libssh

brian m. carlson c573adced4 server: reply with PK_OK with correct algorithm RFC 4252 §7 states that the public key algorithm in a SSH_MSG_USERAUTH_PK_OK response is the public key algorithm name from the request. When using RSA with SHA-2, this will be either "rsa-sha2-256" or "rsa-sha2-512" as specified by RFC 8332 §3.2. However, currently libssh emits the public key type instead, which is "ssh-rsa". This is not in conformance with the RFCs, so let's fix this by storing the signature type and emitting it in our response instead of the public key when sending SSH_MSG_USERAUTH_PK_OK in the server. Signed-off-by: brian m. carlson <bk2204@github.com> Reviewed-by: Jakub Jelen <jjelen@redhat.com>	2021-12-07 12:27:18 +01:00
..
libssh	server: reply with PK_OK with correct algorithm	2021-12-07 12:27:18 +01:00
CMakeLists.txt	cmake: Do not use CMAKE_(SOURCE\|BINARY)_DIR	2015-06-24 18:17:05 +02:00

brian m. carlson c573adced4 server: reply with PK_OK with correct algorithm

RFC 4252 §7 states that the public key algorithm in a
SSH_MSG_USERAUTH_PK_OK response is the public key algorithm name from
the request.  When using RSA with SHA-2, this will be either
"rsa-sha2-256" or "rsa-sha2-512" as specified by RFC 8332 §3.2.

However, currently libssh emits the public key type instead, which is
"ssh-rsa".  This is not in conformance with the RFCs, so let's fix this
by storing the signature type and emitting it in our response instead of
the public key when sending SSH_MSG_USERAUTH_PK_OK in the server.

Signed-off-by: brian m. carlson <bk2204@github.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>

2021-12-07 12:27:18 +01:00

libssh

server: reply with PK_OK with correct algorithm

2021-12-07 12:27:18 +01:00

CMakeLists.txt

cmake: Do not use CMAKE_(SOURCE|BINARY)_DIR

2015-06-24 18:17:05 +02:00