diff options
| author | djm@openbsd.org <djm@openbsd.org> | 2015-07-30 00:01:34 +0000 |
|---|---|---|
| committer | Damien Miller <djm@mindrot.org> | 2015-07-30 12:32:16 +1000 |
| commit | f9eca249d4961f28ae4b09186d7dc91de74b5895 (patch) | |
| tree | f4c86ae2043499a6ed7f8c736f0cd5e1f483102c /sshd.c | |
| parent | 5cefe769105a2a2e3ca7479d28d9a325d5ef0163 (diff) | |
upstream commit
Allow ssh_config and sshd_config kex parameters options be
prefixed by a '+' to indicate that the specified items be appended to the
default rather than replacing it.
approach suggested by dtucker@, feedback dlg@, ok markus@
Upstream-ID: 0f901137298fc17095d5756ff1561a7028e8882a
Diffstat (limited to 'sshd.c')
| -rw-r--r-- | sshd.c | 29 |
1 files changed, 10 insertions, 19 deletions
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: sshd.c,v 1.456 2015/07/17 02:47:45 djm Exp $ */ | 1 | /* $OpenBSD: sshd.c,v 1.457 2015/07/30 00:01:34 djm Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
| 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
| @@ -2539,19 +2539,15 @@ do_ssh2_kex(void) | |||
| 2539 | struct kex *kex; | 2539 | struct kex *kex; |
| 2540 | int r; | 2540 | int r; |
| 2541 | 2541 | ||
| 2542 | if (options.ciphers != NULL) { | 2542 | myproposal[PROPOSAL_KEX_ALGS] = compat_kex_proposal( |
| 2543 | myproposal[PROPOSAL_ENC_ALGS_CTOS] = | 2543 | options.kex_algorithms); |
| 2544 | myproposal[PROPOSAL_ENC_ALGS_STOC] = options.ciphers; | 2544 | myproposal[PROPOSAL_ENC_ALGS_CTOS] = compat_cipher_proposal( |
| 2545 | } | 2545 | options.ciphers); |
| 2546 | myproposal[PROPOSAL_ENC_ALGS_CTOS] = | 2546 | myproposal[PROPOSAL_ENC_ALGS_STOC] = compat_cipher_proposal( |
| 2547 | compat_cipher_proposal(myproposal[PROPOSAL_ENC_ALGS_CTOS]); | 2547 | options.ciphers); |
| 2548 | myproposal[PROPOSAL_ENC_ALGS_STOC] = | 2548 | myproposal[PROPOSAL_MAC_ALGS_CTOS] = |
| 2549 | compat_cipher_proposal(myproposal[PROPOSAL_ENC_ALGS_STOC]); | 2549 | myproposal[PROPOSAL_MAC_ALGS_STOC] = options.macs; |
| 2550 | 2550 | ||
| 2551 | if (options.macs != NULL) { | ||
| 2552 | myproposal[PROPOSAL_MAC_ALGS_CTOS] = | ||
| 2553 | myproposal[PROPOSAL_MAC_ALGS_STOC] = options.macs; | ||
| 2554 | } | ||
| 2555 | if (options.compression == COMP_NONE) { | 2551 | if (options.compression == COMP_NONE) { |
| 2556 | myproposal[PROPOSAL_COMP_ALGS_CTOS] = | 2552 | myproposal[PROPOSAL_COMP_ALGS_CTOS] = |
| 2557 | myproposal[PROPOSAL_COMP_ALGS_STOC] = "none"; | 2553 | myproposal[PROPOSAL_COMP_ALGS_STOC] = "none"; |
| @@ -2559,11 +2555,6 @@ do_ssh2_kex(void) | |||
| 2559 | myproposal[PROPOSAL_COMP_ALGS_CTOS] = | 2555 | myproposal[PROPOSAL_COMP_ALGS_CTOS] = |
| 2560 | myproposal[PROPOSAL_COMP_ALGS_STOC] = "none,zlib@openssh.com"; | 2556 | myproposal[PROPOSAL_COMP_ALGS_STOC] = "none,zlib@openssh.com"; |
| 2561 | } | 2557 | } |
| 2562 | if (options.kex_algorithms != NULL) | ||
| 2563 | myproposal[PROPOSAL_KEX_ALGS] = options.kex_algorithms; | ||
| 2564 | |||
| 2565 | myproposal[PROPOSAL_KEX_ALGS] = compat_kex_proposal( | ||
| 2566 | myproposal[PROPOSAL_KEX_ALGS]); | ||
| 2567 | 2558 | ||
| 2568 | if (options.rekey_limit || options.rekey_interval) | 2559 | if (options.rekey_limit || options.rekey_interval) |
| 2569 | packet_set_rekey_limits((u_int32_t)options.rekey_limit, | 2560 | packet_set_rekey_limits((u_int32_t)options.rekey_limit, |