From 098cb50c275b182ba8027517f7c28f76d229e427 Mon Sep 17 00:00:00 2001
From: djm <djm@openbsd.org>
Date: Wed, 12 Sep 2018 01:30:10 +0000
Subject: [PATCH] Add "ssh -Q sig" to allow listing supported signature
 algorithms ok markus@

---
 usr.bin/ssh/ssh.1 | 14 ++++++++++----
 usr.bin/ssh/ssh.c | 11 +++++++++--
 2 files changed, 19 insertions(+), 6 deletions(-)

diff --git a/usr.bin/ssh/ssh.1 b/usr.bin/ssh/ssh.1
index 7c71ffcc2c2..191f35ad472 100644
--- a/usr.bin/ssh/ssh.1
+++ b/usr.bin/ssh/ssh.1
@@ -33,8 +33,8 @@
 .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.\" $OpenBSD: ssh.1,v 1.397 2018/09/07 01:42:54 djm Exp $
-.Dd $Mdocdate: September 7 2018 $
+.\" $OpenBSD: ssh.1,v 1.398 2018/09/12 01:30:10 djm Exp $
+.Dd $Mdocdate: September 12 2018 $
 .Dt SSH 1
 .Os
 .Sh NAME
@@ -559,6 +559,10 @@ The available features are:
 (supported symmetric ciphers),
 .Ar cipher-auth
 (supported symmetric ciphers that support authenticated encryption),
+.Ar help
+(supported query terms for use with the
+.Fl Q
+flag),
 .Ar mac
 (supported message integrity codes),
 .Ar kex
@@ -568,9 +572,11 @@ The available features are:
 .Ar key-cert
 (certificate key types),
 .Ar key-plain
-(non-certificate key types), and
+(non-certificate key types),
 .Ar protocol-version
-(supported SSH protocol versions).
+(supported SSH protocol versions), and
+.Ar sig
+(supported signature algorithms).
 .Pp
 .It Fl q
 Quiet mode.
diff --git a/usr.bin/ssh/ssh.c b/usr.bin/ssh/ssh.c
index 2f0bf28b7e0..371be2e9fc4 100644
--- a/usr.bin/ssh/ssh.c
+++ b/usr.bin/ssh/ssh.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh.c,v 1.490 2018/07/27 05:34:42 dtucker Exp $ */
+/* $OpenBSD: ssh.c,v 1.491 2018/09/12 01:30:10 djm Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -715,8 +715,15 @@ main(int ac, char **av)
 				cp = sshkey_alg_list(1, 0, 0, '\n');
 			else if (strcmp(optarg, "key-plain") == 0)
 				cp = sshkey_alg_list(0, 1, 0, '\n');
-			else if (strcmp(optarg, "protocol-version") == 0) {
+			else if (strcmp(optarg, "sig") == 0)
+				cp = sshkey_alg_list(0, 0, 1, '\n');
+			else if (strcmp(optarg, "protocol-version") == 0)
 				cp = xstrdup("2");
+			else if (strcmp(optarg, "help") == 0) {
+				cp = xstrdup(
+				    "cipher\ncipher-auth\nkex\nkey\n"
+				    "key-cert\nkey-plain\nmac\n"
+				    "protocol-version\nsig");
 			}
 			if (cp == NULL)
 				fatal("Unsupported query \"%s\"", optarg);
-- 
2.20.1