===================================================================
RCS file: /cvsrepo/anoncvs/cvs/src/usr.bin/ssh/dh.c,v
retrieving revision 1.14.2.2
retrieving revision 1.15
diff -u -r1.14.2.2 -r1.15
--- src/usr.bin/ssh/dh.c	2002/03/09 00:20:44	1.14.2.2
+++ src/usr.bin/ssh/dh.c	2001/06/22 21:27:07	1.15
@@ -23,7 +23,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: dh.c,v 1.14.2.2 2002/03/09 00:20:44 miod Exp $");
+RCSID("$OpenBSD: dh.c,v 1.15 2001/06/22 21:27:07 provos Exp $");
 
 #include "xmalloc.h"
 
@@ -39,7 +39,7 @@
 #include "log.h"
 #include "misc.h"
 
-static int
+int
 parse_prime(int linenum, char *line, struct dhgroup *dhg)
 {
 	char *cp, *arg;
@@ -78,10 +78,8 @@
 	if (cp != NULL || *prime == '\0')
 		goto fail;
 
-	if ((dhg->g = BN_new()) == NULL)
-		fatal("parse_prime: BN_new failed");
-	if ((dhg->p = BN_new()) == NULL)
-		fatal("parse_prime: BN_new failed");
+	dhg->g = BN_new();
+	dhg->p = BN_new();
 	if (BN_hex2bn(&dhg->g, gen) == 0)
 		goto failclean;
 
@@ -94,8 +92,8 @@
 	return (1);
 
  failclean:
-	BN_clear_free(dhg->g);
-	BN_clear_free(dhg->p);
+	BN_free(dhg->g);
+	BN_free(dhg->p);
  fail:
 	error("Bad prime description in line %d", linenum);
 	return (0);
@@ -105,7 +103,7 @@
 choose_dh(int min, int wantbits, int max)
 {
 	FILE *f;
-	char line[2048];
+	char line[1024];
 	int best, bestcount, which;
 	int linenum;
 	struct dhgroup dhg;
@@ -122,8 +120,8 @@
 		linenum++;
 		if (!parse_prime(linenum, line, &dhg))
 			continue;
-		BN_clear_free(dhg.g);
-		BN_clear_free(dhg.p);
+		BN_free(dhg.g);
+		BN_free(dhg.p);
 
 		if (dhg.size > max || dhg.size < min)
 			continue;
@@ -136,14 +134,18 @@
 		if (dhg.size == best)
 			bestcount++;
 	}
-	rewind(f);
+	fclose (f);
 
 	if (bestcount == 0) {
-		fclose(f);
 		log("WARNING: no suitable primes in %s", _PATH_DH_PRIMES);
 		return (NULL);
 	}
 
+	f = fopen(_PATH_DH_PRIMES, "r");
+	if (!f) {
+		fatal("WARNING: %s disappeared, giving up", _PATH_DH_PRIMES);
+	}
+
 	linenum = 0;
 	which = arc4random() % bestcount;
 	while (fgets(line, sizeof(line), f)) {
@@ -152,8 +154,8 @@
 		if ((dhg.size > max || dhg.size < min) ||
 		    dhg.size != best ||
 		    linenum++ != which) {
-			BN_clear_free(dhg.g);
-			BN_clear_free(dhg.p);
+			BN_free(dhg.g);
+			BN_free(dhg.p);
 			continue;
 		}
 		break;
@@ -203,8 +205,9 @@
 		    BN_num_bits(dh->p), 2*need);
 	do {
 		if (dh->priv_key != NULL)
-			BN_clear_free(dh->priv_key);
-		if ((dh->priv_key = BN_new()) == NULL)
+			BN_free(dh->priv_key);
+		dh->priv_key = BN_new();
+		if (dh->priv_key == NULL)
 			fatal("dh_gen_key: BN_new failed");
 		/* generate a 2*need bits random private exponent */
 		if (!BN_rand(dh->priv_key, 2*need, 0, 0))
@@ -226,8 +229,9 @@
 {
 	DH *dh;
 
-	if ((dh = DH_new()) == NULL)
-		fatal("dh_new_group_asc: DH_new");
+	dh = DH_new();
+	if (dh == NULL)
+		fatal("DH_new");
 
 	if (BN_hex2bn(&dh->p, modulus) == 0)
 		fatal("BN_hex2bn p");
@@ -247,8 +251,9 @@
 {
 	DH *dh;
 
-	if ((dh = DH_new()) == NULL)
-		fatal("dh_new_group: DH_new");
+	dh = DH_new();
+	if (dh == NULL)
+		fatal("DH_new");
 	dh->p = modulus;
 	dh->g = gen;