aboutsummaryrefslogtreecommitdiff
path: root/include/libssh
diff options
context:
space:
mode:
authorbrian m. carlson <bk2204@github.com>2021-11-30 16:35:15 +0000
committerJakub Jelen <jjelen@redhat.com>2021-12-07 12:27:18 +0100
commitc573adced41dc195b6ec5369b2ec0cdc67581e08 (patch)
tree853626dab7e3af5cf493f9b0052cc282c785a46d /include/libssh
parent42d1efe4f9d36a512383e0979ea2fa7a6d9801c7 (diff)
downloadlibssh-c573adced41dc195b6ec5369b2ec0cdc67581e08.tar.gz
libssh-c573adced41dc195b6ec5369b2ec0cdc67581e08.tar.xz
libssh-c573adced41dc195b6ec5369b2ec0cdc67581e08.zip
server: reply with PK_OK with correct algorithm
RFC 4252 §7 states that the public key algorithm in a SSH_MSG_USERAUTH_PK_OK response is the public key algorithm name from the request. When using RSA with SHA-2, this will be either "rsa-sha2-256" or "rsa-sha2-512" as specified by RFC 8332 §3.2. However, currently libssh emits the public key type instead, which is "ssh-rsa". This is not in conformance with the RFCs, so let's fix this by storing the signature type and emitting it in our response instead of the public key when sending SSH_MSG_USERAUTH_PK_OK in the server. Signed-off-by: brian m. carlson <bk2204@github.com> Reviewed-by: Jakub Jelen <jjelen@redhat.com>
Diffstat (limited to 'include/libssh')
-rw-r--r--include/libssh/messages.h1
1 files changed, 1 insertions, 0 deletions
diff --git a/include/libssh/messages.h b/include/libssh/messages.h
index 04d041d4..1341d708 100644
--- a/include/libssh/messages.h
+++ b/include/libssh/messages.h
@@ -28,6 +28,7 @@ struct ssh_auth_request {
int method;
char *password;
struct ssh_key_struct *pubkey;
+ char *sigtype;
enum ssh_publickey_state_e signature_state;
char kbdint_response;
};