version 1.185, 2010/09/22 05:01:29 |
version 1.186, 2010/11/29 23:45:51 |
|
|
#include "msg.h" |
#include "msg.h" |
#include "pathnames.h" |
#include "pathnames.h" |
#include "uidswap.h" |
#include "uidswap.h" |
|
#include "hostfile.h" |
#include "schnorr.h" |
#include "schnorr.h" |
#include "jpake.h" |
#include "jpake.h" |
|
|
|
|
return 0; |
return 0; |
} |
} |
|
|
|
static char * |
|
order_hostkeyalgs(char *host, struct sockaddr *hostaddr, u_short port) |
|
{ |
|
char *oavail, *avail, *first, *last, *alg, *hostname, *ret; |
|
size_t maxlen; |
|
struct hostkeys *hostkeys; |
|
int ktype; |
|
|
|
/* Find all hostkeys for this hostname */ |
|
get_hostfile_hostname_ipaddr(host, hostaddr, port, &hostname, NULL); |
|
hostkeys = init_hostkeys(); |
|
load_hostkeys(hostkeys, hostname, options.user_hostfile2); |
|
load_hostkeys(hostkeys, hostname, options.system_hostfile2); |
|
load_hostkeys(hostkeys, hostname, options.user_hostfile); |
|
load_hostkeys(hostkeys, hostname, options.system_hostfile); |
|
|
|
oavail = avail = xstrdup(KEX_DEFAULT_PK_ALG); |
|
maxlen = strlen(avail) + 1; |
|
first = xmalloc(maxlen); |
|
last = xmalloc(maxlen); |
|
*first = *last = '\0'; |
|
|
|
#define ALG_APPEND(to, from) \ |
|
do { \ |
|
if (*to != '\0') \ |
|
strlcat(to, ",", maxlen); \ |
|
strlcat(to, from, maxlen); \ |
|
} while (0) |
|
|
|
while ((alg = strsep(&avail, ",")) && *alg != '\0') { |
|
if ((ktype = key_type_from_name(alg)) == KEY_UNSPEC) |
|
fatal("%s: unknown alg %s", __func__, alg); |
|
if (lookup_key_in_hostkeys_by_type(hostkeys, |
|
key_type_plain(ktype), NULL)) |
|
ALG_APPEND(first, alg); |
|
else |
|
ALG_APPEND(last, alg); |
|
} |
|
#undef ALG_APPEND |
|
xasprintf(&ret, "%s%s%s", first, *first == '\0' ? "" : ",", last); |
|
if (*first != '\0') |
|
debug3("%s: prefer hostkeyalgs: %s", __func__, first); |
|
|
|
xfree(first); |
|
xfree(last); |
|
xfree(hostname); |
|
xfree(oavail); |
|
free_hostkeys(hostkeys); |
|
|
|
return ret; |
|
} |
|
|
void |
void |
ssh_kex2(char *host, struct sockaddr *hostaddr) |
ssh_kex2(char *host, struct sockaddr *hostaddr, u_short port) |
{ |
{ |
Kex *kex; |
Kex *kex; |
|
|
|
|
if (options.hostkeyalgorithms != NULL) |
if (options.hostkeyalgorithms != NULL) |
myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = |
myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = |
options.hostkeyalgorithms; |
options.hostkeyalgorithms; |
|
else { |
|
/* Prefer algorithms that we already have keys for */ |
|
myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = |
|
order_hostkeyalgs(host, hostaddr, port); |
|
} |
if (options.kex_algorithms != NULL) |
if (options.kex_algorithms != NULL) |
myproposal[PROPOSAL_KEX_ALGS] = options.kex_algorithms; |
myproposal[PROPOSAL_KEX_ALGS] = options.kex_algorithms; |
|
|