diff options
author | Jakub Jelen <jjelen@redhat.com> | 2018-08-07 11:25:27 +0200 |
---|---|---|
committer | Andreas Schneider <asn@cryptomilk.org> | 2018-08-31 14:18:34 +0200 |
commit | 4521ab73b6858efa0083ac96a1775719b1f649ae (patch) | |
tree | fd828e2ee89bb72b051008afc528dc7880beeede /src/options.c | |
parent | 9ca6127b91c785289535b302feccdf23d5bcc6b1 (diff) | |
download | libssh-4521ab73b6858efa0083ac96a1775719b1f649ae.tar.gz libssh-4521ab73b6858efa0083ac96a1775719b1f649ae.tar.xz libssh-4521ab73b6858efa0083ac96a1775719b1f649ae.zip |
options: The new option SSH_OPTIONS_PUBLICKEY_ACCEPTED_TYPES
This option allows to specify acceptable public key algorithms
and reflects the PubkeyAcceptedTypes configuration option from
OpenSSH.
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
Diffstat (limited to 'src/options.c')
-rw-r--r-- | src/options.c | 31 |
1 files changed, 31 insertions, 0 deletions
diff --git a/src/options.c b/src/options.c index 0e428e65..2376b3a6 100644 --- a/src/options.c +++ b/src/options.c @@ -147,6 +147,14 @@ int ssh_options_copy(ssh_session src, ssh_session *dest) { return -1; } } + + if (src->opts.pubkey_accepted_types != NULL) { + new->opts.pubkey_accepted_types = strdup(src->opts.pubkey_accepted_types); + if (new->opts.pubkey_accepted_types == NULL) { + ssh_free(new); + return -1; + } + } new->opts.fd = src->opts.fd; new->opts.port = src->opts.port; new->opts.timeout = src->opts.timeout; @@ -343,6 +351,11 @@ int ssh_options_set_algo(ssh_session session, * comma-separated list). ex: * "ssh-rsa,ssh-dss,ecdh-sha2-nistp256" * + * - SSH_OPTIONS_PUBLICKEY_ACCEPTED_TYPES: + * Set the preferred public key algorithms to be used for + * authentication (const char *, comma-separated list). ex: + * "ssh-rsa,rsa-sha2-256,ssh-dss,ecdh-sha2-nistp256" + * * - SSH_OPTIONS_COMPRESSION_C_S: * Set the compression to use for client to server * communication (const char *, "yes", "no" or a specific @@ -743,6 +756,24 @@ int ssh_options_set(ssh_session session, enum ssh_options_e type, return -1; } break; + case SSH_OPTIONS_PUBLICKEY_ACCEPTED_TYPES: + v = value; + if (v == NULL || v[0] == '\0') { + ssh_set_error_invalid(session); + return -1; + } else { + p = ssh_keep_known_algos(SSH_HOSTKEYS, v); + if (p == NULL) { + ssh_set_error(session, SSH_REQUEST_DENIED, + "Setting method: no known public key algorithm (%s)", + v); + return -1; + } + + SAFE_FREE(session->opts.pubkey_accepted_types); + session->opts.pubkey_accepted_types = p; + } + break; case SSH_OPTIONS_HMAC_C_S: v = value; if (v == NULL || v[0] == '\0') { |