1 files changed, 58 insertions, 4 deletions
diff --git a/sshd.c b/sshd.c
index 6f8f11a3b..02fca5c28 100644
--- a/sshd.c
+++ b/sshd.c
@@ -816,8 +816,8 @@ notify_hostkeys(struct ssh *ssh)
        }
        debug3("%s: sent %u hostkeys", __func__, nkeys);
        if (nkeys == 0)
-                fatal("%s: no hostkeys", __func__);
+                debug3("%s: no hostkeys", __func__);
-        if ((r = sshpkt_send(ssh)) != 0)
+        else if ((r = sshpkt_send(ssh)) != 0)
                sshpkt_fatal(ssh, r, "%s: send", __func__);
        sshbuf_free(buf);
 }
@@ -1851,7 +1851,8 @@ main(int ac, char **av)
                free(fp);
        }
        accumulate_host_timing_secret(cfg, NULL);
-        if (!sensitive_data.have_ssh2_key) {
+        /* The GSSAPI key exchange can run without a host key */
+        if (!sensitive_data.have_ssh2_key && !options.gss_keyex) {
                logit("sshd: no hostkeys available -- exiting.");
                exit(1);
        }
@@ -2342,6 +2343,48 @@ do_ssh2_kex(struct ssh *ssh)
        myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = compat_pkalg_proposal(
            list_hostkey_types());
+#if defined(GSSAPI) && defined(WITH_OPENSSL)
+        {
+        char *orig;
+        char *gss = NULL;
+        char *newstr = NULL;
+        orig = myproposal[PROPOSAL_KEX_ALGS];
+        /*
+         * If we don't have a host key, then there's no point advertising
+         * the other key exchange algorithms
+         */
+        if (strlen(myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS]) == 0)
+                orig = NULL;
+        if (options.gss_keyex)
+                gss = ssh_gssapi_server_mechanisms();
+        else
+                gss = NULL;
+        if (gss && orig)
+                xasprintf(&newstr, "%s,%s", gss, orig);
+        else if (gss)
+                newstr = gss;
+        else if (orig)
+                newstr = orig;
+        /*
+         * If we've got GSSAPI mechanisms, then we've got the 'null' host
+         * key alg, but we can't tell people about it unless its the only
+         * host key algorithm we support
+         */
+        if (gss && (strlen(myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS])) == 0)
+                myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = "null";
+        if (newstr)
+                myproposal[PROPOSAL_KEX_ALGS] = newstr;
+        else
+                fatal("No supported key exchange algorithms");
+        }
+#endif
        /* start key exchange */
        if ((r = kex_setup(ssh, myproposal)) != 0)
                fatal("kex_setup: %s", ssh_err(r));
@@ -2357,7 +2400,18 @@ do_ssh2_kex(struct ssh *ssh)
 # ifdef OPENSSL_HAS_ECC
        kex->kex[KEX_ECDH_SHA2] = kex_gen_server;
 # endif
-#endif
+# ifdef GSSAPI
+        if (options.gss_keyex) {
+                kex->kex[KEX_GSS_GRP1_SHA1] = kexgss_server;
+                kex->kex[KEX_GSS_GRP14_SHA1] = kexgss_server;
+                kex->kex[KEX_GSS_GRP14_SHA256] = kexgss_server;
+                kex->kex[KEX_GSS_GRP16_SHA512] = kexgss_server;
+                kex->kex[KEX_GSS_GEX_SHA1] = kexgssgex_server;
+                kex->kex[KEX_GSS_NISTP256_SHA256] = kexgss_server;
+                kex->kex[KEX_GSS_C25519_SHA256] = kexgss_server;
+        }
+# endif
+#endif /* WITH_OPENSSL */
        kex->kex[KEX_C25519_SHA256] = kex_gen_server;
        kex->kex[KEX_KEM_SNTRUP4591761X25519_SHA512] = kex_gen_server;
        kex->load_host_public_key=&get_hostkey_public_by_type;

diff --git a/sshd.c b/sshd.c index 6f8f11a3b..02fca5c28 100644 --- a/sshd.c +++ b/sshd.c
@@ -816,8 +816,8 @@ notify_hostkeys(struct ssh *ssh)
816	}	816	}
817	debug3("%s: sent %u hostkeys", __func__, nkeys);	817	debug3("%s: sent %u hostkeys", __func__, nkeys);
