kex: Only advertise allowed signature types

Previously, if the client supported rsa-sha2-256 or rsa-sha2-512, the server would advertise the extensions as supported without checking its own list of allowed algorithms. Now the server will only advertise allowed signature algorithms. Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
author: Anderson Toshiyuki Sasaki <ansasaki@redhat.com> 2019-06-12 18:00:34 +0200
committer: Andreas Schneider <asn@cryptomilk.org> 2019-06-13 16:28:23 +0200
commit: 53ae2502f44f8fb8a34b620a7c6cbb53d80ed150 (patch)
tree: 0a1330e7722c84d2eed77bbd061f1e19baa176a8 /src/kex.c
parent: 1b7146e28f6816055d5b05861376eda39aa205c4 (diff)
download: libssh-53ae2502f44f8fb8a34b620a7c6cbb53d80ed150.tar.gz
libssh-53ae2502f44f8fb8a34b620a7c6cbb53d80ed150.tar.xz
libssh-53ae2502f44f8fb8a34b620a7c6cbb53d80ed150.zip
1 files changed, 20 insertions, 2 deletions
diff --git a/src/kex.c b/src/kex.c
index af95987b..6ea5e8ba 100644
--- a/src/kex.c
+++ b/src/kex.c
@@ -454,11 +454,29 @@ SSH_PACKET_CALLBACK(ssh_packet_kexinit)
             hostkeys = session->next_crypto->client_kex.methods[SSH_HOSTKEYS];
             ok = ssh_match_group(hostkeys, "rsa-sha2-512");
             if (ok) {
-                session->extensions |= SSH_EXT_SIG_RSA_SHA512;
+                /* Check if rsa-sha2-512 is allowed by config */
+                if (session->opts.wanted_methods[SSH_HOSTKEYS] != NULL) {
+                    char *is_allowed =
+                        ssh_find_matching(session->opts.wanted_methods[SSH_HOSTKEYS],
+                                          "rsa-sha2-512");
+                    if (is_allowed != NULL) {
+                        session->extensions |= SSH_EXT_SIG_RSA_SHA512;
+                    }
+                    SAFE_FREE(is_allowed);
+                }
             }
             ok = ssh_match_group(hostkeys, "rsa-sha2-256");
             if (ok) {
-                session->extensions |= SSH_EXT_SIG_RSA_SHA256;
+                /* Check if rsa-sha2-256 is allowed by config */
+                if (session->opts.wanted_methods[SSH_HOSTKEYS] != NULL) {
+                    char *is_allowed =
+                        ssh_find_matching(session->opts.wanted_methods[SSH_HOSTKEYS],
+                                          "rsa-sha2-256");
+                    if (is_allowed != NULL) {
+                        session->extensions |= SSH_EXT_SIG_RSA_SHA256;
+                    }
+                    SAFE_FREE(is_allowed);
+                }
             }
 
             /*
author	Anderson Toshiyuki Sasaki <ansasaki@redhat.com>	2019-06-12 18:00:34 +0200
committer	Andreas Schneider <asn@cryptomilk.org>	2019-06-13 16:28:23 +0200
commit	53ae2502f44f8fb8a34b620a7c6cbb53d80ed150 (patch)
tree	0a1330e7722c84d2eed77bbd061f1e19baa176a8 /src/kex.c
parent	1b7146e28f6816055d5b05861376eda39aa205c4 (diff)
download	libssh-53ae2502f44f8fb8a34b620a7c6cbb53d80ed150.tar.gz libssh-53ae2502f44f8fb8a34b620a7c6cbb53d80ed150.tar.xz libssh-53ae2502f44f8fb8a34b620a7c6cbb53d80ed150.zip