diff options
Diffstat (limited to 'sshd.c')
-rw-r--r-- | sshd.c | 14 |
1 files changed, 11 insertions, 3 deletions
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: sshd.c,v 1.375 2010/04/16 01:47:26 djm Exp $ */ | 1 | /* $OpenBSD: sshd.c,v 1.381 2011/01/11 06:13:10 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
@@ -738,6 +738,7 @@ list_hostkey_types(void) | |||
738 | switch (key->type) { | 738 | switch (key->type) { |
739 | case KEY_RSA: | 739 | case KEY_RSA: |
740 | case KEY_DSA: | 740 | case KEY_DSA: |
741 | case KEY_ECDSA: | ||
741 | if (buffer_len(&b) > 0) | 742 | if (buffer_len(&b) > 0) |
742 | buffer_append(&b, ",", 1); | 743 | buffer_append(&b, ",", 1); |
743 | p = key_ssh_name(key); | 744 | p = key_ssh_name(key); |
@@ -753,6 +754,7 @@ list_hostkey_types(void) | |||
753 | case KEY_DSA_CERT_V00: | 754 | case KEY_DSA_CERT_V00: |
754 | case KEY_RSA_CERT: | 755 | case KEY_RSA_CERT: |
755 | case KEY_DSA_CERT: | 756 | case KEY_DSA_CERT: |
757 | case KEY_ECDSA_CERT: | ||
756 | if (buffer_len(&b) > 0) | 758 | if (buffer_len(&b) > 0) |
757 | buffer_append(&b, ",", 1); | 759 | buffer_append(&b, ",", 1); |
758 | p = key_ssh_name(key); | 760 | p = key_ssh_name(key); |
@@ -779,6 +781,7 @@ get_hostkey_by_type(int type, int need_private) | |||
779 | case KEY_DSA_CERT_V00: | 781 | case KEY_DSA_CERT_V00: |
780 | case KEY_RSA_CERT: | 782 | case KEY_RSA_CERT: |
781 | case KEY_DSA_CERT: | 783 | case KEY_DSA_CERT: |
784 | case KEY_ECDSA_CERT: | ||
782 | key = sensitive_data.host_certificates[i]; | 785 | key = sensitive_data.host_certificates[i]; |
783 | break; | 786 | break; |
784 | default: | 787 | default: |
@@ -1469,7 +1472,7 @@ main(int ac, char **av) | |||
1469 | else | 1472 | else |
1470 | closefrom(REEXEC_DEVCRYPTO_RESERVED_FD); | 1473 | closefrom(REEXEC_DEVCRYPTO_RESERVED_FD); |
1471 | 1474 | ||
1472 | SSLeay_add_all_algorithms(); | 1475 | OpenSSL_add_all_algorithms(); |
1473 | 1476 | ||
1474 | /* | 1477 | /* |
1475 | * Force logging to stderr until we have loaded the private host | 1478 | * Force logging to stderr until we have loaded the private host |
@@ -1586,6 +1589,7 @@ main(int ac, char **av) | |||
1586 | break; | 1589 | break; |
1587 | case KEY_RSA: | 1590 | case KEY_RSA: |
1588 | case KEY_DSA: | 1591 | case KEY_DSA: |
1592 | case KEY_ECDSA: | ||
1589 | sensitive_data.have_ssh2_key = 1; | 1593 | sensitive_data.have_ssh2_key = 1; |
1590 | break; | 1594 | break; |
1591 | } | 1595 | } |
@@ -2090,7 +2094,8 @@ main(int ac, char **av) | |||
2090 | /* The connection has been terminated. */ | 2094 | /* The connection has been terminated. */ |
2091 | packet_get_state(MODE_IN, NULL, NULL, NULL, &ibytes); | 2095 | packet_get_state(MODE_IN, NULL, NULL, NULL, &ibytes); |
2092 | packet_get_state(MODE_OUT, NULL, NULL, NULL, &obytes); | 2096 | packet_get_state(MODE_OUT, NULL, NULL, NULL, &obytes); |
2093 | verbose("Transferred: sent %llu, received %llu bytes", obytes, ibytes); | 2097 | verbose("Transferred: sent %llu, received %llu bytes", |
2098 | (unsigned long long)obytes, (unsigned long long)ibytes); | ||
2094 | 2099 | ||
2095 | verbose("Closing connection to %.500s port %d", remote_ip, remote_port); | 2100 | verbose("Closing connection to %.500s port %d", remote_ip, remote_port); |
2096 | 2101 | ||
@@ -2360,6 +2365,8 @@ do_ssh2_kex(void) | |||
2360 | myproposal[PROPOSAL_COMP_ALGS_CTOS] = | 2365 | myproposal[PROPOSAL_COMP_ALGS_CTOS] = |
2361 | myproposal[PROPOSAL_COMP_ALGS_STOC] = "none,zlib@openssh.com"; | 2366 | myproposal[PROPOSAL_COMP_ALGS_STOC] = "none,zlib@openssh.com"; |
2362 | } | 2367 | } |
2368 | if (options.kex_algorithms != NULL) | ||
2369 | myproposal[PROPOSAL_KEX_ALGS] = options.kex_algorithms; | ||
2363 | 2370 | ||
2364 | myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = list_hostkey_types(); | 2371 | myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = list_hostkey_types(); |
2365 | 2372 | ||
@@ -2411,6 +2418,7 @@ do_ssh2_kex(void) | |||
2411 | kex->kex[KEX_DH_GRP14_SHA1] = kexdh_server; | 2418 | kex->kex[KEX_DH_GRP14_SHA1] = kexdh_server; |
2412 | kex->kex[KEX_DH_GEX_SHA1] = kexgex_server; | 2419 | kex->kex[KEX_DH_GEX_SHA1] = kexgex_server; |
2413 | kex->kex[KEX_DH_GEX_SHA256] = kexgex_server; | 2420 | kex->kex[KEX_DH_GEX_SHA256] = kexgex_server; |
2421 | kex->kex[KEX_ECDH_SHA2] = kexecdh_server; | ||
2414 | #ifdef GSSAPI | 2422 | #ifdef GSSAPI |
2415 | if (options.gss_keyex) { | 2423 | if (options.gss_keyex) { |
2416 | kex->kex[KEX_GSS_GRP1_SHA1] = kexgss_server; | 2424 | kex->kex[KEX_GSS_GRP1_SHA1] = kexgss_server; |