diff options
| author | Damien Miller <djm@mindrot.org> | 2014-05-15 14:24:09 +1000 |
|---|---|---|
| committer | Damien Miller <djm@mindrot.org> | 2014-05-15 14:24:09 +1000 |
| commit | 1f0311c7c7d10c94ff7f823de9c5b2ed79368b14 (patch) | |
| tree | ae708c2a25f84a04bcb04f2dbf3e8039e0f692bc /ssh-keyscan.c | |
| parent | c5893785564498cea73cb60d2cf199490483e080 (diff) | |
- markus@cvs.openbsd.org 2014/04/29 18:01:49
[auth.c authfd.c authfile.c bufaux.c cipher.c cipher.h hostfile.c]
[kex.c key.c mac.c monitor.c monitor_wrap.c myproposal.h packet.c]
[roaming_client.c ssh-agent.c ssh-keygen.c ssh-keyscan.c ssh-keysign.c]
[ssh-pkcs11.h ssh.c sshconnect.c sshconnect2.c sshd.c]
make compiling against OpenSSL optional (make OPENSSL=no);
reduces algorithms to curve25519, aes-ctr, chacha, ed25519;
allows us to explore further options; with and ok djm
Diffstat (limited to 'ssh-keyscan.c')
| -rw-r--r-- | ssh-keyscan.c | 8 |
1 files changed, 7 insertions, 1 deletions
diff --git a/ssh-keyscan.c b/ssh-keyscan.c index de456364b..3fabfba14 100644 --- a/ssh-keyscan.c +++ b/ssh-keyscan.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: ssh-keyscan.c,v 1.91 2014/03/27 23:01:27 markus Exp $ */ | 1 | /* $OpenBSD: ssh-keyscan.c,v 1.92 2014/04/29 18:01:49 markus Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Copyright 1995, 1996 by David Mazieres <dm@lcs.mit.edu>. | 3 | * Copyright 1995, 1996 by David Mazieres <dm@lcs.mit.edu>. |
| 4 | * | 4 | * |
| @@ -182,6 +182,7 @@ strnnsep(char **stringp, char *delim) | |||
| 182 | return (tok); | 182 | return (tok); |
| 183 | } | 183 | } |
| 184 | 184 | ||
| 185 | #ifdef WITH_SSH1 | ||
| 185 | static Key * | 186 | static Key * |
| 186 | keygrab_ssh1(con *c) | 187 | keygrab_ssh1(con *c) |
| 187 | { | 188 | { |
| @@ -215,6 +216,7 @@ keygrab_ssh1(con *c) | |||
| 215 | 216 | ||
| 216 | return (rsa); | 217 | return (rsa); |
| 217 | } | 218 | } |
| 219 | #endif | ||
| 218 | 220 | ||
| 219 | static int | 221 | static int |
| 220 | hostjump(Key *hostkey) | 222 | hostjump(Key *hostkey) |
| @@ -253,11 +255,13 @@ keygrab_ssh2(con *c) | |||
| 253 | (c->c_keytype == KT_ED25519 ? "ssh-ed25519" : | 255 | (c->c_keytype == KT_ED25519 ? "ssh-ed25519" : |
| 254 | "ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521")); | 256 | "ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521")); |
| 255 | c->c_kex = kex_setup(myproposal); | 257 | c->c_kex = kex_setup(myproposal); |
| 258 | #ifdef WITH_OPENSSL | ||
| 256 | c->c_kex->kex[KEX_DH_GRP1_SHA1] = kexdh_client; | 259 | c->c_kex->kex[KEX_DH_GRP1_SHA1] = kexdh_client; |
| 257 | c->c_kex->kex[KEX_DH_GRP14_SHA1] = kexdh_client; | 260 | c->c_kex->kex[KEX_DH_GRP14_SHA1] = kexdh_client; |
| 258 | c->c_kex->kex[KEX_DH_GEX_SHA1] = kexgex_client; | 261 | c->c_kex->kex[KEX_DH_GEX_SHA1] = kexgex_client; |
| 259 | c->c_kex->kex[KEX_DH_GEX_SHA256] = kexgex_client; | 262 | c->c_kex->kex[KEX_DH_GEX_SHA256] = kexgex_client; |
| 260 | c->c_kex->kex[KEX_ECDH_SHA2] = kexecdh_client; | 263 | c->c_kex->kex[KEX_ECDH_SHA2] = kexecdh_client; |
| 264 | #endif | ||
| 261 | c->c_kex->kex[KEX_C25519_SHA256] = kexc25519_client; | 265 | c->c_kex->kex[KEX_C25519_SHA256] = kexc25519_client; |
| 262 | c->c_kex->verify_host_key = hostjump; | 266 | c->c_kex->verify_host_key = hostjump; |
| 263 | 267 | ||
| @@ -507,10 +511,12 @@ conread(int s) | |||
| 507 | c->c_data = xmalloc(c->c_len); | 511 | c->c_data = xmalloc(c->c_len); |
| 508 | c->c_status = CS_KEYS; | 512 | c->c_status = CS_KEYS; |
| 509 | break; | 513 | break; |
| 514 | #ifdef WITH_SSH1 | ||
| 510 | case CS_KEYS: | 515 | case CS_KEYS: |
| 511 | keyprint(c, keygrab_ssh1(c)); | 516 | keyprint(c, keygrab_ssh1(c)); |
| 512 | confree(s); | 517 | confree(s); |
| 513 | return; | 518 | return; |
| 519 | #endif | ||
| 514 | default: | 520 | default: |
| 515 | fatal("conread: invalid status %d", c->c_status); | 521 | fatal("conread: invalid status %d", c->c_status); |
| 516 | break; | 522 | break; |