version 1.337, 2020/12/20 23:36:51 |
version 1.338, 2020/12/20 23:40:19 |
|
|
u_char *session_id2 = NULL; |
u_char *session_id2 = NULL; |
u_int session_id2_len = 0; |
u_int session_id2_len = 0; |
|
|
char *xxx_host; |
static char *xxx_host; |
struct sockaddr *xxx_hostaddr; |
static struct sockaddr *xxx_hostaddr; |
|
static const struct ssh_conn_info *xxx_conn_info; |
|
|
static int |
static int |
verify_host_key_callback(struct sshkey *hostkey, struct ssh *ssh) |
verify_host_key_callback(struct sshkey *hostkey, struct ssh *ssh) |
{ |
{ |
if (verify_host_key(xxx_host, xxx_hostaddr, hostkey) == -1) |
if (verify_host_key(xxx_host, xxx_hostaddr, hostkey, |
|
xxx_conn_info) == -1) |
fatal("Host key verification failed."); |
fatal("Host key verification failed."); |
return 0; |
return 0; |
} |
} |
|
|
} |
} |
|
|
static char * |
static char * |
order_hostkeyalgs(char *host, struct sockaddr *hostaddr, u_short port) |
order_hostkeyalgs(char *host, struct sockaddr *hostaddr, u_short port, |
|
const struct ssh_conn_info *cinfo) |
{ |
{ |
char *oavail = NULL, *avail = NULL, *first = NULL, *last = NULL; |
char *oavail = NULL, *avail = NULL, *first = NULL, *last = NULL; |
char *alg = NULL, *hostname = NULL, *ret = NULL, *best = NULL; |
char *alg = NULL, *hostname = NULL, *ret = NULL, *best = NULL; |
|
|
} |
} |
|
|
void |
void |
ssh_kex2(struct ssh *ssh, char *host, struct sockaddr *hostaddr, u_short port) |
ssh_kex2(struct ssh *ssh, char *host, struct sockaddr *hostaddr, u_short port, |
|
const struct ssh_conn_info *cinfo) |
{ |
{ |
char *myproposal[PROPOSAL_MAX] = { KEX_CLIENT }; |
char *myproposal[PROPOSAL_MAX] = { KEX_CLIENT }; |
char *s, *all_key; |
char *s, *all_key; |
|
|
|
|
xxx_host = host; |
xxx_host = host; |
xxx_hostaddr = hostaddr; |
xxx_hostaddr = hostaddr; |
|
xxx_conn_info = cinfo; |
|
|
/* |
/* |
* If the user has not specified HostkeyAlgorithms, or has only |
* If the user has not specified HostkeyAlgorithms, or has only |
|
|
/* Query known_hosts and prefer algorithms that appear there */ |
/* Query known_hosts and prefer algorithms that appear there */ |
myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = |
myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = |
compat_pkalg_proposal( |
compat_pkalg_proposal( |
order_hostkeyalgs(host, hostaddr, port)); |
order_hostkeyalgs(host, hostaddr, port, cinfo)); |
} else { |
} else { |
/* Use specified HostkeyAlgorithms exactly */ |
/* Use specified HostkeyAlgorithms exactly */ |
myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = |
myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = |