1551,7 +1548,7 @@ session_by_pid(pid_t pid)
 	return NULL;
 }
-int
+static int
 session_window_change_req(Session *s)
 {
 	s->col = packet_get_int();
@ -1563,7 +1560,7 @@ session_window_change_req(Session *s)
 	return 1;
 }
-int
+static int
 session_pty_req(Session *s)
 {
 	u_int len;
@ -1628,7 +1625,7 @@ session_pty_req(Session *s)
 	return 1;
 }
-int
+static int
 session_subsystem_req(Session *s)
 {
 	u_int len;
@ -1655,7 +1652,7 @@ session_subsystem_req(Session *s)
 	return success;
 }
-int
+static int
 session_x11_req(Session *s)
 {
 	int success;
@ -1676,7 +1673,7 @@ session_x11_req(Session *s)
 	return success;
 }
-int
+static int
 session_shell_req(Session *s)
 {
 	packet_done();
@ -1684,7 +1681,7 @@ session_shell_req(Session *s)
 	return 1;
 }
-int
+static int
 session_exec_req(Session *s)
 {
 	u_int len;
@ -1695,7 +1692,7 @@ session_exec_req(Session *s)
 	return 1;
 }
-int
+static int
 session_auth_agent_req(Session *s)
 {
 	static int called = 0;
@ -1788,7 +1785,7 @@ session_set_fds(Session *s, int fdin, int fdout, int fderr)
 * Function to perform pty cleanup. Also called if we get aborted abnormally
 * (e.g., due to a dropped connection).
 */
-void
+static void
 session_pty_cleanup(void *session)
 {
 	Session *s = session;
@ -1818,7 +1815,7 @@ session_pty_cleanup(void *session)
 		error("close(s->ptymaster): %s", strerror(errno));
 }
-void
+static void
 session_exit_message(Session *s, int status)
 {
 	Channel *c;
@ -1867,7 +1864,7 @@ session_exit_message(Session *s, int status)
 	s->chanid = -1;
 }
-void
+static void
 session_close(Session *s)
 {
 	debug("session_close: session %d pid %d", s->self, s->pid);
@ -1928,7 +1925,7 @@ session_close_by_channel(int id, void *arg)
 	}
 }
-char *
+static char *
 session_tty_list(void)
 {
 	static char buf[1024];
@ -1991,7 +1988,7 @@ session_setup_x11fwd(Session *s)
 	return 1;
 }
-void
+static void
 do_authenticated2(Authctxt *authctxt)
 {
 	server_loop2();
--- a/sftp-client.c
+++ b/sftp-client.c
@ -29,7 +29,7 @@
 /* XXX: copy between two remote sites */
 #include "includes.h"
-RCSID("$OpenBSD: sftp-client.c,v 1.16 2001/04/05 10:42:52 markus Exp $");
+RCSID("$OpenBSD: sftp-client.c,v 1.17 2001/06/23 15:12:20 itojun Exp $");
 #include "ssh.h"
 #include "buffer.h"
@ -51,7 +51,7 @@ RCSID("$OpenBSD: sftp-client.c,v 1.16 2001/04/05 10:42:52 markus Exp $");
 /* Message ID */
 static u_int msg_id = 1;
-void
+static void
 send_msg(int fd, Buffer *m)
 {
 	int mlen = buffer_len(m);
@ -70,7 +70,7 @@ send_msg(int fd, Buffer *m)
 	buffer_free(&oqueue);
 }
-void
+static void
 get_msg(int fd, Buffer *m)
 {
 	u_int len, msg_len;
@ -98,7 +98,7 @@ get_msg(int fd, Buffer *m)
 	}
 }
-void
+static void
 send_string_request(int fd, u_int id, u_int code, char *s,
    u_int len)
 {
@ -113,7 +113,7 @@ send_string_request(int fd, u_int id, u_int code, char *s,
 	buffer_free(&msg);
 }
-void
+static void
 send_string_attrs_request(int fd, u_int id, u_int code, char *s,
    u_int len, Attrib *a)
 {
@ -129,7 +129,7 @@ send_string_attrs_request(int fd, u_int id, u_int code, char *s,
 	buffer_free(&msg);
 }
-u_int
+static u_int
 get_status(int fd, int expected_id)
 {
 	Buffer msg;
@ -154,7 +154,7 @@ get_status(int fd, int expected_id)
 	return(status);
 }
-char *
+static char *
 get_handle(int fd, u_int expected_id, u_int *len)
 {
 	Buffer msg;
@ -183,7 +183,7 @@ get_handle(int fd, u_int expected_id, u_int *len)
 	return(handle);
 }
-Attrib *
+static Attrib *
 get_decode_stat(int fd, u_int expected_id, int quiet)
 {
 	Buffer msg;
@ -283,7 +283,7 @@ do_close(int fd_in, int fd_out, char *handle, u_int handle_len)
 }
-int
+static int
 do_lsreaddir(int fd_in, int fd_out, char *path, int printflag,
    SFTP_DIRENT ***dir)
 {
--- a/sftp-glob.c
+++ b/sftp-glob.c
@ -23,7 +23,7 @@
 */
 #include "includes.h"
-RCSID("$OpenBSD: sftp-glob.c,v 1.5 2001/04/15 08:43:46 markus Exp $");
+RCSID("$OpenBSD: sftp-glob.c,v 1.6 2001/06/23 15:12:20 itojun Exp $");
 #include "ssh.h"
 #include "buffer.h"
@ -49,7 +49,8 @@ static struct {
 	int fd_out;
 } cur;
-void *fudge_opendir(const char *path)
+static void *
 fudge_opendir(const char *path)
 {
 	struct SFTP_OPENDIR *r;
@ -63,7 +64,8 @@ void *fudge_opendir(const char *path)
 	return((void*)r);
 }
-struct dirent *fudge_readdir(struct SFTP_OPENDIR *od)
+static struct dirent *
 fudge_readdir(struct SFTP_OPENDIR *od)
 {
 	/* Solaris needs sizeof(dirent) + path length (see below) */
 	static char buf[sizeof(struct dirent) + MAXPATHLEN];
@ -101,13 +103,15 @@ struct dirent *fudge_readdir(struct SFTP_OPENDIR *od)
 	return(ret);
 }
-void fudge_closedir(struct SFTP_OPENDIR *od)
+static void
 fudge_closedir(struct SFTP_OPENDIR *od)
 {
 	free_sftp_dirents(od->dir);
