===================================================================
RCS file: /cvsrepo/anoncvs/cvs/src/usr.bin/ssh/ssh-agent.c,v
retrieving revision 1.185
retrieving revision 1.186
diff -u -r1.185 -r1.186
--- src/usr.bin/ssh/ssh-agent.c	2014/04/29 18:01:49	1.185
+++ src/usr.bin/ssh/ssh-agent.c	2014/06/24 01:13:21	1.186
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh-agent.c,v 1.185 2014/04/29 18:01:49 markus Exp $ */
+/* $OpenBSD: ssh-agent.c,v 1.186 2014/06/24 01:13:21 djm Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -264,7 +264,7 @@
 	if (id != NULL && (!id->confirm || confirm_key(id) == 0)) {
 		Key *private = id->key;
 		/* Decrypt the challenge using the private key. */
-		if (rsa_private_decrypt(challenge, challenge, private->rsa) <= 0)
+		if (rsa_private_decrypt(challenge, challenge, private->rsa) != 0)
 			goto failure;
 
 		/* The response is MD5 of decrypted challenge plus session id. */
@@ -351,12 +351,16 @@
 static void
 process_remove_identity(SocketEntry *e, int version)
 {
-	u_int blen, bits;
+	u_int blen;
 	int success = 0;
 	Key *key = NULL;
 	u_char *blob;
+#ifdef WITH_SSH1
+	u_int bits;
+#endif /* WITH_SSH1 */
 
 	switch (version) {
+#ifdef WITH_SSH1
 	case 1:
 		key = key_new(KEY_RSA1);
 		bits = buffer_get_int(&e->request);
@@ -367,6 +371,7 @@
 			logit("Warning: identity keysize mismatch: actual %u, announced %u",
 			    key_size(key), bits);
 		break;
+#endif /* WITH_SSH1 */
 	case 2:
 		blob = buffer_get_string(&e->request, &blen);
 		key = key_from_blob(blob, blen);
@@ -463,6 +468,7 @@
 	Key *k = NULL;
 
 	switch (version) {
+#ifdef WITH_SSH1
 	case 1:
 		k = key_new_private(KEY_RSA1);
 		(void) buffer_get_int(&e->request);		/* ignored */
@@ -476,7 +482,9 @@
 		buffer_get_bignum(&e->request, k->rsa->p);	/* q */
 
 		/* Generate additional parameters */
-		rsa_generate_additional_parameters(k->rsa);
+		if (rsa_generate_additional_parameters(k->rsa) != 0)
+			fatal("%s: rsa_generate_additional_parameters "
+			    "error", __func__);
 
 		/* enable blinding */
 		if (RSA_blinding_on(k->rsa, NULL) != 1) {
@@ -485,6 +493,7 @@
 			goto send;
 		}
 		break;
+#endif /* WITH_SSH1 */
 	case 2:
 		k = key_private_deserialize(&e->request);
 		if (k == NULL) {
@@ -493,11 +502,10 @@
 		}
 		break;
 	}
-	comment = buffer_get_string(&e->request, NULL);
-	if (k == NULL) {
-		free(comment);
+	if (k == NULL)
 		goto send;
-	}
+	comment = buffer_get_string(&e->request, NULL);
+
 	while (buffer_len(&e->request)) {
 		switch ((type = buffer_get_char(&e->request))) {
 		case SSH_AGENT_CONSTRAIN_LIFETIME: