diff options
| author | Damien Miller <djm@mindrot.org> | 2010-09-24 22:11:14 +1000 |
|---|---|---|
| committer | Damien Miller <djm@mindrot.org> | 2010-09-24 22:11:14 +1000 |
| commit | d5f62bf280b0798d7009d4424594a648a4e887fb (patch) | |
| tree | 5f18078ea61f6c5503dc4addfb2f17d13844692c /kexecdh.c | |
| parent | 603134e077e667b4819effb0e121803842df621f (diff) | |
- djm@cvs.openbsd.org 2010/09/22 05:01:30
[kex.c kex.h kexecdh.c kexecdhc.c kexecdhs.c readconf.c readconf.h]
[servconf.c servconf.h ssh_config.5 sshconnect2.c sshd.c sshd_config.5]
add a KexAlgorithms knob to the client and server configuration to allow
selection of which key exchange methods are used by ssh(1) and sshd(8)
and their order of preference.
ok markus@
Diffstat (limited to 'kexecdh.c')
| -rw-r--r-- | kexecdh.c | 12 |
1 files changed, 4 insertions, 8 deletions
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: kexecdh.c,v 1.2 2010/09/09 10:45:45 djm Exp $ */ | 1 | /* $OpenBSD: kexecdh.c,v 1.3 2010/09/22 05:01:29 djm Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Copyright (c) 2001 Markus Friedl. All rights reserved. | 3 | * Copyright (c) 2001 Markus Friedl. All rights reserved. |
| 4 | * Copyright (c) 2010 Damien Miller. All rights reserved. | 4 | * Copyright (c) 2010 Damien Miller. All rights reserved. |
| @@ -48,15 +48,9 @@ | |||
| 48 | int | 48 | int |
| 49 | kex_ecdh_name_to_nid(const char *kexname) | 49 | kex_ecdh_name_to_nid(const char *kexname) |
| 50 | { | 50 | { |
| 51 | int ret; | ||
| 52 | |||
| 53 | if (strlen(kexname) < sizeof(KEX_ECDH_SHA2_STEM) - 1) | 51 | if (strlen(kexname) < sizeof(KEX_ECDH_SHA2_STEM) - 1) |
| 54 | fatal("%s: kexname too short \"%s\"", __func__, kexname); | 52 | fatal("%s: kexname too short \"%s\"", __func__, kexname); |
| 55 | ret = key_curve_name_to_nid(kexname + sizeof(KEX_ECDH_SHA2_STEM) - 1); | 53 | return key_curve_name_to_nid(kexname + sizeof(KEX_ECDH_SHA2_STEM) - 1); |
| 56 | if (ret == -1) | ||
| 57 | fatal("%s: unsupported curve negotiated \"%s\"", __func__, | ||
| 58 | kexname); | ||
| 59 | return ret; | ||
| 60 | } | 54 | } |
| 61 | 55 | ||
| 62 | const EVP_MD * | 56 | const EVP_MD * |
| @@ -64,6 +58,8 @@ kex_ecdh_name_to_evpmd(const char *kexname) | |||
| 64 | { | 58 | { |
| 65 | int nid = kex_ecdh_name_to_nid(kexname); | 59 | int nid = kex_ecdh_name_to_nid(kexname); |
| 66 | 60 | ||
| 61 | if (nid == -1) | ||
| 62 | fatal("%s: unsupported ECDH curve \"%s\"", __func__, kexname); | ||
| 67 | return key_ec_nid_to_evpmd(nid); | 63 | return key_ec_nid_to_evpmd(nid); |
| 68 | } | 64 | } |
| 69 | 65 | ||