diff options
| author | Damien Miller <djm@mindrot.org> | 2013-11-08 12:16:49 +1100 |
|---|---|---|
| committer | Damien Miller <djm@mindrot.org> | 2013-11-08 12:16:49 +1100 |
| commit | 690d989008e18af3603a5e03f1276c9bad090370 (patch) | |
| tree | 60dc95d5ad849ee6600da56ac4635b42740aad60 | |
| parent | 08998c5fb9c7c1d248caa73b76e02ca0482e6d85 (diff) | |
- dtucker@cvs.openbsd.org 2013/11/07 11:58:27
[cipher.c cipher.h kex.c kex.h mac.c mac.h servconf.c ssh.c]
Output the effective values of Ciphers, MACs and KexAlgorithms when
the default has not been overridden. ok markus@
| -rw-r--r-- | ChangeLog | 5 | ||||
| -rw-r--r-- | cipher.c | 8 | ||||
| -rw-r--r-- | cipher.h | 4 | ||||
| -rw-r--r-- | kex.c | 6 | ||||
| -rw-r--r-- | kex.h | 4 | ||||
| -rw-r--r-- | mac.c | 8 | ||||
| -rw-r--r-- | mac.h | 4 | ||||
| -rw-r--r-- | servconf.c | 9 | ||||
| -rw-r--r-- | ssh.c | 8 |
9 files changed, 32 insertions, 24 deletions
| @@ -3,6 +3,11 @@ | |||
| 3 | - dtucker@cvs.openbsd.org 2013/11/08 01:06:14 | 3 | - dtucker@cvs.openbsd.org 2013/11/08 01:06:14 |
| 4 | [regress/rekey.sh] | 4 | [regress/rekey.sh] |
| 5 | Rekey less frequently during tests to speed them up | 5 | Rekey less frequently during tests to speed them up |
| 6 | - (djm) OpenBSD CVS Sync | ||
| 7 | - dtucker@cvs.openbsd.org 2013/11/07 11:58:27 | ||
| 8 | [cipher.c cipher.h kex.c kex.h mac.c mac.h servconf.c ssh.c] | ||
| 9 | Output the effective values of Ciphers, MACs and KexAlgorithms when | ||
| 10 | the default has not been overridden. ok markus@ | ||
| 6 | 11 | ||
| 7 | 20131107 | 12 | 20131107 |
| 8 | - (djm) [ssh-pkcs11.c] Bring back "non-constant initialiser" fix (rev 1.5) | 13 | - (djm) [ssh-pkcs11.c] Bring back "non-constant initialiser" fix (rev 1.5) |
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: cipher.c,v 1.89 2013/05/17 00:13:13 djm Exp $ */ | 1 | /* $OpenBSD: cipher.c,v 1.90 2013/11/07 11:58:27 dtucker Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
| 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
| @@ -100,9 +100,9 @@ static const struct Cipher ciphers[] = { | |||
| 100 | 100 | ||
| 101 | /*--*/ | 101 | /*--*/ |
| 102 | 102 | ||
| 103 | /* Returns a comma-separated list of supported ciphers. */ | 103 | /* Returns a list of supported ciphers separated by the specified char. */ |
| 104 | char * | 104 | char * |
| 105 | cipher_alg_list(void) | 105 | cipher_alg_list(char sep) |
| 106 | { | 106 | { |
| 107 | char *ret = NULL; | 107 | char *ret = NULL; |
| 108 | size_t nlen, rlen = 0; | 108 | size_t nlen, rlen = 0; |
| @@ -112,7 +112,7 @@ cipher_alg_list(void) | |||
| 112 | if (c->number != SSH_CIPHER_SSH2) | 112 | if (c->number != SSH_CIPHER_SSH2) |
| 113 | continue; | 113 | continue; |
| 114 | if (ret != NULL) | 114 | if (ret != NULL) |
| 115 | ret[rlen++] = '\n'; | 115 | ret[rlen++] = sep; |
| 116 | nlen = strlen(c->name); | 116 | nlen = strlen(c->name); |
