summaryrefslogtreecommitdiff
path: root/ssh-keyscan.c
diff options
context:
space:
mode:
authorColin Watson <cjwatson@debian.org>2011-01-24 11:46:57 +0000
committerColin Watson <cjwatson@debian.org>2011-01-24 11:46:57 +0000
commit0970072c89b079b022538e3c366fbfa2c53fc821 (patch)
treeb7024712d74234bb5a8b036ccbc9109e2e211296 /ssh-keyscan.c
parent4e8aa4da57000c7bba8e5c49163bc0c0ca383f78 (diff)
parent478ff799463ca926a8dfbabf058f4e84aaffc65a (diff)
merge 5.7p1
Diffstat (limited to 'ssh-keyscan.c')
-rw-r--r--ssh-keyscan.c18
1 files changed, 12 insertions, 6 deletions
diff --git a/ssh-keyscan.c b/ssh-keyscan.c
index b6cf427cd..25d7ac66f 100644
--- a/ssh-keyscan.c
+++ b/ssh-keyscan.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssh-keyscan.c,v 1.82 2010/06/22 04:54:30 djm Exp $ */ 1/* $OpenBSD: ssh-keyscan.c,v 1.84 2011/01/04 20:44:13 otto Exp $ */
2/* 2/*
3 * Copyright 1995, 1996 by David Mazieres <dm@lcs.mit.edu>. 3 * Copyright 1995, 1996 by David Mazieres <dm@lcs.mit.edu>.
4 * 4 *
@@ -52,9 +52,10 @@ int IPv4or6 = AF_UNSPEC;
52 52
53int ssh_port = SSH_DEFAULT_PORT; 53int ssh_port = SSH_DEFAULT_PORT;
54 54
55#define KT_RSA1 1 55#define KT_RSA1 1
56#define KT_DSA 2 56#define KT_DSA 2
57#define KT_RSA 4 57#define KT_RSA 4
58#define KT_ECDSA 8
58 59
59int get_keytypes = KT_RSA; /* Get only RSA keys by default */ 60int get_keytypes = KT_RSA; /* Get only RSA keys by default */
60 61
@@ -245,12 +246,14 @@ keygrab_ssh2(con *c)
245 packet_set_connection(c->c_fd, c->c_fd); 246 packet_set_connection(c->c_fd, c->c_fd);
246 enable_compat20(); 247 enable_compat20();
247 myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = c->c_keytype == KT_DSA? 248 myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = c->c_keytype == KT_DSA?
248 "ssh-dss": "ssh-rsa"; 249 "ssh-dss" : (c->c_keytype == KT_RSA ? "ssh-rsa" :
250 "ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521");
249 c->c_kex = kex_setup(myproposal); 251 c->c_kex = kex_setup(myproposal);
250 c->c_kex->kex[KEX_DH_GRP1_SHA1] = kexdh_client; 252 c->c_kex->kex[KEX_DH_GRP1_SHA1] = kexdh_client;
251 c->c_kex->kex[KEX_DH_GRP14_SHA1] = kexdh_client; 253 c->c_kex->kex[KEX_DH_GRP14_SHA1] = kexdh_client;
252 c->c_kex->kex[KEX_DH_GEX_SHA1] = kexgex_client; 254 c->c_kex->kex[KEX_DH_GEX_SHA1] = kexgex_client;
253 c->c_kex->kex[KEX_DH_GEX_SHA256] = kexgex_client; 255 c->c_kex->kex[KEX_DH_GEX_SHA256] = kexgex_client;
256 c->c_kex->kex[KEX_ECDH_SHA2] = kexecdh_client;
254 c->c_kex->verify_host_key = hostjump; 257 c->c_kex->verify_host_key = hostjump;
255 258
256 if (!(j = setjmp(kexjmp))) { 259 if (!(j = setjmp(kexjmp))) {
@@ -571,7 +574,7 @@ do_host(char *host)
571 574
572 if (name == NULL) 575 if (name == NULL)
573 return; 576 return;
574 for (j = KT_RSA1; j <= KT_RSA; j *= 2) { 577 for (j = KT_RSA1; j <= KT_ECDSA; j *= 2) {
575 if (get_keytypes & j) { 578 if (get_keytypes & j) {
576 while (ncon >= MAXCON) 579 while (ncon >= MAXCON)
577 conloop(); 580 conloop();
@@ -673,6 +676,9 @@ main(int argc, char **argv)
673 case KEY_DSA: 676 case KEY_DSA:
674 get_keytypes |= KT_DSA; 677 get_keytypes |= KT_DSA;
675 break; 678 break;
679 case KEY_ECDSA:
680 get_keytypes |= KT_ECDSA;
681 break;
676 case KEY_RSA: 682 case KEY_RSA:
677 get_keytypes |= KT_RSA; 683 get_keytypes |= KT_RSA;
678 break; 684 break;