diff options
Diffstat (limited to 'ssh-keyscan.c')
| -rw-r--r-- | ssh-keyscan.c | 17 |
1 files changed, 12 insertions, 5 deletions
diff --git a/ssh-keyscan.c b/ssh-keyscan.c index 8b807c10a..8d0a6b8d8 100644 --- a/ssh-keyscan.c +++ b/ssh-keyscan.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: ssh-keyscan.c,v 1.87 2013/05/17 00:13:14 djm Exp $ */ | 1 | /* $OpenBSD: ssh-keyscan.c,v 1.89 2013/12/06 13:39:49 markus Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Copyright 1995, 1996 by David Mazieres <dm@lcs.mit.edu>. | 3 | * Copyright 1995, 1996 by David Mazieres <dm@lcs.mit.edu>. |
| 4 | * | 4 | * |
| @@ -56,6 +56,7 @@ int ssh_port = SSH_DEFAULT_PORT; | |||
| 56 | #define KT_DSA 2 | 56 | #define KT_DSA 2 |
| 57 | #define KT_RSA 4 | 57 | #define KT_RSA 4 |
| 58 | #define KT_ECDSA 8 | 58 | #define KT_ECDSA 8 |
| 59 | #define KT_ED25519 16 | ||
| 59 | 60 | ||
| 60 | int get_keytypes = KT_RSA|KT_ECDSA;/* Get RSA and ECDSA keys by default */ | 61 | int get_keytypes = KT_RSA|KT_ECDSA;/* Get RSA and ECDSA keys by default */ |
| 61 | 62 | ||
| @@ -245,15 +246,18 @@ keygrab_ssh2(con *c) | |||
| 245 | 246 | ||
| 246 | packet_set_connection(c->c_fd, c->c_fd); | 247 | packet_set_connection(c->c_fd, c->c_fd); |
| 247 | enable_compat20(); | 248 | enable_compat20(); |
| 248 | myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = c->c_keytype == KT_DSA? | 249 | myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = |
| 249 | "ssh-dss" : (c->c_keytype == KT_RSA ? "ssh-rsa" : | 250 | c->c_keytype == KT_DSA ? "ssh-dss" : |
| 250 | "ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521"); | 251 | (c->c_keytype == KT_RSA ? "ssh-rsa" : |
| 252 | (c->c_keytype == KT_ED25519 ? "ssh-ed25519" : | ||
| 253 | "ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521")); | ||
| 251 | c->c_kex = kex_setup(myproposal); | 254 | c->c_kex = kex_setup(myproposal); |
| 252 | c->c_kex->kex[KEX_DH_GRP1_SHA1] = kexdh_client; | 255 | c->c_kex->kex[KEX_DH_GRP1_SHA1] = kexdh_client; |
| 253 | c->c_kex->kex[KEX_DH_GRP14_SHA1] = kexdh_client; | 256 | c->c_kex->kex[KEX_DH_GRP14_SHA1] = kexdh_client; |
| 254 | c->c_kex->kex[KEX_DH_GEX_SHA1] = kexgex_client; | 257 | c->c_kex->kex[KEX_DH_GEX_SHA1] = kexgex_client; |
| 255 | c->c_kex->kex[KEX_DH_GEX_SHA256] = kexgex_client; | 258 | c->c_kex->kex[KEX_DH_GEX_SHA256] = kexgex_client; |
| 256 | c->c_kex->kex[KEX_ECDH_SHA2] = kexecdh_client; | 259 | c->c_kex->kex[KEX_ECDH_SHA2] = kexecdh_client; |
| 260 | c->c_kex->kex[KEX_C25519_SHA256] = kexc25519_client; | ||
| 257 | c->c_kex->verify_host_key = hostjump; | 261 | c->c_kex->verify_host_key = hostjump; |
| 258 | 262 | ||
| 259 | if (!(j = setjmp(kexjmp))) { | 263 | if (!(j = setjmp(kexjmp))) { |
| @@ -574,7 +578,7 @@ do_host(char *host) | |||
| 574 | 578 | ||
| 575 | if (name == NULL) | 579 | if (name == NULL) |
| 576 | return; | 580 | return; |
| 577 | for (j = KT_RSA1; j <= KT_ECDSA; j *= 2) { | 581 | for (j = KT_RSA1; j <= KT_ED25519; j *= 2) { |
| 578 | if (get_keytypes & j) { | 582 | if (get_keytypes & j) { |
| 579 | while (ncon >= MAXCON) | 583 | while (ncon >= MAXCON) |
| 580 | conloop(); | 584 | conloop(); |
| @@ -681,6 +685,9 @@ main(int argc, char **argv) | |||
| 681 | case KEY_RSA: | 685 | case KEY_RSA: |
| 682 | get_keytypes |= KT_RSA; | 686 | get_keytypes |= KT_RSA; |
| 683 | break; | 687 | break; |
| 688 | case KEY_ED25519: | ||
| 689 | get_keytypes |= KT_ED25519; | ||
| 690 | break; | ||
| 684 | case KEY_UNSPEC: | 691 | case KEY_UNSPEC: |
| 685 | fatal("unknown key type %s", tname); | 692 | fatal("unknown key type %s", tname); |
| 686 | } | 693 | } |