diff options
author | markus@openbsd.org <markus@openbsd.org> | 2015-07-10 06:21:53 +0000 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 2015-07-15 15:38:02 +1000 |
commit | 3a1638dda19bbc73d0ae02b4c251ce08e564b4b9 (patch) | |
tree | e74e4219344349a4f9a4393aa4c2c6b7baecb127 /clientloop.c | |
parent | 16db0a7ee9a87945cc594d13863cfcb86038db59 (diff) |
upstream commit
Turn off DSA by default; add HostKeyAlgorithms to the
server and PubkeyAcceptedKeyTypes to the client side, so it still can be
tested or turned back on; feedback and ok djm@
Upstream-ID: 8450a9e6d83f80c9bfed864ff061dfc9323cec21
Diffstat (limited to 'clientloop.c')
-rw-r--r-- | clientloop.c | 10 |
1 files changed, 6 insertions, 4 deletions
diff --git a/clientloop.c b/clientloop.c index dc0e557a..87ceb3da 100644 --- a/clientloop.c +++ b/clientloop.c @@ -1,4 +1,4 @@ -/* $OpenBSD: clientloop.c,v 1.274 2015/07/01 02:26:31 djm Exp $ */ +/* $OpenBSD: clientloop.c,v 1.275 2015/07/10 06:21:53 markus Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland @@ -100,6 +100,7 @@ #include "key.h" #include "cipher.h" #include "kex.h" +#include "myproposal.h" #include "log.h" #include "misc.h" #include "readconf.h" @@ -2362,10 +2363,11 @@ client_input_hostkeys(void) debug3("%s: received %s key %s", __func__, sshkey_type(key), fp); free(fp); + /* Check that the key is accepted in HostkeyAlgorithms */ - if (options.hostkeyalgorithms != NULL && - match_pattern_list(sshkey_ssh_name(key), - options.hostkeyalgorithms, 0) != 1) { + if (match_pattern_list(sshkey_ssh_name(key), + options.hostkeyalgorithms ? options.hostkeyalgorithms : + KEX_DEFAULT_PK_ALG, 0) != 1) { debug3("%s: %s key not permitted by HostkeyAlgorithms", __func__, sshkey_ssh_name(key)); continue; |