- dtucker@cvs.openbsd.org 2013/11/07 11:58:27
[cipher.c cipher.h kex.c kex.h mac.c mac.h servconf.c ssh.c]
Output the effective values of Ciphers, MACs and KexAlgorithms when
the default has not been overridden. ok markus@
diff --git a/ChangeLog b/ChangeLog
index ca7cb03..a7098f6 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -3,6 +3,11 @@
- dtucker@cvs.openbsd.org 2013/11/08 01:06:14
[regress/rekey.sh]
Rekey less frequently during tests to speed them up
+ - (djm) OpenBSD CVS Sync
+ - dtucker@cvs.openbsd.org 2013/11/07 11:58:27
+ [cipher.c cipher.h kex.c kex.h mac.c mac.h servconf.c ssh.c]
+ Output the effective values of Ciphers, MACs and KexAlgorithms when
+ the default has not been overridden. ok markus@
20131107
- (djm) [ssh-pkcs11.c] Bring back "non-constant initialiser" fix (rev 1.5)
diff --git a/cipher.c b/cipher.c
index a2cbe2b..54315f4 100644
--- a/cipher.c
+++ b/cipher.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: cipher.c,v 1.89 2013/05/17 00:13:13 djm Exp $ */
+/* $OpenBSD: cipher.c,v 1.90 2013/11/07 11:58:27 dtucker Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -100,9 +100,9 @@
/*--*/
-/* Returns a comma-separated list of supported ciphers. */
+/* Returns a list of supported ciphers separated by the specified char. */
char *
-cipher_alg_list(void)
+cipher_alg_list(char sep)
{
char *ret = NULL;
size_t nlen, rlen = 0;
@@ -112,7 +112,7 @@
if (c->number != SSH_CIPHER_SSH2)
continue;
if (ret != NULL)
- ret[rlen++] = '\n';
+ ret[rlen++] = sep;
nlen = strlen(c->name);
ret = xrealloc(ret, 1, rlen + nlen + 2);
memcpy(ret + rlen, c->name, nlen + 1);
diff --git a/cipher.h b/cipher.h
index b878d50..4650234 100644
--- a/cipher.h
+++ b/cipher.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: cipher.h,v 1.40 2013/04/19 01:06:50 djm Exp $ */
+/* $OpenBSD: cipher.h,v 1.41 2013/11/07 11:58:27 dtucker Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
@@ -75,7 +75,7 @@
int cipher_number(const char *);
char *cipher_name(int);
int ciphers_valid(const char *);
-char *cipher_alg_list(void);
+char *cipher_alg_list(char);
void cipher_init(CipherContext *, const Cipher *, const u_char *, u_int,
const u_char *, u_int, int);
void cipher_crypt(CipherContext *, u_char *, const u_char *,
diff --git a/kex.c b/kex.c
index 07f25e2..0b139dc 100644
--- a/kex.c
+++ b/kex.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: kex.c,v 1.92 2013/11/02 21:59:15 markus Exp $ */
+/* $OpenBSD: kex.c,v 1.93 2013/11/07 11:58:27 dtucker Exp $ */
/*
* Copyright (c) 2000, 2001 Markus Friedl. All rights reserved.
*
@@ -85,7 +85,7 @@
};
char *
-kex_alg_list(void)
+kex_alg_list(char sep)
{
char *ret = NULL;
size_t nlen, rlen = 0;
@@ -93,7 +93,7 @@
for (k = kexalgs; k->name != NULL; k++) {
if (ret != NULL)
- ret[rlen++] = '\n';
+ ret[rlen++] = sep;
nlen = strlen(k->name);
ret = xrealloc(ret, 1, rlen + nlen + 2);
memcpy(ret + rlen, k->name, nlen + 1);
diff --git a/kex.h b/kex.h
index 0f67f59..800a692 100644
--- a/kex.h
+++ b/kex.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: kex.h,v 1.57 2013/11/02 21:59:15 markus Exp $ */
+/* $OpenBSD: kex.h,v 1.58 2013/11/07 11:58:27 dtucker Exp $ */
/*
* Copyright (c) 2000, 2001 Markus Friedl. All rights reserved.
