===================================================================
RCS file: /cvsrepo/anoncvs/cvs/src/usr.bin/ssh/sshconnect.c,v
retrieving revision 1.72.2.4
retrieving revision 1.72.2.5
diff -u -r1.72.2.4 -r1.72.2.5
--- src/usr.bin/ssh/sshconnect.c	2001/03/12 15:44:17	1.72.2.4
+++ src/usr.bin/ssh/sshconnect.c	2001/03/21 18:53:14	1.72.2.5
@@ -13,7 +13,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: sshconnect.c,v 1.72.2.4 2001/03/12 15:44:17 jason Exp $");
+RCSID("$OpenBSD: sshconnect.c,v 1.72.2.5 2001/03/21 18:53:14 jason Exp $");
 
 #include <openssl/bn.h>
 
@@ -477,7 +477,7 @@
 	Key *file_key;
 	char *type = key_type(host_key);
 	char *ip = NULL;
-	char hostline[1000], *hostp;
+	char hostline[1000], *hostp, *fp;
 	HostStatus host_status;
 	HostStatus ip_status;
 	int local = 0, host_ip_differ = 0;
@@ -604,13 +604,15 @@
 		} else if (options.strict_host_key_checking == 2) {
 			/* The default */
 			char prompt[1024];
+			fp = key_fingerprint(host_key, SSH_FP_MD5, SSH_FP_HEX);
 			snprintf(prompt, sizeof(prompt),
 			    "The authenticity of host '%.200s (%s)' can't be established.\n"
 			    "%s key fingerprint is %s.\n"
 			    "Are you sure you want to continue connecting (yes/no)? ",
-			    host, ip, type, key_fingerprint(host_key));
+			    host, ip, type, fp);
+			xfree(fp);
 			if (!read_yes_or_no(prompt, -1))
-				fatal("Aborted by user!\n");
+				fatal("Aborted by user!");
 		}
 		if (options.check_host_ip && ip_status == HOST_NEW) {
 			snprintf(hostline, sizeof(hostline), "%s,%s", host, ip);
@@ -647,6 +649,7 @@
 				error("Offending key for IP in %s:%d", ip_file, ip_line);
 		}
 		/* The host key has changed. */
+		fp = key_fingerprint(host_key, SSH_FP_MD5, SSH_FP_HEX);
 		error("@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@");
 		error("@    WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!     @");
 		error("@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@");
@@ -654,11 +657,12 @@
 		error("Someone could be eavesdropping on you right now (man-in-the-middle attack)!");
 		error("It is also possible that the %s host key has just been changed.", type);
 		error("The fingerprint for the %s key sent by the remote host is\n%s.",
-		    type, key_fingerprint(host_key));
+		    type, fp);
 		error("Please contact your system administrator.");
 		error("Add correct host key in %.100s to get rid of this message.",
 		    user_hostfile);
 		error("Offending key in %s:%d", host_file, host_line);
+		xfree(fp);
 
 		/*
 		 * If strict host key checking is in use, the user will have
@@ -711,7 +715,7 @@
 		} else if (options.strict_host_key_checking == 2) {
 			if (!read_yes_or_no("Are you sure you want " \
 			    "to continue connecting (yes/no)? ", -1))
-				fatal("Aborted by user!\n");
+				fatal("Aborted by user!");
 		}
 	}
 
@@ -769,6 +773,10 @@
 	int size;
 	char *padded;
 
+	if (datafellows & SSH_BUG_PASSWORDPAD) {
+		packet_put_string(password, strlen(password));
+		return;
+	}
 	size = roundup(strlen(password) + 1, 32);
 	padded = xmalloc(size);
 	memset(padded, 0, size);