Mercurial > dropbear

comparison cli-authpubkey.c @ 1681:435cfb9ec96e

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
send and handle SSH_MSG_EXT_INFO only at the correct point - other fixes for rsa pubkey auth - only include ext-info handling when rsa pubkey auth is compiled
author Matt Johnston <matt@ucc.asn.au>
date Sun, 24 May 2020 14:16:58 +0800
parents d5cdc60db08e
children a53e7d2d60be
comparison
equal deleted inserted replaced
1680:5e763ad6e2e0 1681:435cfb9ec96e
198 198
199 /* iterate through privkeys to remove ones not allowed in server-sig-algs */ 199 /* iterate through privkeys to remove ones not allowed in server-sig-algs */
200 while (cli_opts.privkeys->first) { 200 while (cli_opts.privkeys->first) {
201 sign_key * key = (sign_key*)cli_opts.privkeys->first->item; 201 sign_key * key = (sign_key*)cli_opts.privkeys->first->item;
202 if (cli_ses.server_sig_algs) { 202 if (cli_ses.server_sig_algs) {
203 #ifdef DROPBEAR_RSA 203 #if DROPBEAR_RSA
204 if (key->type == DROPBEAR_SIGNKEY_RSA) { 204 if (key->type == DROPBEAR_SIGNKEY_RSA) {
205 #if DROPBEAR_RSA_SHA256 205 #if DROPBEAR_RSA_SHA256
206 if (buf_has_algo(cli_ses.server_sig_algs, SSH_SIGNATURE_RSA_SHA256) 206 if (buf_has_algo(cli_ses.server_sig_algs, SSH_SIGNATURE_RSA_SHA256)
207 == DROPBEAR_SUCCESS) { 207 == DROPBEAR_SUCCESS) {
208 sigtype = DROPBEAR_SIGNATURE_RSA_SHA256; 208 sigtype = DROPBEAR_SIGNATURE_RSA_SHA256;
240 } else { 240 } else {
241 /* Server didn't provide a server-sig-algs list, we'll 241 /* Server didn't provide a server-sig-algs list, we'll
242 assume all except rsa-sha256 are OK. */ 242 assume all except rsa-sha256 are OK. */
243 #if DROPBEAR_RSA 243 #if DROPBEAR_RSA
244 if (key->type == DROPBEAR_SIGNKEY_RSA) { 244 if (key->type == DROPBEAR_SIGNKEY_RSA) {
245 #ifdef DROPBEAR_RSA_SHA1 245 #if DROPBEAR_RSA_SHA1
246 sigtype = DROPBEAR_SIGNATURE_RSA_SHA1; 246 sigtype = DROPBEAR_SIGNATURE_RSA_SHA1;
247 TRACE(("no server-sig-algs, using rsa sha1")) 247 TRACE(("no server-sig-algs, using rsa sha1"))
248 break; 248 break;
249 #else 249 #else
250 /* only support rsa-sha256, skip this key */ 250 /* only support rsa-sha256, skip this key */