summaryrefslogtreecommitdiff
path: root/sshconnect2.c
diff options
context:
space:
mode:
authordtucker@openbsd.org <dtucker@openbsd.org>2020-01-23 02:46:49 +0000
committerDarren Tucker <dtucker@dtucker.net>2020-01-23 14:40:15 +1100
commitc4b3a128954ee1b7fbcbda167baf8aca1a3d1c84 (patch)
tree60dca3a18ff7ec4bc2f6b9d90f8abb867344fcc9 /sshconnect2.c
parent56cffcc09f8a2e661d2ba02e61364ae6f998b2b1 (diff)
upstream: Remove unsupported algorithms from list of defaults at run
time and remove ifdef and distinct settings for OPENSSL=no case. This will make things much simpler for -portable where the exact set of algos depends on the configuration of both OpenSSH and the libcrypto it's linked against (if any). ok djm@ OpenBSD-Commit-ID: e0116d0183dcafc7a9c40ba5fe9127805c5dfdd2
Diffstat (limited to 'sshconnect2.c')
-rw-r--r--sshconnect2.c8
1 files changed, 4 insertions, 4 deletions
diff --git a/sshconnect2.c b/sshconnect2.c
index 6f9ee42cd..7f52cc55e 100644
--- a/sshconnect2.c
+++ b/sshconnect2.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: sshconnect2.c,v 1.315 2020/01/21 05:56:27 djm Exp $ */ 1/* $OpenBSD: sshconnect2.c,v 1.316 2020/01/23 02:46:49 dtucker Exp $ */
2/* 2/*
3 * Copyright (c) 2000 Markus Friedl. All rights reserved. 3 * Copyright (c) 2000 Markus Friedl. All rights reserved.
4 * Copyright (c) 2008 Damien Miller. All rights reserved. 4 * Copyright (c) 2008 Damien Miller. All rights reserved.
@@ -119,7 +119,7 @@ order_hostkeyalgs(char *host, struct sockaddr *hostaddr, u_short port)
119 for (i = 0; i < options.num_system_hostfiles; i++) 119 for (i = 0; i < options.num_system_hostfiles; i++)
120 load_hostkeys(hostkeys, hostname, options.system_hostfiles[i]); 120 load_hostkeys(hostkeys, hostname, options.system_hostfiles[i]);
121 121
122 oavail = avail = xstrdup(KEX_DEFAULT_PK_ALG); 122 oavail = avail = xstrdup(kex_default_pk_alg());
123 maxlen = strlen(avail) + 1; 123 maxlen = strlen(avail) + 1;
124 first = xmalloc(maxlen); 124 first = xmalloc(maxlen);
125 last = xmalloc(maxlen); 125 last = xmalloc(maxlen);
@@ -181,14 +181,14 @@ ssh_kex2(struct ssh *ssh, char *host, struct sockaddr *hostaddr, u_short port)
181 if (options.hostkeyalgorithms != NULL) { 181 if (options.hostkeyalgorithms != NULL) {
182 all_key = sshkey_alg_list(0, 0, 1, ','); 182 all_key = sshkey_alg_list(0, 0, 1, ',');
183 if (kex_assemble_names(&options.hostkeyalgorithms, 183 if (kex_assemble_names(&options.hostkeyalgorithms,
184 KEX_DEFAULT_PK_ALG, all_key) != 0) 184 kex_default_pk_alg(), all_key) != 0)
185 fatal("%s: kex_assemble_namelist", __func__); 185 fatal("%s: kex_assemble_namelist", __func__);
186 free(all_key); 186 free(all_key);
187 myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = 187 myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] =
188 compat_pkalg_proposal(options.hostkeyalgorithms); 188 compat_pkalg_proposal(options.hostkeyalgorithms);
189 } else { 189 } else {
190 /* Enforce default */ 190 /* Enforce default */
191 options.hostkeyalgorithms = xstrdup(KEX_DEFAULT_PK_ALG); 191 options.hostkeyalgorithms = xstrdup(kex_default_pk_alg());
192 /* Prefer algorithms that we already have keys for */ 192 /* Prefer algorithms that we already have keys for */
193 myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = 193 myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] =
194 compat_pkalg_proposal( 194 compat_pkalg_proposal(