summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDamien Miller <djm@mindrot.org>2013-11-08 12:16:49 +1100
committerDamien Miller <djm@mindrot.org>2013-11-08 12:16:49 +1100
commit690d989008e18af3603a5e03f1276c9bad090370 (patch)
tree60dc95d5ad849ee6600da56ac4635b42740aad60
parent08998c5fb9c7c1d248caa73b76e02ca0482e6d85 (diff)
- dtucker@cvs.openbsd.org 2013/11/07 11:58:27
[cipher.c cipher.h kex.c kex.h mac.c mac.h servconf.c ssh.c] Output the effective values of Ciphers, MACs and KexAlgorithms when the default has not been overridden. ok markus@
-rw-r--r--ChangeLog5
-rw-r--r--cipher.c8
-rw-r--r--cipher.h4
-rw-r--r--kex.c6
-rw-r--r--kex.h4
-rw-r--r--mac.c8
-rw-r--r--mac.h4
-rw-r--r--servconf.c9
-rw-r--r--ssh.c8
9 files changed, 32 insertions, 24 deletions
diff --git a/ChangeLog b/ChangeLog
index ca7cb03e0..a7098f6d5 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -3,6 +3,11 @@
3 - dtucker@cvs.openbsd.org 2013/11/08 01:06:14 3 - dtucker@cvs.openbsd.org 2013/11/08 01:06:14
4 [regress/rekey.sh] 4 [regress/rekey.sh]
5 Rekey less frequently during tests to speed them up 5 Rekey less frequently during tests to speed them up
6 - (djm) OpenBSD CVS Sync
7 - dtucker@cvs.openbsd.org 2013/11/07 11:58:27
8 [cipher.c cipher.h kex.c kex.h mac.c mac.h servconf.c ssh.c]
9 Output the effective values of Ciphers, MACs and KexAlgorithms when
10 the default has not been overridden. ok markus@
6 11
720131107 1220131107
8 - (djm) [ssh-pkcs11.c] Bring back "non-constant initialiser" fix (rev 1.5) 13 - (djm) [ssh-pkcs11.c] Bring back "non-constant initialiser" fix (rev 1.5)
diff --git a/cipher.c b/cipher.c
index a2cbe2bea..54315f488 100644
--- a/cipher.c
+++ b/cipher.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: cipher.c,v 1.89 2013/05/17 00:13:13 djm Exp $ */ 1/* $OpenBSD: cipher.c,v 1.90 2013/11/07 11:58:27 dtucker Exp $ */
2/* 2/*
3 * Author: Tatu Ylonen <ylo@cs.hut.fi> 3 * Author: Tatu Ylonen <ylo@cs.hut.fi>
4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland 4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -100,9 +100,9 @@ static const struct Cipher ciphers[] = {
100 100
101/*--*/ 101/*--*/
102 102
103/* Returns a comma-separated list of supported ciphers. */ 103/* Returns a list of supported ciphers separated by the specified char. */
104char * 104char *
105cipher_alg_list(void) 105cipher_alg_list(char sep)
106{ 106{
107 char *ret = NULL; 107 char *ret = NULL;
108 size_t nlen, rlen = 0; 108 size_t nlen, rlen = 0;
@@ -112,7 +112,7 @@ cipher_alg_list(void)
112 if (c->number != SSH_CIPHER_SSH2) 112 if (c->number != SSH_CIPHER_SSH2)
113 continue; 113 continue;
114 if (ret != NULL) 114 if (ret != NULL)
115 ret[rlen++] = '\n'; 115 ret[rlen++] = sep;
116 nlen = strlen(c->name); 116 nlen = strlen(c->name);
117 ret = xrealloc(ret, 1, rlen + nlen + 2); 117 ret = xrealloc(ret, 1, rlen + nlen + 2);
118 memcpy(ret + rlen, c->name, nlen + 1); 118 memcpy(ret + rlen, c->name, nlen + 1);
diff --git a/cipher.h b/cipher.h
index b878d50f4..46502348b 100644
--- a/cipher.h
+++ b/cipher.h
@@ -1,4 +1,4 @@
1/* $OpenBSD: cipher.h,v 1.40 2013/04/19 01:06:50 djm Exp $ */ 1/* $OpenBSD: cipher.h,v 1.41 2013/11/07 11:58:27 dtucker Exp $ */
2 2
3/* 3/*
4 * Author: Tatu Ylonen <ylo@cs.hut.fi> 4 * Author: Tatu Ylonen <ylo@cs.hut.fi>
@@ -75,7 +75,7 @@ const Cipher *cipher_by_number(int);
75int cipher_number(const char *); 75int cipher_number(const char *);
76char *cipher_name(int); 76char *cipher_name(int);
77int ciphers_valid(const char *); 77int ciphers_valid(const char *);
78char *cipher_alg_list(void); 78char *cipher_alg_list(char);
79void cipher_init(CipherContext *, const Cipher *, const u_char *, u_int, 79void cipher_init(CipherContext *, const Cipher *, const u_char *, u_int,
80 const u_char *, u_int, int); 80 const u_char *, u_int, int);
81void cipher_crypt(CipherContext *, u_char *, const u_char *, 81void cipher_crypt(CipherContext *, u_char *, const u_char *,
diff --git a/kex.c b/kex.c
index 07f25e2e2..0b139dc67 100644
--- a/kex.c
+++ b/kex.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: kex.c,v 1.92 2013/11/02 21:59:15 markus Exp $ */ 1/* $OpenBSD: kex.c,v 1.93 2013/11/07 11:58:27 dtucker Exp $ */
2/* 2/*
3 * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. 3 * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved.
