ssh-keyscan for ssh2 (was Re: openssh-2.9p1)

[mouring at etoh.eviladmin.org]

Hmm.. not fully right..  <sigh>  -DR does not work.

- Ben

On Fri, 18 May 2001 mouring at etoh.eviladmin.org wrote:

>
> When I mean by missing.. How do I pull DSAv2 keys from a remote machine
> using your patch?
>
> What is needed is:
>
> -1 -- RSA Protocol 1 Keys
> -R -- RSA Protocol 2 Keys
> -D -- DSA Protocol 2 Keys
>
>
> This is a patch which is against your current version
>
> --- ../xxh/ssh-keyscan.c	Fri May 18 10:26:38 2001
> +++ ssh-keyscan.c	Fri May 18 10:27:20 2001
> @@ -44,7 +44,7 @@
>  int IPv4or6 = AF_UNSPEC;
>  #endif
>
> -int get_keytypes = 1;		/* Get only RSA keys by default */
> +int get_keytypes = 1;		/* Get only RSA1 keys by default */
>
>  #define MAXMAXFD 256
>
> @@ -78,7 +78,7 @@
>  	int c_plen;		/* Packet length field for ssh packet */
>  	int c_len;		/* Total bytes which must be read. */
>  	int c_off;		/* Length of data read so far. */
> -	int c_keytypes;		/* bits: 1 = get RSA, 2 = get DSA */
> +	int c_keytypes;		/* bits: 1 = RSA1, 2 = DSA, 4 = RSA */
>  	char *c_namebase;	/* Address to free for c_name and c_namelist */
>  	char *c_name;		/* Hostname of connection for errors */
>  	char *c_namelist;	/* Pointer to other possible addresses */
> @@ -319,12 +319,16 @@
>  }
>
>  Key *
> -keygrab_ssh2(con *c)
> +keygrab_ssh2(con *c, int keytypes)
>  {
>  	Key *key;
>
>  	packet_set_connection(c->c_fd, c->c_fd);
>  	packet_set_ssh2_format();
> +	myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = "ssh-rsa";
> +	if (keytypes == 2)
> +		myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = "ssh-dss";
> +
>  	c->c_kex = kex_setup(myproposal);
>  	c->c_kex->check_host_key = hostjump;
>
> @@ -496,7 +500,7 @@
>  	}
>  	*cp = '\0';
>  	fprintf(stderr, "# %s %s\n", c->c_name, buf);
> -	if (!(c->c_keytypes & 1)) {
> +	if (c->c_keytypes == 2 || c->c_keytypes == 4) {
>  		char remote_version[sizeof buf];
>
>  		if (sscanf(buf, "SSH-%*d.%*d-%[^\n]\n", remote_version) == 1)
> @@ -512,12 +516,11 @@
>  		confree(s);
>  		return;
>  	}
> -	if (!(c->c_keytypes & 1)) {
> -		keyprint(c, keygrab_ssh2(c));
> -		c->c_keytypes &= ~2;
> +	if (c->c_keytypes == 2 || c->c_keytypes == 4) {
> +		keyprint(c, keygrab_ssh2(c,c->c_keytypes));
>  		confree(s);
>  		return;
> -	}
> +	}
>  	c->c_status = CS_SIZE;
>  	contouch(s);
>  }
> @@ -625,7 +628,6 @@
>  	static Linebuf *lb;
>  	char *fname;
>  	int first_proto_option = 1;
> -
>  	for (;;) {
>  		if (lb) {
>  			char *line;
> @@ -659,12 +661,25 @@
>  				lb = Linebuf_alloc(fname, error);
>  				goto double_break;
>  			case '1':
> -			case '2':
>  				if (first_proto_option) {
>  					get_keytypes = 0;
>  					first_proto_option = 0;
>  				}
> -				get_keytypes |= argv[argno][0] - '0';
> +				get_keytypes |= 1;
> +				break;
> +			case 'D':
> +				if (first_proto_option) {
> +					get_keytypes = 0;
> +					first_proto_option = 0;
> +				}
> +				get_keytypes |= 2;
> +				break;
> +			case 'R':
> +				if (first_proto_option) {
> +					get_keytypes = 0;
> +					first_proto_option = 0;
> +				}
> +				get_keytypes |= 4;
>  				break;
>  			case '4':
>  				IPv4or6 = AF_INET;
> @@ -686,7 +701,7 @@
>  void
>  usage(void)
>  {
> -	fatal("usage: %s [-t timeout] { [-1|-2|-4|-6] [--] host | -f file } ...",
> +	fatal("usage: %s [-t timeout] { [-1|-R|-D|-4|-6] [--] host | -f file } ...",
>  	    __progname);
>  	return;
>  }
>
>