7946
|
1 |
#
|
|
2 |
# Temporary patch for 7.4p1 regression fixed in 7.5
|
|
3 |
# From upstream
|
|
4 |
# Remove when upgrading
|
|
5 |
#
|
|
6 |
# https://bugzilla.mindrot.org/show_bug.cgi?id=2680
|
|
7 |
# fix regression in 7.4 server-sig-algs,
|
|
8 |
# accidentally excluding SHA2 RSA signature methods.
|
|
9 |
#
|
|
10 |
|
|
11 |
diff -rupN old/kex.c new/kex.c
|
|
12 |
--- old/kex.c 2017-03-28 19:08:53.584501767 -0700
|
|
13 |
+++ new/kex.c 2017-03-28 19:22:26.034204047 -0700
|
|
14 |
@@ -388,7 +388,7 @@ kex_send_ext_info(struct ssh *ssh)
|
|
15 |
int r;
|
|
16 |
char *algs;
|
|
17 |
|
|
18 |
- if ((algs = sshkey_alg_list(0, 1, ',')) == NULL)
|
|
19 |
+ if ((algs = sshkey_alg_list(0, 1, 1, ',')) == NULL)
|
|
20 |
return SSH_ERR_ALLOC_FAIL;
|
|
21 |
if ((r = sshpkt_start(ssh, SSH2_MSG_EXT_INFO)) != 0 ||
|
|
22 |
(r = sshpkt_put_u32(ssh, 1)) != 0 ||
|
|
23 |
diff -rupN old/ssh.c new/ssh.c
|
|
24 |
--- old/ssh.c 2017-03-28 19:08:53.587726975 -0700
|
|
25 |
+++ new/ssh.c 2017-03-28 19:25:10.561309338 -0700
|
|
26 |
@@ -697,11 +697,11 @@ main(int ac, char **av)
|
|
27 |
else if (strcmp(optarg, "kex") == 0)
|
|
28 |
cp = kex_alg_list('\n');
|
|
29 |
else if (strcmp(optarg, "key") == 0)
|
|
30 |
- cp = sshkey_alg_list(0, 0, '\n');
|
|
31 |
+ cp = sshkey_alg_list(0, 0, 0, '\n');
|
|
32 |
else if (strcmp(optarg, "key-cert") == 0)
|
|
33 |
- cp = sshkey_alg_list(1, 0, '\n');
|
|
34 |
+ cp = sshkey_alg_list(1, 0, 0, '\n');
|
|
35 |
else if (strcmp(optarg, "key-plain") == 0)
|
|
36 |
- cp = sshkey_alg_list(0, 1, '\n');
|
|
37 |
+ cp = sshkey_alg_list(0, 1, 0, '\n');
|
|
38 |
else if (strcmp(optarg, "protocol-version") == 0) {
|
|
39 |
#ifdef WITH_SSH1
|
|
40 |
cp = xstrdup("1\n2");
|
|
41 |
diff -rupN old/sshkey.c new/sshkey.c
|
|
42 |
--- old/sshkey.c 2017-03-28 19:08:53.590992687 -0700
|
|
43 |
+++ new/sshkey.c 2017-03-28 19:32:28.309848396 -0700
|
|
44 |
@@ -235,14 +235,16 @@ sshkey_ecdsa_nid_from_name(const char *n
|
|
45 |
}
|
|
46 |
|
|
47 |
char *
|
|
48 |
-sshkey_alg_list(int certs_only, int plain_only, char sep)
|
|
49 |
+sshkey_alg_list(int certs_only, int plain_only, int include_sigonly, char sep)
|
|
50 |
{
|
|
51 |
char *tmp, *ret = NULL;
|
|
52 |
size_t nlen, rlen = 0;
|
|
53 |
const struct keytype *kt;
|
|
54 |
|
|
55 |
for (kt = keytypes; kt->type != -1; kt++) {
|
|
56 |
- if (kt->name == NULL || kt->sigonly)
|
|
57 |
+ if (kt->name == NULL)
|
|
58 |
+ continue;
|
|
59 |
+ if (!include_sigonly && kt->sigonly)
|
|
60 |
continue;
|
|
61 |
if ((certs_only && !kt->cert) || (plain_only && kt->cert))
|
|
62 |
continue;
|
|
63 |
diff -rupN old/sshkey.h new/sshkey.h
|
|
64 |
--- old/sshkey.h 2017-03-28 19:08:53.594083865 -0700
|
|
65 |
+++ new/sshkey.h 2017-03-28 19:33:39.322046181 -0700
|
|
66 |
@@ -157,7 +157,7 @@ int sshkey_ec_validate_private(const E
|
|
67 |
const char *sshkey_ssh_name(const struct sshkey *);
|
|
68 |
const char *sshkey_ssh_name_plain(const struct sshkey *);
|
|
69 |
int sshkey_names_valid2(const char *, int);
|
|
70 |
-char *sshkey_alg_list(int, int, char);
|
|
71 |
+char *sshkey_alg_list(int, int, int, char);
|
|
72 |
|
|
73 |
int sshkey_from_blob(const u_char *, size_t, struct sshkey **);
|
|
74 |
int sshkey_fromb(struct sshbuf *, struct sshkey **);
|