agent: Make digest algorithms for ssh fingerprints configurable.
authorJustus Winter <justus@g10code.com>
Wed, 24 May 2017 15:48:42 +0000 (17:48 +0200)
committerJustus Winter <justus@g10code.com>
Wed, 24 May 2017 16:09:07 +0000 (18:09 +0200)
commit525f2c482abb6bc2002eb878b03558fb43e6b004
treedca357392ca690afe00cf387bd6fce011a74b023
parenta5f046d99a084b6a95268f03c1b588e8b78083cb
agent: Make digest algorithms for ssh fingerprints configurable.

* agent/agent.h (opt): New field 'ssh_fingerprint_digest'.
* agent/command-ssh.c (data_sign, ssh_identity_register): Honor the
option for strings used to communicate with the user.
* agent/findkey.c (agent_modify_description): Likewise.
* agent/gpg-agent.c (cmd_and_opt_values): New value.
(opts): New option '--ssh-fingerprint-digest'.
(parse_rereadable_options): Set the default to MD5 for now.
(main): Handle the new option.
* doc/gpg-agent.texi: Document the new option.
--

OpenSSH has transitioned from using MD5 to compute key fingerprints to
SHA256.  This patch makes the digest used when communicating key
fingerprints to the user (e.g. in pinentry dialogs) configurable.
For now this patch conservatively defaults to MD5.

GnuPG-bug-id: 2106
Signed-off-by: Justus Winter <justus@g10code.com>
agent/agent.h
agent/command-ssh.c
agent/findkey.c
agent/gpg-agent.c
doc/gpg-agent.texi