diff options
| author | djm@openbsd.org <djm@openbsd.org> | 2014-12-21 22:27:55 +0000 |
|---|---|---|
| committer | Damien Miller <djm@mindrot.org> | 2014-12-22 09:32:29 +1100 |
| commit | 56d1c83cdd1ac76f1c6bd41e01e80dad834f3994 (patch) | |
| tree | 700a872e702c686c1815bb1049eb93e88079b598 /dns.c | |
| parent | 058f839fe15c51be8b3a844a76ab9a8db550be4f (diff) | |
| download | openssh-git-56d1c83cdd1ac76f1c6bd41e01e80dad834f3994.tar.gz | |
upstream commit
Add FingerprintHash option to control algorithm used for
key fingerprints. Default changes from MD5 to SHA256 and format from hex to
base64.
Feedback and ok naddy@ markus@
Diffstat (limited to 'dns.c')
| -rw-r--r-- | dns.c | 11 |
1 files changed, 6 insertions, 5 deletions
@@ -1,4 +1,4 @@ -/* $OpenBSD: dns.c,v 1.31 2014/06/24 01:13:21 djm Exp $ */ +/* $OpenBSD: dns.c,v 1.32 2014/12/21 22:27:56 djm Exp $ */ /* * Copyright (c) 2003 Wesley Griffin. All rights reserved. @@ -41,6 +41,7 @@ #include "key.h" #include "dns.h" #include "log.h" +#include "digest.h" static const char *errset_text[] = { "success", /* 0 ERRSET_SUCCESS */ @@ -80,7 +81,7 @@ dns_read_key(u_int8_t *algorithm, u_int8_t *digest_type, u_char **digest, u_int *digest_len, Key *key) { int success = 0; - enum fp_type fp_type = 0; + int fp_alg = -1; switch (key->type) { case KEY_RSA: @@ -110,17 +111,17 @@ dns_read_key(u_int8_t *algorithm, u_int8_t *digest_type, switch (*digest_type) { case SSHFP_HASH_SHA1: - fp_type = SSH_FP_SHA1; + fp_alg = SSH_DIGEST_SHA1; break; case SSHFP_HASH_SHA256: - fp_type = SSH_FP_SHA256; + fp_alg = SSH_DIGEST_SHA256; break; default: *digest_type = SSHFP_HASH_RESERVED; /* 0 */ } if (*algorithm && *digest_type) { - *digest = key_fingerprint_raw(key, fp_type, digest_len); + *digest = key_fingerprint_raw(key, fp_alg, digest_len); if (*digest == NULL) fatal("dns_read_key: null from key_fingerprint_raw()"); success = 1; |