diff options
| author | Jakub Jelen <jjelen@redhat.com> | 2019-10-31 13:03:21 +0100 |
|---|---|---|
| committer | Andreas Schneider <asn@cryptomilk.org> | 2019-11-07 15:55:32 +0100 |
| commit | 1ebf506913495a736322fc5a97ba336adff6e464 (patch) | |
| tree | c5df3a393c157286e41c43219b7f7e8c08d9a37c /include/libssh/session.h | |
| parent | fbc2912ddeb22dfc901508467a23d6e9d41cd6a2 (diff) | |
| download | libssh-1ebf506913495a736322fc5a97ba336adff6e464.tar.gz libssh-1ebf506913495a736322fc5a97ba336adff6e464.tar.xz libssh-1ebf506913495a736322fc5a97ba336adff6e464.zip | |
server: Use really the negotiated signature type
Generally, when the extension negotiation is enabled and client supports
SHA2 algorithms for RSA, they are supposed to be prioritized against the
old SHA1. If it is not (ssh-rsa is listed in front of rsa-sha2-* hostkey
algorithms during negotiation), the server wrongly tries to provide the
new typo of signature, ignoring the negotiated algirithm
This commit propagates the digest algorithm from negotiation to the actual
signature functions, which were previously responsible for decision
about the hash algorithm based just on the negotiated extensions.
Fixes T191
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
Diffstat (limited to 'include/libssh/session.h')
| -rw-r--r-- | include/libssh/session.h | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/include/libssh/session.h b/include/libssh/session.h index dfcb0cd6..6558da46 100644 --- a/include/libssh/session.h +++ b/include/libssh/session.h @@ -188,6 +188,7 @@ struct ssh_session_struct { ssh_key ed25519_key; /* The type of host key wanted by client */ enum ssh_keytypes_e hostkey; + enum ssh_digest_e hostkey_digest; } srv; /* auths accepted by server */ |