diff options
author | Andreas Schneider <asn@cryptomilk.org> | 2012-02-15 09:23:07 +0100 |
---|---|---|
committer | Andreas Schneider <asn@cryptomilk.org> | 2012-02-19 18:49:07 +0100 |
commit | 1973e833f2f8987c7be494e5dff86008a8557758 (patch) | |
tree | 5575fbdd4919c3a7acc60127987820482a015126 /src/bind.c | |
parent | 387d9e485546a4f7e02e89fdcd097e700cf9ca81 (diff) | |
download | libssh-1973e833f2f8987c7be494e5dff86008a8557758.tar.gz libssh-1973e833f2f8987c7be494e5dff86008a8557758.tar.xz libssh-1973e833f2f8987c7be494e5dff86008a8557758.zip |
server: Add ecdsa hostkey support.
Diffstat (limited to 'src/bind.c')
-rw-r--r-- | src/bind.c | 35 |
1 files changed, 34 insertions, 1 deletions
@@ -165,12 +165,36 @@ int ssh_bind_listen(ssh_bind sshbind) { return -1; } - if (sshbind->dsakey == NULL && sshbind->rsakey == NULL) { + if (sshbind->ecdsakey == NULL && + sshbind->dsakey == NULL && + sshbind->rsakey == NULL) { ssh_set_error(sshbind, SSH_FATAL, "DSA or RSA host key file must be set before listen()"); return SSH_ERROR; } +#ifdef HAVE_ECC + if (sshbind->ecdsakey) { + rc = ssh_pki_import_privkey_file(sshbind->ecdsakey, + NULL, + NULL, + NULL, + &sshbind->ecdsa); + if (rc == SSH_ERROR) { + ssh_set_error(sshbind, SSH_FATAL, + "Failed to import private ECDSA host key"); + return SSH_ERROR; + } + + if (ssh_key_type(sshbind->ecdsa) != SSH_KEYTYPE_ECDSA) { + ssh_set_error(sshbind, SSH_FATAL, + "The ECDSA host key has the wrong type"); + ssh_key_free(sshbind->ecdsa); + return SSH_ERROR; + } + } +#endif + if (sshbind->dsakey) { rc = ssh_pki_import_privkey_file(sshbind->dsakey, NULL, @@ -385,6 +409,15 @@ int ssh_bind_accept_fd(ssh_bind sshbind, ssh_session session, socket_t fd){ ssh_socket_set_fd(session->socket, fd); ssh_socket_get_poll_handle_out(session->socket); +#ifdef HAVE_ECC + if (sshbind->ecdsa) { + session->srv.ecdsa_key = ssh_key_dup(sshbind->ecdsa); + if (session->srv.ecdsa_key == NULL) { + ssh_set_error_oom(sshbind); + return SSH_ERROR; + } + } +#endif if (sshbind->dsa) { session->srv.dsa_key = ssh_key_dup(sshbind->dsa); if (session->srv.dsa_key == NULL) { |