| 117 | ret = xrealloc(ret, 1, rlen + nlen + 2); | 117 | ret = xrealloc(ret, 1, rlen + nlen + 2); |
| 118 | memcpy(ret + rlen, c->name, nlen + 1); | 118 | memcpy(ret + rlen, c->name, nlen + 1); |
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: cipher.h,v 1.40 2013/04/19 01:06:50 djm Exp $ */ | 1 | /* $OpenBSD: cipher.h,v 1.41 2013/11/07 11:58:27 dtucker Exp $ */ |
| 2 | 2 | ||
| 3 | /* | 3 | /* |
| 4 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 4 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
| @@ -75,7 +75,7 @@ const Cipher *cipher_by_number(int); | |||
| 75 | int cipher_number(const char *); | 75 | int cipher_number(const char *); |
| 76 | char *cipher_name(int); | 76 | char *cipher_name(int); |
| 77 | int ciphers_valid(const char *); | 77 | int ciphers_valid(const char *); |
| 78 | char *cipher_alg_list(void); | 78 | char *cipher_alg_list(char); |
| 79 | void cipher_init(CipherContext *, const Cipher *, const u_char *, u_int, | 79 | void cipher_init(CipherContext *, const Cipher *, const u_char *, u_int, |
| 80 | const u_char *, u_int, int); | 80 | const u_char *, u_int, int); |
| 81 | void cipher_crypt(CipherContext *, u_char *, const u_char *, | 81 | void cipher_crypt(CipherContext *, u_char *, const u_char *, |
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: kex.c,v 1.92 2013/11/02 21:59:15 markus Exp $ */ | 1 | /* $OpenBSD: kex.c,v 1.93 2013/11/07 11:58:27 dtucker Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. | 3 | * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. |
| 4 | * | 4 | * |
| @@ -85,7 +85,7 @@ static const struct kexalg kexalgs[] = { | |||
| 85 | }; | 85 | }; |
| 86 | 86 | ||
| 87 | char * | 87 | char * |
| 88 | kex_alg_list(void) | 88 | kex_alg_list(char sep) |
| 89 | { | 89 | { |
| 90 | char *ret = NULL; | 90 | char *ret = NULL; |
| 91 | size_t nlen, rlen = 0; | 91 | size_t nlen, rlen = 0; |
| @@ -93,7 +93,7 @@ kex_alg_list(void) | |||
| 93 | 93 | ||
| 94 | for (k = kexalgs; k->name != NULL; k++) { | 94 | for (k = kexalgs; k->name != NULL; k++) { |
| 95 | if (ret != NULL) | 95 | if (ret != NULL) |
| 96 | ret[rlen++] = '\n'; | 96 | ret[rlen++] = sep; |
| 97 | nlen = strlen(k->name); | 97 | nlen = strlen(k->name); |
| 98 | ret = xrealloc(ret, 1, rlen + nlen + 2); | 98 | ret = xrealloc(ret, 1, rlen + nlen + 2); |
| 99 | memcpy(ret + rlen, k->name, nlen + 1); | 99 | memcpy(ret + rlen, k->name, nlen + 1); |
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: kex.h,v 1.57 2013/11/02 21:59:15 markus Exp $ */ | 1 | /* $OpenBSD: kex.h,v 1.58 2013/11/07 11:58:27 dtucker Exp $ */ |
| 2 | 2 | ||
| 3 | /* | 3 | /* |
| 4 | * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. | 4 | * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. |
| @@ -146,7 +146,7 @@ struct Kex { | |||
| 146 | }; | 146 | }; |
| 147 | 147 | ||
| 148 | int kex_names_valid(const char *); | 148 | int kex_names_valid(const char *); |
| 149 | char *kex_alg_list(void); | 149 | char *kex_alg_list(char); |
