diff options
author | djm@openbsd.org <djm@openbsd.org> | 2016-09-12 23:31:27 +0000 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 2016-09-13 09:33:24 +1000 |
commit | 130f5df4fa37cace8c079dccb690e5cafbf00751 (patch) | |
tree | 6be59a00f7c45be11ffc8d40fa79a7c4a57e0a2f | |
parent | 8f750ccfc07acb8aa98be5a5dd935033a6468cfd (diff) |
upstream commit
list all supported signature algorithms in the
server-sig-algs Reported by mb AT smartftp.com in bz#2547 and (independantly)
Ron Frederick; ok markus@
Upstream-ID: ddf702d721f54646b11ef2cee6d916666cb685cd
-rw-r--r-- | kex.c | 13 | ||||
-rw-r--r-- | key.h | 3 | ||||
-rw-r--r-- | ssh.c | 8 | ||||
-rw-r--r-- | sshkey.c | 6 | ||||
-rw-r--r-- | sshkey.h | 4 |
5 files changed, 20 insertions, 14 deletions
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: kex.c,v 1.120 2016/09/12 01:22:38 deraadt Exp $ */ | 1 | /* $OpenBSD: kex.c,v 1.121 2016/09/12 23:31:27 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. | 3 | * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. |
4 | * | 4 | * |
@@ -340,13 +340,20 @@ static int | |||
340 | kex_send_ext_info(struct ssh *ssh) | 340 | kex_send_ext_info(struct ssh *ssh) |
341 | { | 341 | { |
342 | int r; | 342 | int r; |
343 | char *algs; | ||
343 | 344 | ||
345 | if ((algs = sshkey_alg_list(0, 1, ',')) == NULL) | ||
346 | return SSH_ERR_ALLOC_FAIL; | ||
344 | if ((r = sshpkt_start(ssh, SSH2_MSG_EXT_INFO)) != 0 || | 347 | if ((r = sshpkt_start(ssh, SSH2_MSG_EXT_INFO)) != 0 || |
345 | (r = sshpkt_put_u32(ssh, 1)) != 0 || | 348 | (r = sshpkt_put_u32(ssh, 1)) != 0 || |
346 | (r = sshpkt_put_cstring(ssh, "server-sig-algs")) != 0 || | 349 | (r = sshpkt_put_cstring(ssh, "server-sig-algs")) != 0 || |
347 | (r = sshpkt_put_cstring(ssh, "rsa-sha2-256,rsa-sha2-512")) != 0 || | 350 | (r = sshpkt_put_cstring(ssh, algs)) != 0 || |
348 | (r = sshpkt_send(ssh)) != 0) | 351 | (r = sshpkt_send(ssh)) != 0) |
349 | return r; | 352 | goto out; |
353 | /* success */ | ||
354 | r = 0; | ||
355 | out: | ||
356 | free(algs); | ||
350 | return 0; | 357 | return 0; |
351 | } | 358 | } |
352 | 359 | ||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: key.h,v 1.49 2015/12/04 16:41:28 markus Exp $ */ | 1 | /* $OpenBSD: key.h,v 1.50 2016/09/12 23:31:27 djm Exp $ */ |
2 | 2 | ||
3 | /* | 3 | /* |
4 | * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. | 4 | * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. |
@@ -74,7 +74,6 @@ int key_certify(Key *, Key *); | |||
74 | void key_cert_copy(const Key *, Key *); | 74 | void key_cert_copy(const Key *, Key *); |
75 | int key_cert_check_authority(const Key *, int, int, const char *, | 75 | int key_cert_check_authority(const Key *, int, int, const char *, |
76 | const char **); | 76 | const char **); |
77 | char *key_alg_list(int, int); | ||
78 | 77 | ||
79 | #if defined(WITH_OPENSSL) && defined(OPENSSL_HAS_ECC) | 78 | #if defined(WITH_OPENSSL) && defined(OPENSSL_HAS_ECC) |
80 | int key_ec_validate_public(const EC_GROUP *, const EC_POINT *); | 79 | int key_ec_validate_public(const EC_GROUP *, const EC_POINT *); |
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: ssh.c,v 1.445 2016/07/17 04:20:16 djm Exp $ */ | 1 | /* $OpenBSD: ssh.c,v 1.446 2016/09/12 23:31:27 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
@@ -685,11 +685,11 @@ main(int ac, char **av) | |||
