upstream commit
correctly match ECDSA subtype (== curve) for
offered/recevied host keys. Fixes connection-killing host key mismatches when
a server offers multiple ECDSA keys with different curve type (an extremely
unlikely configuration).
ok markus, "looks mechanical" deraadt@
diff --git a/auth.h b/auth.h
index 60d1c33..d282619 100644
--- a/auth.h
+++ b/auth.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: auth.h,v 1.80 2015/01/19 20:16:15 markus Exp $ */
+/* $OpenBSD: auth.h,v 1.81 2015/01/26 06:10:03 djm Exp $ */
/*
* Copyright (c) 2000 Markus Friedl. All rights reserved.
@@ -204,8 +204,8 @@
/* hostkey handling */
Key *get_hostkey_by_index(int);
Key *get_hostkey_public_by_index(int, struct ssh *);
-Key *get_hostkey_public_by_type(int, struct ssh *);
-Key *get_hostkey_private_by_type(int, struct ssh *);
+Key *get_hostkey_public_by_type(int, int, struct ssh *);
+Key *get_hostkey_private_by_type(int, int, struct ssh *);
int get_hostkey_index(Key *, struct ssh *);
int ssh1_session_key(BIGNUM *);
int sshd_hostkey_sign(Key *, Key *, u_char **, size_t *, u_char *, size_t, u_int);