1 files changed, 28 insertions, 10 deletions
diff --git a/readconf.c b/readconf.c
index 8d2029547..2bc27075f 100644
--- a/readconf.c
+++ b/readconf.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: readconf.c,v 1.291 2018/06/10 23:45:41 djm Exp $ */
+/* $OpenBSD: readconf.c,v 1.292 2018/07/04 13:49:31 djm Exp $ */
 /*
 * Author: Tatu Ylonen <ylo@cs.hut.fi>
 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -1936,6 +1936,8 @@ fill_default_options_for_canonicalization(Options *options)
 void
 fill_default_options(Options * options)
 {
+        char *all_cipher, *all_mac, *all_kex, *all_key;
        if (options->forward_agent == -1)
                options->forward_agent = 0;
        if (options->forward_x11 == -1)
@@ -2082,14 +2084,27 @@ fill_default_options(Options * options)
                options->fingerprint_hash = SSH_FP_HASH_DEFAULT;
        if (options->update_hostkeys == -1)
                options->update_hostkeys = 0;
-        if (kex_assemble_names(KEX_CLIENT_ENCRYPT, &options->ciphers) != 0 ||
-            kex_assemble_names(KEX_CLIENT_MAC, &options->macs) != 0 ||
+        /* Expand KEX name lists */
-            kex_assemble_names(KEX_CLIENT_KEX, &options->kex_algorithms) != 0 ||
+        all_cipher = cipher_alg_list(',', 0);
-            kex_assemble_names(KEX_DEFAULT_PK_ALG,
+        all_mac = mac_alg_list(',');
-            &options->hostbased_key_types) != 0 ||
+        all_kex = kex_alg_list(',');
-            kex_assemble_names(KEX_DEFAULT_PK_ALG,
+        all_key = sshkey_alg_list(0, 0, 1, ',');
-            &options->pubkey_key_types) != 0)
+        if (kex_assemble_names(&options->ciphers,
+            KEX_CLIENT_ENCRYPT, all_cipher) != 0 ||
+            kex_assemble_names(&options->macs,
+            KEX_CLIENT_MAC, all_mac) != 0 ||
+            kex_assemble_names(&options->kex_algorithms,
+            KEX_CLIENT_KEX, all_kex) != 0 ||
+            kex_assemble_names(&options->hostbased_key_types,
+            KEX_DEFAULT_PK_ALG, all_key) != 0 ||
+            kex_assemble_names(&options->pubkey_key_types,
+            KEX_DEFAULT_PK_ALG, all_key) != 0)
                fatal("%s: kex_assemble_names failed", __func__);
+        free(all_cipher);
+        free(all_mac);
+        free(all_kex);
+        free(all_key);
 #define CLEAR_ON_NONE(v) \
        do { \
@@ -2537,11 +2552,14 @@ void
 dump_client_config(Options *o, const char *host)
 {
        int i;
-        char buf[8];
+        char buf[8], *all_key;
        /* This is normally prepared in ssh_kex2 */
-        if (kex_assemble_names(KEX_DEFAULT_PK_ALG, &o->hostkeyalgorithms) != 0)
+        all_key = sshkey_alg_list(0, 0, 1, ',');
+        if (kex_assemble_names( &o->hostkeyalgorithms,
+            KEX_DEFAULT_PK_ALG, all_key) != 0)
                fatal("%s: kex_assemble_names failed", __func__);
+        free(all_key);
        /* Most interesting options first: user, host, port */
        dump_cfg_string(oUser, o->user);

diff --git a/readconf.c b/readconf.c index 8d2029547..2bc27075f 100644 --- a/readconf.c +++ b/readconf.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: readconf.c,v 1.291 2018/06/10 23:45:41 djm Exp $ */	1	/* $OpenBSD: readconf.c,v 1.292 2018/07/04 13:49:31 djm Exp $ */
2	/*	2	/*