 	xfree(od);
 }
-void attrib_to_stat(Attrib *a, struct stat *st)
+static void
 attrib_to_stat(Attrib *a, struct stat *st)
 {
 	memset(st, 0, sizeof(*st));
@ -125,7 +129,8 @@ void attrib_to_stat(Attrib *a, struct stat *st)
 	}
 }
-int fudge_lstat(const char *path, struct stat *st)
+static int
 fudge_lstat(const char *path, struct stat *st)
 {
 	Attrib *a;
@ -137,7 +142,8 @@ int fudge_lstat(const char *path, struct stat *st)
 	return(0);
 }
-int fudge_stat(const char *path, struct stat *st)
+static int
 fudge_stat(const char *path, struct stat *st)
 {
 	Attrib *a;
--- a/sftp-int.c
+++ b/sftp-int.c
@ -26,7 +26,7 @@
 /* XXX: recursive operations */
 #include "includes.h"
-RCSID("$OpenBSD: sftp-int.c,v 1.36 2001/04/15 08:43:46 markus Exp $");
+RCSID("$OpenBSD: sftp-int.c,v 1.37 2001/06/23 15:12:20 itojun Exp $");
 #include "buffer.h"
 #include "xmalloc.h"
@ -111,7 +111,7 @@ const struct CMD cmds[] = {
 	{ NULL,			-1}
 };
-void
+static void
 help(void)
 {
 	printf("Available commands:\n");
@ -143,7 +143,7 @@ help(void)
 	printf("?                             Synonym for help\n");
 }
-void
+static void
 local_do_shell(const char *args)
 {
 	int status;
@ -180,7 +180,7 @@ local_do_shell(const char *args)
 		error("Shell exited with status %d", WEXITSTATUS(status));
 }
-void
+static void
 local_do_ls(const char *args)
 {
 	if (!args || !*args)
@ -196,7 +196,7 @@ local_do_ls(const char *args)
 	}
 }
-char *
+static char *
 path_append(char *p1, char *p2)
 {
 	char *ret;
@ -210,7 +210,7 @@ path_append(char *p1, char *p2)
 	return(ret);
 }
-char *
+static char *
 make_absolute(char *p, char *pwd)
 {
 	char *abs;
@ -224,7 +224,7 @@ make_absolute(char *p, char *pwd)
 		return(p);
 }
-int
+static int
 infer_path(const char *p, char **ifp)
 {
 	char *cp;
@ -244,7 +244,7 @@ infer_path(const char *p, char **ifp)
 	return(0);
 }
-int
+static int
 parse_getput_flags(const char **cpp, int *pflag)
 {
 	const char *cp = *cpp;
@ -267,7 +267,7 @@ parse_getput_flags(const char **cpp, int *pflag)
 	return(0);
 }
-int
+static int
 get_pathname(const char **cpp, char **path)
 {
 	const char *cp = *cpp, *end;
@ -315,7 +315,7 @@ get_pathname(const char **cpp, char **path)
 	return (-1);
 }
-int
+static int
 is_dir(char *path)
 {
 	struct stat sb;
@ -327,7 +327,7 @@ is_dir(char *path)
 	return(sb.st_mode & S_IFDIR);
 }
-int
+static int
 remote_is_dir(int in, int out, char *path)
 {
 	Attrib *a;
@ -340,7 +340,7 @@ remote_is_dir(int in, int out, char *path)
 	return(a->perm & S_IFDIR);
 }
-int
+static int
 process_get(int in, int out, char *src, char *dst, char *pwd, int pflag)
 {
 	char *abs_src = NULL;
@ -417,7 +417,7 @@ out:
 	return(err);
 }
-int
+static int
 process_put(int in, int out, char *src, char *dst, char *pwd, int pflag)
 {
 	char *tmp_dst = NULL;
@ -497,7 +497,7 @@ out:
 	return(err);
 }
-int
+static int
 parse_args(const char **cpp, int *pflag, unsigned long *n_arg,
    char **path1, char **path2)
 {
@ -642,7 +642,7 @@ parse_args(const char **cpp, int *pflag, unsigned long *n_arg,
 	return(cmdnum);
 }
-int
+static int
 parse_dispatch_command(int in, int out, const char *cmd, char **pwd)
 {
 	char *path1, *path2, *tmp;
--- a/sftp-server.c
+++ b/sftp-server.c
@ -22,7 +22,7 @@
 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 */
 #include "includes.h"
-RCSID("$OpenBSD: sftp-server.c,v 1.27 2001/06/22 22:21:20 markus Exp $");
+RCSID("$OpenBSD: sftp-server.c,v 1.28 2001/06/23 15:12:20 itojun Exp $");
 #include "buffer.h"
 #include "bufaux.h"
@ -62,7 +62,7 @@ struct Stat {
 	Attrib attrib;
 };
-int
+static int
 errno_to_portable(int unixerrno)
 {
 	int ret = 0;
@ -93,7 +93,7 @@ errno_to_portable(int unixerrno)
 	return ret;
 }
-int
+static int
 flags_from_portable(int pflags)
 {
 	int flags = 0;
@ -115,7 +115,7 @@ flags_from_portable(int pflags)
 	return flags;
 }
-Attrib *
+static Attrib *
 get_attrib(void)
 {
 	return decode_attrib(&iqueue);
@ -139,7 +139,7 @@ enum {
 Handle	handles[100];
-void
+static void
 handle_init(void)
 {
 	int i;
@ -148,7 +148,7 @@ handle_init(void)
 		handles[i].use = HANDLE_UNUSED;
 }
-int
+static int
 handle_new(int use, char *name, int fd, DIR *dirp)
 {
 	int i;
@ -165,14 +165,14 @@ handle_new(int use, char *name, int fd, DIR *dirp)
 	return -1;
 }
-int
+static int
 handle_is_ok(int i, int type)
 {
 	return i >= 0 && i < sizeof(handles)/sizeof(Handle) &&
 	    handles[i].use == type;
 }
-int
+static int
 handle_to_string(int handle, char **stringp, int *hlenp)
 {
 	if (stringp == NULL || hlenp == NULL)
@ -183,7 +183,7 @@ handle_to_string(int handle, char **stringp, int *hlenp)
 	return 0;
 }
-int
+static int
 handle_from_string(char *handle, u_int hlen)
 {
