pki: Allow filtering accepted public key types based on the configuration

This effectively allows to disable using the SHA2 extension, disable other old public key mechanisms out of the box (hello DSA) or force the new SHA2-based key algorithm types if needed. This exposes the default_methods array from kex.c. Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
author: Jakub Jelen <jjelen@redhat.com> 2018-08-07 11:32:36 +0200
committer: Andreas Schneider <asn@cryptomilk.org> 2018-08-31 14:18:34 +0200
commit: 4169be45eb5262a1a4aba775740b65206906e772 (patch)
tree: 23c034a55346dab310639d4d04b0e05d894a9ae3 /include/libssh/pki.h
parent: 5d53f519bceddda24f72da10dbd6576398fef05a (diff)
download: libssh-4169be45eb5262a1a4aba775740b65206906e772.tar.gz
libssh-4169be45eb5262a1a4aba775740b65206906e772.tar.xz
libssh-4169be45eb5262a1a4aba775740b65206906e772.zip
1 files changed, 1 insertions, 0 deletions
diff --git a/include/libssh/pki.h b/include/libssh/pki.h
index 0a3823f3..621378ad 100644
--- a/include/libssh/pki.h
+++ b/include/libssh/pki.h
@@ -138,4 +138,5 @@ ssh_string ssh_srv_pki_do_sign_sessionid(ssh_session session,
 ssh_public_key ssh_pki_convert_key_to_publickey(const ssh_key key);
 ssh_private_key ssh_pki_convert_key_to_privatekey(const ssh_key key);
 
+int ssh_key_algorithm_allowed(ssh_session session, const char *type);
 #endif /* PKI_H_ */
author	Jakub Jelen <jjelen@redhat.com>	2018-08-07 11:32:36 +0200
committer	Andreas Schneider <asn@cryptomilk.org>	2018-08-31 14:18:34 +0200
commit	4169be45eb5262a1a4aba775740b65206906e772 (patch)
tree	23c034a55346dab310639d4d04b0e05d894a9ae3 /include/libssh/pki.h
parent	5d53f519bceddda24f72da10dbd6576398fef05a (diff)
download	libssh-4169be45eb5262a1a4aba775740b65206906e772.tar.gz libssh-4169be45eb5262a1a4aba775740b65206906e772.tar.xz libssh-4169be45eb5262a1a4aba775740b65206906e772.zip