| 150 | 150 | ||
| 151 | Kex *kex_setup(char *[PROPOSAL_MAX]); | 151 | Kex *kex_setup(char *[PROPOSAL_MAX]); |
| 152 | void kex_finish(Kex *); | 152 | void kex_finish(Kex *); |
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: mac.c,v 1.24 2013/06/03 00:03:18 dtucker Exp $ */ | 1 | /* $OpenBSD: mac.c,v 1.25 2013/11/07 11:58:27 dtucker Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Copyright (c) 2001 Markus Friedl. All rights reserved. | 3 | * Copyright (c) 2001 Markus Friedl. All rights reserved. |
| 4 | * | 4 | * |
| @@ -91,9 +91,9 @@ static const struct macalg macs[] = { | |||
| 91 | { NULL, 0, NULL, 0, 0, 0, 0 } | 91 | { NULL, 0, NULL, 0, 0, 0, 0 } |
| 92 | }; | 92 | }; |
| 93 | 93 | ||
| 94 | /* Returns a comma-separated list of supported MACs. */ | 94 | /* Returns a list of supported MACs separated by the specified char. */ |
| 95 | char * | 95 | char * |
| 96 | mac_alg_list(void) | 96 | mac_alg_list(char sep) |
| 97 | { | 97 | { |
| 98 | char *ret = NULL; | 98 | char *ret = NULL; |
| 99 | size_t nlen, rlen = 0; | 99 | size_t nlen, rlen = 0; |
| @@ -101,7 +101,7 @@ mac_alg_list(void) | |||
| 101 | 101 | ||
| 102 | for (m = macs; m->name != NULL; m++) { | 102 | for (m = macs; m->name != NULL; m++) { |
| 103 | if (ret != NULL) | 103 | if (ret != NULL) |
| 104 | ret[rlen++] = '\n'; | 104 | ret[rlen++] = sep; |
| 105 | nlen = strlen(m->name); | 105 | nlen = strlen(m->name); |
| 106 | ret = xrealloc(ret, 1, rlen + nlen + 2); | 106 | ret = xrealloc(ret, 1, rlen + nlen + 2); |
| 107 | memcpy(ret + rlen, m->name, nlen + 1); | 107 | memcpy(ret + rlen, m->name, nlen + 1); |
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: mac.h,v 1.7 2013/04/19 01:06:50 djm Exp $ */ | 1 | /* $OpenBSD: mac.h,v 1.8 2013/11/07 11:58:27 dtucker Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Copyright (c) 2001 Markus Friedl. All rights reserved. | 3 | * Copyright (c) 2001 Markus Friedl. All rights reserved. |
| 4 | * | 4 | * |
| @@ -24,7 +24,7 @@ | |||
| 24 | */ | 24 | */ |
| 25 | 25 | ||
| 26 | int mac_valid(const char *); | 26 | int mac_valid(const char *); |
| 27 | char *mac_alg_list(void); | 27 | char *mac_alg_list(char); |
| 28 | int mac_setup(Mac *, char *); | 28 | int mac_setup(Mac *, char *); |
| 29 | int mac_init(Mac *); | 29 | int mac_init(Mac *); |
| 30 | u_char *mac_compute(Mac *, u_int32_t, u_char *, int); | 30 | u_char *mac_compute(Mac *, u_int32_t, u_char *, int); |
diff --git a/servconf.c b/servconf.c index 0f1bdd09a..3593223f7 100644 --- a/servconf.c +++ b/servconf.c | |||
| @@ -1,5 +1,5 @@ | |||
| 1 | 1 | ||
| 2 | /* $OpenBSD: servconf.c,v 1.244 2013/10/29 09:48:02 djm Exp $ */ | 2 | /* $OpenBSD: servconf.c,v 1.245 2013/11/07 11:58:27 dtucker Exp $ */ |
| 3 | /* | 3 | /* |
| 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
| 5 | * All rights reserved | 5 | * All rights reserved |
| @@ -2037,8 +2037,9 @@ dump_config(ServerOptions *o) | |||
