merge 5.7p1

1 files changed, 5 insertions, 4 deletions

diff --git a/monitor.c b/monitor.c
index 517acf3dc..73702d174 100644
--- a/monitor.c
+++ b/monitor.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: monitor.c,v 1.108 2010/07/13 23:13:16 djm Exp $ */
+/* $OpenBSD: monitor.c,v 1.110 2010/09/09 10:45:45 djm Exp $ */
 /*
  * Copyright 2002 Niels Provos <provos@citi.umich.edu>
  * Copyright 2002 Markus Friedl <markus@openbsd.org>
@@ -607,10 +607,10 @@ mm_answer_sign(int sock, Buffer *m)
         p = buffer_get_string(m, &datlen);
 
         /*
-         * Supported KEX types will only return SHA1 (20 byte) or
-         * SHA256 (32 byte) hashes
+         * Supported KEX types use SHA1 (20 bytes), SHA256 (32 bytes),
+         * SHA384 (48 bytes) and SHA512 (64 bytes).
          */
-        if (datlen != 20 && datlen != 32)
+        if (datlen != 20 && datlen != 32 && datlen != 48 && datlen != 64)
                 fatal("%s: data length incorrect: %u", __func__, datlen);
 
         /* save session id, it will be passed on the first call */
@@ -1708,6 +1708,7 @@ mm_get_kex(Buffer *m)
         kex->kex[KEX_DH_GRP14_SHA1] = kexdh_server;
         kex->kex[KEX_DH_GEX_SHA1] = kexgex_server;
         kex->kex[KEX_DH_GEX_SHA256] = kexgex_server;
+        kex->kex[KEX_ECDH_SHA2] = kexecdh_server;
 #ifdef GSSAPI
         if (options.gss_keyex) {
                 kex->kex[KEX_GSS_GRP1_SHA1] = kexgss_server;