685 | else if (strcmp(optarg, "kex") == 0) | 685 | else if (strcmp(optarg, "kex") == 0) |
686 | cp = kex_alg_list('\n'); | 686 | cp = kex_alg_list('\n'); |
687 | else if (strcmp(optarg, "key") == 0) | 687 | else if (strcmp(optarg, "key") == 0) |
688 | cp = key_alg_list(0, 0); | 688 | cp = sshkey_alg_list(0, 0, '\n'); |
689 | else if (strcmp(optarg, "key-cert") == 0) | 689 | else if (strcmp(optarg, "key-cert") == 0) |
690 | cp = key_alg_list(1, 0); | 690 | cp = sshkey_alg_list(1, 0, '\n'); |
691 | else if (strcmp(optarg, "key-plain") == 0) | 691 | else if (strcmp(optarg, "key-plain") == 0) |
692 | cp = key_alg_list(0, 1); | 692 | cp = sshkey_alg_list(0, 1, '\n'); |
693 | else if (strcmp(optarg, "protocol-version") == 0) { | 693 | else if (strcmp(optarg, "protocol-version") == 0) { |
694 | #ifdef WITH_SSH1 | 694 | #ifdef WITH_SSH1 |
695 | cp = xstrdup("1\n2"); | 695 | cp = xstrdup("1\n2"); |
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: sshkey.c,v 1.37 2016/09/12 01:22:38 deraadt Exp $ */ | 1 | /* $OpenBSD: sshkey.c,v 1.38 2016/09/12 23:31:27 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. | 3 | * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. |
4 | * Copyright (c) 2008 Alexander von Gernler. All rights reserved. | 4 | * Copyright (c) 2008 Alexander von Gernler. All rights reserved. |
@@ -195,7 +195,7 @@ sshkey_ecdsa_nid_from_name(const char *name) | |||
195 | } | 195 | } |
196 | 196 | ||
197 | char * | 197 | char * |
198 | key_alg_list(int certs_only, int plain_only) | 198 | sshkey_alg_list(int certs_only, int plain_only, char sep) |
199 | { | 199 | { |
200 | char *tmp, *ret = NULL; | 200 | char *tmp, *ret = NULL; |
201 | size_t nlen, rlen = 0; | 201 | size_t nlen, rlen = 0; |
@@ -207,7 +207,7 @@ key_alg_list(int certs_only, int plain_only) | |||
207 | if ((certs_only && !kt->cert) || (plain_only && kt->cert)) | 207 | if ((certs_only && !kt->cert) || (plain_only && kt->cert)) |
208 | continue; | 208 | continue; |
209 | if (ret != NULL) | 209 | if (ret != NULL) |
210 | ret[rlen++] = '\n'; | 210 | ret[rlen++] = sep; |
211 | nlen = strlen(kt->name); | 211 | nlen = strlen(kt->name); |
212 | if ((tmp = realloc(ret, rlen + nlen + 2)) == NULL) { | 212 | if ((tmp = realloc(ret, rlen + nlen + 2)) == NULL) { |
213 | free(ret); | 213 | free(ret); |
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: sshkey.h,v 1.13 2016/05/02 09:36:42 djm Exp $ */ | 1 | /* $OpenBSD: sshkey.h,v 1.14 2016/09/12 23:31:27 djm Exp $ */ |
2 | 2 | ||
3 | /* | 3 | /* |
4 | * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. | 4 | * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. |
@@ -156,7 +156,7 @@ int sshkey_ec_validate_private(const EC_KEY *); | |||
156 | const char *sshkey_ssh_name(const struct sshkey *); | 156 | const char *sshkey_ssh_name(const struct sshkey *); |
157 | const char *sshkey_ssh_name_plain(const struct sshkey *); | 157 | const char *sshkey_ssh_name_plain(const struct sshkey *); |
158 | int sshkey_names_valid2(const char *, int); | 158 | int sshkey_names_valid2(const char *, int); |
159 | char *key_alg_list(int, int); | 159 | char *sshkey_alg_list(int, int, char); |
160 | 160 | ||
161 | int sshkey_from_blob(const u_char *, size_t, struct sshkey **); | 161 | int sshkey_from_blob(const u_char *, size_t, struct sshkey **); |
162 | int sshkey_fromb(struct sshbuf *, struct sshkey **); | 162 | int sshkey_fromb(struct sshbuf *, struct sshkey **); |