summaryrefslogtreecommitdiff
path: root/sshconnect2.c
diff options
context:
space:
mode:
Diffstat (limited to 'sshconnect2.c')
-rw-r--r--sshconnect2.c13
1 files changed, 8 insertions, 5 deletions
diff --git a/sshconnect2.c b/sshconnect2.c
index 1a4e55179..7b478f16d 100644
--- a/sshconnect2.c
+++ b/sshconnect2.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: sshconnect2.c,v 1.204 2014/02/02 03:44:32 djm Exp $ */ 1/* $OpenBSD: sshconnect2.c,v 1.210 2014/07/15 15:54:14 millert Exp $ */
2/* 2/*
3 * Copyright (c) 2000 Markus Friedl. All rights reserved. 3 * Copyright (c) 2000 Markus Friedl. All rights reserved.
4 * Copyright (c) 2008 Damien Miller. All rights reserved. 4 * Copyright (c) 2008 Damien Miller. All rights reserved.
@@ -61,8 +61,8 @@
61#include "dh.h" 61#include "dh.h"
62#include "authfd.h" 62#include "authfd.h"
63#include "log.h" 63#include "log.h"
64#include "readconf.h"
65#include "misc.h" 64#include "misc.h"
65#include "readconf.h"
66#include "match.h" 66#include "match.h"
67#include "dispatch.h" 67#include "dispatch.h"
68#include "canohost.h" 68#include "canohost.h"
@@ -156,6 +156,7 @@ order_hostkeyalgs(char *host, struct sockaddr *hostaddr, u_short port)
156void 156void
157ssh_kex2(char *host, struct sockaddr *hostaddr, u_short port) 157ssh_kex2(char *host, struct sockaddr *hostaddr, u_short port)
158{ 158{
159 char *myproposal[PROPOSAL_MAX] = { KEX_CLIENT };
159 Kex *kex; 160 Kex *kex;
160 161
161#ifdef GSSAPI 162#ifdef GSSAPI
@@ -240,11 +241,13 @@ ssh_kex2(char *host, struct sockaddr *hostaddr, u_short port)
240 241
241 /* start key exchange */ 242 /* start key exchange */
242 kex = kex_setup(myproposal); 243 kex = kex_setup(myproposal);
244#ifdef WITH_OPENSSL
243 kex->kex[KEX_DH_GRP1_SHA1] = kexdh_client; 245 kex->kex[KEX_DH_GRP1_SHA1] = kexdh_client;
244 kex->kex[KEX_DH_GRP14_SHA1] = kexdh_client; 246 kex->kex[KEX_DH_GRP14_SHA1] = kexdh_client;
245 kex->kex[KEX_DH_GEX_SHA1] = kexgex_client; 247 kex->kex[KEX_DH_GEX_SHA1] = kexgex_client;
246 kex->kex[KEX_DH_GEX_SHA256] = kexgex_client; 248 kex->kex[KEX_DH_GEX_SHA256] = kexgex_client;
247 kex->kex[KEX_ECDH_SHA2] = kexecdh_client; 249 kex->kex[KEX_ECDH_SHA2] = kexecdh_client;
250#endif
248 kex->kex[KEX_C25519_SHA256] = kexc25519_client; 251 kex->kex[KEX_C25519_SHA256] = kexc25519_client;
249#ifdef GSSAPI 252#ifdef GSSAPI
250 if (options.gss_keyex) { 253 if (options.gss_keyex) {
@@ -1083,7 +1086,7 @@ identity_sign(Identity *id, u_char **sigp, u_int *lenp,
1083 * we have already loaded the private key or 1086 * we have already loaded the private key or
1084 * the private key is stored in external hardware 1087 * the private key is stored in external hardware
1085 */ 1088 */
1086 if (id->isprivate || (id->key->flags & KEY_FLAG_EXT)) 1089 if (id->isprivate || (id->key->flags & SSHKEY_FLAG_EXT))
1087 return (key_sign(id->key, sigp, lenp, data, datalen)); 1090 return (key_sign(id->key, sigp, lenp, data, datalen));
1088 /* load the private key from the file */ 1091 /* load the private key from the file */
1089 if ((prv = load_identity_file(id->filename, id->userprovided)) == NULL) 1092 if ((prv = load_identity_file(id->filename, id->userprovided)) == NULL)
@@ -1291,12 +1294,12 @@ pubkey_prepare(Authctxt *authctxt)
1291 } 1294 }
1292 /* Prefer PKCS11 keys that are explicitly listed */ 1295 /* Prefer PKCS11 keys that are explicitly listed */
1293 TAILQ_FOREACH_SAFE(id, &files, next, tmp) { 1296 TAILQ_FOREACH_SAFE(id, &files, next, tmp) {
1294 if (id->key == NULL || (id->key->flags & KEY_FLAG_EXT) == 0) 1297 if (id->key == NULL || (id->key->flags & SSHKEY_FLAG_EXT) == 0)
1295 continue; 1298 continue;
1296 found = 0; 1299 found = 0;
1297 TAILQ_FOREACH(id2, &files, next) { 1300 TAILQ_FOREACH(id2, &files, next) {
1298 if (id2->key == NULL || 1301 if (id2->key == NULL ||
1299 (id2->key->flags & KEY_FLAG_EXT) != 0) 1302 (id2->key->flags & SSHKEY_FLAG_EXT) == 0)
1300 continue; 1303 continue;
1301 if (key_equal(id->key, id2->key)) { 1304 if (key_equal(id->key, id2->key)) {
1302 TAILQ_REMOVE(&files, id, next); 1305 TAILQ_REMOVE(&files, id, next);
generated by cgit v1.2.3 (git 2.39.1) at 2024-08-30 10:49:34 +0000