Hi Alan, Ok for me for all your patches, under the condition that it doesn't break libgcrypt compilation (I'm not 100% sure about patch 2/6)
Thanks for your contribution, Aris Le 7/03/14 15:13, Alan Dunn a écrit : > Hi folks, > > I've combined my ECDSA host key efforts into one patchset. This > patchset fixes bugs that blocked use of ECDSA host keys, adds an > option to use ECDSA host keys (SSH_BIND_OPTIONS_ECDSAKEY), and then > incorporates the use of the ECDSA host keys into the main example > program. > > In the near future, I will also try to add a better > SSH_BIND_OPTIONS_HOSTKEY as discussed on the list. > > These changes were tested with the ssh_server_fork program, which now > can use an ECDSA host key. > > Changes since individual patches: > - Incorporated suggestions from Andreas > - New "-n" = "no default keys" option for ssh_server_fork for easier > testing > - Broke off changes to docs as separate patch > > Alan Dunn (6): > pki_crypto: Always copy ecdsa_nid into duplicated ECDSA keys > pki: Use SHA-2 for session ID signing with ECDSA keys > options: Allow use of host ECDSA key > doc: Add ECDSA keys to docs, make key docs consistent > examples: Add no default keys options to ssh_server_fork > examples: Add ECDSA key option to ssh_server_fork > > examples/ssh_server_fork.c | 63 > ++++++++++++++++++++++++++++++++++++++++---- > include/libssh/server.h | 3 ++- > src/options.c | 59 ++++++++++++++++++++++++----------------- > src/pki.c | 59 ++++++++++++++++++++++++++++++++--------- > src/pki_crypto.c | 4 +-- > 5 files changed, 144 insertions(+), 44 deletions(-) >
