diff options
| author | djm@openbsd.org <djm@openbsd.org> | 2015-02-20 22:17:21 +0000 |
|---|---|---|
| committer | Damien Miller <djm@mindrot.org> | 2015-02-21 09:20:28 +1100 |
| commit | 44732de06884238049f285f1455b2181baa7dc82 (patch) | |
| tree | deb3c48176195cfc4028b55d2a1a71607e9f7fb0 /monitor.c | |
| parent | 13a39414d25646f93e6d355521d832a03aaaffe2 (diff) | |
upstream commit
UpdateHostKeys fixes:
I accidentally changed the format of the hostkeys@openssh.com messages
last week without changing the extension name, and this has been causing
connection failures for people who are running -current. First reported
by sthen@
s/hostkeys@openssh.com/hostkeys-00@openssh.com/
Change the name of the proof message too, and reorder it a little.
Also, UpdateHostKeys=ask is incompatible with ControlPersist (no TTY
available to read the response) so disable UpdateHostKeys if it is in
ask mode and ControlPersist is active (and document this)
Diffstat (limited to 'monitor.c')
| -rw-r--r-- | monitor.c | 8 |
1 files changed, 4 insertions, 4 deletions
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: monitor.c,v 1.144 2015/02/16 22:13:32 djm Exp $ */ | 1 | /* $OpenBSD: monitor.c,v 1.145 2015/02/20 22:17:21 djm Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Copyright 2002 Niels Provos <provos@citi.umich.edu> | 3 | * Copyright 2002 Niels Provos <provos@citi.umich.edu> |
| 4 | * Copyright 2002 Markus Friedl <markus@openbsd.org> | 4 | * Copyright 2002 Markus Friedl <markus@openbsd.org> |
| @@ -693,7 +693,7 @@ mm_answer_sign(int sock, Buffer *m) | |||
| 693 | u_char *signature; | 693 | u_char *signature; |
| 694 | size_t datlen, siglen; | 694 | size_t datlen, siglen; |
| 695 | int r, keyid, is_proof = 0; | 695 | int r, keyid, is_proof = 0; |
| 696 | const char proof_req[] = "hostkeys-prove@openssh.com"; | 696 | const char proof_req[] = "hostkeys-prove-00@openssh.com"; |
| 697 | 697 | ||
| 698 | debug3("%s", __func__); | 698 | debug3("%s", __func__); |
| 699 | 699 | ||
| @@ -723,9 +723,9 @@ mm_answer_sign(int sock, Buffer *m) | |||
| 723 | fatal("%s: no hostkey for index %d", __func__, keyid); | 723 | fatal("%s: no hostkey for index %d", __func__, keyid); |
| 724 | if ((sigbuf = sshbuf_new()) == NULL) | 724 | if ((sigbuf = sshbuf_new()) == NULL) |
| 725 | fatal("%s: sshbuf_new", __func__); | 725 | fatal("%s: sshbuf_new", __func__); |
| 726 | if ((r = sshbuf_put_string(sigbuf, session_id2, | 726 | if ((r = sshbuf_put_cstring(sigbuf, proof_req)) != 0 || |
| 727 | (r = sshbuf_put_string(sigbuf, session_id2, | ||
| 727 | session_id2_len) != 0) || | 728 | session_id2_len) != 0) || |
| 728 | (r = sshbuf_put_cstring(sigbuf, proof_req)) != 0 || | ||
| 729 | (r = sshkey_puts(key, sigbuf)) != 0) | 729 | (r = sshkey_puts(key, sigbuf)) != 0) |
| 730 | fatal("%s: couldn't prepare private key " | 730 | fatal("%s: couldn't prepare private key " |
| 731 | "proof buffer: %s", __func__, ssh_err(r)); | 731 | "proof buffer: %s", __func__, ssh_err(r)); |