--- a/cli-auth.c	Wed Jul 28 16:44:16 2004 +0000
+++ b/cli-auth.c	Thu Jul 29 02:19:03 2004 +0000
@@ -13,27 +13,6 @@
 }
 
 
-void cli_get_user() {
-
-	uid_t uid;
-	struct passwd *pw; 
-
-	TRACE(("enter cli_get_user"));
-	if (cli_opts.username != NULL) {
-		ses.authstate.username = cli_opts.username;
-	} else {
-		uid = getuid();
-		
-		pw = getpwuid(uid);
-		if (pw == NULL || pw->pw_name == NULL) {
-			dropbear_exit("Couldn't find username for current user");
-		}
-
-		ses.authstate.username = m_strdup(pw->pw_name);
-	}
-	TRACE(("leave cli_get_user: %s", ses.authstate.username));
-}
-
 /* Send a "none" auth request to get available methods */
 void cli_auth_getmethods() {
 
@@ -42,8 +21,8 @@
 	CHECKCLEARTOWRITE();
 
 	buf_putbyte(ses.writepayload, SSH_MSG_USERAUTH_REQUEST);
-	buf_putstring(ses.writepayload, ses.authstate.username,
-			strlen(ses.authstate.username));
+	buf_putstring(ses.writepayload, cli_opts.username, 
+			strlen(cli_opts.username));
 	buf_putstring(ses.writepayload, SSH_SERVICE_CONNECTION, 
 			SSH_SERVICE_CONNECTION_LEN);
 	buf_putstring(ses.writepayload, "none", 4); /* 'none' method */

--- a/cli-authpasswd.c	Wed Jul 28 16:44:16 2004 +0000
+++ b/cli-authpasswd.c	Thu Jul 29 02:19:03 2004 +0000
@@ -3,6 +3,7 @@
 #include "dbutil.h"
 #include "session.h"
 #include "ssh.h"
+#include "runopts.h"
 
 int cli_auth_password() {
 
@@ -14,8 +15,8 @@
 
 	buf_putbyte(ses.writepayload, SSH_MSG_USERAUTH_REQUEST);
 
-	buf_putstring(ses.writepayload, ses.authstate.username,
-			strlen(ses.authstate.username));
+	buf_putstring(ses.writepayload, cli_opts.username,
+			strlen(cli_opts.username));
 
 	buf_putstring(ses.writepayload, SSH_SERVICE_CONNECTION, 
 			SSH_SERVICE_CONNECTION_LEN);

--- a/cli-session.c	Wed Jul 28 16:44:16 2004 +0000
+++ b/cli-session.c	Thu Jul 29 02:19:03 2004 +0000
@@ -83,6 +83,8 @@
 
 	/* packet handlers */
 	ses.packettypes = cli_packettypes;
+
+	ses.isserver = 0;
 }
 
 /* This function drives the progress of the session - it initiates KEX,
@@ -136,7 +138,6 @@
 
 		/* userauth code */
 		case SERVICE_AUTH_ACCEPT_RCVD:
-			cli_get_user();
 			cli_auth_getmethods();
 			cli_ses.state = USERAUTH_METHODS_SENT;
 			TRACE(("leave cli_sessionloop: sent userauth methods req"));

--- a/common-kex.c	Wed Jul 28 16:44:16 2004 +0000
+++ b/common-kex.c	Thu Jul 29 02:19:03 2004 +0000
@@ -55,7 +55,7 @@
 const int DH_G_VAL = 2;
 
 static void kexinitialise();
-static void gen_new_keys();
+void gen_new_keys();
 #ifndef DISABLE_ZLIB
 static void gen_new_zstreams();
 #endif
@@ -253,7 +253,7 @@
  * taken into use after both sides have sent a newkeys message */
 
 /* Originally from kex.c, generalized for cli/svr mode --mihnea */
-static void gen_new_keys() {
+void gen_new_keys() {
 
 	unsigned char C2S_IV[MAX_IV_LEN];
 	unsigned char C2S_key[MAX_KEY_LEN];
@@ -276,9 +276,6 @@
 	sha1_process(&hs, ses.hash, SHA1_HASH_SIZE);
 	m_burn(ses.hash, SHA1_HASH_SIZE);
 
-	hashkeys(C2S_IV, SHA1_HASH_SIZE, &hs, 'A');
-	hashkeys(S2C_IV, SHA1_HASH_SIZE, &hs, 'B');
-
 	if (IS_DROPBEAR_CLIENT) {
 	    trans_IV	= C2S_IV;
 	    recv_IV		= S2C_IV;
@@ -299,6 +296,8 @@
 		macrecvletter = 'E';
 	}
 
+	hashkeys(C2S_IV, SHA1_HASH_SIZE, &hs, 'A');
+	hashkeys(S2C_IV, SHA1_HASH_SIZE, &hs, 'B');
 	hashkeys(C2S_key, C2S_keysize, &hs, 'C');
 	hashkeys(S2C_key, S2C_keysize, &hs, 'D');
 
@@ -580,6 +579,8 @@
 	sha1_process(&hs, buf_getptr(ses.kexhashbuf, ses.kexhashbuf->len),
 			ses.kexhashbuf->len);
 	sha1_done(&hs, ses.hash);
+
+	buf_burn(ses.kexhashbuf);
 	buf_free(ses.kexhashbuf);
 	ses.kexhashbuf = NULL;
 	

--- a/svr-auth.c	Wed Jul 28 16:44:16 2004 +0000
+++ b/svr-auth.c	Thu Jul 29 02:19:03 2004 +0000
@@ -58,7 +58,7 @@
 	ses.authstate.authtypes |= AUTH_TYPE_PUBKEY;
 #endif
 #ifdef DROPBEAR_PASSWORD_AUTH
-	if (svr_opts.noauthpass) {
+	if (!svr_opts.noauthpass) {
 		ses.authstate.authtypes |= AUTH_TYPE_PASSWORD;
 	}
 #endif
@@ -100,6 +100,7 @@
 
 	/* ignore packets if auth is already done */
 	if (ses.authstate.authdone == 1) {
+		TRACE(("leave recv_msg_userauth_request: authdone already"));
 		return;
 	}
 
@@ -129,6 +130,7 @@
 	if (methodlen == AUTH_METHOD_NONE_LEN &&
 			strncmp(methodname, AUTH_METHOD_NONE,
 				AUTH_METHOD_NONE_LEN) == 0) {
+		TRACE(("recv_msg_userauth_request: 'none' request"));
 		send_msg_userauth_failure(0, 0);
 		goto out;
 	}
@@ -305,6 +307,9 @@
 	buf_putbyte(ses.writepayload, partial ? 1 : 0);
 	encrypt_packet();
 
+	TRACE(("auth fail: methods %d, '%s'", ses.authstate.authtypes,
+				buf_getptr(typebuf, typebuf->len)));
+
 	if (incrfail) {
 		usleep(300000); /* XXX improve this */
 		ses.authstate.failcount++;

--- a/svr-session.c	Wed Jul 28 16:44:16 2004 +0000
+++ b/svr-session.c	Thu Jul 29 02:19:03 2004 +0000
@@ -96,6 +96,8 @@
 	ses.packettypes = svr_packettypes;
 	ses.buf_match_algo = svr_buf_match_algo;
 
+	ses.isserver = 1;
+
 	/* We're ready to go now */
 	sessinitdone = 1;