src/usr.bin/ssh/sshconnect2.c - diff

Return to sshconnect2.c CVS log

Up to [local] / src / usr.bin / ssh

Diff for /src/usr.bin/ssh/sshconnect2.c between version 1.224 and 1.225

version 1.224, 2015/05/04 06:10:48

version 1.225, 2015/07/10 06:21:53

Line 184

myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] =

compat_pkalg_proposal(options.hostkeyalgorithms);

else {

/* Enforce default */

options.hostkeyalgorithms = xstrdup(KEX_DEFAULT_PK_ALG);

/* Prefer algorithms that we already have keys for */

myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] =

compat_pkalg_proposal(

Line 1307

Line 1309

}

static int

try_identity(Identity *id)

{

if (!id->key)

return (0);

if (match_pattern_list(sshkey_ssh_name(id->key),

options.pubkey_key_types, 0) != 1) {

debug("Skipping %s key %s for not in PubkeyAcceptedKeyTypes",

sshkey_ssh_name(id->key), id->filename);

return (0);

}

if (key_type_plain(id->key->type) == KEY_RSA &&

(datafellows & SSH_BUG_RSASIGMD5) != 0) {

debug("Skipped %s key %s for RSA/MD5 server",

key_type(id->key), id->filename);

return (0);

}

return (id->key->type != KEY_RSA1);

}

int

userauth_pubkey(Authctxt *authctxt)

{

Line 1325

Line 1347

* private key instead

if (id->key != NULL) {

if (key_type_plain(id->key->type) == KEY_RSA &&

if (try_identity(id)) {

(datafellows & SSH_BUG_RSASIGMD5) != 0) {

debug("Skipped %s key %s for RSA/MD5 server",

key_type(id->key), id->filename);

} else if (id->key->type != KEY_RSA1) {

debug("Offering %s public key: %s",

key_type(id->key), id->filename);

sent = send_pubkey_test(authctxt, id);

Line 1339

Line 1357

id->key = load_identity_file(id->filename,

id->userprovided);

if (id->key != NULL) {

id->isprivate = 1;

if (try_identity(id)) {

if (key_type_plain(id->key->type) == KEY_RSA &&

id->isprivate = 1;

(datafellows & SSH_BUG_RSASIGMD5) != 0) {

debug("Skipped %s key %s for RSA/MD5 "

"server", key_type(id->key),

id->filename);

} else {

sent = sign_and_send_pubkey(

authctxt, id);

}