summaryrefslogtreecommitdiff
path: root/sshconnect2.c
diff options
context:
space:
mode:
Diffstat (limited to 'sshconnect2.c')
-rw-r--r--sshconnect2.c36
1 files changed, 26 insertions, 10 deletions
diff --git a/sshconnect2.c b/sshconnect2.c
index 70e3cd8c9..8acffc5c3 100644
--- a/sshconnect2.c
+++ b/sshconnect2.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: sshconnect2.c,v 1.198 2013/06/05 12:52:38 dtucker Exp $ */ 1/* $OpenBSD: sshconnect2.c,v 1.201 2014/01/09 23:20:00 djm Exp $ */
2/* 2/*
3 * Copyright (c) 2000 Markus Friedl. All rights reserved. 3 * Copyright (c) 2000 Markus Friedl. All rights reserved.
4 * Copyright (c) 2008 Damien Miller. All rights reserved. 4 * Copyright (c) 2008 Damien Miller. All rights reserved.
@@ -188,11 +188,12 @@ ssh_kex2(char *host, struct sockaddr *hostaddr, u_short port)
188 } 188 }
189 if (options.hostkeyalgorithms != NULL) 189 if (options.hostkeyalgorithms != NULL)
190 myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = 190 myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] =
191 options.hostkeyalgorithms; 191 compat_pkalg_proposal(options.hostkeyalgorithms);
192 else { 192 else {
193 /* Prefer algorithms that we already have keys for */ 193 /* Prefer algorithms that we already have keys for */
194 myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = 194 myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] =
195 order_hostkeyalgs(host, hostaddr, port); 195 compat_pkalg_proposal(
196 order_hostkeyalgs(host, hostaddr, port));
196 } 197 }
197 if (options.kex_algorithms != NULL) 198 if (options.kex_algorithms != NULL)
198 myproposal[PROPOSAL_KEX_ALGS] = options.kex_algorithms; 199 myproposal[PROPOSAL_KEX_ALGS] = options.kex_algorithms;
@@ -208,6 +209,7 @@ ssh_kex2(char *host, struct sockaddr *hostaddr, u_short port)
208 kex->kex[KEX_DH_GEX_SHA1] = kexgex_client; 209 kex->kex[KEX_DH_GEX_SHA1] = kexgex_client;
209 kex->kex[KEX_DH_GEX_SHA256] = kexgex_client; 210 kex->kex[KEX_DH_GEX_SHA256] = kexgex_client;
210 kex->kex[KEX_ECDH_SHA2] = kexecdh_client; 211 kex->kex[KEX_ECDH_SHA2] = kexecdh_client;
212 kex->kex[KEX_C25519_SHA256] = kexc25519_client;
211 kex->client_version_string=client_version_string; 213 kex->client_version_string=client_version_string;
212 kex->server_version_string=server_version_string; 214 kex->server_version_string=server_version_string;
213 kex->verify_host_key=&verify_host_key_callback; 215 kex->verify_host_key=&verify_host_key_callback;
@@ -1004,7 +1006,7 @@ jpake_password_to_secret(Authctxt *authctxt, const char *crypt_scheme,
1004 debug3("%s: crypted = %s", __func__, crypted); 1006 debug3("%s: crypted = %s", __func__, crypted);
1005#endif 1007#endif
1006 1008
1007 if (hash_buffer(crypted, strlen(crypted), EVP_sha256(), 1009 if (hash_buffer(crypted, strlen(crypted), SSH_DIGEST_SHA1,
1008 &secret, &secret_len) != 0) 1010 &secret, &secret_len) != 0)
1009 fatal("%s: hash_buffer", __func__); 1011 fatal("%s: hash_buffer", __func__);
1010 1012
@@ -1488,17 +1490,31 @@ userauth_pubkey(Authctxt *authctxt)
1488 * encrypted keys we cannot do this and have to load the 1490 * encrypted keys we cannot do this and have to load the
1489 * private key instead 1491 * private key instead
1490 */ 1492 */
1491 if (id->key && id->key->type != KEY_RSA1) { 1493 if (id->key != NULL) {
1492 debug("Offering %s public key: %s", key_type(id->key), 1494 if (key_type_plain(id->key->type) == KEY_RSA &&
1493 id->filename); 1495 (datafellows & SSH_BUG_RSASIGMD5) != 0) {
1494 sent = send_pubkey_test(authctxt, id); 1496 debug("Skipped %s key %s for RSA/MD5 server",
1495 } else if (id->key == NULL) { 1497 key_type(id->key), id->filename);
1498 } else if (id->key->type != KEY_RSA1) {
1499 debug("Offering %s public key: %s",
1500 key_type(id->key), id->filename);
1501 sent = send_pubkey_test(authctxt, id);
1502 }
1503 } else {
1496 debug("Trying private key: %s", id->filename); 1504 debug("Trying private key: %s", id->filename);
1497 id->key = load_identity_file(id->filename, 1505 id->key = load_identity_file(id->filename,
1498 id->userprovided); 1506 id->userprovided);
1499 if (id->key != NULL) { 1507 if (id->key != NULL) {
1500 id->isprivate = 1; 1508 id->isprivate = 1;
1501 sent = sign_and_send_pubkey(authctxt, id); 1509 if (key_type_plain(id->key->type) == KEY_RSA &&
1510 (datafellows & SSH_BUG_RSASIGMD5) != 0) {
1511 debug("Skipped %s key %s for RSA/MD5 "
1512 "server", key_type(id->key),
1513 id->filename);
1514 } else {
1515 sent = sign_and_send_pubkey(
1516 authctxt, id);
1517 }
1502 key_free(id->key); 1518 key_free(id->key);
1503 id->key = NULL; 1519 id->key = NULL;
1504 } 1520 }