4 * 4 *
@@ -85,7 +85,7 @@ static const struct kexalg kexalgs[] = {
85}; 85};
86 86
87char * 87char *
88kex_alg_list(void) 88kex_alg_list(char sep)
89{ 89{
90 char *ret = NULL; 90 char *ret = NULL;
91 size_t nlen, rlen = 0; 91 size_t nlen, rlen = 0;
@@ -93,7 +93,7 @@ kex_alg_list(void)
93 93
94 for (k = kexalgs; k->name != NULL; k++) { 94 for (k = kexalgs; k->name != NULL; k++) {
95 if (ret != NULL) 95 if (ret != NULL)
96 ret[rlen++] = '\n'; 96 ret[rlen++] = sep;
97 nlen = strlen(k->name); 97 nlen = strlen(k->name);
98 ret = xrealloc(ret, 1, rlen + nlen + 2); 98 ret = xrealloc(ret, 1, rlen + nlen + 2);
99 memcpy(ret + rlen, k->name, nlen + 1); 99 memcpy(ret + rlen, k->name, nlen + 1);
diff --git a/kex.h b/kex.h
index 0f67f5934..800a69233 100644
--- a/kex.h
+++ b/kex.h
@@ -1,4 +1,4 @@
1/* $OpenBSD: kex.h,v 1.57 2013/11/02 21:59:15 markus Exp $ */ 1/* $OpenBSD: kex.h,v 1.58 2013/11/07 11:58:27 dtucker Exp $ */
2 2
3/* 3/*
4 * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. 4 * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved.
@@ -146,7 +146,7 @@ struct Kex {
146}; 146};
147 147
148int kex_names_valid(const char *); 148int kex_names_valid(const char *);
149char *kex_alg_list(void); 149char *kex_alg_list(char);
150 150
151Kex *kex_setup(char *[PROPOSAL_MAX]); 151Kex *kex_setup(char *[PROPOSAL_MAX]);
152void kex_finish(Kex *); 152void kex_finish(Kex *);
diff --git a/mac.c b/mac.c
index c4dfb501d..c71b6a741 100644
--- a/mac.c
+++ b/mac.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: mac.c,v 1.24 2013/06/03 00:03:18 dtucker Exp $ */ 1/* $OpenBSD: mac.c,v 1.25 2013/11/07 11:58:27 dtucker Exp $ */
2/* 2/*
3 * Copyright (c) 2001 Markus Friedl. All rights reserved. 3 * Copyright (c) 2001 Markus Friedl. All rights reserved.
4 * 4 *
@@ -91,9 +91,9 @@ static const struct macalg macs[] = {
91 { NULL, 0, NULL, 0, 0, 0, 0 } 91 { NULL, 0, NULL, 0, 0, 0, 0 }
92}; 92};
93 93
94/* Returns a comma-separated list of supported MACs. */ 94/* Returns a list of supported MACs separated by the specified char. */
95char * 95char *
96mac_alg_list(void) 96mac_alg_list(char sep)
97{ 97{
98 char *ret = NULL; 98 char *ret = NULL;
99 size_t nlen, rlen = 0; 99 size_t nlen, rlen = 0;
@@ -101,7 +101,7 @@ mac_alg_list(void)
101 101
102 for (m = macs; m->name != NULL; m++) { 102 for (m = macs; m->name != NULL; m++) {
103 if (ret != NULL) 103 if (ret != NULL)
104 ret[rlen++] = '\n'; 104 ret[rlen++] = sep;
105 nlen = strlen(m->name); 105 nlen = strlen(m->name);
106 ret = xrealloc(ret, 1, rlen + nlen + 2); 106 ret = xrealloc(ret, 1, rlen + nlen + 2);
107 memcpy(ret + rlen, m->name, nlen + 1); 107 memcpy(ret + rlen, m->name, nlen + 1);
diff --git a/mac.h b/mac.h
index 260798ab3..fbe18c463 100644
--- a/mac.h
+++ b/mac.h
@@ -1,4 +1,4 @@
1/* $OpenBSD: mac.h,v 1.7 2013/04/19 01:06:50 djm Exp $ */ 1/* $OpenBSD: mac.h,v 1.8 2013/11/07 11:58:27 dtucker Exp $ */
2/* 2/*
3 * Copyright (c) 2001 Markus Friedl. All rights reserved. 3 * Copyright (c) 2001 Markus Friedl. All rights reserved.
