diff options
author | Colin Watson <cjwatson@debian.org> | 2014-10-07 12:13:50 +0100 |
---|---|---|
committer | Colin Watson <cjwatson@debian.org> | 2014-10-07 12:13:50 +0100 |
commit | 487bdb3a5ef6075887b830ccb8a0b14f6da78e93 (patch) | |
tree | a2cff6fec1e6c4b4153a170a3e172cfe6bfdec46 /sshconnect2.c | |
parent | 796ba4fd011b5d0d9d78d592ba2f30fc9d5ed2e7 (diff) | |
parent | 28453d58058a4d60c3ebe7d7f0c31a510cbf6158 (diff) |
Import openssh_6.7p1.orig.tar.gz
Diffstat (limited to 'sshconnect2.c')
-rw-r--r-- | sshconnect2.c | 15 |
1 files changed, 10 insertions, 5 deletions
diff --git a/sshconnect2.c b/sshconnect2.c index 7f4ff4189..68f7f4fdd 100644 --- a/sshconnect2.c +++ b/sshconnect2.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: sshconnect2.c,v 1.204 2014/02/02 03:44:32 djm Exp $ */ | 1 | /* $OpenBSD: sshconnect2.c,v 1.210 2014/07/15 15:54:14 millert Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 2000 Markus Friedl. All rights reserved. | 3 | * Copyright (c) 2000 Markus Friedl. All rights reserved. |
4 | * Copyright (c) 2008 Damien Miller. All rights reserved. | 4 | * Copyright (c) 2008 Damien Miller. All rights reserved. |
@@ -61,8 +61,8 @@ | |||
61 | #include "dh.h" | 61 | #include "dh.h" |
62 | #include "authfd.h" | 62 | #include "authfd.h" |
63 | #include "log.h" | 63 | #include "log.h" |
64 | #include "readconf.h" | ||
65 | #include "misc.h" | 64 | #include "misc.h" |
65 | #include "readconf.h" | ||
66 | #include "match.h" | 66 | #include "match.h" |
67 | #include "dispatch.h" | 67 | #include "dispatch.h" |
68 | #include "canohost.h" | 68 | #include "canohost.h" |
@@ -156,6 +156,7 @@ order_hostkeyalgs(char *host, struct sockaddr *hostaddr, u_short port) | |||
156 | void | 156 | void |
157 | ssh_kex2(char *host, struct sockaddr *hostaddr, u_short port) | 157 | ssh_kex2(char *host, struct sockaddr *hostaddr, u_short port) |
158 | { | 158 | { |
159 | char *myproposal[PROPOSAL_MAX] = { KEX_CLIENT }; | ||
159 | Kex *kex; | 160 | Kex *kex; |
160 | 161 | ||
161 | xxx_host = host; | 162 | xxx_host = host; |
@@ -195,6 +196,8 @@ ssh_kex2(char *host, struct sockaddr *hostaddr, u_short port) | |||
195 | } | 196 | } |
196 | if (options.kex_algorithms != NULL) | 197 | if (options.kex_algorithms != NULL) |
197 | myproposal[PROPOSAL_KEX_ALGS] = options.kex_algorithms; | 198 | myproposal[PROPOSAL_KEX_ALGS] = options.kex_algorithms; |
199 | myproposal[PROPOSAL_KEX_ALGS] = compat_kex_proposal( | ||
200 | myproposal[PROPOSAL_KEX_ALGS]); | ||
198 | 201 | ||
199 | if (options.rekey_limit || options.rekey_interval) | 202 | if (options.rekey_limit || options.rekey_interval) |
200 | packet_set_rekey_limits((u_int32_t)options.rekey_limit, | 203 | packet_set_rekey_limits((u_int32_t)options.rekey_limit, |
@@ -202,11 +205,13 @@ ssh_kex2(char *host, struct sockaddr *hostaddr, u_short port) | |||
202 | 205 | ||
