diff options
author | djm@openbsd.org <djm@openbsd.org> | 2017-03-10 04:07:20 +0000 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 2017-03-10 15:35:39 +1100 |
commit | 183ba55aaaecca0206184b854ad6155df237adbe (patch) | |
tree | a62c9a5478a8a265d0adf044ccedb2d6b480f16e | |
parent | 66be4fe8c4435af5bbc82998501a142a831f1181 (diff) |
upstream commit
fix regression in 7.4 server-sig-algs, where we were
accidentally excluding SHA2 RSA signature methods. bz#2680, patch from Nuno
Goncalves; ok dtucker@
Upstream-ID: 81ac8bfb30960447740b9b8f6a214dcf322f12e8
-rw-r--r-- | kex.c | 4 | ||||
-rw-r--r-- | ssh.c | 8 | ||||
-rw-r--r-- | sshkey.c | 8 | ||||
-rw-r--r-- | sshkey.h | 4 |
4 files changed, 13 insertions, 11 deletions
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: kex.c,v 1.129 2017/03/10 03:45:40 dtucker Exp $ */ | 1 | /* $OpenBSD: kex.c,v 1.130 2017/03/10 04:07:20 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. | 3 | * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. |
4 | * | 4 | * |
@@ -350,7 +350,7 @@ kex_send_ext_info(struct ssh *ssh) | |||
350 | int r; | 350 | int r; |
351 | char *algs; | 351 | char *algs; |
352 | 352 | ||
353 | if ((algs = sshkey_alg_list(0, 1, ',')) == NULL) | 353 | if ((algs = sshkey_alg_list(0, 1, 1, ',')) == NULL) |
354 | return SSH_ERR_ALLOC_FAIL; | 354 | return SSH_ERR_ALLOC_FAIL; |
355 | if ((r = sshpkt_start(ssh, SSH2_MSG_EXT_INFO)) != 0 || | 355 | if ((r = sshpkt_start(ssh, SSH2_MSG_EXT_INFO)) != 0 || |
356 | (r = sshpkt_put_u32(ssh, 1)) != 0 || | 356 | (r = sshpkt_put_u32(ssh, 1)) != 0 || |
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: ssh.c,v 1.450 2017/03/08 12:07:47 djm Exp $ */ | 1 | /* $OpenBSD: ssh.c,v 1.451 2017/03/10 04:07:20 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
@@ -684,11 +684,11 @@ main(int ac, char **av) | |||
684 | else if (strcmp(optarg, "kex") == 0) | 684 | else if (strcmp(optarg, "kex") == 0) |
685 | cp = kex_alg_list('\n'); | 685 | cp = kex_alg_list('\n'); |
686 | else if (strcmp(optarg, "key") == 0) | 686 | else if (strcmp(optarg, "key") == 0) |
687 | cp = sshkey_alg_list(0, 0, '\n'); | 687 | cp = sshkey_alg_list(0, 0, 0, '\n'); |
688 | else if (strcmp(optarg, "key-cert") == 0) | 688 | else if (strcmp(optarg, "key-cert") == 0) |
689 | cp = sshkey_alg_list(1, 0, '\n'); | 689 | cp = sshkey_alg_list(1, 0, 0, '\n'); |
690 | else if (strcmp(optarg, "key-plain") == 0) | 690 | else if (strcmp(optarg, "key-plain") == 0) |
691 | cp = sshkey_alg_list(0, 1, '\n'); | 691 | cp = sshkey_alg_list(0, 1, 0, '\n'); |
692 | else if (strcmp(optarg, "protocol-version") == 0) { | 692 | else if (strcmp(optarg, "protocol-version") == 0) { |
693 | #ifdef WITH_SSH1 | 693 | #ifdef WITH_SSH1 |
694 | cp = xstrdup("1\n2"); | 694 | cp = xstrdup("1\n2"); |
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: sshkey.c,v 1.44 2017/03/10 03:48:57 dtucker Exp $ */ | 1 | /* $OpenBSD: sshkey.c,v 1.45 2017/03/10 04:07:20 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. | 3 | * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. |
4 | * Copyright (c) 2008 Alexander von Gernler. All rights reserved. | 4 | * Copyright (c) 2008 Alexander von Gernler. All rights reserved. |
@@ -197,14 +197,16 @@ sshkey_ecdsa_nid_from_name(const char *name) | |||
197 | } | 197 | } |
198 | 198 | ||
199 | char * | 199 | char * |
200 | sshkey_alg_list(int certs_only, int plain_only, char sep) | 200 | sshkey_alg_list(int certs_only, int plain_only, int include_sigonly, char sep) |
201 | { | 201 | { |
202 | char *tmp, *ret = NULL; | 202 | char *tmp, *ret = NULL; |
203 | size_t nlen, rlen = 0; | 203 | size_t nlen, rlen = 0; |
204 | const struct keytype *kt; | 204 | const struct keytype *kt; |
205 | 205 | ||
206 | for (kt = keytypes; kt->type != -1; kt++) { | 206 | for (kt = keytypes; kt->type != -1; kt++) { |
207 | if (kt->name == NULL || kt->sigonly) | 207 | if (kt->name == NULL) |
208 | continue; | ||
209 | if (!include_sigonly && kt->sigonly) | ||
208 | continue; | 210 | continue; |
209 | if ((certs_only && !kt->cert) || (plain_only && kt->cert)) | 211 | if ((certs_only && !kt->cert) || (plain_only && kt->cert)) |
210 | continue; | 212 | continue; |
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: sshkey.h,v 1.14 2016/09/12 23:31:27 djm Exp $ */ | 1 | /* $OpenBSD: sshkey.h,v 1.15 2017/03/10 04:07:20 djm Exp $ */ |
2 | 2 | ||
3 | /* | 3 | /* |
4 | * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. | 4 | * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. |
@@ -156,7 +156,7 @@ int sshkey_ec_validate_private(const EC_KEY *); | |||
156 | const char *sshkey_ssh_name(const struct sshkey *); | 156 | const char *sshkey_ssh_name(const struct sshkey *); |
157 | const char *sshkey_ssh_name_plain(const struct sshkey *); | 157 | const char *sshkey_ssh_name_plain(const struct sshkey *); |
158 | int sshkey_names_valid2(const char *, int); | 158 | int sshkey_names_valid2(const char *, int); |
159 | char *sshkey_alg_list(int, int, char); | 159 | char *sshkey_alg_list(int, int, int, char); |
160 | 160 | ||
161 | int sshkey_from_blob(const u_char *, size_t, struct sshkey **); | 161 | int sshkey_from_blob(const u_char *, size_t, struct sshkey **); |
162 | int sshkey_fromb(struct sshbuf *, struct sshkey **); | 162 | int sshkey_fromb(struct sshbuf *, struct sshkey **); |