- markus@cvs.openbsd.org 2013/07/19 07:37:48

     [auth.h kex.h kexdhs.c kexecdhs.c kexgexs.c monitor.c servconf.c]
     [servconf.h session.c sshd.c sshd_config.5]
     add ssh-agent(1) support to sshd(8); allows encrypted hostkeys,
     or hostkeys on smartcards; most of the work by Zev Weiss; bz #1974
     ok djm@

1 files changed, 3 insertions, 7 deletions

diff --git a/kexecdhs.c b/kexecdhs.c
index c42dcf448..3a580aacf 100644
--- a/kexecdhs.c
+++ b/kexecdhs.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: kexecdhs.c,v 1.4 2013/05/17 00:13:13 djm Exp $ */
+/* $OpenBSD: kexecdhs.c,v 1.5 2013/07/19 07:37:48 markus Exp $ */
 /*
  * Copyright (c) 2001 Markus Friedl.  All rights reserved.
  * Copyright (c) 2010 Damien Miller.  All rights reserved.
@@ -78,9 +78,6 @@ kexecdh_server(Kex *kex)
         if (server_host_public == NULL)
                 fatal("Unsupported hostkey type %d", kex->hostkey_type);
         server_host_private = kex->load_host_private_key(kex->hostkey_type);
-        if (server_host_private == NULL)
-                fatal("Missing private key for hostkey type %d",
-                    kex->hostkey_type);
 
         debug("expecting SSH2_MSG_KEX_ECDH_INIT");
         packet_read_expect(SSH2_MSG_KEX_ECDH_INIT);
@@ -139,9 +136,8 @@ kexecdh_server(Kex *kex)
         }
 
         /* sign H */
-        if (PRIVSEP(key_sign(server_host_private, &signature, &slen,
-            hash, hashlen)) < 0)
-                fatal("kexdh_server: key_sign failed");
+        kex->sign(server_host_private, server_host_public, &signature, &slen,
+            hash, hashlen);
 
         /* destroy_sensitive_data(); */