From 3dbedef4011325ea7a4efc52a92720f76ce10a1d Mon Sep 17 00:00:00 2001
From: djm <djm@openbsd.org>
Date: Sun, 21 Dec 2014 22:27:55 +0000
Subject: Add FingerprintHash option to control algorithm used for key
 fingerprints. Default changes from MD5 to SHA256 and format from hex to
 base64.

Feedback and ok naddy@ markus@
---
 usr.bin/ssh/ssh-keysign.c | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

(limited to 'usr.bin/ssh/ssh-keysign.c')

diff --git a/usr.bin/ssh/ssh-keysign.c b/usr.bin/ssh/ssh-keysign.c
index 79127adb073..7b119c993ed 100644
--- a/usr.bin/ssh/ssh-keysign.c
+++ b/usr.bin/ssh/ssh-keysign.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh-keysign.c,v 1.43 2014/10/08 22:20:25 djm Exp $ */
+/* $OpenBSD: ssh-keysign.c,v 1.44 2014/12/21 22:27:56 djm Exp $ */
 /*
  * Copyright (c) 2002 Markus Friedl.  All rights reserved.
  *
@@ -235,7 +235,8 @@ main(int argc, char **argv)
 		}
 	}
 	if (!found) {
-		fp = key_fingerprint(key, SSH_FP_MD5, SSH_FP_HEX);
+		fp = key_fingerprint(key, options.fingerprint_hash,
+		    SSH_FP_DEFAULT);
 		fatal("no matching hostkey found for key %s %s",
 		    key_type(key), fp);
 	}
-- 
cgit v1.2.3-59-g8ed1b