 	int val;
@ -197,7 +197,7 @@ handle_from_string(char *handle, u_int hlen)
 	return -1;
 }
-char *
+static char *
 handle_to_name(int handle)
 {
 	if (handle_is_ok(handle, HANDLE_DIR)||
@ -206,7 +206,7 @@ handle_to_name(int handle)
 	return NULL;
 }
-DIR *
+static DIR *
 handle_to_dir(int handle)
 {
 	if (handle_is_ok(handle, HANDLE_DIR))
@ -214,7 +214,7 @@ handle_to_dir(int handle)
 	return NULL;
 }
-int
+static int
 handle_to_fd(int handle)
 {
 	if (handle_is_ok(handle, HANDLE_FILE))
@ -222,7 +222,7 @@ handle_to_fd(int handle)
 	return -1;
 }
-int
+static int
 handle_close(int handle)
 {
 	int ret = -1;
@ -239,7 +239,7 @@ handle_close(int handle)
 	return ret;
 }
-int
+static int
 get_handle(void)
 {
 	char *handle;
@ -255,7 +255,7 @@ get_handle(void)
 /* send replies */
-void
+static void
 send_msg(Buffer *m)
 {
 	int mlen = buffer_len(m);
@ -265,7 +265,7 @@ send_msg(Buffer *m)
 	buffer_consume(m, mlen);
 }
-void
+static void
 send_status(u_int32_t id, u_int32_t error)
 {
 	Buffer msg;
@ -295,7 +295,7 @@ send_status(u_int32_t id, u_int32_t error)
 	send_msg(&msg);
 	buffer_free(&msg);
 }
-void
+static void
 send_data_or_handle(char type, u_int32_t id, char *data, int dlen)
 {
 	Buffer msg;
@ -308,14 +308,14 @@ send_data_or_handle(char type, u_int32_t id, char *data, int dlen)
 	buffer_free(&msg);
 }
-void
+static void
 send_data(u_int32_t id, char *data, int dlen)
 {
 	TRACE("sent data id %d len %d", id, dlen);
 	send_data_or_handle(SSH2_FXP_DATA, id, data, dlen);
 }
-void
+static void
 send_handle(u_int32_t id, int handle)
 {
 	char *string;
@ -327,7 +327,7 @@ send_handle(u_int32_t id, int handle)
 	xfree(string);
 }
-void
+static void
 send_names(u_int32_t id, int count, Stat *stats)
 {
 	Buffer msg;
@ -347,7 +347,7 @@ send_names(u_int32_t id, int count, Stat *stats)
 	buffer_free(&msg);
 }
-void
+static void
 send_attrib(u_int32_t id, Attrib *a)
 {
 	Buffer msg;
@ -363,7 +363,7 @@ send_attrib(u_int32_t id, Attrib *a)
 /* parse incoming */
-void
+static void
 process_init(void)
 {
 	Buffer msg;
@ -377,7 +377,7 @@ process_init(void)
 	buffer_free(&msg);
 }
-void
+static void
 process_open(void)
 {
 	u_int32_t id, pflags;
@ -409,7 +409,7 @@ process_open(void)
 	xfree(name);
 }
-void
+static void
 process_close(void)
 {
 	u_int32_t id;
@ -423,7 +423,7 @@ process_close(void)
 	send_status(id, status);
 }
-void
+static void
 process_read(void)
 {
 	char buf[64*1024];
@ -463,7 +463,7 @@ process_read(void)
 		send_status(id, status);
 }
-void
+static void
 process_write(void)
 {
 	u_int32_t id;
@ -501,7 +501,7 @@ process_write(void)
 	xfree(data);
 }
-void
+static void
 process_do_stat(int do_lstat)
 {
 	Attrib a;
@ -526,19 +526,19 @@ process_do_stat(int do_lstat)
 	xfree(name);
 }
-void
+static void
 process_stat(void)
 {
 	process_do_stat(0);
 }
-void
+static void
 process_lstat(void)
 {
 	process_do_stat(1);
 }
-void
+static void
 process_fstat(void)
 {
 	Attrib a;
@ -564,7 +564,7 @@ process_fstat(void)
 		send_status(id, status);
 }
-struct timeval *
+static struct timeval *
 attrib_to_tv(Attrib *a)
 {
 	static struct timeval tv[2];
@ -576,7 +576,7 @@ attrib_to_tv(Attrib *a)
 	return tv;
 }
-void
+static void
 process_setstat(void)
 {
 	Attrib *a;
@ -608,7 +608,7 @@ process_setstat(void)
 	xfree(name);
 }
-void
+static void
 process_fsetstat(void)
 {
 	Attrib *a;
@ -657,7 +657,7 @@ process_fsetstat(void)
 	send_status(id, status);
 }
-void
+static void
 process_opendir(void)
 {
 	DIR *dirp = NULL;
@ -689,7 +689,7 @@ process_opendir(void)
 /*
 * drwxr-xr-x    5 markus   markus       1024 Jan 13 18:39 .ssh
 */
-char *
+static char *
 ls_file(char *name, struct stat *st)
 {
 	int ulen, glen, sz = 0;
@ -728,7 +728,7 @@ ls_file(char *name, struct stat *st)
 	return xstrdup(buf);
 }
-void
+static void
 process_readdir(void)
 {
 	DIR *dirp;
@ -782,7 +782,7 @@ process_readdir(void)
 	}
 }
-void
+static void
 process_remove(void)
 {
 	char *name;
@ -799,7 +799,7 @@ process_remove(void)
 	xfree(name);
 }
-void
+static void
 process_mkdir(void)
 {
 	Attrib *a;
@ -819,7 +819,7 @@ process_mkdir(void)
 	xfree(name);
 }
-void
+static void
 process_rmdir(void)
 {
 	u_int32_t id;
@ -835,7 +835,7 @@ process_rmdir(void)
 	xfree(name);
 }
-void
+static void
 process_realpath(void)
 {
 	char resolvedname[MAXPATHLEN];
@ -860,7 +860,7 @@ process_realpath(void)
 	xfree(path);
 }
-void
+static void
 process_rename(void)
 {
 	u_int32_t id;
@ -882,7 +882,7 @@ process_rename(void)
 	xfree(newpath);
 }
-void
+static void
 process_readlink(void)
 {
 	u_int32_t id;
@ -906,7 +906,7 @@ process_readlink(void)
 	xfree(path);
 }
-void
+static void
 process_symlink(void)
 {
 	u_int32_t id;
@ -928,7 +928,7 @@ process_symlink(void)
 	xfree(newpath);
 }
-void
+static void
 process_extended(void)
 {
 	u_int32_t id;
@ -942,7 +942,7 @@ process_extended(void)
 /* stolen from ssh-agent */
-void
+static void
 process(void)
 {
 	u_int msg_len;
--- a/sftp.c
+++ b/sftp.c
@ -24,7 +24,7 @@
 #include "includes.h"
-RCSID("$OpenBSD: sftp.c,v 1.17 2001/05/08 19:45:25 mouring Exp $");
+RCSID("$OpenBSD: sftp.c,v 1.18 2001/06/23 15:12:20 itojun Exp $");
 /* XXX: commandline mode */
 /* XXX: short-form remote directory listings (like 'ls -C') */
@ -49,7 +49,7 @@ char *__progname;
 char *ssh_program = _PATH_SSH_PROGRAM;
 FILE* infile;
-void
+static void
 connect_to_server(char **args, int *in, int *out, pid_t *sshpid)
 {
 	int c_in, c_out;
@ -90,7 +90,7 @@ connect_to_server(char **args, int *in, int *out, pid_t *sshpid)
 	close(c_out);
 }
-void
+static void
 usage(void)
 {
 	fprintf(stderr, "usage: sftp [-1vC] [-b batchfile] [-osshopt=value] [user@]host[:file [file]]\n");
--- a/ssh-add.c
+++ b/ssh-add.c
@ -35,7 +35,7 @@
 */
 #include "includes.h"
-RCSID("$OpenBSD: ssh-add.c,v 1.38 2001/06/06 23:19:35 markus Exp $");
+RCSID("$OpenBSD: ssh-add.c,v 1.39 2001/06/23 15:12:20 itojun Exp $");
 #include <openssl/evp.h>
@ -57,7 +57,7 @@ char *__progname;
 /* we keep a cache of one passphrases */
 static char *pass = NULL;
-void
+static void
 clear_pass(void)
 {
 	if (pass) {
@ -67,7 +67,7 @@ clear_pass(void)
 	}
 }
-void
+static void
 delete_file(AuthenticationConnection *ac, const char *filename)
 {
 	Key *public;
@ -87,7 +87,7 @@ delete_file(AuthenticationConnection *ac, const char *filename)
 }
 /* Send a request to remove all identities. */
-void
+static void
 delete_all(AuthenticationConnection *ac)
 {
 	int success = 1;
@ -103,7 +103,7 @@ delete_all(AuthenticationConnection *ac)
 		fprintf(stderr, "Failed to remove all identities.\n");
 }
-void
+static void
 add_file(AuthenticationConnection *ac, const char *filename)
 {
 	struct stat st;
@ -149,7 +149,7 @@ add_file(AuthenticationConnection *ac, const char *filename)
 	key_free(private);
 }
-void
+static void
 list_identities(AuthenticationConnection *ac, int do_fp)
 {
 	Key *key;
--- a/ssh-agent.c
+++ b/ssh-agent.c
@ -1,4 +1,4 @@
-/*	$OpenBSD: ssh-agent.c,v 1.54 2001/04/03 13:56:11 stevesk Exp $	*/
+/*	$OpenBSD: ssh-agent.c,v 1.55 2001/06/23 15:12:20 itojun Exp $	*/
 /*
 * Author: Tatu Ylonen <ylo@cs.hut.fi>
@ -37,7 +37,7 @@
 */
 #include "includes.h"
-RCSID("$OpenBSD: ssh-agent.c,v 1.54 2001/04/03 13:56:11 stevesk Exp $");
+RCSID("$OpenBSD: ssh-agent.c,v 1.55 2001/06/23 15:12:20 itojun Exp $");
 #include <openssl/evp.h>
 #include <openssl/md5.h>
@ -97,9 +97,7 @@ extern char *__progname;
 char *__progname;
 #endif
-int	prepare_select(fd_set **, fd_set **, int *);
+static void
 void
 idtab_init(void)
 {
 	int i;
@ -110,7 +108,7 @@ idtab_init(void)
 }
 /* return private key table for requested protocol version */
-Idtab *
+static Idtab *
 idtab_lookup(int version)
 {
 	if (version < 1 || version > 2)
@ -119,7 +117,7 @@ idtab_lookup(int version)
 }
 /* return matching private key for given public key */
-Key *
+static Key *
 lookup_private_key(Key *key, int *idx, int version)
 {
 	int i;
@ -135,7 +133,7 @@ lookup_private_key(Key *key, int *idx, int version)
 }
 /* send list of supported public keys to 'client' */
-void
+static void
 process_request_identities(SocketEntry *e, int version)
 {
 	Idtab *tab = idtab_lookup(version);
@ -167,7 +165,7 @@ process_request_identities(SocketEntry *e, int version)
 }
 /* ssh1 only */
-void
+static void
 process_authentication_challenge1(SocketEntry *e)
 {
 	Key *key, *private;
@ -233,7 +231,7 @@ send:
 }
 /* ssh2 only */
-void
+static void
 process_sign_request2(SocketEntry *e)
 {
 	extern int datafellows;
@ -278,7 +276,7 @@ process_sign_request2(SocketEntry *e)
 }
 /* shared */
-void
+static void
 process_remove_identity(SocketEntry *e, int version)
 {
 	Key *key = NULL, *private;
@ -339,7 +337,7 @@ process_remove_identity(SocketEntry *e, int version)
 	    success ? SSH_AGENT_SUCCESS : SSH_AGENT_FAILURE);
 }
-void
+static void
 process_remove_all_identities(SocketEntry *e, int version)
 {
 	u_int i;
@ -360,7 +358,7 @@ process_remove_all_identities(SocketEntry *e, int version)
 	return;
 }
-void
+static void
 process_add_identity(SocketEntry *e, int version)
 {
 	Key *k = NULL;
@ -444,7 +442,7 @@ send:
 /* dispatch incoming messages */
-void
+static void
 process_message(SocketEntry *e)
 {
 	u_int msg_len;
@ -508,7 +506,7 @@ process_message(SocketEntry *e)
 	}
 }
-void
+static void
 new_socket(int type, int fd)
 {
 	u_int i, old_alloc;
@ -540,7 +538,7 @@ new_socket(int type, int fd)
 	buffer_init(&sockets[old_alloc].output);
 }
-int
+static int
