diff options
| author | djm@openbsd.org <djm@openbsd.org> | 2017-03-10 04:07:20 +0000 |
|---|---|---|
| committer | Damien Miller <djm@mindrot.org> | 2017-03-10 15:35:39 +1100 |
| commit | 183ba55aaaecca0206184b854ad6155df237adbe (patch) | |
| tree | a62c9a5478a8a265d0adf044ccedb2d6b480f16e | |
| parent | 66be4fe8c4435af5bbc82998501a142a831f1181 (diff) | |
upstream commit
fix regression in 7.4 server-sig-algs, where we were
accidentally excluding SHA2 RSA signature methods. bz#2680, patch from Nuno
Goncalves; ok dtucker@
Upstream-ID: 81ac8bfb30960447740b9b8f6a214dcf322f12e8
| -rw-r--r-- | kex.c | 4 | ||||
| -rw-r--r-- | ssh.c | 8 | ||||
| -rw-r--r-- | sshkey.c | 8 | ||||
| -rw-r--r-- | sshkey.h | 4 |
4 files changed, 13 insertions, 11 deletions
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: kex.c,v 1.129 2017/03/10 03:45:40 dtucker Exp $ */ | 1 | /* $OpenBSD: kex.c,v 1.130 2017/03/10 04:07:20 djm Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. | 3 | * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. |
| 4 | * | 4 | * |
| @@ -350,7 +350,7 @@ kex_send_ext_info(struct ssh *ssh) | |||
| 350 | int r; | 350 | int r; |
| 351 | char *algs; | 351 | char *algs; |
| 352 | 352 | ||
| 353 | if ((algs = sshkey_alg_list(0, 1, ',')) == NULL) | 353 | if ((algs = sshkey_alg_list(0, 1, 1, ',')) == NULL) |
| 354 | return SSH_ERR_ALLOC_FAIL; | 354 | return SSH_ERR_ALLOC_FAIL; |
| 355 | if ((r = sshpkt_start(ssh, SSH2_MSG_EXT_INFO)) != 0 || | 355 | if ((r = sshpkt_start(ssh, SSH2_MSG_EXT_INFO)) != 0 || |
| 356 | (r = sshpkt_put_u32(ssh, 1)) != 0 || | 356 | (r = sshpkt_put_u32(ssh, 1)) != 0 || |
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: ssh.c,v 1.450 2017/03/08 12:07:47 djm Exp $ */ | 1 | /* $OpenBSD: ssh.c,v 1.451 2017/03/10 04:07:20 djm Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
| 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
| @@ -684,11 +684,11 @@ main(int ac, char **av) | |||
| 684 | else if (strcmp(optarg, "kex") == 0) | 684 | else if (strcmp(optarg, "kex") == 0) |
| 685 | cp = kex_alg_list('\n'); | 685 | cp = kex_alg_list('\n'); |
| 686 | else if (strcmp(optarg, "key") == 0) | 686 | else if (strcmp(optarg, "key") == 0) |
| 687 | cp = sshkey_alg_list(0, 0, '\n'); | 687 | cp = sshkey_alg_list(0, 0, 0, '\n'); |
| 688 | else if (strcmp(optarg, "key-cert") == 0) | 688 | else if (strcmp(optarg, "key-cert") == 0) |
| 689 | cp = sshkey_alg_list(1, 0, '\n'); | 689 | cp = sshkey_alg_list(1, 0, 0, '\n'); |
| 690 | else if (strcmp(optarg, "key-plain") == 0) | 690 | else if (strcmp(optarg, "key-plain") == 0) |
| 691 | cp = sshkey_alg_list(0, 1, '\n'); | 691 | cp = sshkey_alg_list(0, 1, 0, '\n'); |
| 692 | else if (strcmp(optarg, "protocol-version") == 0) { | 692 | else if (strcmp(optarg, "protocol-version") == 0) { |
| 693 | #ifdef WITH_SSH1 | 693 | #ifdef WITH_SSH1 |
| 694 | cp = xstrdup("1\n2"); | 694 | cp = xstrdup("1\n2"); |
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: sshkey.c,v 1.44 2017/03/10 03:48:57 dtucker Exp $ */ | 1 | /* $OpenBSD: sshkey.c,v 1.45 2017/03/10 04:07:20 djm Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. | 3 | * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. |
| 4 | * Copyright (c) 2008 Alexander von Gernler. All rights reserved. | 4 | * Copyright (c) 2008 Alexander von Gernler. All rights reserved. |
| @@ -197,14 +197,16 @@ sshkey_ecdsa_nid_from_name(const char *name) | |||
| 197 | } | 197 | } |
| 198 | 198 | ||
| 199 | char * | 199 | char * |
| 200 | sshkey_alg_list(int certs_only, int plain_only, char sep) | 200 | sshkey_alg_list(int certs_only, int plain_only, int include_sigonly, char sep) |
| 201 | { | 201 | { |
| 202 | char *tmp, *ret = NULL; | 202 | char *tmp, *ret = NULL; |
| 203 | size_t nlen, rlen = 0; | 203 | size_t nlen, rlen = 0; |
| 204 | const struct keytype *kt; | 204 | const struct keytype *kt; |
| 205 | 205 | ||
| 206 | for (kt = keytypes; kt->type != -1; kt++) { | 206 | for (kt = keytypes; kt->type != -1; kt++) { |
| 207 | if (kt->name == NULL || kt->sigonly) | 207 | if (kt->name == NULL) |
| 208 | continue; | ||
| 209 | if (!include_sigonly && kt->sigonly) | ||
| 208 | continue; | 210 | continue; |
| 209 | if ((certs_only && !kt->cert) || (plain_only && kt->cert)) | 211 | if ((certs_only && !kt->cert) || (plain_only && kt->cert)) |
| 210 | continue; | 212 | continue; |
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: sshkey.h,v 1.14 2016/09/12 23:31:27 djm Exp $ */ | 1 | /* $OpenBSD: sshkey.h,v 1.15 2017/03/10 04:07:20 djm Exp $ */ |
| 2 | 2 | ||
| 3 | /* | 3 | /* |
| 4 | * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. | 4 | * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. |
| @@ -156,7 +156,7 @@ int sshkey_ec_validate_private(const EC_KEY *); | |||
| 156 | const char *sshkey_ssh_name(const struct sshkey *); | 156 | const char *sshkey_ssh_name(const struct sshkey *); |
| 157 | const char *sshkey_ssh_name_plain(const struct sshkey *); | 157 | const char *sshkey_ssh_name_plain(const struct sshkey *); |
| 158 | int sshkey_names_valid2(const char *, int); | 158 | int sshkey_names_valid2(const char *, int); |
| 159 | char *sshkey_alg_list(int, int, char); | 159 | char *sshkey_alg_list(int, int, int, char); |
| 160 | 160 | ||
| 161 | int sshkey_from_blob(const u_char *, size_t, struct sshkey **); | 161 | int sshkey_from_blob(const u_char *, size_t, struct sshkey **); |
| 162 | int sshkey_fromb(struct sshbuf *, struct sshkey **); | 162 | int sshkey_fromb(struct sshbuf *, struct sshkey **); |