diff options
author | Damien Miller <djm@mindrot.org> | 2014-05-15 14:24:09 +1000 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 2014-05-15 14:24:09 +1000 |
commit | 1f0311c7c7d10c94ff7f823de9c5b2ed79368b14 (patch) | |
tree | ae708c2a25f84a04bcb04f2dbf3e8039e0f692bc /ssh-keyscan.c | |
parent | c5893785564498cea73cb60d2cf199490483e080 (diff) |
- markus@cvs.openbsd.org 2014/04/29 18:01:49
[auth.c authfd.c authfile.c bufaux.c cipher.c cipher.h hostfile.c]
[kex.c key.c mac.c monitor.c monitor_wrap.c myproposal.h packet.c]
[roaming_client.c ssh-agent.c ssh-keygen.c ssh-keyscan.c ssh-keysign.c]
[ssh-pkcs11.h ssh.c sshconnect.c sshconnect2.c sshd.c]
make compiling against OpenSSL optional (make OPENSSL=no);
reduces algorithms to curve25519, aes-ctr, chacha, ed25519;
allows us to explore further options; with and ok djm
Diffstat (limited to 'ssh-keyscan.c')
-rw-r--r-- | ssh-keyscan.c | 8 |
1 files changed, 7 insertions, 1 deletions
diff --git a/ssh-keyscan.c b/ssh-keyscan.c index de456364b..3fabfba14 100644 --- a/ssh-keyscan.c +++ b/ssh-keyscan.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: ssh-keyscan.c,v 1.91 2014/03/27 23:01:27 markus Exp $ */ | 1 | /* $OpenBSD: ssh-keyscan.c,v 1.92 2014/04/29 18:01:49 markus Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright 1995, 1996 by David Mazieres <dm@lcs.mit.edu>. | 3 | * Copyright 1995, 1996 by David Mazieres <dm@lcs.mit.edu>. |
4 | * | 4 | * |
@@ -182,6 +182,7 @@ strnnsep(char **stringp, char *delim) | |||
182 | return (tok); | 182 | return (tok); |
183 | } | 183 | } |
184 | 184 | ||
185 | #ifdef WITH_SSH1 | ||
185 | static Key * | 186 | static Key * |
186 | keygrab_ssh1(con *c) | 187 | keygrab_ssh1(con *c) |
187 | { | 188 | { |
@@ -215,6 +216,7 @@ keygrab_ssh1(con *c) | |||
215 | 216 | ||
216 | return (rsa); | 217 | return (rsa); |
217 | } | 218 | } |
219 | #endif | ||
218 | 220 | ||
219 | static int | 221 | static int |
220 | hostjump(Key *hostkey) | 222 | hostjump(Key *hostkey) |
@@ -253,11 +255,13 @@ keygrab_ssh2(con *c) | |||
253 | (c->c_keytype == KT_ED25519 ? "ssh-ed25519" : | 255 | (c->c_keytype == KT_ED25519 ? "ssh-ed25519" : |
254 | "ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521")); | 256 | "ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521")); |
255 | c->c_kex = kex_setup(myproposal); | 257 | c->c_kex = kex_setup(myproposal); |
258 | #ifdef WITH_OPENSSL | ||
256 | c->c_kex->kex[KEX_DH_GRP1_SHA1] = kexdh_client; | 259 | c->c_kex->kex[KEX_DH_GRP1_SHA1] = kexdh_client; |
257 | c->c_kex->kex[KEX_DH_GRP14_SHA1] = kexdh_client; | 260 | c->c_kex->kex[KEX_DH_GRP14_SHA1] = kexdh_client; |
258 | c->c_kex->kex[KEX_DH_GEX_SHA1] = kexgex_client; | 261 | c->c_kex->kex[KEX_DH_GEX_SHA1] = kexgex_client; |
259 | c->c_kex->kex[KEX_DH_GEX_SHA256] = kexgex_client; | 262 | c->c_kex->kex[KEX_DH_GEX_SHA256] = kexgex_client; |
260 | c->c_kex->kex[KEX_ECDH_SHA2] = kexecdh_client; | 263 | c->c_kex->kex[KEX_ECDH_SHA2] = kexecdh_client; |
264 | #endif | ||
261 | c->c_kex->kex[KEX_C25519_SHA256] = kexc25519_client; | 265 | c->c_kex->kex[KEX_C25519_SHA256] = kexc25519_client; |
262 | c->c_kex->verify_host_key = hostjump; | 266 | c->c_kex->verify_host_key = hostjump; |
263 | 267 | ||
@@ -507,10 +511,12 @@ conread(int s) | |||
507 | c->c_data = xmalloc(c->c_len); | 511 | c->c_data = xmalloc(c->c_len); |
508 | c->c_status = CS_KEYS; | 512 | c->c_status = CS_KEYS; |
509 | break; | 513 | break; |
514 | #ifdef WITH_SSH1 | ||
510 | case CS_KEYS: | 515 | case CS_KEYS: |
511 | keyprint(c, keygrab_ssh1(c)); | 516 | keyprint(c, keygrab_ssh1(c)); |
512 | confree(s); | 517 | confree(s); |
513 | return; | 518 | return; |
519 | #endif | ||
514 | default: | 520 | default: |
515 | fatal("conread: invalid status %d", c->c_status); | 521 | fatal("conread: invalid status %d", c->c_status); |
516 | break; | 522 | break; |