summaryrefslogtreecommitdiff
path: root/ssh-keyscan.c
diff options
context:
space:
mode:
Diffstat (limited to 'ssh-keyscan.c')
-rw-r--r--ssh-keyscan.c25
1 files changed, 14 insertions, 11 deletions
diff --git a/ssh-keyscan.c b/ssh-keyscan.c
index 38b1c548b..2ed041559 100644
--- a/ssh-keyscan.c
+++ b/ssh-keyscan.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssh-keyscan.c,v 1.120 2018/06/06 18:29:18 markus Exp $ */ 1/* $OpenBSD: ssh-keyscan.c,v 1.126 2019/01/26 22:35:01 djm Exp $ */
2/* 2/*
3 * Copyright 1995, 1996 by David Mazieres <dm@lcs.mit.edu>. 3 * Copyright 1995, 1996 by David Mazieres <dm@lcs.mit.edu>.
4 * 4 *
@@ -70,6 +70,8 @@ int hash_hosts = 0; /* Hash hostname on output */
70 70
71int print_sshfp = 0; /* Print SSHFP records instead of known_hosts */ 71int print_sshfp = 0; /* Print SSHFP records instead of known_hosts */
72 72
73int found_one = 0; /* Successfully found a key */
74
73#define MAXMAXFD 256 75#define MAXMAXFD 256
74 76
75/* The number of seconds after which to give up on a TCP connection */ 77/* The number of seconds after which to give up on a TCP connection */
@@ -83,8 +85,6 @@ fd_set *read_wait;
83size_t read_wait_nfdset; 85size_t read_wait_nfdset;
84int ncon; 86int ncon;
85 87
86struct ssh *active_state = NULL; /* XXX needed for linking */
87
88/* 88/*
89 * Keep a connection structure for each file descriptor. The state 89 * Keep a connection structure for each file descriptor. The state
90 * associated with file descriptor n is held in fdcon[n]. 90 * associated with file descriptor n is held in fdcon[n].
@@ -262,18 +262,19 @@ keygrab_ssh2(con *c)
262 exit(1); 262 exit(1);
263 } 263 }
264#ifdef WITH_OPENSSL 264#ifdef WITH_OPENSSL
265 c->c_ssh->kex->kex[KEX_DH_GRP1_SHA1] = kexdh_client; 265 c->c_ssh->kex->kex[KEX_DH_GRP1_SHA1] = kex_gen_client;
266 c->c_ssh->kex->kex[KEX_DH_GRP14_SHA1] = kexdh_client; 266 c->c_ssh->kex->kex[KEX_DH_GRP14_SHA1] = kex_gen_client;
267 c->c_ssh->kex->kex[KEX_DH_GRP14_SHA256] = kexdh_client; 267 c->c_ssh->kex->kex[KEX_DH_GRP14_SHA256] = kex_gen_client;
268 c->c_ssh->kex->kex[KEX_DH_GRP16_SHA512] = kexdh_client; 268 c->c_ssh->kex->kex[KEX_DH_GRP16_SHA512] = kex_gen_client;
269 c->c_ssh->kex->kex[KEX_DH_GRP18_SHA512] = kexdh_client; 269 c->c_ssh->kex->kex[KEX_DH_GRP18_SHA512] = kex_gen_client;
270 c->c_ssh->kex->kex[KEX_DH_GEX_SHA1] = kexgex_client; 270 c->c_ssh->kex->kex[KEX_DH_GEX_SHA1] = kexgex_client;
271 c->c_ssh->kex->kex[KEX_DH_GEX_SHA256] = kexgex_client; 271 c->c_ssh->kex->kex[KEX_DH_GEX_SHA256] = kexgex_client;
272# ifdef OPENSSL_HAS_ECC 272# ifdef OPENSSL_HAS_ECC
273 c->c_ssh->kex->kex[KEX_ECDH_SHA2] = kexecdh_client; 273 c->c_ssh->kex->kex[KEX_ECDH_SHA2] = kex_gen_client;
274# endif 274# endif
275#endif 275#endif
276 c->c_ssh->kex->kex[KEX_C25519_SHA256] = kexc25519_client; 276 c->c_ssh->kex->kex[KEX_C25519_SHA256] = kex_gen_client;
277 c->c_ssh->kex->kex[KEX_KEM_SNTRUP4591761X25519_SHA512] = kex_gen_client;
277 ssh_set_verify_host_key_callback(c->c_ssh, key_print_wrapper); 278 ssh_set_verify_host_key_callback(c->c_ssh, key_print_wrapper);
278 /* 279 /*
279 * do the key-exchange until an error occurs or until 280 * do the key-exchange until an error occurs or until
@@ -288,6 +289,8 @@ keyprint_one(const char *host, struct sshkey *key)
288 char *hostport; 289 char *hostport;
289 const char *known_host, *hashed; 290 const char *known_host, *hashed;
290 291
292 found_one = 1;
293
291 if (print_sshfp) { 294 if (print_sshfp) {
292 export_dns_rr(host, key, stdout, 0); 295 export_dns_rr(host, key, stdout, 0);
293 return; 296 return;
@@ -803,5 +806,5 @@ main(int argc, char **argv)
803 while (ncon > 0) 806 while (ncon > 0)
804 conloop(); 807 conloop();
805 808
806 return (0); 809 return found_one ? 0 : 1;
807} 810}
generated by cgit v1.2.3 (git 2.39.1) at 2024-09-27 22:05:35 +0000