From 05a651400da6fbe12296c34e3d3bcf09f034fbbf Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Wed, 13 May 2020 09:52:41 +0000 Subject: upstream: when ordering the hostkey algorithms to request from a server, prefer certificate types if the known_hosts files contain a key marked as a @cert-authority; bz#3157 ok markus@ OpenBSD-Commit-ID: 8f194573e5bb7c01b69bbfaabc68f27c9fa5e0db --- hostfile.c | 14 +++++++++++++- 1 file changed, 13 insertions(+), 1 deletion(-) (limited to 'hostfile.c') diff --git a/hostfile.c b/hostfile.c index a4a355972..a91dbbd94 100644 --- a/hostfile.c +++ b/hostfile.c @@ -1,4 +1,4 @@ -/* $OpenBSD: hostfile.c,v 1.79 2020/03/06 18:25:12 markus Exp $ */ +/* $OpenBSD: hostfile.c,v 1.80 2020/05/13 09:52:41 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -406,6 +406,18 @@ lookup_key_in_hostkeys_by_type(struct hostkeys *hostkeys, int keytype, found) == HOST_FOUND); } +int +lookup_marker_in_hostkeys(struct hostkeys *hostkeys, int want_marker) +{ + u_int i; + + for (i = 0; i < hostkeys->num_entries; i++) { + if (hostkeys->entries[i].marker == (HostkeyMarker)want_marker) + return 1; + } + return 0; +} + static int write_host_entry(FILE *f, const char *host, const char *ip, const struct sshkey *key, int store_hash) -- cgit v1.2.3