diff options
author | Dag-Erling Smørgrav <des@FreeBSD.org> | 2011-02-17 11:47:40 +0000 |
---|---|---|
committer | Dag-Erling Smørgrav <des@FreeBSD.org> | 2011-02-17 11:47:40 +0000 |
commit | 9f6de2d748109e4e479c9259468a79973631e7fc (patch) | |
tree | 1d333e32031110bf9bfd5e15980adf8221240df8 /ssh-keyscan.c | |
parent | 3a927e69c380468bb32766c99aa7caf86de401a4 (diff) | |
download | src-test2-9f6de2d748109e4e479c9259468a79973631e7fc.tar.gz src-test2-9f6de2d748109e4e479c9259468a79973631e7fc.zip |
Notes
Diffstat (limited to 'ssh-keyscan.c')
-rw-r--r-- | ssh-keyscan.c | 18 |
1 files changed, 12 insertions, 6 deletions
diff --git a/ssh-keyscan.c b/ssh-keyscan.c index b6cf427cd62a..25d7ac66f957 100644 --- a/ssh-keyscan.c +++ b/ssh-keyscan.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-keyscan.c,v 1.82 2010/06/22 04:54:30 djm Exp $ */ +/* $OpenBSD: ssh-keyscan.c,v 1.84 2011/01/04 20:44:13 otto Exp $ */ /* * Copyright 1995, 1996 by David Mazieres <dm@lcs.mit.edu>. * @@ -52,9 +52,10 @@ int IPv4or6 = AF_UNSPEC; int ssh_port = SSH_DEFAULT_PORT; -#define KT_RSA1 1 -#define KT_DSA 2 -#define KT_RSA 4 +#define KT_RSA1 1 +#define KT_DSA 2 +#define KT_RSA 4 +#define KT_ECDSA 8 int get_keytypes = KT_RSA; /* Get only RSA keys by default */ @@ -245,12 +246,14 @@ keygrab_ssh2(con *c) packet_set_connection(c->c_fd, c->c_fd); enable_compat20(); myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = c->c_keytype == KT_DSA? - "ssh-dss": "ssh-rsa"; + "ssh-dss" : (c->c_keytype == KT_RSA ? "ssh-rsa" : + "ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521"); c->c_kex = kex_setup(myproposal); c->c_kex->kex[KEX_DH_GRP1_SHA1] = kexdh_client; c->c_kex->kex[KEX_DH_GRP14_SHA1] = kexdh_client; c->c_kex->kex[KEX_DH_GEX_SHA1] = kexgex_client; c->c_kex->kex[KEX_DH_GEX_SHA256] = kexgex_client; + c->c_kex->kex[KEX_ECDH_SHA2] = kexecdh_client; c->c_kex->verify_host_key = hostjump; if (!(j = setjmp(kexjmp))) { @@ -571,7 +574,7 @@ do_host(char *host) if (name == NULL) return; - for (j = KT_RSA1; j <= KT_RSA; j *= 2) { + for (j = KT_RSA1; j <= KT_ECDSA; j *= 2) { if (get_keytypes & j) { while (ncon >= MAXCON) conloop(); @@ -673,6 +676,9 @@ main(int argc, char **argv) case KEY_DSA: get_keytypes |= KT_DSA; break; + case KEY_ECDSA: + get_keytypes |= KT_ECDSA; + break; case KEY_RSA: get_keytypes |= KT_RSA; break; |