upstream commit
Revise hostkeys@openssh.com hostkey learning extension.
The client will not ask the server to prove ownership of the private
halves of any hitherto-unseen hostkeys it offers to the client.
Allow UpdateHostKeys option to take an 'ask' argument to let the
user manually review keys offered.
ok markus@
diff --git a/ssh_api.c b/ssh_api.c
index 7097c06..265a3e6 100644
--- a/ssh_api.c
+++ b/ssh_api.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh_api.c,v 1.3 2015/01/30 01:13:33 djm Exp $ */
+/* $OpenBSD: ssh_api.c,v 1.4 2015/02/16 22:13:32 djm Exp $ */
/*
* Copyright (c) 2012 Markus Friedl. All rights reserved.
*
@@ -41,7 +41,7 @@
struct sshkey *_ssh_host_public_key(int, int, struct ssh *);
struct sshkey *_ssh_host_private_key(int, int, struct ssh *);
int _ssh_host_key_sign(struct sshkey *, struct sshkey *, u_char **,
- size_t *, u_char *, size_t, u_int);
+ size_t *, const u_char *, size_t, u_int);
/*
* stubs for the server side implementation of kex.
@@ -524,7 +524,8 @@
int
_ssh_host_key_sign(struct sshkey *privkey, struct sshkey *pubkey,
- u_char **signature, size_t *slen, u_char *data, size_t dlen, u_int compat)
+ u_char **signature, size_t *slen,
+ const u_char *data, size_t dlen, u_int compat)
{
return sshkey_sign(privkey, signature, slen, data, dlen, compat);
}