external/openssh: update to 6.8p1.
In preparation for some updates to external/openssh to make it work with
BoringSSL, this change updates the code to a recent version. The current
version (5.9p1) is coming up on four years old now.
* Confirmed that f5c67b478bef9992de9e9ec91ce10af4f6205e0d matches
OpenSSH 5.9p1 exactly (save for the removal of the scard
subdirectory).
* Downloaded openssh-6.8p1.tar.gz (SHA256:
3ff64ce73ee124480b5bf767b9830d7d3c03bbcb6abe716b78f0192c37ce160e)
and verified with PGP signature. (I've verified Damien's key in
person previously.)
* Applied changes between f5c67b478bef9992de9e9ec91ce10af4f6205e0d and
OpenSSH 5.9p1 to 6.8p1 and updated the build as best I can. The
ugliest change is probably the duplication of umac.c to umac128.c
because Android conditionally compiles that file twice. See the
comment in those files.
Change-Id: I63cb07a8118afb5a377f116087a0882914cea486
diff --git a/dns.h b/dns.h
index 90cfd7b..815f073 100644
--- a/dns.h
+++ b/dns.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: dns.h,v 1.11 2010/02/26 20:29:54 djm Exp $ */
+/* $OpenBSD: dns.h,v 1.14 2015/01/15 09:40:00 djm Exp $ */
/*
* Copyright (c) 2003 Wesley Griffin. All rights reserved.
@@ -29,14 +29,18 @@
#define DNS_H
enum sshfp_types {
- SSHFP_KEY_RESERVED,
- SSHFP_KEY_RSA,
- SSHFP_KEY_DSA
+ SSHFP_KEY_RESERVED = 0,
+ SSHFP_KEY_RSA = 1,
+ SSHFP_KEY_DSA = 2,
+ SSHFP_KEY_ECDSA = 3,
+ SSHFP_KEY_ED25519 = 4
};
enum sshfp_hashes {
- SSHFP_HASH_RESERVED,
- SSHFP_HASH_SHA1
+ SSHFP_HASH_RESERVED = 0,
+ SSHFP_HASH_SHA1 = 1,
+ SSHFP_HASH_SHA256 = 2,
+ SSHFP_HASH_MAX = 3
};
#define DNS_RDATACLASS_IN 1
@@ -46,7 +50,8 @@
#define DNS_VERIFY_MATCH 0x00000002
#define DNS_VERIFY_SECURE 0x00000004
-int verify_host_key_dns(const char *, struct sockaddr *, Key *, int *);
-int export_dns_rr(const char *, Key *, FILE *, int);
+int verify_host_key_dns(const char *, struct sockaddr *,
+ struct sshkey *, int *);
+int export_dns_rr(const char *, struct sshkey *, FILE *, int);
#endif /* DNS_H */