From 5d1300665061736c3ebfb4728ee1a96a2a345f3f Mon Sep 17 00:00:00 2001 From: Jakub Jelen Date: Tue, 3 Jul 2018 16:54:35 +0200 Subject: [PATCH] server: We should list SHA2 variants in offered hostkeys The SHA2 variants should be preferred. Also the buffer needs to be extended to fit all possible public key algorithms. Signed-off-by: Jakub Jelen Reviewed-by: Andreas Schneider --- src/server.c | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/src/server.c b/src/server.c index dfabbe83..ff85d3a7 100644 --- a/src/server.c +++ b/src/server.c @@ -86,7 +86,7 @@ static int server_set_kex(ssh_session session) { struct ssh_kex_struct *server = &session->next_crypto->server_kex; int i, j, rc; const char *wanted; - char hostkeys[64] = {0}; + char hostkeys[128] = {0}; enum ssh_keytypes_e keytype; size_t len; int ok; @@ -122,6 +122,11 @@ static int server_set_kex(ssh_session session) { } #endif if (session->srv.rsa_key != NULL) { + /* We support also the SHA2 variants */ + len = strlen(hostkeys); + snprintf(hostkeys + len, sizeof(hostkeys) - len, + ",rsa-sha2-512,rsa-sha2-256"); + len = strlen(hostkeys); keytype = ssh_key_type(session->srv.rsa_key);