- markus@cvs.openbsd.org 2013/07/19 07:37:48
[auth.h kex.h kexdhs.c kexecdhs.c kexgexs.c monitor.c servconf.c]
[servconf.h session.c sshd.c sshd_config.5]
add ssh-agent(1) support to sshd(8); allows encrypted hostkeys,
or hostkeys on smartcards; most of the work by Zev Weiss; bz #1974
ok djm@
diff --git a/kexecdhs.c b/kexecdhs.c
index c42dcf4..3a580aa 100644
--- a/kexecdhs.c
+++ b/kexecdhs.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: kexecdhs.c,v 1.4 2013/05/17 00:13:13 djm Exp $ */
+/* $OpenBSD: kexecdhs.c,v 1.5 2013/07/19 07:37:48 markus Exp $ */
/*
* Copyright (c) 2001 Markus Friedl. All rights reserved.
* Copyright (c) 2010 Damien Miller. All rights reserved.
@@ -78,9 +78,6 @@
if (server_host_public == NULL)
fatal("Unsupported hostkey type %d", kex->hostkey_type);
server_host_private = kex->load_host_private_key(kex->hostkey_type);
- if (server_host_private == NULL)
- fatal("Missing private key for hostkey type %d",
- kex->hostkey_type);
debug("expecting SSH2_MSG_KEX_ECDH_INIT");
packet_read_expect(SSH2_MSG_KEX_ECDH_INIT);
@@ -139,9 +136,8 @@
}
/* sign H */
- if (PRIVSEP(key_sign(server_host_private, &signature, &slen,
- hash, hashlen)) < 0)
- fatal("kexdh_server: key_sign failed");
+ kex->sign(server_host_private, server_host_public, &signature, &slen,
+ hash, hashlen);
/* destroy_sensitive_data(); */