diff options
author | Damien Miller <djm@mindrot.org> | 2013-07-20 13:21:52 +1000 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 2013-07-20 13:21:52 +1000 |
commit | 85b45e09188e7a7fc8f0a900a4c6a0f04a5720a7 (patch) | |
tree | 575942d7e7a835c3b89b59eb0e9e0ecf34f1811b /kexecdhs.c | |
parent | d93340cbb6bc0fc0dbd4427e0cec6d994a494dd9 (diff) |
- markus@cvs.openbsd.org 2013/07/19 07:37:48
[auth.h kex.h kexdhs.c kexecdhs.c kexgexs.c monitor.c servconf.c]
[servconf.h session.c sshd.c sshd_config.5]
add ssh-agent(1) support to sshd(8); allows encrypted hostkeys,
or hostkeys on smartcards; most of the work by Zev Weiss; bz #1974
ok djm@
Diffstat (limited to 'kexecdhs.c')
-rw-r--r-- | kexecdhs.c | 10 |
1 files changed, 3 insertions, 7 deletions
diff --git a/kexecdhs.c b/kexecdhs.c index c42dcf448..3a580aacf 100644 --- a/kexecdhs.c +++ b/kexecdhs.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: kexecdhs.c,v 1.4 2013/05/17 00:13:13 djm Exp $ */ | 1 | /* $OpenBSD: kexecdhs.c,v 1.5 2013/07/19 07:37:48 markus Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 2001 Markus Friedl. All rights reserved. | 3 | * Copyright (c) 2001 Markus Friedl. All rights reserved. |
4 | * Copyright (c) 2010 Damien Miller. All rights reserved. | 4 | * Copyright (c) 2010 Damien Miller. All rights reserved. |
@@ -78,9 +78,6 @@ kexecdh_server(Kex *kex) | |||
78 | if (server_host_public == NULL) | 78 | if (server_host_public == NULL) |
79 | fatal("Unsupported hostkey type %d", kex->hostkey_type); | 79 | fatal("Unsupported hostkey type %d", kex->hostkey_type); |
80 | server_host_private = kex->load_host_private_key(kex->hostkey_type); | 80 | server_host_private = kex->load_host_private_key(kex->hostkey_type); |
81 | if (server_host_private == NULL) | ||
82 | fatal("Missing private key for hostkey type %d", | ||
83 | kex->hostkey_type); | ||
84 | 81 | ||
85 | debug("expecting SSH2_MSG_KEX_ECDH_INIT"); | 82 | debug("expecting SSH2_MSG_KEX_ECDH_INIT"); |
86 | packet_read_expect(SSH2_MSG_KEX_ECDH_INIT); | 83 | packet_read_expect(SSH2_MSG_KEX_ECDH_INIT); |
@@ -139,9 +136,8 @@ kexecdh_server(Kex *kex) | |||
139 | } | 136 | } |
140 | 137 | ||
141 | /* sign H */ | 138 | /* sign H */ |
142 | if (PRIVSEP(key_sign(server_host_private, &signature, &slen, | 139 | kex->sign(server_host_private, server_host_public, &signature, &slen, |
143 | hash, hashlen)) < 0) | 140 | hash, hashlen); |
144 | fatal("kexdh_server: key_sign failed"); | ||
145 | 141 | ||
146 | /* destroy_sensitive_data(); */ | 142 | /* destroy_sensitive_data(); */ |
147 | 143 | ||