diff options
author | dtucker@openbsd.org <dtucker@openbsd.org> | 2020-01-23 02:46:49 +0000 |
---|---|---|
committer | Darren Tucker <dtucker@dtucker.net> | 2020-01-23 14:40:15 +1100 |
commit | c4b3a128954ee1b7fbcbda167baf8aca1a3d1c84 (patch) | |
tree | 60dca3a18ff7ec4bc2f6b9d90f8abb867344fcc9 /sshconnect2.c | |
parent | 56cffcc09f8a2e661d2ba02e61364ae6f998b2b1 (diff) |
upstream: Remove unsupported algorithms from list of defaults at run
time and remove ifdef and distinct settings for OPENSSL=no case.
This will make things much simpler for -portable where the exact set
of algos depends on the configuration of both OpenSSH and the libcrypto
it's linked against (if any). ok djm@
OpenBSD-Commit-ID: e0116d0183dcafc7a9c40ba5fe9127805c5dfdd2
Diffstat (limited to 'sshconnect2.c')
-rw-r--r-- | sshconnect2.c | 8 |
1 files changed, 4 insertions, 4 deletions
diff --git a/sshconnect2.c b/sshconnect2.c index 6f9ee42cd..7f52cc55e 100644 --- a/sshconnect2.c +++ b/sshconnect2.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: sshconnect2.c,v 1.315 2020/01/21 05:56:27 djm Exp $ */ | 1 | /* $OpenBSD: sshconnect2.c,v 1.316 2020/01/23 02:46:49 dtucker Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 2000 Markus Friedl. All rights reserved. | 3 | * Copyright (c) 2000 Markus Friedl. All rights reserved. |
4 | * Copyright (c) 2008 Damien Miller. All rights reserved. | 4 | * Copyright (c) 2008 Damien Miller. All rights reserved. |
@@ -119,7 +119,7 @@ order_hostkeyalgs(char *host, struct sockaddr *hostaddr, u_short port) | |||
119 | for (i = 0; i < options.num_system_hostfiles; i++) | 119 | for (i = 0; i < options.num_system_hostfiles; i++) |
120 | load_hostkeys(hostkeys, hostname, options.system_hostfiles[i]); | 120 | load_hostkeys(hostkeys, hostname, options.system_hostfiles[i]); |
121 | 121 | ||
122 | oavail = avail = xstrdup(KEX_DEFAULT_PK_ALG); | 122 | oavail = avail = xstrdup(kex_default_pk_alg()); |
123 | maxlen = strlen(avail) + 1; | 123 | maxlen = strlen(avail) + 1; |
124 | first = xmalloc(maxlen); | 124 | first = xmalloc(maxlen); |
125 | last = xmalloc(maxlen); | 125 | last = xmalloc(maxlen); |
@@ -181,14 +181,14 @@ ssh_kex2(struct ssh *ssh, char *host, struct sockaddr *hostaddr, u_short port) | |||
181 | if (options.hostkeyalgorithms != NULL) { | 181 | if (options.hostkeyalgorithms != NULL) { |
182 | all_key = sshkey_alg_list(0, 0, 1, ','); | 182 | all_key = sshkey_alg_list(0, 0, 1, ','); |
183 | if (kex_assemble_names(&options.hostkeyalgorithms, | 183 | if (kex_assemble_names(&options.hostkeyalgorithms, |
184 | KEX_DEFAULT_PK_ALG, all_key) != 0) | 184 | kex_default_pk_alg(), all_key) != 0) |
185 | fatal("%s: kex_assemble_namelist", __func__); | 185 | fatal("%s: kex_assemble_namelist", __func__); |
186 | free(all_key); | 186 | free(all_key); |
187 | myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = | 187 | myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = |
188 | compat_pkalg_proposal(options.hostkeyalgorithms); | 188 | compat_pkalg_proposal(options.hostkeyalgorithms); |
189 | } else { | 189 | } else { |
190 | /* Enforce default */ | 190 | /* Enforce default */ |
191 | options.hostkeyalgorithms = xstrdup(KEX_DEFAULT_PK_ALG); | 191 | options.hostkeyalgorithms = xstrdup(kex_default_pk_alg()); |
192 | /* Prefer algorithms that we already have keys for */ | 192 | /* Prefer algorithms that we already have keys for */ |
193 | myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = | 193 | myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = |
194 | compat_pkalg_proposal( | 194 | compat_pkalg_proposal( |