 prepare_select(fd_set **fdrp, fd_set **fdwp, int *fdl)
 {
 	u_int i, sz;
@ -588,7 +586,7 @@ prepare_select(fd_set **fdrp, fd_set **fdwp, int *fdl)
 	return (1);
 }
-void
+static void
 after_select(fd_set *readset, fd_set *writeset)
 {
 	u_int i;
@ -660,7 +658,7 @@ after_select(fd_set *readset, fd_set *writeset)
 		}
 }
-void
+static void
 check_parent_exists(int sig)
 {
 	int save_errno = errno;
@ -674,7 +672,7 @@ check_parent_exists(int sig)
 	errno = save_errno;
 }
-void
+static void
 cleanup_socket(void)
 {
 	if (socket_name[0])
@ -683,21 +681,21 @@ cleanup_socket(void)
 		rmdir(socket_dir);
 }
-void
+static void
 cleanup_exit(int i)
 {
 	cleanup_socket();
 	exit(i);
 }
-void
+static void
 cleanup_handler(int sig)
 {
 	cleanup_socket();
 	_exit(2);
 }
-void
+static void
 usage(void)
 {
 	fprintf(stderr, "ssh-agent version %s\n", SSH_VERSION);
--- a/ssh-keygen.c
+++ b/ssh-keygen.c
@ -12,7 +12,7 @@
 */
 #include "includes.h"
-RCSID("$OpenBSD: ssh-keygen.c,v 1.62 2001/06/23 06:41:10 markus Exp $");
+RCSID("$OpenBSD: ssh-keygen.c,v 1.63 2001/06/23 15:12:20 itojun Exp $");
 #include <openssl/evp.h>
 #include <openssl/pem.h>
@ -79,7 +79,7 @@ char *__progname;
 char hostname[MAXHOSTNAMELEN];
-void
+static void
 ask_filename(struct passwd *pw, const char *prompt)
 {
 	char buf[1024];
@ -112,7 +112,7 @@ ask_filename(struct passwd *pw, const char *prompt)
 	have_identity = 1;
 }
-Key *
+static Key *
 load_identity(char *filename)
 {
 	char *pass;
@ -136,7 +136,7 @@ load_identity(char *filename)
 #define SSH_COM_PRIVATE_BEGIN		"---- BEGIN SSH2 ENCRYPTED PRIVATE KEY ----"
 #define	SSH_COM_PRIVATE_KEY_MAGIC	0x3f6ff9eb
-void
+static void
 do_convert_to_ssh2(struct passwd *pw)
 {
 	Key *k;
@ -169,7 +169,7 @@ do_convert_to_ssh2(struct passwd *pw)
 	exit(0);
 }
-void
+static void
 buffer_get_bignum_bits(Buffer *b, BIGNUM *value)
 {
 	int bits = buffer_get_int(b);
@ -182,7 +182,7 @@ buffer_get_bignum_bits(Buffer *b, BIGNUM *value)
 	buffer_consume(b, bytes);
 }
-Key *
+static Key *
 do_convert_private_ssh2_from_blob(char *blob, int blen)
 {
 	Buffer b;
@ -277,7 +277,7 @@ do_convert_private_ssh2_from_blob(char *blob, int blen)
 	return key;
 }
-void
+static void
 do_convert_from_ssh2(struct passwd *pw)
 {
 	Key *k;
@ -350,7 +350,7 @@ do_convert_from_ssh2(struct passwd *pw)
 	exit(0);
 }
-void
+static void
 do_print_public(struct passwd *pw)
 {
 	Key *prv;
@ -374,7 +374,7 @@ do_print_public(struct passwd *pw)
 	exit(0);
 }
-void
+static void
 do_fingerprint(struct passwd *pw)
 {
 	FILE *f;
@ -471,7 +471,7 @@ do_fingerprint(struct passwd *pw)
 * Perform changing a passphrase.  The argument is the passwd structure
 * for the current user.
 */
-void
+static void
 do_change_passphrase(struct passwd *pw)
 {
 	char *comment;
@ -547,7 +547,7 @@ do_change_passphrase(struct passwd *pw)
 /*
 * Change the comment of a private key file.
 */
-void
+static void
 do_change_comment(struct passwd *pw)
 {
 	char new_comment[1024], *comment, *passphrase;
@ -640,7 +640,7 @@ do_change_comment(struct passwd *pw)
 	exit(0);
 }
-void
+static void
 usage(void)
 {
 	printf("Usage: %s [-ceilpqyB] [-t type] [-b bits] [-f file] [-C comment] "
--- a/ssh-keyscan.c
+++ b/ssh-keyscan.c
@ -7,7 +7,7 @@
 */
 #include "includes.h"
-RCSID("$OpenBSD: ssh-keyscan.c,v 1.23 2001/06/05 05:05:39 pvalchev Exp $");
+RCSID("$OpenBSD: ssh-keyscan.c,v 1.24 2001/06/23 15:12:20 itojun Exp $");
 #if defined(HAVE_SYS_QUEUE_H) && !defined(HAVE_BOGUS_SYS_QUEUE_H)
 #include <sys/queue.h>
@ -90,7 +90,7 @@ typedef struct {
 	void (*errfun) (const char *,...);
 } Linebuf;
-Linebuf *
+static Linebuf *
 Linebuf_alloc(const char *filename, void (*errfun) (const char *,...))
 {
 	Linebuf *lb;
@ -124,7 +124,7 @@ Linebuf_alloc(const char *filename, void (*errfun) (const char *,...))
 	return (lb);
 }
-void
+static void
 Linebuf_free(Linebuf * lb)
 {
 	fclose(lb->stream);
@ -132,7 +132,8 @@ Linebuf_free(Linebuf * lb)
 	xfree(lb);
 }
-void
+#if 0
 static void
 Linebuf_restart(Linebuf * lb)
 {
 	clearerr(lb->stream);
@ -140,13 +141,14 @@ Linebuf_restart(Linebuf * lb)
 	lb->lineno = 0;
 }
-int
+static int
 Linebuf_lineno(Linebuf * lb)
 {
 	return (lb->lineno);
 }
 #endif
-char *
+static char *
 Linebuf_getline(Linebuf * lb)
 {
 	int n = 0;
@ -183,7 +185,7 @@ Linebuf_getline(Linebuf * lb)
 	}
 }
-int
+static int
 fdlim_get(int hard)
 {
 #if defined(HAVE_GETRLIMIT) && defined(RLIMIT_NOFILE)
@ -202,7 +204,7 @@ fdlim_get(int hard)
 #endif
 }
-int
+static int
 fdlim_set(int lim)
 {
 #if defined(HAVE_SETRLIMIT) && defined(RLIMIT_NOFILE)
@ -227,7 +229,7 @@ fdlim_set(int lim)
 * separators.  This is the same as the 4.4BSD strsep, but different from the
 * one in the GNU libc.
 */
-char *
+static char *
 xstrsep(char **str, const char *delim)
 {
 	char *s, *e;
@ -249,7 +251,7 @@ xstrsep(char **str, const char *delim)
 * Get the next non-null token (like GNU strsep).  Strsep() will return a
 * null token for two adjacent separators, so we may have to loop.
 */
-char *
+static char *
 strnnsep(char **stringp, char *delim)
 {
 	char *tok;
@ -260,7 +262,7 @@ strnnsep(char **stringp, char *delim)
 	return (tok);
 }
-void
+static void
 keyprint(char *host, char *output_name, char *kd, int len)
 {
 	static Key *rsa;
@ -295,7 +297,7 @@ keyprint(char *host, char *output_name, char *kd, int len)
 	fputs("\n", stdout);
 }
-int
+static int
 tcpconnect(char *host)
 {
 	struct addrinfo hints, *ai, *aitop;
@ -328,7 +330,7 @@ tcpconnect(char *host)
 	return s;
 }
-int
+static int
 conalloc(char *iname, char *oname)
 {
 	int s;
@ -366,7 +368,7 @@ conalloc(char *iname, char *oname)
 	return (s);
 }
-void
+static void
 confree(int s)
 {
 	if (s >= maxfd || fdcon[s].c_status == CS_UNUSED)
@ -382,7 +384,7 @@ confree(int s)
 	ncon--;
 }
-void
+static void
 contouch(int s)
 {
 	TAILQ_REMOVE(&tq, &fdcon[s], c_link);
@ -391,7 +393,7 @@ contouch(int s)
 	TAILQ_INSERT_TAIL(&tq, &fdcon[s], c_link);
 }
-int
+static int
 conrecycle(int s)
 {
 	int ret;
@ -407,7 +409,7 @@ conrecycle(int s)
 	return (ret);
 }
-void
+static void
 congreet(int s)
 {
 	char buf[80], *cp;
@ -442,7 +444,7 @@ congreet(int s)
 	contouch(s);
 }
-void
+static void
 conread(int s)
 {
 	int n;
@ -482,7 +484,7 @@ conread(int s)
 	contouch(s);
 }
-void
+static void
 conloop(void)
 {
 	fd_set *r, *e;
@ -534,7 +536,7 @@ conloop(void)
 	}
 }
-char *
+static char *
 nexthost(int argc, char **argv)
 {
 	static Linebuf *lb;
@ -577,7 +579,7 @@ nexthost(int argc, char **argv)
 	}
 }
-void
+static void
 usage(void)
 {
 	fatal("usage: %s [-t timeout] { [--] host | -f file } ...", __progname);
--- a/ssh.c
+++ b/ssh.c
@ -39,7 +39,7 @@
 */
 #include "includes.h"
-RCSID("$OpenBSD: ssh.c,v 1.125 2001/06/22 23:35:21 markus Exp $");
+RCSID("$OpenBSD: ssh.c,v 1.126 2001/06/23 15:12:21 itojun Exp $");
 #include <openssl/evp.h>
 #include <openssl/err.h>
@ -148,7 +148,7 @@ int subsystem_flag = 0;
 /* Prints a help message to the user.  This function never returns. */
-void
+static void
 usage(void)
 {
 	fprintf(stderr, "Usage: %s [options] host [command]\n", __progname);
@ -198,7 +198,7 @@ usage(void)
 * Connects to the given host using rsh (or prints an error message and exits
 * if rsh is not available).  This function never returns.
 */
-void
+static void
 rsh_connect(char *host, char *user, Buffer * command)
 {
 	char *args[10];
@ -232,9 +232,9 @@ rsh_connect(char *host, char *user, Buffer * command)
 	exit(1);
 }
-int	ssh_session(void);
+static int ssh_session(void);
-int	ssh_session2(void);
+static int ssh_session2(void);
-void	load_public_identity_files(void);
+static void load_public_identity_files(void);
 /*
 * Main program for the ssh client.
@ -742,7 +742,7 @@ main(int ac, char **av)
 	return exit_status;
 }
-void
+static void
 x11_get_proto(char *proto, int proto_len, char *data, int data_len)
 {
 	char line[512];
@ -781,7 +781,7 @@ x11_get_proto(char *proto, int proto_len, char *data, int data_len)
 	}
 }
-void
+static void
 ssh_init_forwarding(void)
 {
 	int success = 0;
@ -815,7 +815,7 @@ ssh_init_forwarding(void)
 	}
 }
-void
+static void
 check_agent_present(void)
 {
 	if (options.forward_agent) {
@ -828,7 +828,7 @@ check_agent_present(void)
 	}
 }
-int
+static int
 ssh_session(void)
 {
 	int type;
@ -966,7 +966,7 @@ ssh_session(void)
 	    options.escape_char : SSH_ESCAPECHAR_NONE, 0);
 }
-void
+static void
 client_subsystem_reply(int type, int plen, void *ctxt)
 {
 	int id, len;
@ -981,7 +981,7 @@ client_subsystem_reply(int type, int plen, void *ctxt)
 		    len, buffer_ptr(&command), id);
 }
-void
+static void
 ssh_session2_callback(int id, void *arg)
 {
 	int len;
@ -1057,7 +1057,7 @@ ssh_session2_callback(int id, void *arg)
 	packet_set_interactive(interactive);
 }
-int
+static int
 ssh_session2_command(void)
 {
 	Channel *c;
@ -1104,7 +1104,7 @@ ssh_session2_command(void)
 	return c->self;
 }
-int
+static int
 ssh_session2(void)
 {
 	int id;
@ -1123,7 +1123,7 @@ ssh_session2(void)
 	    options.escape_char : SSH_ESCAPECHAR_NONE, id);
 }
-void
+static void
 load_public_identity_files(void)
 {
 	char *filename;
--- a/sshconnect.c
+++ b/sshconnect.c
@ -13,7 +13,7 @@
 */
 #include "includes.h"
-RCSID("$OpenBSD: sshconnect.c,v 1.108 2001/06/23 02:34:31 markus Exp $");
+RCSID("$OpenBSD: sshconnect.c,v 1.109 2001/06/23 15:12:21 itojun Exp $");
 #include <openssl/bn.h>
@ -44,7 +44,7 @@ extern int IPv4or6;
 /*
 * Connect to the given ssh server using a proxy command.
