===================================================================
RCS file: /cvsrepo/anoncvs/cvs/src/usr.bin/ssh/dns.c,v
retrieving revision 1.10.4.2
retrieving revision 1.11
diff -u -r1.10.4.2 -r1.11
--- src/usr.bin/ssh/dns.c	2006/02/03 02:53:44	1.10.4.2
+++ src/usr.bin/ssh/dns.c	2005/04/20 10:05:45	1.11
@@ -1,4 +1,4 @@
-/*	$OpenBSD: dns.c,v 1.10.4.2 2006/02/03 02:53:44 brad Exp $	*/
+/*	$OpenBSD: dns.c,v 1.11 2005/04/20 10:05:45 jakob Exp $	*/
 
 /*
  * Copyright (c) 2003 Wesley Griffin. All rights reserved.
@@ -25,16 +25,27 @@
  * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  */
 
+
 #include "includes.h"
-RCSID("$OpenBSD: dns.c,v 1.10.4.2 2006/02/03 02:53:44 brad Exp $");
 
+#include <openssl/bn.h>
+#ifdef LWRES
+#include <lwres/netdb.h>
+#include <dns/result.h>
+#else /* LWRES */
 #include <netdb.h>
+#endif /* LWRES */
 
 #include "xmalloc.h"
 #include "key.h"
 #include "dns.h"
 #include "log.h"
+#include "uuencode.h"
 
+extern char *__progname;
+RCSID("$OpenBSD: dns.c,v 1.11 2005/04/20 10:05:45 jakob Exp $");
+
+#ifndef LWRES
 static const char *errset_text[] = {
 	"success",		/* 0 ERRSET_SUCCESS */
 	"out of memory",	/* 1 ERRSET_NOMEMORY */
@@ -64,7 +75,9 @@
 		return "unknown error";
 	}
 }
+#endif /* LWRES */
 
+
 /*
  * Read SSHFP parameters from key buffer.
  */
@@ -82,14 +95,12 @@
 		*algorithm = SSHFP_KEY_DSA;
 		break;
 	default:
-		*algorithm = SSHFP_KEY_RESERVED; /* 0 */
+		*algorithm = SSHFP_KEY_RESERVED;
 	}
 
 	if (*algorithm) {
 		*digest_type = SSHFP_HASH_SHA1;
 		*digest = key_fingerprint_raw(key, SSH_FP_SHA1, digest_len);
-		if (*digest == NULL)
-			fatal("dns_read_key: null from key_fingerprint_raw()");
 		success = 1;
 	} else {
 		*digest_type = SSHFP_HASH_RESERVED;
@@ -122,7 +133,7 @@
 			*digest = (u_char *) xmalloc(*digest_len);
 			memcpy(*digest, rdata + 2, *digest_len);
 		} else {
-			*digest = xstrdup("");
+			*digest = NULL;
 		}
 
 		success = 1;
@@ -160,7 +171,7 @@
 verify_host_key_dns(const char *hostname, struct sockaddr *address,
     const Key *hostkey, int *flags)
 {
-	u_int counter;
+	int counter;
 	int result;
 	struct rrsetinfo *fingerprints = NULL;
 
@@ -176,7 +187,7 @@
 
 	*flags = 0;
 
-	debug3("verify_host_key_dns");
+	debug3("verify_hostkey_dns");
 	if (hostkey == NULL)
 		fatal("No key to look up!");
 
@@ -212,7 +223,7 @@
 	if (fingerprints->rri_nrdatas)
 		*flags |= DNS_VERIFY_FOUND;
 
-	for (counter = 0; counter < fingerprints->rri_nrdatas; counter++)  {
+	for (counter = 0 ; counter < fingerprints->rri_nrdatas ; counter++)  {
 		/*
 		 * Extract the key from the answer. Ignore any badly
 		 * formatted fingerprints.
@@ -236,10 +247,8 @@
 				*flags |= DNS_VERIFY_MATCH;
 			}
 		}
-		xfree(dnskey_digest);
 	}
 
-	xfree(hostkey_digest); /* from key_fingerprint_raw() */
 	freerrset(fingerprints);
 
 	if (*flags & DNS_VERIFY_FOUND)
@@ -253,6 +262,7 @@
 	return 0;
 }
 
+
 /*
  * Export the fingerprint of a key as a DNS resource record
  */
@@ -264,11 +274,11 @@
 	u_char *rdata_digest;
 	u_int rdata_digest_len;
 
-	u_int i;
+	int i;
 	int success = 0;
 
 	if (dns_read_key(&rdata_pubkey_algorithm, &rdata_digest_type,
-	    &rdata_digest, &rdata_digest_len, key)) {
+			 &rdata_digest, &rdata_digest_len, key)) {
 
 		if (generic)
 			fprintf(f, "%s IN TYPE%d \\# %d %02x %02x ", hostname,
@@ -281,10 +291,9 @@
 		for (i = 0; i < rdata_digest_len; i++)
 			fprintf(f, "%02x", rdata_digest[i]);
 		fprintf(f, "\n");
-		xfree(rdata_digest); /* from key_fingerprint_raw() */
 		success = 1;
 	} else {
-		error("export_dns_rr: unsupported algorithm");
+		error("dns_export_rr: unsupported algorithm");
 	}
 
 	return success;