@@ -146,7 +146,7 @@
};
int kex_names_valid(const char *);
-char *kex_alg_list(void);
+char *kex_alg_list(char);
Kex *kex_setup(char *[PROPOSAL_MAX]);
void kex_finish(Kex *);
diff --git a/mac.c b/mac.c
index c4dfb50..c71b6a7 100644
--- a/mac.c
+++ b/mac.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: mac.c,v 1.24 2013/06/03 00:03:18 dtucker Exp $ */
+/* $OpenBSD: mac.c,v 1.25 2013/11/07 11:58:27 dtucker Exp $ */
/*
* Copyright (c) 2001 Markus Friedl. All rights reserved.
*
@@ -91,9 +91,9 @@
{ NULL, 0, NULL, 0, 0, 0, 0 }
};
-/* Returns a comma-separated list of supported MACs. */
+/* Returns a list of supported MACs separated by the specified char. */
char *
-mac_alg_list(void)
+mac_alg_list(char sep)
{
char *ret = NULL;
size_t nlen, rlen = 0;
@@ -101,7 +101,7 @@
for (m = macs; m->name != NULL; m++) {
if (ret != NULL)
- ret[rlen++] = '\n';
+ ret[rlen++] = sep;
nlen = strlen(m->name);
ret = xrealloc(ret, 1, rlen + nlen + 2);
memcpy(ret + rlen, m->name, nlen + 1);
diff --git a/mac.h b/mac.h
index 260798a..fbe18c4 100644
--- a/mac.h
+++ b/mac.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: mac.h,v 1.7 2013/04/19 01:06:50 djm Exp $ */
+/* $OpenBSD: mac.h,v 1.8 2013/11/07 11:58:27 dtucker Exp $ */
/*
* Copyright (c) 2001 Markus Friedl. All rights reserved.
*
@@ -24,7 +24,7 @@
*/
int mac_valid(const char *);
-char *mac_alg_list(void);
+char *mac_alg_list(char);
int mac_setup(Mac *, char *);
int mac_init(Mac *);
u_char *mac_compute(Mac *, u_int32_t, u_char *, int);
diff --git a/servconf.c b/servconf.c
index 0f1bdd0..3593223 100644
--- a/servconf.c
+++ b/servconf.c
@@ -1,5 +1,5 @@
-/* $OpenBSD: servconf.c,v 1.244 2013/10/29 09:48:02 djm Exp $ */
+/* $OpenBSD: servconf.c,v 1.245 2013/11/07 11:58:27 dtucker Exp $ */
/*
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
* All rights reserved
@@ -2037,8 +2037,9 @@
/* string arguments */
dump_cfg_string(sPidFile, o->pid_file);
dump_cfg_string(sXAuthLocation, o->xauth_location);
- dump_cfg_string(sCiphers, o->ciphers);
- dump_cfg_string(sMacs, o->macs);
+ dump_cfg_string(sCiphers, o->ciphers ? o->ciphers :
+ cipher_alg_list(','));
+ dump_cfg_string(sMacs, o->macs ? o->macs : mac_alg_list(','));
dump_cfg_string(sBanner, o->banner);
dump_cfg_string(sForceCommand, o->adm_forced_command);
dump_cfg_string(sChrootDirectory, o->chroot_directory);
@@ -2050,6 +2051,8 @@
dump_cfg_string(sAuthorizedKeysCommand, o->authorized_keys_command);
dump_cfg_string(sAuthorizedKeysCommandUser, o->authorized_keys_command_user);
dump_cfg_string(sHostKeyAgent, o->host_key_agent);
+ dump_cfg_string(sKexAlgorithms, o->kex_algorithms ? o->kex_algorithms :
+ kex_alg_list(','));
/* string arguments requiring a lookup */
dump_cfg_string(sLogLevel, log_level_name(o->log_level));
diff --git a/ssh.c b/ssh.c
index ef94591..e2c4363 100644
--- a/ssh.c
+++ b/ssh.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh.c,v 1.391 2013/10/25 23:04:51 djm Exp $ */
+/* $OpenBSD: ssh.c,v 1.392 2013/11/07 11:58:27 dtucker Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -520,11 +520,11 @@
case 'Q': /* deprecated */
cp = NULL;
if (strcasecmp(optarg, "cipher") == 0)
- cp = cipher_alg_list();
+ cp = cipher_alg_list('\n');
else if (strcasecmp(optarg, "mac") == 0)
- cp = mac_alg_list();
+ cp = mac_alg_list('\n');
else if (strcasecmp(optarg, "kex") == 0)
- cp = kex_alg_list();
+ cp = kex_alg_list('\n');
else if (strcasecmp(optarg, "key") == 0)
cp = key_alg_list();
if (cp == NULL)