From: djm@openbsd.org <djm@openbsd.org>
Date: Thu, 6 Feb 2020 22:46:31 +0000 (+0000)
Subject: upstream: expand HostkeyAlgorithms prior to config dump, matching
X-Git-Tag: V_8_2_P1~9
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=c7288486731734a864b58d024b1395029b55bbc5;p=thirdparty%2Fopenssh-portable.git

upstream: expand HostkeyAlgorithms prior to config dump, matching

other algorithm lists; ok markus@

OpenBSD-Commit-ID: a66f0fca8cc5ce30405a2867bc115fff600671d0
---

diff --git a/readconf.c b/readconf.c
index 20f1c04ee..f3cac6b3a 100644
--- a/readconf.c
+++ b/readconf.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: readconf.c,v 1.325 2020/02/03 23:47:57 djm Exp $ */
+/* $OpenBSD: readconf.c,v 1.326 2020/02/06 22:46:31 djm Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -2663,8 +2663,20 @@ dump_cfg_forwards(OpCodes code, u_int count, const struct Forward *fwds)
 void
 dump_client_config(Options *o, const char *host)
 {
-	int i;
-	char buf[8];
+	int i, r;
+	char buf[8], *all_key;
+
+	/*
+	 * Expand HostKeyAlgorithms name lists. This isn't handled in
+	 * fill_default_options() like the other algorithm lists because
+	 * the host key algorithms are by default dynamically chosen based
+	 * on the host's keys found in known_hosts.
+	 */
+	all_key = sshkey_alg_list(0, 0, 1, ',');
+	if ((r = kex_assemble_names(&o->hostkeyalgorithms, kex_default_pk_alg(),
+	    all_key)) != 0)
+		fatal("%s: expand HostKeyAlgorithms: %s", __func__, ssh_err(r));
+	free(all_key);
 
 	/* Most interesting options first: user, host, port */
 	dump_cfg_string(oUser, o->user);