3	* Author: Tatu Ylonen <ylo@cs.hut.fi>	3	* Author: Tatu Ylonen <ylo@cs.hut.fi>
4	* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland	4	* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -1936,6 +1936,8 @@ fill_default_options_for_canonicalization(Options *options)
1936	void	1936	void
1937	fill_default_options(Options * options)	1937	fill_default_options(Options * options)
1938	{	1938	{
		1939	char all_cipher, all_mac, all_kex, all_key;
		1940
1939	if (options->forward_agent == -1)	1941	if (options->forward_agent == -1)
1940	options->forward_agent = 0;	1942	options->forward_agent = 0;
1941	if (options->forward_x11 == -1)	1943	if (options->forward_x11 == -1)
@@ -2082,14 +2084,27 @@ fill_default_options(Options * options)
2082	options->fingerprint_hash = SSH_FP_HASH_DEFAULT;	2084	options->fingerprint_hash = SSH_FP_HASH_DEFAULT;
2083	if (options->update_hostkeys == -1)	2085	if (options->update_hostkeys == -1)
2084	options->update_hostkeys = 0;	2086	options->update_hostkeys = 0;
2085	if (kex_assemble_names(KEX_CLIENT_ENCRYPT, &options->ciphers) != 0 \|\|	2087
2086	kex_assemble_names(KEX_CLIENT_MAC, &options->macs) != 0 \|\|	2088	/* Expand KEX name lists */
2087	kex_assemble_names(KEX_CLIENT_KEX, &options->kex_algorithms) != 0 \|\|	2089	all_cipher = cipher_alg_list(',', 0);
2088	kex_assemble_names(KEX_DEFAULT_PK_ALG,	2090	all_mac = mac_alg_list(',');
2089	&options->hostbased_key_types) != 0 \|\|	2091	all_kex = kex_alg_list(',');
2090	kex_assemble_names(KEX_DEFAULT_PK_ALG,	2092	all_key = sshkey_alg_list(0, 0, 1, ',');
2091	&options->pubkey_key_types) != 0)	2093	if (kex_assemble_names(&options->ciphers,
		2094	KEX_CLIENT_ENCRYPT, all_cipher) != 0 \|\|
		2095	kex_assemble_names(&options->macs,
		2096	KEX_CLIENT_MAC, all_mac) != 0 \|\|
		2097	kex_assemble_names(&options->kex_algorithms,
		2098	KEX_CLIENT_KEX, all_kex) != 0 \|\|
		2099	kex_assemble_names(&options->hostbased_key_types,
		2100	KEX_DEFAULT_PK_ALG, all_key) != 0 \|\|
		2101	kex_assemble_names(&options->pubkey_key_types,
		2102	KEX_DEFAULT_PK_ALG, all_key) != 0)
2092	fatal("%s: kex_assemble_names failed", __func__);	2103	fatal("%s: kex_assemble_names failed", __func__);
		2104	free(all_cipher);
		2105	free(all_mac);
		2106	free(all_kex);
		2107	free(all_key);
2093		2108
2094	#define CLEAR_ON_NONE(v) \	2109	#define CLEAR_ON_NONE(v) \
2095	do { \	2110	do { \
@@ -2537,11 +2552,14 @@ void
2537	dump_client_config(Options o, const char host)	2552	dump_client_config(Options o, const char host)
2538	{	2553	{
2539	int i;	2554	int i;
2540	char buf[8];	2555	char buf[8], *all_key;
2541		2556
2542	/* This is normally prepared in ssh_kex2 */	2557	/* This is normally prepared in ssh_kex2 */
2543	if (kex_assemble_names(KEX_DEFAULT_PK_ALG, &o->hostkeyalgorithms) != 0)	2558	all_key = sshkey_alg_list(0, 0, 1, ',');
		2559	if (kex_assemble_names( &o->hostkeyalgorithms,
		2560	KEX_DEFAULT_PK_ALG, all_key) != 0)
2544	fatal("%s: kex_assemble_names failed", __func__);	2561	fatal("%s: kex_assemble_names failed", __func__);
		2562	free(all_key);
2545		2563
2546	/* Most interesting options first: user, host, port */	2564	/* Most interesting options first: user, host, port */
2547	dump_cfg_string(oUser, o->user);	2565	dump_cfg_string(oUser, o->user);