libssh

Jakub Jelen 1ebf506913 server: Use really the negotiated signature type Generally, when the extension negotiation is enabled and client supports SHA2 algorithms for RSA, they are supposed to be prioritized against the old SHA1. If it is not (ssh-rsa is listed in front of rsa-sha2-* hostkey algorithms during negotiation), the server wrongly tries to provide the new typo of signature, ignoring the negotiated algirithm This commit propagates the digest algorithm from negotiation to the actual signature functions, which were previously responsible for decision about the hash algorithm based just on the negotiated extensions. Fixes T191 Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>	2019-11-07 15:55:32 +01:00
..
libssh	server: Use really the negotiated signature type	2019-11-07 15:55:32 +01:00
CMakeLists.txt	cmake: Do not use CMAKE_(SOURCE\|BINARY)_DIR	2015-06-24 18:17:05 +02:00

Jakub Jelen 1ebf506913 server: Use really the negotiated signature type

Generally, when the extension negotiation is enabled and client supports
SHA2 algorithms for RSA, they are supposed to be prioritized against the
old SHA1. If it is not (ssh-rsa is listed in front of rsa-sha2-* hostkey
algorithms during negotiation), the server wrongly tries to provide the
new typo of signature, ignoring the negotiated algirithm

This commit propagates the digest algorithm from negotiation to the actual
signature functions, which were previously responsible for decision
about the hash algorithm based just on the negotiated extensions.

Fixes T191

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>

2019-11-07 15:55:32 +01:00

libssh

server: Use really the negotiated signature type

2019-11-07 15:55:32 +01:00

CMakeLists.txt

cmake: Do not use CMAKE_(SOURCE|BINARY)_DIR

2015-06-24 18:17:05 +02:00