- otto@cvs.openbsd.org 2011/01/04 20:44:13
[ssh-keyscan.c]
handle ecdsa-sha2 with various key lengths; hint and ok djm@
diff --git a/ssh-keyscan.c b/ssh-keyscan.c
index 3fb1214..25d7ac6 100644
--- a/ssh-keyscan.c
+++ b/ssh-keyscan.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh-keyscan.c,v 1.83 2010/08/31 11:54:45 djm Exp $ */
+/* $OpenBSD: ssh-keyscan.c,v 1.84 2011/01/04 20:44:13 otto Exp $ */
/*
* Copyright 1995, 1996 by David Mazieres <dm@lcs.mit.edu>.
*
@@ -246,7 +246,8 @@
packet_set_connection(c->c_fd, c->c_fd);
enable_compat20();
myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = c->c_keytype == KT_DSA?
- "ssh-dss": "ssh-rsa";
+ "ssh-dss" : (c->c_keytype == KT_RSA ? "ssh-rsa" :
+ "ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521");
c->c_kex = kex_setup(myproposal);
c->c_kex->kex[KEX_DH_GRP1_SHA1] = kexdh_client;
c->c_kex->kex[KEX_DH_GRP14_SHA1] = kexdh_client;
@@ -573,7 +574,7 @@
if (name == NULL)
return;
- for (j = KT_RSA1; j <= KT_RSA; j *= 2) {
+ for (j = KT_RSA1; j <= KT_ECDSA; j *= 2) {
if (get_keytypes & j) {
while (ncon >= MAXCON)
conloop();