Implement OpenSSH-compatible RSA key fingerprints and use them throughout

[sgt/putty] / ssh.c

diff --git a/ssh.c b/ssh.c
index 852a2da..0db92fc 100644 (file)
--- a/ssh.c
+++ b/ssh.c
@@ -1100,21 +1100,15 @@ static int do_ssh1_login(unsigned char *in, int inlen, int ispkt)
     j = makekey(pktin.body+8+i, &hostkey, &keystr2, 0);
 
     /*
-     * Hash the host key and print the hash in the log box. Just as
-     * a last resort in case the registry's host key checking is
-     * compromised, we'll allow the user some ability to verify
-     * host keys by eye.
+     * Log the host key fingerprint.
      */
-    MD5Init(&md5c);
-    MD5Update(&md5c, keystr2, hostkey.bytes);
-    MD5Final(session_id, &md5c);
     {
        char logmsg[80];
-       int i;
-       logevent("Host key MD5 is:");
+       logevent("Host key fingerprint is:");
        strcpy(logmsg, "      ");
-       for (i = 0; i < 16; i++)
-           sprintf(logmsg+strlen(logmsg), "%02x", session_id[i]);
+        hostkey.comment = NULL;
+        rsa_fingerprint(logmsg+strlen(logmsg), sizeof(logmsg)-strlen(logmsg),
+                        &hostkey);
        logevent(logmsg);
     }
 
@@ -1671,6 +1665,7 @@ static void ssh1_protocol(unsigned char *in, int inlen, int ispkt) {
                 c->localid = i;
                 c->closes = 0;
                 c->type = SSH1_SMSG_AGENT_OPEN;   /* identify channel type */
+                c->u.a.lensofar = 0;
                 add234(ssh_channels, c);
                 send_packet(SSH1_MSG_CHANNEL_OPEN_CONFIRMATION,
                             PKT_INT, c->remoteid, PKT_INT, c->localid,