| 2037 | /* string arguments */ | 2037 | /* string arguments */ |
| 2038 | dump_cfg_string(sPidFile, o->pid_file); | 2038 | dump_cfg_string(sPidFile, o->pid_file); |
| 2039 | dump_cfg_string(sXAuthLocation, o->xauth_location); | 2039 | dump_cfg_string(sXAuthLocation, o->xauth_location); |
| 2040 | dump_cfg_string(sCiphers, o->ciphers); | 2040 | dump_cfg_string(sCiphers, o->ciphers ? o->ciphers : |
| 2041 | dump_cfg_string(sMacs, o->macs); | 2041 | cipher_alg_list(',')); |
| 2042 | dump_cfg_string(sMacs, o->macs ? o->macs : mac_alg_list(',')); | ||
| 2042 | dump_cfg_string(sBanner, o->banner); | 2043 | dump_cfg_string(sBanner, o->banner); |
| 2043 | dump_cfg_string(sForceCommand, o->adm_forced_command); | 2044 | dump_cfg_string(sForceCommand, o->adm_forced_command); |
| 2044 | dump_cfg_string(sChrootDirectory, o->chroot_directory); | 2045 | dump_cfg_string(sChrootDirectory, o->chroot_directory); |
| @@ -2050,6 +2051,8 @@ dump_config(ServerOptions *o) | |||
| 2050 | dump_cfg_string(sAuthorizedKeysCommand, o->authorized_keys_command); | 2051 | dump_cfg_string(sAuthorizedKeysCommand, o->authorized_keys_command); |
| 2051 | dump_cfg_string(sAuthorizedKeysCommandUser, o->authorized_keys_command_user); | 2052 | dump_cfg_string(sAuthorizedKeysCommandUser, o->authorized_keys_command_user); |
| 2052 | dump_cfg_string(sHostKeyAgent, o->host_key_agent); | 2053 | dump_cfg_string(sHostKeyAgent, o->host_key_agent); |
| 2054 | dump_cfg_string(sKexAlgorithms, o->kex_algorithms ? o->kex_algorithms : | ||
| 2055 | kex_alg_list(',')); | ||
| 2053 | 2056 | ||
| 2054 | /* string arguments requiring a lookup */ | 2057 | /* string arguments requiring a lookup */ |
| 2055 | dump_cfg_string(sLogLevel, log_level_name(o->log_level)); | 2058 | dump_cfg_string(sLogLevel, log_level_name(o->log_level)); |
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: ssh.c,v 1.391 2013/10/25 23:04:51 djm Exp $ */ | 1 | /* $OpenBSD: ssh.c,v 1.392 2013/11/07 11:58:27 dtucker Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
| 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
| @@ -520,11 +520,11 @@ main(int ac, char **av) | |||
| 520 | case 'Q': /* deprecated */ | 520 | case 'Q': /* deprecated */ |
| 521 | cp = NULL; | 521 | cp = NULL; |
| 522 | if (strcasecmp(optarg, "cipher") == 0) | 522 | if (strcasecmp(optarg, "cipher") == 0) |
| 523 | cp = cipher_alg_list(); | 523 | cp = cipher_alg_list('\n'); |
| 524 | else if (strcasecmp(optarg, "mac") == 0) | 524 | else if (strcasecmp(optarg, "mac") == 0) |
| 525 | cp = mac_alg_list(); | 525 | cp = mac_alg_list('\n'); |
| 526 | else if (strcasecmp(optarg, "kex") == 0) | 526 | else if (strcasecmp(optarg, "kex") == 0) |
| 527 | cp = kex_alg_list(); | 527 | cp = kex_alg_list('\n'); |
| 528 | else if (strcasecmp(optarg, "key") == 0) | 528 | else if (strcasecmp(optarg, "key") == 0) |
| 529 | cp = key_alg_list(); | 529 | cp = key_alg_list(); |
| 530 | if (cp == NULL) | 530 | if (cp == NULL) |