From 523463a3a2a9bfc6cfc5afa01bae9147f76a37cc Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Mon, 16 Feb 2015 22:13:32 +0000 Subject: upstream commit Revise hostkeys@openssh.com hostkey learning extension. The client will not ask the server to prove ownership of the private halves of any hitherto-unseen hostkeys it offers to the client. Allow UpdateHostKeys option to take an 'ask' argument to let the user manually review keys offered. ok markus@ --- ssh_api.c | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) (limited to 'ssh_api.c') diff --git a/ssh_api.c b/ssh_api.c index 7097c063..265a3e63 100644 --- a/ssh_api.c +++ b/ssh_api.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh_api.c,v 1.3 2015/01/30 01:13:33 djm Exp $ */ +/* $OpenBSD: ssh_api.c,v 1.4 2015/02/16 22:13:32 djm Exp $ */ /* * Copyright (c) 2012 Markus Friedl. All rights reserved. * @@ -41,7 +41,7 @@ int _ssh_verify_host_key(struct sshkey *, struct ssh *); struct sshkey *_ssh_host_public_key(int, int, struct ssh *); struct sshkey *_ssh_host_private_key(int, int, struct ssh *); int _ssh_host_key_sign(struct sshkey *, struct sshkey *, u_char **, - size_t *, u_char *, size_t, u_int); + size_t *, const u_char *, size_t, u_int); /* * stubs for the server side implementation of kex. @@ -524,7 +524,8 @@ _ssh_order_hostkeyalgs(struct ssh *ssh) int _ssh_host_key_sign(struct sshkey *privkey, struct sshkey *pubkey, - u_char **signature, size_t *slen, u_char *data, size_t dlen, u_int compat) + u_char **signature, size_t *slen, + const u_char *data, size_t dlen, u_int compat) { return sshkey_sign(privkey, signature, slen, data, dlen, compat); } -- cgit v1.2.1