diff options
author | Colin Watson <cjwatson@debian.org> | 2011-01-24 11:46:57 +0000 |
---|---|---|
committer | Colin Watson <cjwatson@debian.org> | 2011-01-24 11:46:57 +0000 |
commit | 0970072c89b079b022538e3c366fbfa2c53fc821 (patch) | |
tree | b7024712d74234bb5a8b036ccbc9109e2e211296 /ssh-keyscan.c | |
parent | 4e8aa4da57000c7bba8e5c49163bc0c0ca383f78 (diff) | |
parent | 478ff799463ca926a8dfbabf058f4e84aaffc65a (diff) |
merge 5.7p1
Diffstat (limited to 'ssh-keyscan.c')
-rw-r--r-- | ssh-keyscan.c | 18 |
1 files changed, 12 insertions, 6 deletions
diff --git a/ssh-keyscan.c b/ssh-keyscan.c index b6cf427cd..25d7ac66f 100644 --- a/ssh-keyscan.c +++ b/ssh-keyscan.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: ssh-keyscan.c,v 1.82 2010/06/22 04:54:30 djm Exp $ */ | 1 | /* $OpenBSD: ssh-keyscan.c,v 1.84 2011/01/04 20:44:13 otto Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright 1995, 1996 by David Mazieres <dm@lcs.mit.edu>. | 3 | * Copyright 1995, 1996 by David Mazieres <dm@lcs.mit.edu>. |
4 | * | 4 | * |
@@ -52,9 +52,10 @@ int IPv4or6 = AF_UNSPEC; | |||
52 | 52 | ||
53 | int ssh_port = SSH_DEFAULT_PORT; | 53 | int ssh_port = SSH_DEFAULT_PORT; |
54 | 54 | ||
55 | #define KT_RSA1 1 | 55 | #define KT_RSA1 1 |
56 | #define KT_DSA 2 | 56 | #define KT_DSA 2 |
57 | #define KT_RSA 4 | 57 | #define KT_RSA 4 |
58 | #define KT_ECDSA 8 | ||
58 | 59 | ||
59 | int get_keytypes = KT_RSA; /* Get only RSA keys by default */ | 60 | int get_keytypes = KT_RSA; /* Get only RSA keys by default */ |
60 | 61 | ||
@@ -245,12 +246,14 @@ keygrab_ssh2(con *c) | |||
245 | packet_set_connection(c->c_fd, c->c_fd); | 246 | packet_set_connection(c->c_fd, c->c_fd); |
246 | enable_compat20(); | 247 | enable_compat20(); |
247 | myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = c->c_keytype == KT_DSA? | 248 | myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = c->c_keytype == KT_DSA? |
248 | "ssh-dss": "ssh-rsa"; | 249 | "ssh-dss" : (c->c_keytype == KT_RSA ? "ssh-rsa" : |
250 | "ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521"); | ||
249 | c->c_kex = kex_setup(myproposal); | 251 | c->c_kex = kex_setup(myproposal); |
250 | c->c_kex->kex[KEX_DH_GRP1_SHA1] = kexdh_client; | 252 | c->c_kex->kex[KEX_DH_GRP1_SHA1] = kexdh_client; |
251 | c->c_kex->kex[KEX_DH_GRP14_SHA1] = kexdh_client; | 253 | c->c_kex->kex[KEX_DH_GRP14_SHA1] = kexdh_client; |
252 | c->c_kex->kex[KEX_DH_GEX_SHA1] = kexgex_client; | 254 | c->c_kex->kex[KEX_DH_GEX_SHA1] = kexgex_client; |
253 | c->c_kex->kex[KEX_DH_GEX_SHA256] = kexgex_client; | 255 | c->c_kex->kex[KEX_DH_GEX_SHA256] = kexgex_client; |
256 | c->c_kex->kex[KEX_ECDH_SHA2] = kexecdh_client; | ||
254 | c->c_kex->verify_host_key = hostjump; | 257 | c->c_kex->verify_host_key = hostjump; |
255 | 258 | ||
256 | if (!(j = setjmp(kexjmp))) { | 259 | if (!(j = setjmp(kexjmp))) { |
@@ -571,7 +574,7 @@ do_host(char *host) | |||
571 | 574 | ||
572 | if (name == NULL) | 575 | if (name == NULL) |
573 | return; | 576 | return; |
574 | for (j = KT_RSA1; j <= KT_RSA; j *= 2) { | 577 | for (j = KT_RSA1; j <= KT_ECDSA; j *= 2) { |
575 | if (get_keytypes & j) { | 578 | if (get_keytypes & j) { |
576 | while (ncon >= MAXCON) | 579 | while (ncon >= MAXCON) |
577 | conloop(); | 580 | conloop(); |
@@ -673,6 +676,9 @@ main(int argc, char **argv) | |||
673 | case KEY_DSA: | 676 | case KEY_DSA: |
674 | get_keytypes |= KT_DSA; | 677 | get_keytypes |= KT_DSA; |
675 | break; | 678 | break; |
679 | case KEY_ECDSA: | ||
680 | get_keytypes |= KT_ECDSA; | ||
681 | break; | ||
676 | case KEY_RSA: | 682 | case KEY_RSA: |
677 | get_keytypes |= KT_RSA; | 683 | get_keytypes |= KT_RSA; |
678 | break; | 684 | break; |