203 | /* start key exchange */ | 206 | /* start key exchange */ |
204 | kex = kex_setup(myproposal); | 207 | kex = kex_setup(myproposal); |
208 | #ifdef WITH_OPENSSL | ||
205 | kex->kex[KEX_DH_GRP1_SHA1] = kexdh_client; | 209 | kex->kex[KEX_DH_GRP1_SHA1] = kexdh_client; |
206 | kex->kex[KEX_DH_GRP14_SHA1] = kexdh_client; | 210 | kex->kex[KEX_DH_GRP14_SHA1] = kexdh_client; |
207 | kex->kex[KEX_DH_GEX_SHA1] = kexgex_client; | 211 | kex->kex[KEX_DH_GEX_SHA1] = kexgex_client; |
208 | kex->kex[KEX_DH_GEX_SHA256] = kexgex_client; | 212 | kex->kex[KEX_DH_GEX_SHA256] = kexgex_client; |
209 | kex->kex[KEX_ECDH_SHA2] = kexecdh_client; | 213 | kex->kex[KEX_ECDH_SHA2] = kexecdh_client; |
214 | #endif | ||
210 | kex->kex[KEX_C25519_SHA256] = kexc25519_client; | 215 | kex->kex[KEX_C25519_SHA256] = kexc25519_client; |
211 | kex->client_version_string=client_version_string; | 216 | kex->client_version_string=client_version_string; |
212 | kex->server_version_string=server_version_string; | 217 | kex->server_version_string=server_version_string; |
@@ -965,7 +970,7 @@ identity_sign(Identity *id, u_char **sigp, u_int *lenp, | |||
965 | * we have already loaded the private key or | 970 | * we have already loaded the private key or |
966 | * the private key is stored in external hardware | 971 | * the private key is stored in external hardware |
967 | */ | 972 | */ |
968 | if (id->isprivate || (id->key->flags & KEY_FLAG_EXT)) | 973 | if (id->isprivate || (id->key->flags & SSHKEY_FLAG_EXT)) |
969 | return (key_sign(id->key, sigp, lenp, data, datalen)); | 974 | return (key_sign(id->key, sigp, lenp, data, datalen)); |
970 | /* load the private key from the file */ | 975 | /* load the private key from the file */ |
971 | if ((prv = load_identity_file(id->filename, id->userprovided)) == NULL) | 976 | if ((prv = load_identity_file(id->filename, id->userprovided)) == NULL) |
@@ -1173,12 +1178,12 @@ pubkey_prepare(Authctxt *authctxt) | |||
1173 | } | 1178 | } |
1174 | /* Prefer PKCS11 keys that are explicitly listed */ | 1179 | /* Prefer PKCS11 keys that are explicitly listed */ |
1175 | TAILQ_FOREACH_SAFE(id, &files, next, tmp) { | 1180 | TAILQ_FOREACH_SAFE(id, &files, next, tmp) { |
1176 | if (id->key == NULL || (id->key->flags & KEY_FLAG_EXT) == 0) | 1181 | if (id->key == NULL || (id->key->flags & SSHKEY_FLAG_EXT) == 0) |
1177 | continue; | 1182 | continue; |
1178 | found = 0; | 1183 | found = 0; |
1179 | TAILQ_FOREACH(id2, &files, next) { | 1184 | TAILQ_FOREACH(id2, &files, next) { |
1180 | if (id2->key == NULL || | 1185 | if (id2->key == NULL || |
1181 | (id2->key->flags & KEY_FLAG_EXT) != 0) | 1186 | (id2->key->flags & SSHKEY_FLAG_EXT) == 0) |
1182 | continue; | 1187 | continue; |
1183 | if (key_equal(id->key, id2->key)) { | 1188 | if (key_equal(id->key, id2->key)) { |
1184 | TAILQ_REMOVE(&files, id, next); | 1189 | TAILQ_REMOVE(&files, id, next); |