4 * 4 *
@@ -24,7 +24,7 @@
24 */ 24 */
25 25
26int mac_valid(const char *); 26int mac_valid(const char *);
27char *mac_alg_list(void); 27char *mac_alg_list(char);
28int mac_setup(Mac *, char *); 28int mac_setup(Mac *, char *);
29int mac_init(Mac *); 29int mac_init(Mac *);
30u_char *mac_compute(Mac *, u_int32_t, u_char *, int); 30u_char *mac_compute(Mac *, u_int32_t, u_char *, int);
diff --git a/servconf.c b/servconf.c
index 0f1bdd09a..3593223f7 100644
--- a/servconf.c
+++ b/servconf.c
@@ -1,5 +1,5 @@
1 1
2/* $OpenBSD: servconf.c,v 1.244 2013/10/29 09:48:02 djm Exp $ */ 2/* $OpenBSD: servconf.c,v 1.245 2013/11/07 11:58:27 dtucker Exp $ */
3/* 3/*
4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland 4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
5 * All rights reserved 5 * All rights reserved
@@ -2037,8 +2037,9 @@ dump_config(ServerOptions *o)
2037 /* string arguments */ 2037 /* string arguments */
2038 dump_cfg_string(sPidFile, o->pid_file); 2038 dump_cfg_string(sPidFile, o->pid_file);
2039 dump_cfg_string(sXAuthLocation, o->xauth_location); 2039 dump_cfg_string(sXAuthLocation, o->xauth_location);
2040 dump_cfg_string(sCiphers, o->ciphers); 2040 dump_cfg_string(sCiphers, o->ciphers ? o->ciphers :
2041 dump_cfg_string(sMacs, o->macs); 2041 cipher_alg_list(','));
2042 dump_cfg_string(sMacs, o->macs ? o->macs : mac_alg_list(','));
2042 dump_cfg_string(sBanner, o->banner); 2043 dump_cfg_string(sBanner, o->banner);
2043 dump_cfg_string(sForceCommand, o->adm_forced_command); 2044 dump_cfg_string(sForceCommand, o->adm_forced_command);
2044 dump_cfg_string(sChrootDirectory, o->chroot_directory); 2045 dump_cfg_string(sChrootDirectory, o->chroot_directory);
@@ -2050,6 +2051,8 @@ dump_config(ServerOptions *o)
2050 dump_cfg_string(sAuthorizedKeysCommand, o->authorized_keys_command); 2051 dump_cfg_string(sAuthorizedKeysCommand, o->authorized_keys_command);
2051 dump_cfg_string(sAuthorizedKeysCommandUser, o->authorized_keys_command_user); 2052 dump_cfg_string(sAuthorizedKeysCommandUser, o->authorized_keys_command_user);
2052 dump_cfg_string(sHostKeyAgent, o->host_key_agent); 2053 dump_cfg_string(sHostKeyAgent, o->host_key_agent);
2054 dump_cfg_string(sKexAlgorithms, o->kex_algorithms ? o->kex_algorithms :
2055 kex_alg_list(','));
2053 2056
2054 /* string arguments requiring a lookup */ 2057 /* string arguments requiring a lookup */
2055 dump_cfg_string(sLogLevel, log_level_name(o->log_level)); 2058 dump_cfg_string(sLogLevel, log_level_name(o->log_level));
diff --git a/ssh.c b/ssh.c
index ef94591b1..e2c43634a 100644
--- a/ssh.c
+++ b/ssh.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssh.c,v 1.391 2013/10/25 23:04:51 djm Exp $ */ 1/* $OpenBSD: ssh.c,v 1.392 2013/11/07 11:58:27 dtucker Exp $ */
2/* 2/*
3 * Author: Tatu Ylonen <ylo@cs.hut.fi> 3 * Author: Tatu Ylonen <ylo@cs.hut.fi>
4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland 4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -520,11 +520,11 @@ main(int ac, char **av)
520 case 'Q': /* deprecated */ 520 case 'Q': /* deprecated */
521 cp = NULL; 521 cp = NULL;
522 if (strcasecmp(optarg, "cipher") == 0) 522 if (strcasecmp(optarg, "cipher") == 0)
523 cp = cipher_alg_list(); 523 cp = cipher_alg_list('\n');
524 else if (strcasecmp(optarg, "mac") == 0) 524 else if (strcasecmp(optarg, "mac") == 0)
525 cp = mac_alg_list(); 525 cp = mac_alg_list('\n');
526 else if (strcasecmp(optarg, "kex") == 0) 526 else if (strcasecmp(optarg, "kex") == 0)
527 cp = kex_alg_list(); 527 cp = kex_alg_list('\n');
528 else if (strcasecmp(optarg, "key") == 0) 528 else if (strcasecmp(optarg, "key") == 0)
529 cp = key_alg_list(); 529 cp = key_alg_list();
530 if (cp == NULL) 530 if (cp == NULL)