summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--ChangeLog3
-rw-r--r--ssh-keyscan.c7
2 files changed, 7 insertions, 3 deletions
diff --git a/ChangeLog b/ChangeLog
index 0cdc191b0..4e63aab5b 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -22,6 +22,9 @@
22 - djm@cvs.openbsd.org 2010/12/24 21:41:48 22 - djm@cvs.openbsd.org 2010/12/24 21:41:48
23 [auth-options.c] 23 [auth-options.c]
24 don't send the actual forced command in a debug message; ok markus deraadt 24 don't send the actual forced command in a debug message; ok markus deraadt
25 - otto@cvs.openbsd.org 2011/01/04 20:44:13
26 [ssh-keyscan.c]
27 handle ecdsa-sha2 with various key lengths; hint and ok djm@
25 28
2620110104 2920110104
27 - (djm) [configure.ac Makefile.in] Use mandoc as preferred manpage 30 - (djm) [configure.ac Makefile.in] Use mandoc as preferred manpage
diff --git a/ssh-keyscan.c b/ssh-keyscan.c
index 3fb1214e2..25d7ac66f 100644
--- a/ssh-keyscan.c
+++ b/ssh-keyscan.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssh-keyscan.c,v 1.83 2010/08/31 11:54:45 djm Exp $ */ 1/* $OpenBSD: ssh-keyscan.c,v 1.84 2011/01/04 20:44:13 otto Exp $ */
2/* 2/*
3 * Copyright 1995, 1996 by David Mazieres <dm@lcs.mit.edu>. 3 * Copyright 1995, 1996 by David Mazieres <dm@lcs.mit.edu>.
4 * 4 *
@@ -246,7 +246,8 @@ keygrab_ssh2(con *c)
246 packet_set_connection(c->c_fd, c->c_fd); 246 packet_set_connection(c->c_fd, c->c_fd);
247 enable_compat20(); 247 enable_compat20();
248 myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = c->c_keytype == KT_DSA? 248 myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = c->c_keytype == KT_DSA?
249 "ssh-dss": "ssh-rsa"; 249 "ssh-dss" : (c->c_keytype == KT_RSA ? "ssh-rsa" :
250 "ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521");
250 c->c_kex = kex_setup(myproposal); 251 c->c_kex = kex_setup(myproposal);
251 c->c_kex->kex[KEX_DH_GRP1_SHA1] = kexdh_client; 252 c->c_kex->kex[KEX_DH_GRP1_SHA1] = kexdh_client;
252 c->c_kex->kex[KEX_DH_GRP14_SHA1] = kexdh_client; 253 c->c_kex->kex[KEX_DH_GRP14_SHA1] = kexdh_client;
@@ -573,7 +574,7 @@ do_host(char *host)
573 574
574 if (name == NULL) 575 if (name == NULL)
575 return; 576 return;
576 for (j = KT_RSA1; j <= KT_RSA; j *= 2) { 577 for (j = KT_RSA1; j <= KT_ECDSA; j *= 2) {
577 if (get_keytypes & j) { 578 if (get_keytypes & j) {
578 while (ncon >= MAXCON) 579 while (ncon >= MAXCON)
579 conloop(); 580 conloop();