version 1.365, 2023/03/08 04:43:12 |
version 1.366, 2023/03/09 07:11:05 |
|
|
{ |
{ |
char *myproposal[PROPOSAL_MAX]; |
char *myproposal[PROPOSAL_MAX]; |
char *s, *all_key, *hkalgs = NULL; |
char *s, *all_key, *hkalgs = NULL; |
int r; |
int r, use_known_hosts_order = 0; |
|
|
xxx_host = host; |
xxx_host = host; |
xxx_hostaddr = hostaddr; |
xxx_hostaddr = hostaddr; |
|
|
ssh_packet_set_rekey_limits(ssh, options.rekey_limit, |
ssh_packet_set_rekey_limits(ssh, options.rekey_limit, |
options.rekey_interval); |
options.rekey_interval); |
|
|
|
/* |
|
* If the user has not specified HostkeyAlgorithms, or has only |
|
* appended or removed algorithms from that list then prefer algorithms |
|
* that are in the list that are supported by known_hosts keys. |
|
*/ |
|
if (options.hostkeyalgorithms == NULL || |
|
options.hostkeyalgorithms[0] == '-' || |
|
options.hostkeyalgorithms[0] == '+') |
|
use_known_hosts_order = 1; |
|
|
/* Expand or fill in HostkeyAlgorithms */ |
/* Expand or fill in HostkeyAlgorithms */ |
all_key = sshkey_alg_list(0, 0, 1, ','); |
all_key = sshkey_alg_list(0, 0, 1, ','); |
if ((r = kex_assemble_names(&options.hostkeyalgorithms, |
if ((r = kex_assemble_names(&options.hostkeyalgorithms, |
|
|
if ((s = kex_names_cat(options.kex_algorithms, "ext-info-c")) == NULL) |
if ((s = kex_names_cat(options.kex_algorithms, "ext-info-c")) == NULL) |
fatal_f("kex_names_cat"); |
fatal_f("kex_names_cat"); |
|
|
/* |
if (use_known_hosts_order) |
* If the user has not specified HostkeyAlgorithms, or has only |
|
* appended or removed algorithms from that list then prefer algorithms |
|
* that are in the list that are supported by known_hosts keys. |
|
*/ |
|
if (options.hostkeyalgorithms == NULL || |
|
options.hostkeyalgorithms[0] == '-' || |
|
options.hostkeyalgorithms[0] == '+') |
|
hkalgs = order_hostkeyalgs(host, hostaddr, port, cinfo); |
hkalgs = order_hostkeyalgs(host, hostaddr, port, cinfo); |
|
|
kex_proposal_populate_entries(ssh, myproposal, s, options.ciphers, |
kex_proposal_populate_entries(ssh, myproposal, s, options.ciphers, |