1 files changed, 10 insertions, 6 deletions

diff --git a/crypto/openssh/sshconnect1.c b/crypto/openssh/sshconnect1.c
index d7722f4..dab2771 100644
--- a/crypto/openssh/sshconnect1.c
+++ b/crypto/openssh/sshconnect1.c
@@ -13,7 +13,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: sshconnect1.c,v 1.48 2002/02/11 16:15:46 markus Exp $");
+RCSID("$OpenBSD: sshconnect1.c,v 1.51 2002/05/23 19:24:30 markus Exp $");
 
 #include <openssl/bn.h>
 #include <openssl/md5.h>
@@ -459,6 +459,8 @@ try_krb4_authentication(void)
 
 		/* Get server's response. */
 		reply = packet_get_string((u_int *) &auth.length);
+		if (auth.length >= MAX_KTXT_LEN)
+			fatal("Kerberos v4: Malformed response from server");
 		memcpy(auth.dat, reply, auth.length);
 		xfree(reply);
 
@@ -843,7 +845,7 @@ try_challenge_response_authentication(void)
 			error("Permission denied, please try again.");
 		if (options.cipher == SSH_CIPHER_NONE)
 			log("WARNING: Encryption is disabled! "
-			    "Reponse will be transmitted in clear text.");
+			    "Response will be transmitted in clear text.");
 		response = read_passphrase(prompt, 0);
 		if (strcmp(response, "") == 0) {
 			xfree(response);
@@ -1090,7 +1092,7 @@ ssh_kex(char *host, struct sockaddr *hostaddr)
  */
 void
 ssh_userauth1(const char *local_user, const char *server_user, char *host,
-    Key **keys, int nkeys)
+    Sensitive *sensitive)
 {
 #ifdef KRB5
 	krb5_context context = NULL;
@@ -1176,9 +1178,11 @@ ssh_userauth1(const char *local_user, const char *server_user, char *host,
 	 */
 	if ((supported_authentications & (1 << SSH_AUTH_RHOSTS_RSA)) &&
 	    options.rhosts_rsa_authentication) {
-		for (i = 0; i < nkeys; i++) {
-			if (keys[i] != NULL && keys[i]->type == KEY_RSA1 &&
-			    try_rhosts_rsa_authentication(local_user, keys[i]))
+		for (i = 0; i < sensitive->nkeys; i++) {
+			if (sensitive->keys[i] != NULL &&
+			    sensitive->keys[i]->type == KEY_RSA1 &&
+			    try_rhosts_rsa_authentication(local_user,
+			    sensitive->keys[i]))
 				goto success;
 		}
 	}