===================================================================
RCS file: /cvsrepo/anoncvs/cvs/src/usr.bin/ssh/clientloop.c,v
retrieving revision 1.357
retrieving revision 1.358
diff -u -r1.357 -r1.358
--- src/usr.bin/ssh/clientloop.c	2021/01/27 09:26:54	1.357
+++ src/usr.bin/ssh/clientloop.c	2021/01/27 10:05:28	1.358
@@ -1,4 +1,4 @@
-/* $OpenBSD: clientloop.c,v 1.357 2021/01/27 09:26:54 djm Exp $ */
+/* $OpenBSD: clientloop.c,v 1.358 2021/01/27 10:05:28 djm Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -2111,9 +2111,6 @@
 
 	if ((signdata = sshbuf_new()) == NULL)
 		fatal_f("sshbuf_new failed");
-	/* Don't want to accidentally accept an unbound signature */
-	if (ssh->kex->session_id_len == 0)
-		fatal_f("ssh->kex->session_id_len == 0");
 	/*
 	 * Expect a signature for each of the ctx->nnew private keys we
 	 * haven't seen before. They will be in the same order as the
@@ -2126,8 +2123,8 @@
 		sshbuf_reset(signdata);
 		if ( (r = sshbuf_put_cstring(signdata,
 		    "hostkeys-prove-00@openssh.com")) != 0 ||
-		    (r = sshbuf_put_string(signdata, ssh->kex->session_id,
-		    ssh->kex->session_id_len)) != 0 ||
+		    (r = sshbuf_put_stringb(signdata,
+		    ssh->kex->session_id)) != 0 ||
 		    (r = sshkey_puts(ctx->keys[i], signdata)) != 0)
 			fatal_fr(r, "compose signdata");
 		/* Extract and verify signature */