[openssh-commits] [openssh] 05/11: upstream commit

Fri Mar 10 15:35:48 AEDT 2017

This is an automated email from the git hooks/post-receive script.

djm pushed a commit to branch master
in repository openssh.

commit 183ba55aaaecca0206184b854ad6155df237adbe
Author: djm at openbsd.org <djm at openbsd.org>
Date:   Fri Mar 10 04:07:20 2017 +0000

    upstream commit
    
    fix regression in 7.4 server-sig-algs, where we were
    accidentally excluding SHA2 RSA signature methods. bz#2680, patch from Nuno
    Goncalves; ok dtucker@
    
    Upstream-ID: 81ac8bfb30960447740b9b8f6a214dcf322f12e8
---
 kex.c    | 4 ++--
 ssh.c    | 8 ++++----
 sshkey.c | 8 +++++---
 sshkey.h | 4 ++--
 4 files changed, 13 insertions(+), 11 deletions(-)

diff --git a/kex.c b/kex.c
index 5b42518..8ac0029 100644
--- a/kex.c
+++ b/kex.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: kex.c,v 1.129 2017/03/10 03:45:40 dtucker Exp $ */
+/* $OpenBSD: kex.c,v 1.130 2017/03/10 04:07:20 djm Exp $ */
 /*
  * Copyright (c) 2000, 2001 Markus Friedl.  All rights reserved.
  *
@@ -350,7 +350,7 @@ kex_send_ext_info(struct ssh *ssh)
 	int r;
 	char *algs;
 
-	if ((algs = sshkey_alg_list(0, 1, ',')) == NULL)
+	if ((algs = sshkey_alg_list(0, 1, 1, ',')) == NULL)
 		return SSH_ERR_ALLOC_FAIL;
 	if ((r = sshpkt_start(ssh, SSH2_MSG_EXT_INFO)) != 0 ||
 	    (r = sshpkt_put_u32(ssh, 1)) != 0 ||
diff --git a/ssh.c b/ssh.c
index 1e222b3..32b27bb 100644
--- a/ssh.c
+++ b/ssh.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh.c,v 1.450 2017/03/08 12:07:47 djm Exp $ */
+/* $OpenBSD: ssh.c,v 1.451 2017/03/10 04:07:20 djm Exp $ */
 /*
  * Author: Tatu Ylonen <ylo at cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo at cs.hut.fi>, Espoo, Finland
@@ -684,11 +684,11 @@ main(int ac, char **av)
 			else if (strcmp(optarg, "kex") == 0)
 				cp = kex_alg_list('\n');
 			else if (strcmp(optarg, "key") == 0)
-				cp = sshkey_alg_list(0, 0, '\n');
+				cp = sshkey_alg_list(0, 0, 0, '\n');
 			else if (strcmp(optarg, "key-cert") == 0)
-				cp = sshkey_alg_list(1, 0, '\n');
+				cp = sshkey_alg_list(1, 0, 0, '\n');
 			else if (strcmp(optarg, "key-plain") == 0)
-				cp = sshkey_alg_list(0, 1, '\n');
+				cp = sshkey_alg_list(0, 1, 0, '\n');
 			else if (strcmp(optarg, "protocol-version") == 0) {
 #ifdef WITH_SSH1
 				cp = xstrdup("1\n2");
diff --git a/sshkey.c b/sshkey.c
index 06e11c6..53a7674 100644
--- a/sshkey.c
+++ b/sshkey.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: sshkey.c,v 1.44 2017/03/10 03:48:57 dtucker Exp $ */
+/* $OpenBSD: sshkey.c,v 1.45 2017/03/10 04:07:20 djm Exp $ */
 /*
  * Copyright (c) 2000, 2001 Markus Friedl.  All rights reserved.
  * Copyright (c) 2008 Alexander von Gernler.  All rights reserved.
@@ -197,14 +197,16 @@ sshkey_ecdsa_nid_from_name(const char *name)
 }
 
 char *
-sshkey_alg_list(int certs_only, int plain_only, char sep)
+sshkey_alg_list(int certs_only, int plain_only, int include_sigonly, char sep)
 {
 	char *tmp, *ret = NULL;
 	size_t nlen, rlen = 0;
 	const struct keytype *kt;
 
 	for (kt = keytypes; kt->type != -1; kt++) {
-		if (kt->name == NULL || kt->sigonly)
+		if (kt->name == NULL)
+			continue;
+		if (!include_sigonly && kt->sigonly)
 			continue;
 		if ((certs_only && !kt->cert) || (plain_only && kt->cert))
 			continue;
diff --git a/sshkey.h b/sshkey.h
index f393638..1b9e42f 100644
--- a/sshkey.h
+++ b/sshkey.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: sshkey.h,v 1.14 2016/09/12 23:31:27 djm Exp $ */
+/* $OpenBSD: sshkey.h,v 1.15 2017/03/10 04:07:20 djm Exp $ */
 
 /*
  * Copyright (c) 2000, 2001 Markus Friedl.  All rights reserved.
@@ -156,7 +156,7 @@ int		 sshkey_ec_validate_private(const EC_KEY *);
 const char	*sshkey_ssh_name(const struct sshkey *);
 const char	*sshkey_ssh_name_plain(const struct sshkey *);
 int		 sshkey_names_valid2(const char *, int);
-char		*sshkey_alg_list(int, int, char);
+char		*sshkey_alg_list(int, int, int, char);
 
 int	 sshkey_from_blob(const u_char *, size_t, struct sshkey **);
 int	 sshkey_fromb(struct sshbuf *, struct sshkey **);

-- 
To stop receiving notification emails like this one, please contact
djm at mindrot.org.
