diff -ruN openssh-4.6p1+x509-6.0/ssh-keyscan.0 openssh-4.6p1+x509-6.0.1/ssh-keyscan.0 --- openssh-4.6p1+x509-6.0/ssh-keyscan.0 2007-03-10 09:07:00.000000000 +0200 +++ openssh-4.6p1+x509-6.0.1/ssh-keyscan.0 2007-08-29 09:06:00.000000000 +0300 @@ -50,8 +50,8 @@ The possible values are ``rsa1'' for protocol version 1 and ``ssh-rsa'' , ``ssh-dss'' , ``x509v3-sign-rsa'' or ``x509v3-sign-dss'' for protocol version 2. Multiple values may - be specified by separating them with commas. The default is - ``rsa1''. + be specified by separating them with commas. The default are + keys for protocol version 2. -v Verbose mode. Causes ssh-keyscan to print debugging messages about its progress. diff -ruN openssh-4.6p1+x509-6.0/ssh-keyscan.1 openssh-4.6p1+x509-6.0.1/ssh-keyscan.1 --- openssh-4.6p1+x509-6.0/ssh-keyscan.1 2007-03-10 09:07:00.000000000 +0200 +++ openssh-4.6p1+x509-6.0.1/ssh-keyscan.1 2007-08-29 09:06:00.000000000 +0300 @@ -120,8 +120,7 @@ .Dq x509v3-sign-dss for protocol version 2. Multiple values may be specified by separating them with commas. -The default is -.Dq rsa1 . +The default are keys for protocol version 2. .It Fl v Verbose mode. Causes diff -ruN openssh-4.6p1+x509-6.0/ssh-keyscan.c openssh-4.6p1+x509-6.0.1/ssh-keyscan.c --- openssh-4.6p1+x509-6.0/ssh-keyscan.c 2007-03-10 09:07:01.000000000 +0200 +++ openssh-4.6p1+x509-6.0.1/ssh-keyscan.c 2007-08-29 09:06:01.000000000 +0300 @@ -77,7 +77,7 @@ int ssh_port = SSH_DEFAULT_PORT; -char* get_keynames = "rsa1"; /* Get only RSA1 keys by default */ +char* get_keynames = NULL; int hash_hosts = 0; /* Hash hostname on output */ @@ -307,7 +307,7 @@ * null token for two adjacent separators, so we may have to loop. */ static char * -strnnsep(char **stringp, char *delim) +strnnsep(char **stringp, const char *delim) { char *tok; @@ -490,7 +490,11 @@ fdcon[s].c_data = (char *) &fdcon[s].c_plen; fdcon[s].c_len = 4; fdcon[s].c_off = 0; - fdcon[s].c_keyname = keyname; +{ + Key *k = key_new(key_type_from_name((char*)keyname)); + fdcon[s].c_keyname = key_ssh_name(k); + key_free(k); +} gettimeofday(&fdcon[s].c_tv, NULL); fdcon[s].c_tv.tv_sec += timeout; TAILQ_INSERT_TAIL(&tq, &fdcon[s], c_link); @@ -774,6 +778,7 @@ usage(); fill_default_xkalg(); + get_keynames = xstrdup("x509v3-sign-dss,x509v3-sign-rsa,ssh-rsa,ssh-dss"); /* Get all protocol v2 keys by default */ while ((opt = getopt(argc, argv, "Hv46p:T:t:f:")) != -1) { switch (opt) { case 'H': diff -ruN openssh-4.6p1+x509-6.0/tests/CA/5-cre_ldap.sh openssh-4.6p1+x509-6.0.1/tests/CA/5-cre_ldap.sh --- openssh-4.6p1+x509-6.0/tests/CA/5-cre_ldap.sh 2007-02-11 20:52:47.000000000 +0200 +++ openssh-4.6p1+x509-6.0.1/tests/CA/5-cre_ldap.sh 2007-08-28 01:08:11.000000000 +0300 @@ -1,5 +1,5 @@ #! /bin/sh -# Copyright (c) 2004-2005 Roumen Petrov, Sofia, Bulgaria +# Copyright (c) 2004-2007 Roumen Petrov, Sofia, Bulgaria # All rights reserved. # # Redistribution and use of this script, with or without modification, is @@ -103,13 +103,15 @@ allow bind_v2 #disallow bind_simple ;-) -#dbms -database $SSH_LDAP_DB -suffix "$SSH_LDAP_DC" -rootdn "cn=Manager,$SSH_LDAP_DC" -rootpw secret - -index objectClass eq +# dbms backend settings should be same file ! +# this is required for openldap version 2.3.32(but not for <= 2.3.20,2.2.x,2.1.x) +##dbms +#database $SSH_LDAP_DB +#suffix "$SSH_LDAP_DC" +#rootdn "cn=Manager,$SSH_LDAP_DC" +#rootpw secret +# +#index objectClass eq EOF ) > ldap/slapd.conf.tmpl diff -ruN openssh-4.6p1+x509-6.0/tests/CA/test-by_ldap.sh.inc openssh-4.6p1+x509-6.0.1/tests/CA/test-by_ldap.sh.inc --- openssh-4.6p1+x509-6.0/tests/CA/test-by_ldap.sh.inc 2007-02-12 00:27:13.000000000 +0200 +++ openssh-4.6p1+x509-6.0.1/tests/CA/test-by_ldap.sh.inc 2007-08-28 01:08:05.000000000 +0300 @@ -1,5 +1,5 @@ # -# Copyright (c) 2004-2005 Roumen Petrov, Sofia, Bulgaria +# Copyright (c) 2004-2007 Roumen Petrov, Sofia, Bulgaria # All rights reserved. # # Redistribution and use of this script, with or without modification, is @@ -69,7 +69,15 @@ cat <