818	if (nkeys == 0)	818	if (nkeys == 0)
819	fatal("%s: no hostkeys", __func__);	819	debug3("%s: no hostkeys", __func__);
820	if ((r = sshpkt_send(ssh)) != 0)	820	else if ((r = sshpkt_send(ssh)) != 0)
821	sshpkt_fatal(ssh, r, "%s: send", __func__);	821	sshpkt_fatal(ssh, r, "%s: send", __func__);
822	sshbuf_free(buf);	822	sshbuf_free(buf);
823	}	823	}
@@ -1851,7 +1851,8 @@ main(int ac, char **av)
1851	free(fp);	1851	free(fp);
1852	}	1852	}
1853	accumulate_host_timing_secret(cfg, NULL);	1853	accumulate_host_timing_secret(cfg, NULL);
1854	if (!sensitive_data.have_ssh2_key) {	1854	/* The GSSAPI key exchange can run without a host key */
		1855	if (!sensitive_data.have_ssh2_key && !options.gss_keyex) {
1855	logit("sshd: no hostkeys available -- exiting.");	1856	logit("sshd: no hostkeys available -- exiting.");
1856	exit(1);	1857	exit(1);
1857	}	1858	}
@@ -2342,6 +2343,48 @@ do_ssh2_kex(struct ssh *ssh)
2342	myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = compat_pkalg_proposal(	2343	myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = compat_pkalg_proposal(
2343	list_hostkey_types());	2344	list_hostkey_types());
2344		2345
		2346	#if defined(GSSAPI) && defined(WITH_OPENSSL)
		2347	{
		2348	char *orig;
		2349	char *gss = NULL;
		2350	char *newstr = NULL;
		2351	orig = myproposal[PROPOSAL_KEX_ALGS];
		2352
		2353	/*
		2354	* If we don't have a host key, then there's no point advertising
		2355	* the other key exchange algorithms
		2356	*/
		2357
		2358	if (strlen(myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS]) == 0)
		2359	orig = NULL;
		2360
		2361	if (options.gss_keyex)
		2362	gss = ssh_gssapi_server_mechanisms();
		2363	else
		2364	gss = NULL;
		2365
		2366	if (gss && orig)
		2367	xasprintf(&newstr, "%s,%s", gss, orig);
		2368	else if (gss)
		2369	newstr = gss;
		2370	else if (orig)
		2371	newstr = orig;
		2372
		2373	/*
		2374	* If we've got GSSAPI mechanisms, then we've got the 'null' host
		2375	* key alg, but we can't tell people about it unless its the only
		2376	* host key algorithm we support
		2377	*/
		2378	if (gss && (strlen(myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS])) == 0)
		2379	myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = "null";
		2380
		2381	if (newstr)
		2382	myproposal[PROPOSAL_KEX_ALGS] = newstr;
		2383	else
		2384	fatal("No supported key exchange algorithms");
		2385	}
		2386	#endif
		2387
2345	/* start key exchange */	2388	/* start key exchange */
2346	if ((r = kex_setup(ssh, myproposal)) != 0)	2389	if ((r = kex_setup(ssh, myproposal)) != 0)
2347	fatal("kex_setup: %s", ssh_err(r));	2390	fatal("kex_setup: %s", ssh_err(r));
@@ -2357,7 +2400,18 @@ do_ssh2_kex(struct ssh *ssh)
2357	# ifdef OPENSSL_HAS_ECC	2400	# ifdef OPENSSL_HAS_ECC
2358	kex->kex[KEX_ECDH_SHA2] = kex_gen_server;	2401	kex->kex[KEX_ECDH_SHA2] = kex_gen_server;
2359	# endif	2402	# endif
2360	#endif	2403	# ifdef GSSAPI
		2404	if (options.gss_keyex) {
		2405	kex->kex[KEX_GSS_GRP1_SHA1] = kexgss_server;
		2406	kex->kex[KEX_GSS_GRP14_SHA1] = kexgss_server;
		2407	kex->kex[KEX_GSS_GRP14_SHA256] = kexgss_server;
		2408	kex->kex[KEX_GSS_GRP16_SHA512] = kexgss_server;
		2409	kex->kex[KEX_GSS_GEX_SHA1] = kexgssgex_server;
		2410	kex->kex[KEX_GSS_NISTP256_SHA256] = kexgss_server;
		2411	kex->kex[KEX_GSS_C25519_SHA256] = kexgss_server;
		2412	}
		2413	# endif
		2414	#endif /* WITH_OPENSSL */
2361	kex->kex[KEX_C25519_SHA256] = kex_gen_server;	2415	kex->kex[KEX_C25519_SHA256] = kex_gen_server;
2362	kex->kex[KEX_KEM_SNTRUP4591761X25519_SHA512] = kex_gen_server;	2416	kex->kex[KEX_KEM_SNTRUP4591761X25519_SHA512] = kex_gen_server;
2363	kex->load_host_public_key=&get_hostkey_public_by_type;	2417	kex->load_host_public_key=&get_hostkey_public_by_type;