Bugzilla – Attachment 2947 Details for
Bug 2680
Regression in server-sig-algs offer in 7.4p1 (Deprecation of SHA1 is not being enforced)
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
patch
bz2680.diff (text/plain), 2.21 KB, created by
Damien Miller
on 2017-02-24 14:48:27 AEDT
(
hide
)
Description:
patch
Filename:
MIME Type:
Creator:
Damien Miller
Created:
2017-02-24 14:48:27 AEDT
Size:
2.21 KB
patch
obsolete
>diff --git a/kex.c b/kex.c >index a30dabe5..13bb9aa6 100644 >--- a/kex.c >+++ b/kex.c >@@ -348,7 +348,7 @@ kex_send_ext_info(struct ssh *ssh) > int r; > char *algs; > >- if ((algs = sshkey_alg_list(0, 1, ',')) == NULL) >+ if ((algs = sshkey_alg_list(0, 1, 1, ',')) == NULL) > return SSH_ERR_ALLOC_FAIL; > if ((r = sshpkt_start(ssh, SSH2_MSG_EXT_INFO)) != 0 || > (r = sshpkt_put_u32(ssh, 1)) != 0 || >diff --git a/ssh.c b/ssh.c >index 0b34edff..c74d3b69 100644 >--- a/ssh.c >+++ b/ssh.c >@@ -684,11 +684,11 @@ main(int ac, char **av) > else if (strcmp(optarg, "kex") == 0) > cp = kex_alg_list('\n'); > else if (strcmp(optarg, "key") == 0) >- cp = sshkey_alg_list(0, 0, '\n'); >+ cp = sshkey_alg_list(0, 0, 0, '\n'); > else if (strcmp(optarg, "key-cert") == 0) >- cp = sshkey_alg_list(1, 0, '\n'); >+ cp = sshkey_alg_list(1, 0, 0, '\n'); > else if (strcmp(optarg, "key-plain") == 0) >- cp = sshkey_alg_list(0, 1, '\n'); >+ cp = sshkey_alg_list(0, 1, 0, '\n'); > else if (strcmp(optarg, "protocol-version") == 0) { > #ifdef WITH_SSH1 > cp = xstrdup("1\n2"); >diff --git a/sshkey.c b/sshkey.c >index 85fd1bd9..11ac9513 100644 >--- a/sshkey.c >+++ b/sshkey.c >@@ -197,14 +197,16 @@ sshkey_ecdsa_nid_from_name(const char *name) > } > > char * >-sshkey_alg_list(int certs_only, int plain_only, char sep) >+sshkey_alg_list(int certs_only, int plain_only, int include_sigonly, char sep) > { > char *tmp, *ret = NULL; > size_t nlen, rlen = 0; > const struct keytype *kt; > > for (kt = keytypes; kt->type != -1; kt++) { >- if (kt->name == NULL || kt->sigonly) >+ if (kt->name == NULL) >+ continue; >+ if (!include_sigonly && kt->sigonly) > continue; > if ((certs_only && !kt->cert) || (plain_only && kt->cert)) > continue; >diff --git a/sshkey.h b/sshkey.h >index f3936384..6a3ff2f5 100644 >--- a/sshkey.h >+++ b/sshkey.h >@@ -156,7 +156,7 @@ int sshkey_ec_validate_private(const EC_KEY *); > const char *sshkey_ssh_name(const struct sshkey *); > const char *sshkey_ssh_name_plain(const struct sshkey *); > int sshkey_names_valid2(const char *, int); >-char *sshkey_alg_list(int, int, char); >+char *sshkey_alg_list(int, int, int, char); > > int sshkey_from_blob(const u_char *, size_t, struct sshkey **); > int sshkey_fromb(struct sshbuf *, struct sshkey **);
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=2947">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Flags:
dtucker
:
ok+
Actions:
View
|
Diff
Attachments on
bug 2680
: 2947