* fix longstanding bug with connections being closed on failure to

  connect to auth socket (server)
* differentiate between get_byte and get_bool
* get rid of some // comments
* general tidying

18 files changed, 42 insertions, 51 deletions

diff --git a/buffer.c b/buffer.c
index dff861f..97045ff 100644
--- a/buffer.c
+++ b/buffer.c
@@ -160,6 +160,16 @@ unsigned char buf_getbyte(buffer* buf) {
 	return buf->data[buf->pos++];
 }
 
+/* Get a bool from the buffer and increment the pos */
+unsigned char buf_getbool(buffer* buf) {
+
+	unsigned char b;
+	b = buf_getbyte(buf);
+	if (b != 0)
+		b = 1;
+	return b;
+}
+
 /* put a byte, incrementing the length if required */
 void buf_putbyte(buffer* buf, unsigned char val) {
 
diff --git a/buffer.h b/buffer.h
index e1031a1..f9aa6fa 100644
--- a/buffer.h
+++ b/buffer.h
@@ -50,6 +50,7 @@ void buf_setpos(buffer* buf, unsigned int pos);
 void buf_incrpos(buffer* buf, int incr); /* -ve is ok, to go backwards */
 void buf_incrwritepos(buffer* buf, unsigned int incr);
 unsigned char buf_getbyte(buffer* buf);
+unsigned char buf_getbool(buffer* buf);
 void buf_putbyte(buffer* buf, unsigned char val);
 unsigned char* buf_getptr(buffer* buf, unsigned int len);
 unsigned char* buf_getwriteptr(buffer* buf, unsigned int len);
diff --git a/channel.h b/channel.h
index 225fafb..a2fe87a 100644
--- a/channel.h
+++ b/channel.h
@@ -100,7 +100,7 @@ void chaninitialise();
 void chancleanup();
 void setchannelfds(fd_set *readfd, fd_set *writefd);
 void channelio(fd_set *readfd, fd_set *writefd);
-struct Channel* getchannel(unsigned int chan);
+struct Channel* getchannel();
 struct Channel* newchannel(unsigned int remotechan, 
 		const struct ChanType *type, 
 		unsigned int transwindow, unsigned int transmaxpacket);
diff --git a/cli-auth.c b/cli-auth.c
index dfd9bbb..fc51061 100644
--- a/cli-auth.c
+++ b/cli-auth.c
@@ -127,7 +127,7 @@ void recv_msg_userauth_failure() {
 
 	methods = buf_getstring(ses.payload, &methlen);
 
-	partial = buf_getbyte(ses.payload);
+	partial = buf_getbool(ses.payload);
 
 	if (partial) {
 		dropbear_log(LOG_INFO, "Authentication partially succeeded, more attempts required");
diff --git a/cli-channel.c b/cli-channel.c
index 42e165b..1bd49ab 100644
--- a/cli-channel.c
+++ b/cli-channel.c
@@ -33,15 +33,12 @@
 /* We receive channel data - only used by the client chansession code*/
 void recv_msg_channel_extended_data() {
 
-	unsigned int chan;
 	struct Channel *channel;
 	unsigned int datatype;
 
 	TRACE(("enter recv_msg_channel_extended_data"))
 
-	chan = buf_getint(ses.payload);
-	channel = getchannel(chan);
-
+	channel = getchannel();
 	if (channel == NULL) {
 		dropbear_exit("Unknown channel");
 	}
diff --git a/cli-chansession.c b/cli-chansession.c
index 76e9dfa..a8363ac 100644
--- a/cli-chansession.c
+++ b/cli-chansession.c
@@ -62,7 +62,7 @@ static void cli_chansessreq(struct Channel *channel) {
 	TRACE(("enter cli_chansessreq"))
 
 	type = buf_getstring(ses.payload, NULL);
-	wantreply = buf_getbyte(ses.payload);
+	wantreply = buf_getbool(ses.payload);
 
 	if (strcmp(type, "exit-status") != 0) {
 		TRACE(("unknown request '%s'", type))
diff --git a/common-channel.c b/common-channel.c
index 6f73fab..bb7928c 100644
--- a/common-channel.c
+++ b/common-channel.c
@@ -162,8 +162,13 @@ struct Channel* newchannel(unsigned int remotechan,
 	return newchan;
 }
 
-/* Get the channel structure corresponding to a channel number */
-struct Channel* getchannel(unsigned int chan) {
+/* Returns the channel structure corresponding to the channel in the current
+ * data packet (ses.payload must be positioned appropriately) */
+struct Channel* getchannel() {
+
+	unsigned int chan;
+
+	chan = buf_getint(ses.payload);
 	if (chan >= ses.chansize || ses.channels[chan] == NULL) {
 		return NULL;
 	}
@@ -474,14 +479,11 @@ void setchannelfds(fd_set *readfd, fd_set *writefd) {
  * etc) FD is also EOF */
 void recv_msg_channel_eof() {
 
-	unsigned int chan;
 	struct Channel * channel;
 
 	TRACE(("enter recv_msg_channel_eof"))
 
-	chan = buf_getint(ses.payload);
-	channel = getchannel(chan);
-
+	channel = getchannel();
 	if (channel == NULL) {
 		dropbear_exit("EOF for unknown channel");
 	}
@@ -500,15 +502,11 @@ void recv_msg_channel_eof() {
 /* Handle channel closure(), respond in kind and close the channels */
 void recv_msg_channel_close() {
 
-	unsigned int chan;
 	struct Channel * channel;
 
 	TRACE(("enter recv_msg_channel_close"))
 
-	chan = buf_getint(ses.payload);
-	TRACE(("close channel = %d", chan))
-	channel = getchannel(chan);
-
+	channel = getchannel();
 	if (channel == NULL) {
 		/* disconnect ? */
 		dropbear_exit("Close for unknown channel");
@@ -567,14 +565,11 @@ static void deletechannel(struct Channel *channel) {
  * such as chansession or x11fwd */
 void recv_msg_channel_request() {
 
-	unsigned int chan;
 	struct Channel *channel;
 
 	TRACE(("enter recv_msg_channel_request"))
 	
-	chan = buf_getint(ses.payload);
-	channel = getchannel(chan);
-
+	channel = getchannel();
 	if (channel == NULL) {
 		/* disconnect ? */
 		dropbear_exit("Unknown channel");
@@ -666,12 +661,9 @@ static void send_msg_channel_data(struct Channel *channel, int isextended,
 /* We receive channel data */
 void recv_msg_channel_data() {
 
-	unsigned int chan;
 	struct Channel *channel;
 
-	chan = buf_getint(ses.payload);
-	channel = getchannel(chan);
-
+	channel = getchannel();
 	if (channel == NULL) {
 		dropbear_exit("Unknown channel");
 	}
@@ -738,13 +730,10 @@ void common_recv_msg_channel_data(struct Channel *channel, int fd,
  * as data is sent, and incremented upon receiving window-adjust messages */
 void recv_msg_channel_window_adjust() {
 
-	unsigned int chan;
 	struct Channel * channel;
 	unsigned int incr;
 	
-	chan = buf_getint(ses.payload);
-	channel = getchannel(chan);
-
+	channel = getchannel();
 	if (channel == NULL) {
 		dropbear_exit("Unknown channel");
 	}
@@ -961,14 +950,12 @@ int send_msg_channel_open_init(int fd, const struct ChanType *type) {
  * successful*/
 void recv_msg_channel_open_confirmation() {
 
-	unsigned int chan;
 	struct Channel * channel;
 	int ret;
 
 	TRACE(("enter recv_msg_channel_open_confirmation"))
-	chan = buf_getint(ses.payload);
 
-	channel = getchannel(chan);
+	channel = getchannel();
 	if (channel == NULL) {
 		dropbear_exit("Unknown channel");
 	}
@@ -995,11 +982,9 @@ void recv_msg_channel_open_confirmation() {
 /* Notification that our channel open request failed */
 void recv_msg_channel_open_failure() {
 
-	unsigned int chan;
 	struct Channel * channel;
-	chan = buf_getbyte(ses.payload);
 
-	channel = getchannel(chan);
+	channel = getchannel();
 	if (channel == NULL) {
 		dropbear_exit("Unknown channel");
 	}
diff --git a/common-kex.c b/common-kex.c
index 97e341d..a2336c5 100644
--- a/common-kex.c
+++ b/common-kex.c
@@ -457,7 +457,6 @@ void recv_msg_kexinit() {
 	/* the rest of ses.kexhashbuf will be done after DH exchange */
 
 	ses.kexstate.recvkexinit = 1;
-//	ses.expecting = 0; // client matt
 
 	TRACE(("leave recv_msg_kexinit"))
 }
@@ -683,7 +682,7 @@ static void read_kex_algos() {
 	buf_eatstring(ses.payload);
 
 	/* first_kex_packet_follows */
-	if (buf_getbyte(ses.payload)) {
+	if (buf_getbool(ses.payload)) {
 		ses.kexstate.firstfollows = 1;
 		/* if the guess wasn't good, we ignore the packet sent */
 		if (!allgood) {
diff --git a/debug.h b/debug.h
index 7b1e2b5..93cb891 100644
--- a/debug.h
+++ b/debug.h
@@ -39,7 +39,7 @@
  * Caution: Don't use this in an unfriendly environment (ie unfirewalled),
  * since the printing may not sanitise strings etc. This will add a reasonable
  * amount to your executable size. */
- //#define DEBUG_TRACE 
+/*#define DEBUG_TRACE */
 
 /* All functions writing to the cleartext payload buffer call
  * CHECKCLEARTOWRITE() before writing. This is only really useful if you're
diff --git a/dss.c b/dss.c
index 6429ede..7b3d9d4 100644
--- a/dss.c
+++ b/dss.c
@@ -261,6 +261,7 @@ out:
 }
 #endif /* DROPBEAR_SIGNKEY_VERIFY */
 
+#ifdef DSS_PROTOK	
 /* convert an unsigned mp into an array of bytes, malloced.
  * This array must be freed after use, len contains the length of the array,
  * if len != NULL */
@@ -279,6 +280,7 @@ static unsigned char* mptobytes(mp_int *mp, int *len) {
 	}
 	return ret;
 }
+#endif
 
 /* Sign the data presented with key, writing the signature contents
  * to the buffer
diff --git a/kex.h b/kex.h
index 01626ed..92b6c42 100644
--- a/kex.h
+++ b/kex.h
@@ -37,10 +37,10 @@ void gen_kexdh_vals(mp_int *dh_pub, mp_int *dh_priv);
 void kexdh_comb_key(mp_int *dh_pub_us, mp_int *dh_priv, mp_int *dh_pub_them,
 		sign_key *hostkey);
 
-void recv_msg_kexdh_init(); // server
+void recv_msg_kexdh_init(); /* server */
 
-void send_msg_kexdh_init(); // client
-void recv_msg_kexdh_reply(); // client
+void send_msg_kexdh_init(); /* client */
+void recv_msg_kexdh_reply(); /* client */
 
 extern const unsigned char dh_p_val[];
 #define DH_P_LEN 128 /* The length of the dh_p_val array */
diff --git a/scp.c b/scp.c
index e356b8b..ccb6c2a 100644
--- a/scp.c
+++ b/scp.c
@@ -244,9 +244,6 @@ main(int argc, char **argv)
 	extern char *optarg;
 	extern int optind;
 
-	/* hack, seems to work */
-//	__progname = argv[0];
-
 	args.list = NULL;
 	addargs(&args, "ssh");		/* overwritten with ssh_program */
 	addargs(&args, "-x");
diff --git a/svr-authpam.c b/svr-authpam.c
index e045b74..fe1f123 100644
--- a/svr-authpam.c
+++ b/svr-authpam.c
@@ -155,7 +155,7 @@ void svr_auth_pam() {
 	unsigned char changepw;
 
 	/* check if client wants to change password */
-	changepw = buf_getbyte(ses.payload);
+	changepw = buf_getbool(ses.payload);
 	if (changepw) {
 		/* not implemented by this server */
 		send_msg_userauth_failure(0, 1);
diff --git a/svr-authpasswd.c b/svr-authpasswd.c
index 4348817..5be1e2a 100644
--- a/svr-authpasswd.c
+++ b/svr-authpasswd.c
@@ -71,7 +71,7 @@ void svr_auth_password() {
 	}
 
 	/* check if client wants to change password */
-	changepw = buf_getbyte(ses.payload);
+	changepw = buf_getbool(ses.payload);
 	if (changepw) {
 		/* not implemented by this server */
 		send_msg_userauth_failure(0, 1);
diff --git a/svr-authpubkey.c b/svr-authpubkey.c
index 5daba0f..dcd59f0 100644
--- a/svr-authpubkey.c
+++ b/svr-authpubkey.c
@@ -64,7 +64,7 @@ void svr_auth_pubkey() {
 
 	/* 0 indicates user just wants to check if key can be used, 1 is an
 	 * actual attempt*/
-	testkey = (buf_getbyte(ses.payload) == 0);
+	testkey = (buf_getbool(ses.payload) == 0);
 
 	algo = buf_getstring(ses.payload, &algolen);
 	keybloblen = buf_getint(ses.payload);
diff --git a/svr-chansession.c b/svr-chansession.c
index c04d592..90c82a7 100644
--- a/svr-chansession.c
+++ b/svr-chansession.c
@@ -305,7 +305,7 @@ static void chansessionrequest(struct Channel *channel) {
 	TRACE(("enter chansessionrequest"))
 
 	type = buf_getstring(ses.payload, &typelen);
-	wantreply = buf_getbyte(ses.payload);
+	wantreply = buf_getbool(ses.payload);
 
 	if (typelen > MAX_NAME_LEN) {
 		TRACE(("leave chansessionrequest: type too long")) /* XXX send error?*/
diff --git a/svr-tcpfwd.c b/svr-tcpfwd.c
index 7fbc609..3acc4ff 100644
--- a/svr-tcpfwd.c
+++ b/svr-tcpfwd.c
@@ -78,7 +78,7 @@ void recv_msg_global_request_remotetcp() {
 	}
 
 	reqname = buf_getstring(ses.payload, &namelen);
-	wantreply = buf_getbyte(ses.payload);
+	wantreply = buf_getbool(ses.payload);
 
 	if (namelen > MAXNAMLEN) {
 		TRACE(("name len is wrong: %d", namelen))
diff --git a/svr-x11fwd.c b/svr-x11fwd.c
index e15fb82..cbc8a79 100644
--- a/svr-x11fwd.c
+++ b/svr-x11fwd.c
@@ -52,7 +52,7 @@ int x11req(struct ChanSess * chansess) {
 		return DROPBEAR_FAILURE;
 	}
 
-	chansess->x11singleconn = buf_getbyte(ses.payload);
+	chansess->x11singleconn = buf_getbool(ses.payload);
 	chansess->x11authprot = buf_getstring(ses.payload, NULL);
 	chansess->x11authcookie = buf_getstring(ses.payload, NULL);
 	chansess->x11screennum = buf_getint(ses.payload);