version 1.321, 2020/04/17 03:38:47 |
version 1.322, 2020/05/13 09:52:41 |
|
|
while ((alg = strsep(&avail, ",")) && *alg != '\0') { |
while ((alg = strsep(&avail, ",")) && *alg != '\0') { |
if ((ktype = sshkey_type_from_name(alg)) == KEY_UNSPEC) |
if ((ktype = sshkey_type_from_name(alg)) == KEY_UNSPEC) |
fatal("%s: unknown alg %s", __func__, alg); |
fatal("%s: unknown alg %s", __func__, alg); |
|
/* |
|
* If we have a @cert-authority marker in known_hosts then |
|
* prefer all certificate algorithms. |
|
*/ |
|
if (sshkey_type_is_cert(ktype) && |
|
lookup_marker_in_hostkeys(hostkeys, MRK_CA)) { |
|
ALG_APPEND(first, alg); |
|
continue; |
|
} |
|
/* If the key appears in known_hosts then prefer it */ |
if (lookup_key_in_hostkeys_by_type(hostkeys, |
if (lookup_key_in_hostkeys_by_type(hostkeys, |
sshkey_type_plain(ktype), NULL)) |
sshkey_type_plain(ktype), NULL)) { |
ALG_APPEND(first, alg); |
ALG_APPEND(first, alg); |
else |
continue; |
ALG_APPEND(last, alg); |
} |
|
/* Otherwise, put it last */ |
|
ALG_APPEND(last, alg); |
} |
} |
#undef ALG_APPEND |
#undef ALG_APPEND |
xasprintf(&ret, "%s%s%s", first, |
xasprintf(&ret, "%s%s%s", first, |