Add FingerprintHash option to control algorithm used for key

fingerprints. Default changes from MD5 to SHA256 and format from hex to base64. Feedback and ok naddy@ markus@
author: djm <djm@openbsd.org> 2014-12-21 22:27:55 +0000
committer: djm <djm@openbsd.org> 2014-12-21 22:27:55 +0000
commit: 3dbedef4011325ea7a4efc52a92720f76ce10a1d (patch)
tree: b5a65003d705ba054fe2325b2be9a7ce451450ed /usr.bin/ssh/auth.c
parent: WSCONS_EVENT_WSMOUSED_SLEEP and WSCONS_EVENT_WSMOUSED_CLOSE not used anymore. (diff)
download: wireguard-openbsd-3dbedef4011325ea7a4efc52a92720f76ce10a1d.tar.xz
wireguard-openbsd-3dbedef4011325ea7a4efc52a92720f76ce10a1d.zip
1 files changed, 3 insertions, 2 deletions
diff --git a/usr.bin/ssh/auth.c b/usr.bin/ssh/auth.c
index 4f823defbd3..e27944d0929 100644
--- a/usr.bin/ssh/auth.c
+++ b/usr.bin/ssh/auth.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: auth.c,v 1.107 2014/12/04 02:24:32 djm Exp $ */
+/* $OpenBSD: auth.c,v 1.108 2014/12/21 22:27:56 djm Exp $ */
 /*
  * Copyright (c) 2000 Markus Friedl.  All rights reserved.
  *
@@ -552,7 +552,8 @@ auth_key_is_revoked(Key *key)
 
 	if (options.revoked_keys_file == NULL)
 		return 0;
-	if ((fp = sshkey_fingerprint(key, SSH_FP_MD5, SSH_FP_HEX)) == NULL) {
+	if ((fp = sshkey_fingerprint(key, options.fingerprint_hash,
+	    SSH_FP_DEFAULT)) == NULL) {
 		r = SSH_ERR_ALLOC_FAIL;
 		error("%s: fingerprint key: %s", __func__, ssh_err(r));
 		goto out;
author	djm <djm@openbsd.org>	2014-12-21 22:27:55 +0000
committer	djm <djm@openbsd.org>	2014-12-21 22:27:55 +0000
commit	3dbedef4011325ea7a4efc52a92720f76ce10a1d (patch)
tree	b5a65003d705ba054fe2325b2be9a7ce451450ed /usr.bin/ssh/auth.c
parent	WSCONS_EVENT_WSMOUSED_SLEEP and WSCONS_EVENT_WSMOUSED_CLOSE not used anymore. (diff)
download	wireguard-openbsd-3dbedef4011325ea7a4efc52a92720f76ce10a1d.tar.xz wireguard-openbsd-3dbedef4011325ea7a4efc52a92720f76ce10a1d.zip