diff options
-rw-r--r-- | ChangeLog | 3 | ||||
-rw-r--r-- | ssh-keyscan.c | 7 |
2 files changed, 7 insertions, 3 deletions
@@ -22,6 +22,9 @@ | |||
22 | - djm@cvs.openbsd.org 2010/12/24 21:41:48 | 22 | - djm@cvs.openbsd.org 2010/12/24 21:41:48 |
23 | [auth-options.c] | 23 | [auth-options.c] |
24 | don't send the actual forced command in a debug message; ok markus deraadt | 24 | don't send the actual forced command in a debug message; ok markus deraadt |
25 | - otto@cvs.openbsd.org 2011/01/04 20:44:13 | ||
26 | [ssh-keyscan.c] | ||
27 | handle ecdsa-sha2 with various key lengths; hint and ok djm@ | ||
25 | 28 | ||
26 | 20110104 | 29 | 20110104 |
27 | - (djm) [configure.ac Makefile.in] Use mandoc as preferred manpage | 30 | - (djm) [configure.ac Makefile.in] Use mandoc as preferred manpage |
diff --git a/ssh-keyscan.c b/ssh-keyscan.c index 3fb1214e2..25d7ac66f 100644 --- a/ssh-keyscan.c +++ b/ssh-keyscan.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: ssh-keyscan.c,v 1.83 2010/08/31 11:54:45 djm Exp $ */ | 1 | /* $OpenBSD: ssh-keyscan.c,v 1.84 2011/01/04 20:44:13 otto Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright 1995, 1996 by David Mazieres <dm@lcs.mit.edu>. | 3 | * Copyright 1995, 1996 by David Mazieres <dm@lcs.mit.edu>. |
4 | * | 4 | * |
@@ -246,7 +246,8 @@ keygrab_ssh2(con *c) | |||
246 | packet_set_connection(c->c_fd, c->c_fd); | 246 | packet_set_connection(c->c_fd, c->c_fd); |
247 | enable_compat20(); | 247 | enable_compat20(); |
248 | myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = c->c_keytype == KT_DSA? | 248 | myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = c->c_keytype == KT_DSA? |
249 | "ssh-dss": "ssh-rsa"; | 249 | "ssh-dss" : (c->c_keytype == KT_RSA ? "ssh-rsa" : |
250 | "ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521"); | ||
250 | c->c_kex = kex_setup(myproposal); | 251 | c->c_kex = kex_setup(myproposal); |
251 | c->c_kex->kex[KEX_DH_GRP1_SHA1] = kexdh_client; | 252 | c->c_kex->kex[KEX_DH_GRP1_SHA1] = kexdh_client; |
252 | c->c_kex->kex[KEX_DH_GRP14_SHA1] = kexdh_client; | 253 | c->c_kex->kex[KEX_DH_GRP14_SHA1] = kexdh_client; |
@@ -573,7 +574,7 @@ do_host(char *host) | |||
573 | 574 | ||
574 | if (name == NULL) | 575 | if (name == NULL) |
575 | return; | 576 | return; |
576 | for (j = KT_RSA1; j <= KT_RSA; j *= 2) { | 577 | for (j = KT_RSA1; j <= KT_ECDSA; j *= 2) { |
577 | if (get_keytypes & j) { | 578 | if (get_keytypes & j) { |
578 | while (ncon >= MAXCON) | 579 | while (ncon >= MAXCON) |
579 | conloop(); | 580 | conloop(); |