diff options
Diffstat (limited to 'sshconnect2.c')
-rw-r--r-- | sshconnect2.c | 15 |
1 files changed, 8 insertions, 7 deletions
diff --git a/sshconnect2.c b/sshconnect2.c index 5d2bde81d..93192d186 100644 --- a/sshconnect2.c +++ b/sshconnect2.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: sshconnect2.c,v 1.282 2018/07/18 11:34:04 dtucker Exp $ */ | 1 | /* $OpenBSD: sshconnect2.c,v 1.283 2018/07/31 03:07:24 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 2000 Markus Friedl. All rights reserved. | 3 | * Copyright (c) 2000 Markus Friedl. All rights reserved. |
4 | * Copyright (c) 2008 Damien Miller. All rights reserved. | 4 | * Copyright (c) 2008 Damien Miller. All rights reserved. |
@@ -167,11 +167,11 @@ ssh_kex2(char *host, struct sockaddr *hostaddr, u_short port) | |||
167 | 167 | ||
168 | if ((s = kex_names_cat(options.kex_algorithms, "ext-info-c")) == NULL) | 168 | if ((s = kex_names_cat(options.kex_algorithms, "ext-info-c")) == NULL) |
169 | fatal("%s: kex_names_cat", __func__); | 169 | fatal("%s: kex_names_cat", __func__); |
170 | myproposal[PROPOSAL_KEX_ALGS] = compat_kex_proposal(s); | 170 | myproposal[PROPOSAL_KEX_ALGS] = compat_kex_proposal(s, datafellows); |
171 | myproposal[PROPOSAL_ENC_ALGS_CTOS] = | 171 | myproposal[PROPOSAL_ENC_ALGS_CTOS] = |
172 | compat_cipher_proposal(options.ciphers); | 172 | compat_cipher_proposal(options.ciphers, datafellows); |
173 | myproposal[PROPOSAL_ENC_ALGS_STOC] = | 173 | myproposal[PROPOSAL_ENC_ALGS_STOC] = |
174 | compat_cipher_proposal(options.ciphers); | 174 | compat_cipher_proposal(options.ciphers, datafellows); |
175 | myproposal[PROPOSAL_COMP_ALGS_CTOS] = | 175 | myproposal[PROPOSAL_COMP_ALGS_CTOS] = |
176 | myproposal[PROPOSAL_COMP_ALGS_STOC] = options.compression ? | 176 | myproposal[PROPOSAL_COMP_ALGS_STOC] = options.compression ? |
177 | "zlib@openssh.com,zlib,none" : "none,zlib@openssh.com,zlib"; | 177 | "zlib@openssh.com,zlib,none" : "none,zlib@openssh.com,zlib"; |
@@ -184,14 +184,15 @@ ssh_kex2(char *host, struct sockaddr *hostaddr, u_short port) | |||
184 | fatal("%s: kex_assemble_namelist", __func__); | 184 | fatal("%s: kex_assemble_namelist", __func__); |
185 | free(all_key); | 185 | free(all_key); |
186 | myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = | 186 | myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = |
187 | compat_pkalg_proposal(options.hostkeyalgorithms); | 187 | compat_pkalg_proposal(options.hostkeyalgorithms, |
188 | datafellows); | ||
188 | } else { | 189 | } else { |
189 | /* Enforce default */ | 190 | /* Enforce default */ |
190 | options.hostkeyalgorithms = xstrdup(KEX_DEFAULT_PK_ALG); | 191 | options.hostkeyalgorithms = xstrdup(KEX_DEFAULT_PK_ALG); |
191 | /* Prefer algorithms that we already have keys for */ | 192 | /* Prefer algorithms that we already have keys for */ |
192 | myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = | 193 | myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = |
193 | compat_pkalg_proposal( | 194 | compat_pkalg_proposal( |
194 | order_hostkeyalgs(host, hostaddr, port)); | 195 | order_hostkeyalgs(host, hostaddr, port), datafellows); |
195 | } | 196 | } |
196 | 197 | ||
197 | if (options.rekey_limit || options.rekey_interval) | 198 | if (options.rekey_limit || options.rekey_interval) |
@@ -223,7 +224,7 @@ ssh_kex2(char *host, struct sockaddr *hostaddr, u_short port) | |||
223 | 224 | ||
224 | /* remove ext-info from the KEX proposals for rekeying */ | 225 | /* remove ext-info from the KEX proposals for rekeying */ |
225 | myproposal[PROPOSAL_KEX_ALGS] = | 226 | myproposal[PROPOSAL_KEX_ALGS] = |
226 | compat_kex_proposal(options.kex_algorithms); | 227 | compat_kex_proposal(options.kex_algorithms, datafellows); |
227 | if ((r = kex_prop2buf(kex->my, myproposal)) != 0) | 228 | if ((r = kex_prop2buf(kex->my, myproposal)) != 0) |
228 | fatal("kex_prop2buf: %s", ssh_err(r)); | 229 | fatal("kex_prop2buf: %s", ssh_err(r)); |
229 | 230 | ||