- (djm) Merge OpenBSD changes:

   - markus@cvs.openbsd.org  2000/11/06 16:04:56
     [channels.c channels.h clientloop.c nchan.c serverloop.c]
     [session.c ssh.c]
     agent forwarding and -R for ssh2, based on work from
     jhuuskon@messi.uku.fi
   - markus@cvs.openbsd.org  2000/11/06 16:13:27
     [ssh.c sshconnect.c sshd.c]
     do not disabled rhosts(rsa) if server port > 1024; from
     pekkas@netcore.fi
   - markus@cvs.openbsd.org  2000/11/06 16:16:35
     [sshconnect.c]
     downgrade client to 1.3 if server is 1.4; help from mdb@juniper.net
   - markus@cvs.openbsd.org  2000/11/09 18:04:40
     [auth1.c]
     typo; from mouring@pconline.com
   - markus@cvs.openbsd.org  2000/11/12 12:03:28
     [ssh-agent.c]
     off-by-one when removing a key from the agent
   - markus@cvs.openbsd.org  2000/11/12 12:50:39
     [auth-rh-rsa.c auth2.c authfd.c authfd.h]
     [authfile.c hostfile.c kex.c kex.h key.c key.h myproposal.h]
     [readconf.c readconf.h rsa.c rsa.h servconf.c servconf.h ssh-add.c]
     [ssh-agent.c ssh-keygen.1 ssh-keygen.c ssh.1 ssh.c ssh_config]
     [sshconnect1.c sshconnect2.c sshd.8 sshd.c sshd_config ssh-dss.c]
     [ssh-dss.h ssh-rsa.c ssh-rsa.h dsa.c dsa.h]
     add support for RSA to SSH2.  please test.
     there are now 3 types of keys: RSA1 is used by ssh-1 only,
     RSA and DSA are used by SSH2.
     you can use 'ssh-keygen -t rsa -f ssh2_rsa_file' to generate RSA
     keys for SSH2 and use the RSA keys for hostkeys or for user keys.
     SSH2 RSA or DSA keys are added to .ssh/authorised_keys2 as before.
 - (djm) Fix up Makefile and Redhat init script to create RSA host keys
 - (djm) Change to interim version

1 files changed, 10 insertions, 16 deletions

diff --git a/ssh-add.c b/ssh-add.c
index 3adc2509..f49d13fb 100644
--- a/ssh-add.c
+++ b/ssh-add.c
@@ -35,7 +35,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: ssh-add.c,v 1.22 2000/09/07 20:27:54 deraadt Exp $");
+RCSID("$OpenBSD: ssh-add.c,v 1.23 2000/11/12 19:50:38 markus Exp $");
 
 #include <openssl/evp.h>
 #include <openssl/rsa.h>
@@ -60,10 +60,10 @@ delete_file(AuthenticationConnection *ac, const char *filename)
 	Key *public;
 	char *comment;
 
-	public = key_new(KEY_RSA);
+	public = key_new(KEY_RSA1);
 	if (!load_public_key(filename, public, &comment)) {
 		key_free(public);
-		public = key_new(KEY_DSA);
+		public = key_new(KEY_UNSPEC);
 		if (!try_load_public_key(filename, public, &comment)) {
 			printf("Bad key file %s\n", filename);
 			return;
@@ -144,7 +144,7 @@ add_file(AuthenticationConnection *ac, const char *filename)
 	char buf[1024], msg[1024];
 	int success;
 	int interactive = isatty(STDIN_FILENO);
-	int type = KEY_RSA;
+	int type = KEY_RSA1;
 
 	if (stat(filename, &st) < 0) {
 		perror(filename);
@@ -154,10 +154,10 @@ add_file(AuthenticationConnection *ac, const char *filename)
 	 * try to load the public key. right now this only works for RSA,
 	 * since DSA keys are fully encrypted
 	 */
-	public = key_new(KEY_RSA);
+	public = key_new(KEY_RSA1);
 	if (!load_public_key(filename, public, &saved_comment)) {
-		/* ok, so we will asume this is a DSA key */
-		type = KEY_DSA;
+		/* ok, so we will assume this is 'some' key */
+		type = KEY_UNSPEC;
 		saved_comment = xstrdup(filename);
 	}
 	key_free(public);
@@ -223,8 +223,9 @@ list_identities(AuthenticationConnection *ac, int fp)
 		     key = ssh_get_next_identity(ac, &comment, version)) {
 			had_identities = 1;
 			if (fp) {
-				printf("%d %s %s\n",
-				    key_size(key), key_fingerprint(key), comment);
+				printf("%d %s %s (%s)\n",
+				    key_size(key), key_fingerprint(key),
+				    comment, key_type(key));
 			} else {
 				if (!key_write(key, stdout))
 					fprintf(stderr, "key_write failed");
@@ -250,13 +251,6 @@ main(int argc, char **argv)
 
 	init_rng();
 
-	/* check if RSA support exists */
-	if (rsa_alive() == 0) {
-		fprintf(stderr,
-			"%s: no RSA support in libssl and libcrypto.  See ssl(8).\n",
-			__progname);
-		exit(1);
-	}
         SSLeay_add_all_algorithms();
 
 	/* At first, get a connection to the authentication agent. */