===================================================================
RCS file: /cvsrepo/anoncvs/cvs/src/usr.bin/ssh/Attic/sshconnect1.c,v
retrieving revision 1.74
retrieving revision 1.75
diff -u -r1.74 -r1.75
--- src/usr.bin/ssh/Attic/sshconnect1.c	2014/02/02 03:44:32	1.74
+++ src/usr.bin/ssh/Attic/sshconnect1.c	2014/06/24 01:13:21	1.75
@@ -1,4 +1,4 @@
-/* $OpenBSD: sshconnect1.c,v 1.74 2014/02/02 03:44:32 djm Exp $ */
+/* $OpenBSD: sshconnect1.c,v 1.75 2014/06/24 01:13:21 djm Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -163,7 +163,7 @@
 
 	/* Decrypt the challenge using the private key. */
 	/* XXX think about Bleichenbacher, too */
-	if (rsa_private_decrypt(challenge, challenge, prv) <= 0)
+	if (rsa_private_decrypt(challenge, challenge, prv) != 0)
 		packet_disconnect(
 		    "respond_to_rsa_challenge: rsa_private_decrypt failed");
 
@@ -250,7 +250,7 @@
 	 * load the private key.  Try first with empty passphrase; if it
 	 * fails, ask for a passphrase.
 	 */
-	if (public->flags & KEY_FLAG_EXT)
+	if (public->flags & SSHKEY_FLAG_EXT)
 		private = public;
 	else
 		private = key_load_private_type(KEY_RSA1, authfile, "", NULL,
@@ -299,7 +299,7 @@
 	respond_to_rsa_challenge(challenge, private->rsa);
 
 	/* Destroy the private key unless it in external hardware. */
-	if (!(private->flags & KEY_FLAG_EXT))
+	if (!(private->flags & SSHKEY_FLAG_EXT))
 		key_free(private);
 
 	/* We no longer need the challenge. */
@@ -589,8 +589,9 @@
 			    BN_num_bits(server_key->rsa->n),
 			    SSH_KEY_BITS_RESERVED);
 		}
-		rsa_public_encrypt(key, key, server_key->rsa);
-		rsa_public_encrypt(key, key, host_key->rsa);
+		if (rsa_public_encrypt(key, key, server_key->rsa) != 0 ||
+		    rsa_public_encrypt(key, key, host_key->rsa) != 0)
+			fatal("%s: rsa_public_encrypt failed", __func__);
 	} else {
 		/* Host key has smaller modulus (or they are equal). */
 		if (BN_num_bits(server_key->rsa->n) <
@@ -601,8 +602,9 @@
 			    BN_num_bits(host_key->rsa->n),
 			    SSH_KEY_BITS_RESERVED);
 		}
-		rsa_public_encrypt(key, key, host_key->rsa);
-		rsa_public_encrypt(key, key, server_key->rsa);
+		if (rsa_public_encrypt(key, key, host_key->rsa) != 0 ||
+		    rsa_public_encrypt(key, key, server_key->rsa) != 0)
+			fatal("%s: rsa_public_encrypt failed", __func__);
 	}
 
 	/* Destroy the public keys since we no longer need them. */