| version 1.290, 2017/01/29 21:35:23 |
version 1.291, 2017/03/10 05:01:13 |
|
|
| } |
} |
| |
|
| /* |
/* |
| |
* Returns non-zero if the key is accepted by HostkeyAlgorithms. |
| |
* Made slightly less trivial by the multiple RSA signature algorithm names. |
| |
*/ |
| |
static int |
| |
key_accepted_by_hostkeyalgs(const struct sshkey *key) |
| |
{ |
| |
const char *ktype = sshkey_ssh_name(key); |
| |
const char *hostkeyalgs = options.hostkeyalgorithms != NULL ? |
| |
options.hostkeyalgorithms : KEX_DEFAULT_PK_ALG; |
| |
|
| |
if (key == NULL || key->type == KEY_UNSPEC) |
| |
return 0; |
| |
if (key->type == KEY_RSA && |
| |
(match_pattern_list("rsa-sha2-256", hostkeyalgs, 0) == 1 || |
| |
match_pattern_list("rsa-sha2-512", hostkeyalgs, 0) == 1)) |
| |
return 1; |
| |
return match_pattern_list(ktype, hostkeyalgs, 0) == 1; |
| |
} |
| |
|
| |
/* |
| * Handle hostkeys-00@openssh.com global request to inform the client of all |
* Handle hostkeys-00@openssh.com global request to inform the client of all |
| * the server's hostkeys. The keys are checked against the user's |
* the server's hostkeys. The keys are checked against the user's |
| * HostkeyAlgorithms preference before they are accepted. |
* HostkeyAlgorithms preference before they are accepted. |
|
|
| sshkey_type(key), fp); |
sshkey_type(key), fp); |
| free(fp); |
free(fp); |
| |
|
| /* Check that the key is accepted in HostkeyAlgorithms */ |
if (!key_accepted_by_hostkeyalgs(key)) { |
| if (match_pattern_list(sshkey_ssh_name(key), |
|
| options.hostkeyalgorithms ? options.hostkeyalgorithms : |
|
| KEX_DEFAULT_PK_ALG, 0) != 1) { |
|
| debug3("%s: %s key not permitted by HostkeyAlgorithms", |
debug3("%s: %s key not permitted by HostkeyAlgorithms", |
| __func__, sshkey_ssh_name(key)); |
__func__, sshkey_ssh_name(key)); |
| continue; |
continue; |
![[BACK]](/icons/back.gif){kind=icon}
Return to clientloop.c CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / src / usr.bin / ssh