 */
-int
+static int
 ssh_proxy_connect(const char *host, u_short port, struct passwd *pw,
 		  const char *proxy_command)
 {
@ -144,7 +144,7 @@ ssh_proxy_connect(const char *host, u_short port, struct passwd *pw,
 /*
 * Creates a (possibly privileged) socket for use as the ssh connection.
 */
-int
+static int
 ssh_create_socket(struct passwd *pw, int privileged, int family)
 {
 	int sock, gaierr;
@ -345,7 +345,7 @@ ssh_connect(const char *host, struct sockaddr_storage * hostaddr,
 * Waits for the server identification string, and sends our own
 * identification string.
 */
-void
+static void
 ssh_exchange_identification(void)
 {
 	char buf[256], remote_version[256];	/* must be same size! */
@ -444,7 +444,7 @@ ssh_exchange_identification(void)
 }
 /* defaults to 'no' */
-int
+static int
 read_yes_or_no(const char *prompt, int defval)
 {
 	char buf[1024];
@ -500,7 +500,7 @@ read_yes_or_no(const char *prompt, int defval)
 * is not valid. the user_hostfile will not be updated if 'readonly' is true.
 */
-int
+static int
 check_host_key(char *host, struct sockaddr *hostaddr, Key *host_key,
    int readonly, const char *user_hostfile, const char *system_hostfile)
 {
--- a/sshconnect1.c
+++ b/sshconnect1.c
@ -13,7 +13,7 @@
 */
 #include "includes.h"
-RCSID("$OpenBSD: sshconnect1.c,v 1.34 2001/06/23 02:34:32 markus Exp $");
+RCSID("$OpenBSD: sshconnect1.c,v 1.35 2001/06/23 15:12:21 itojun Exp $");
 #include <openssl/bn.h>
 #include <openssl/evp.h>
@ -55,7 +55,7 @@ extern char *__progname;
 * Checks if the user has an authentication agent, and if so, tries to
 * authenticate using the agent.
 */
-int
+static int
 try_agent_authentication(void)
 {
 	int type;
@ -155,7 +155,7 @@ try_agent_authentication(void)
 * Computes the proper response to a RSA challenge, and sends the response to
 * the server.
 */
-void
+static void
 respond_to_rsa_challenge(BIGNUM * challenge, RSA * prv)
 {
 	u_char buf[32], response[16];
@ -200,7 +200,7 @@ respond_to_rsa_challenge(BIGNUM * challenge, RSA * prv)
 * Checks if the user has authentication file, and if so, tries to authenticate
 * the user using it.
 */
-int
+static int
 try_rsa_authentication(const char *authfile)
 {
 	BIGNUM *challenge;
@ -321,7 +321,7 @@ try_rsa_authentication(const char *authfile)
 * Tries to authenticate the user using combined rhosts or /etc/hosts.equiv
 * authentication and RSA host authentication.
 */
-int
+static int
 try_rhosts_rsa_authentication(const char *local_user, Key * host_key)
 {
 	int type;
@ -379,7 +379,7 @@ try_rhosts_rsa_authentication(const char *local_user, Key * host_key)
 }
 #ifdef KRB4
-int
+static int
 try_kerberos_authentication(void)
 {
 	KTEXT_ST auth;		/* Kerberos data */
@ -496,7 +496,7 @@ try_kerberos_authentication(void)
 #endif /* KRB4 */
 #ifdef AFS
-int
+static int
 send_kerberos_tgt(void)
 {
 	CREDENTIALS *creds;
@ -541,7 +541,7 @@ send_kerberos_tgt(void)
 	return 1;
 }
-void
+static void
 send_afs_tokens(void)
 {
 	CREDENTIALS creds;
@ -615,7 +615,7 @@ send_afs_tokens(void)
 * Tries to authenticate with any string-based challenge/response system.
 * Note that the client code is not tied to s/key or TIS.
 */
-int
+static int
 try_challenge_response_authentication(void)
 {
 	int type, i;
@ -677,7 +677,7 @@ try_challenge_response_authentication(void)
 /*
 * Tries to authenticate with plain passwd authentication.
 */
-int
+static int
 try_password_authentication(char *prompt)
 {
 	int type, i, payload_len;
--- a/sshconnect2.c
+++ b/sshconnect2.c
@ -23,7 +23,7 @@
 */
 #include "includes.h"
-RCSID("$OpenBSD: sshconnect2.c,v 1.75 2001/06/23 02:34:33 markus Exp $");
+RCSID("$OpenBSD: sshconnect2.c,v 1.76 2001/06/23 15:12:21 itojun Exp $");
 #include <openssl/bn.h>
 #include <openssl/md5.h>
@ -72,7 +72,7 @@ struct sockaddr *xxx_hostaddr;
 Kex *xxx_kex = NULL;
-int
+static int
 verify_host_key_callback(Key *hostkey)
 {
 	if (verify_host_key(xxx_host, xxx_hostaddr, hostkey) == -1)
@ -188,14 +188,12 @@ int	userauth_hostbased(Authctxt *authctxt);
 void	userauth(Authctxt *authctxt, char *authlist);
-int
+static int sign_and_send_pubkey(Authctxt *, Key *, sign_cb_fn *);
-sign_and_send_pubkey(Authctxt *authctxt, Key *k,
+static void clear_auth_state(Authctxt *);
    sign_cb_fn *sign_callback);
 void	clear_auth_state(Authctxt *authctxt);
-Authmethod *authmethod_get(char *authlist);
+static Authmethod *authmethod_get(char *authlist);
-Authmethod *authmethod_lookup(const char *name);
+static Authmethod *authmethod_lookup(const char *name);
-char *authmethods_get(void);
+static char *authmethods_get(void);
 Authmethod authmethods[] = {
 	{"publickey",
@ -477,7 +475,7 @@ clear_auth_state(Authctxt *authctxt)
 	authctxt->last_key_sign = NULL;
 }
-int
+static int
 sign_and_send_pubkey(Authctxt *authctxt, Key *k, sign_cb_fn *sign_callback)
 {
 	Buffer b;
@ -562,7 +560,7 @@ sign_and_send_pubkey(Authctxt *authctxt, Key *k, sign_cb_fn *sign_callback)
 	return 1;
 }
-int
+static int
 send_pubkey_test(Authctxt *authctxt, Key *k, sign_cb_fn *sign_callback,
    int hint)
 {
@ -595,7 +593,7 @@ send_pubkey_test(Authctxt *authctxt, Key *k, sign_cb_fn *sign_callback,
 	return 1;
 }
-Key *
+static Key *
 load_identity_file(char *filename)
 {
 	Key *private;
@ -633,7 +631,7 @@ load_identity_file(char *filename)
 	return private;
 }
-int
+static int
 identity_sign_cb(Authctxt *authctxt, Key *key, u_char **sigp, int *lenp,
    u_char *data, int datalen)
 {
@ -651,19 +649,21 @@ identity_sign_cb(Authctxt *authctxt, Key *key, u_char **sigp, int *lenp,
 	return ret;
 }
-int agent_sign_cb(Authctxt *authctxt, Key *key, u_char **sigp, int *lenp,
+static int
 agent_sign_cb(Authctxt *authctxt, Key *key, u_char **sigp, int *lenp,
    u_char *data, int datalen)
 {
 	return ssh_agent_sign(authctxt->agent, key, sigp, lenp, data, datalen);
 }
-int key_sign_cb(Authctxt *authctxt, Key *key, u_char **sigp, int *lenp,
+static int
 key_sign_cb(Authctxt *authctxt, Key *key, u_char **sigp, int *lenp,
    u_char *data, int datalen)
 {
 	return key_sign(key, sigp, lenp, data, datalen);
 }
-int
+static int
 userauth_pubkey_agent(Authctxt *authctxt)
 {
 	static int called = 0;
@ -900,7 +900,7 @@ userauth_hostbased(Authctxt *authctxt)
 * given auth method name, if configurable options permit this method fill
 * in auth_ident field and return true, otherwise return false.
