shinys000114/libssh
1
0
Fork 0
mirror of https://git.libssh.org/projects/libssh.git synced 2026-02-06 18:29:50 +09:00
Code Issues Packages Projects Releases Wiki Activity

server: Correctly handle extensions

Browse Source 
If the server had an RSA host key, it provided unconditionally SHA2
signatures without consulting the client proposed list of supported host
keys.

This commit implements more fine-grained detection of the extension
to provide the client with valid signatures according to RFC 8332
Section 3.1.

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
This commit is contained in:
Jakub Jelen
2019-01-07 18:49:58 +01:00
committed by Andreas Schneider
parent ca62632170
commit 27fe60954c
3 changed files with 25 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
include/libssh/session.h
View File

@@ -91,10 +91,11 @@ enum ssh_pending_call_e {
#define SSH_OPT_FLAG_GSSAPI_AUTH 0x8
/* extensions flags */
/* negotiation enabled */
#define SSH_EXT_NEGOTIATION 0x01
/* server-sig-algs extension */
#define SSH_EXT_SIG_RSA_SHA256 0x01
#define SSH_EXT_SIG_RSA_SHA512 0x02
#define SSH_EXT_ALL SSH_EXT_SIG_RSA_SHA256 | SSH_EXT_SIG_RSA_SHA512
#define SSH_EXT_SIG_RSA_SHA256 0x02
#define SSH_EXT_SIG_RSA_SHA512 0x04
/* members that are common to ssh_session and ssh_bind */
struct ssh_common_struct {