diff options
author | brian m. carlson <bk2204@github.com> | 2021-11-30 16:35:15 +0000 |
---|---|---|
committer | Jakub Jelen <jjelen@redhat.com> | 2021-12-07 12:27:18 +0100 |
commit | c573adced41dc195b6ec5369b2ec0cdc67581e08 (patch) | |
tree | 853626dab7e3af5cf493f9b0052cc282c785a46d /include/libssh | |
parent | 42d1efe4f9d36a512383e0979ea2fa7a6d9801c7 (diff) | |
download | libssh-c573adced41dc195b6ec5369b2ec0cdc67581e08.tar.gz libssh-c573adced41dc195b6ec5369b2ec0cdc67581e08.tar.xz libssh-c573adced41dc195b6ec5369b2ec0cdc67581e08.zip |
server: reply with PK_OK with correct algorithm
RFC 4252 §7 states that the public key algorithm in a
SSH_MSG_USERAUTH_PK_OK response is the public key algorithm name from
the request. When using RSA with SHA-2, this will be either
"rsa-sha2-256" or "rsa-sha2-512" as specified by RFC 8332 §3.2.
However, currently libssh emits the public key type instead, which is
"ssh-rsa". This is not in conformance with the RFCs, so let's fix this
by storing the signature type and emitting it in our response instead of
the public key when sending SSH_MSG_USERAUTH_PK_OK in the server.
Signed-off-by: brian m. carlson <bk2204@github.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
Diffstat (limited to 'include/libssh')
-rw-r--r-- | include/libssh/messages.h | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/include/libssh/messages.h b/include/libssh/messages.h index 04d041d4..1341d708 100644 --- a/include/libssh/messages.h +++ b/include/libssh/messages.h @@ -28,6 +28,7 @@ struct ssh_auth_request { int method; char *password; struct ssh_key_struct *pubkey; + char *sigtype; enum ssh_publickey_state_e signature_state; char kbdint_response; }; |