 */
-int
+static int
 authmethod_is_enabled(Authmethod *method)
 {
 	if (method == NULL)
@ -914,7 +914,7 @@ authmethod_is_enabled(Authmethod *method)
 	return 1;
 }
-Authmethod *
+static Authmethod *
 authmethod_lookup(const char *name)
 {
 	Authmethod *method = NULL;
@ -935,7 +935,7 @@ static char *preferred = NULL;
 * next method we should try.  If the server initially sends a nil list,
 * use a built-in default list.
 */
-Authmethod *
+static Authmethod *
 authmethod_get(char *authlist)
 {
--- a/sshd.c
+++ b/sshd.c
@ -40,7 +40,7 @@
 */
 #include "includes.h"
-RCSID("$OpenBSD: sshd.c,v 1.199 2001/06/04 23:07:21 markus Exp $");
+RCSID("$OpenBSD: sshd.c,v 1.200 2001/06/23 15:12:21 itojun Exp $");
 #include <openssl/dh.h>
 #include <openssl/bn.h>
@ -182,16 +182,15 @@ int session_id2_len = 0;
 u_int utmp_len = MAXHOSTNAMELEN;
 /* Prototypes for various functions defined later in this file. */
-void do_ssh1_kex(void);
+void destroy_sensitive_data(void);
 void do_ssh2_kex(void);
-void ssh_dh1_server(Kex *, Buffer *_kexinit, Buffer *);
+static void do_ssh1_kex(void);
-void ssh_dhgex_server(Kex *, Buffer *_kexinit, Buffer *);
+static void do_ssh2_kex(void);
 /*
 * Close all listening sockets
 */
-void
+static void
 close_listen_socks(void)
 {
 	int i;
@ -205,7 +204,7 @@ close_listen_socks(void)
 * the effect is to reread the configuration file (and to regenerate
 * the server key).
 */
-void
+static void
 sighup_handler(int sig)
 {
 	received_sighup = 1;
@ -216,7 +215,7 @@ sighup_handler(int sig)
 * Called from the main program after receiving SIGHUP.
 * Restarts the server.
 */
-void
+static void
 sighup_restart(void)
 {
 	log("Received SIGHUP; restarting.");
@ -229,7 +228,7 @@ sighup_restart(void)
 /*
 * Generic signal handler for terminating signals in the master daemon.
 */
-void
+static void
 sigterm_handler(int sig)
 {
 	received_sigterm = sig;
@ -239,7 +238,7 @@ sigterm_handler(int sig)
 * SIGCHLD handler.  This is called whenever a child dies.  This will then
 * reap any zombies left by exited children.
 */
-void
+static void
 main_sigchld_handler(int sig)
 {
 	int save_errno = errno;
@ -255,7 +254,7 @@ main_sigchld_handler(int sig)
 /*
 * Signal handler for the alarm after the login grace period has expired.
 */
-void
+static void
 grace_alarm_handler(int sig)
 {
 	/* XXX no idea how fix this signal handler */
@ -274,7 +273,7 @@ grace_alarm_handler(int sig)
 * Thus there should be no concurrency control/asynchronous execution
 * problems.
 */
-void
+static void
 generate_ephemeral_server_key(void)
 {
 	u_int32_t rand = 0;
@ -297,7 +296,7 @@ generate_ephemeral_server_key(void)
 	arc4random_stir();
 }
-void
+static void
 key_regeneration_alarm(int sig)
 {
 	int save_errno = errno;
@ -306,7 +305,7 @@ key_regeneration_alarm(int sig)
 	key_do_regen = 1;
 }
-void
+static void
 sshd_exchange_identification(int sock_in, int sock_out)
 {
 	int i, mismatch;
@ -456,7 +455,7 @@ destroy_sensitive_data(void)
 	memset(sensitive_data.ssh1_cookie, 0, SSH_SESSION_KEY_LENGTH);
 }
-char *
+static char *
 list_hostkey_types(void)
 {
 	static char buf[1024];
@ -481,7 +480,7 @@ list_hostkey_types(void)
 	return buf;
 }
-Key *
+static Key *
 get_hostkey_by_type(int type)
 {
 	int i;
@ -499,7 +498,7 @@ get_hostkey_by_type(int type)
 * of (max_startups_rate/100). the probability increases linearly until
 * all connections are dropped for startups > max_startups
 */
-int
+static int
 drop_connection(int startups)
 {
 	double p, r;
@ -1203,7 +1202,7 @@ main(int ac, char **av)
 /*
 * SSH1 key exchange
 */
-void
+static void
 do_ssh1_kex(void)
 {
 	int i, len;
@ -1424,7 +1423,7 @@ do_ssh1_kex(void)
 /*
 * SSH2 key exchange: diffie-hellman-group1-sha1
 */
-void
+static void
 do_ssh2_kex(void)
 {
 	Kex *kex;