Mercurial > dropbear
comparison cli-authpubkey.c @ 1681:435cfb9ec96e
send and handle SSH_MSG_EXT_INFO only at the correct point
- other fixes for rsa pubkey auth
- only include ext-info handling when rsa pubkey auth is compiled
author | Matt Johnston <matt@ucc.asn.au> |
---|---|
date | Sun, 24 May 2020 14:16:58 +0800 |
parents | d5cdc60db08e |
children | a53e7d2d60be |
comparison
equal
deleted
inserted
replaced
1680:5e763ad6e2e0 | 1681:435cfb9ec96e |
---|---|
198 | 198 |
199 /* iterate through privkeys to remove ones not allowed in server-sig-algs */ | 199 /* iterate through privkeys to remove ones not allowed in server-sig-algs */ |
200 while (cli_opts.privkeys->first) { | 200 while (cli_opts.privkeys->first) { |
201 sign_key * key = (sign_key*)cli_opts.privkeys->first->item; | 201 sign_key * key = (sign_key*)cli_opts.privkeys->first->item; |
202 if (cli_ses.server_sig_algs) { | 202 if (cli_ses.server_sig_algs) { |
203 #ifdef DROPBEAR_RSA | 203 #if DROPBEAR_RSA |
204 if (key->type == DROPBEAR_SIGNKEY_RSA) { | 204 if (key->type == DROPBEAR_SIGNKEY_RSA) { |
205 #if DROPBEAR_RSA_SHA256 | 205 #if DROPBEAR_RSA_SHA256 |
206 if (buf_has_algo(cli_ses.server_sig_algs, SSH_SIGNATURE_RSA_SHA256) | 206 if (buf_has_algo(cli_ses.server_sig_algs, SSH_SIGNATURE_RSA_SHA256) |
207 == DROPBEAR_SUCCESS) { | 207 == DROPBEAR_SUCCESS) { |
208 sigtype = DROPBEAR_SIGNATURE_RSA_SHA256; | 208 sigtype = DROPBEAR_SIGNATURE_RSA_SHA256; |
240 } else { | 240 } else { |
241 /* Server didn't provide a server-sig-algs list, we'll | 241 /* Server didn't provide a server-sig-algs list, we'll |
242 assume all except rsa-sha256 are OK. */ | 242 assume all except rsa-sha256 are OK. */ |
243 #if DROPBEAR_RSA | 243 #if DROPBEAR_RSA |
244 if (key->type == DROPBEAR_SIGNKEY_RSA) { | 244 if (key->type == DROPBEAR_SIGNKEY_RSA) { |
245 #ifdef DROPBEAR_RSA_SHA1 | 245 #if DROPBEAR_RSA_SHA1 |
246 sigtype = DROPBEAR_SIGNATURE_RSA_SHA1; | 246 sigtype = DROPBEAR_SIGNATURE_RSA_SHA1; |
247 TRACE(("no server-sig-algs, using rsa sha1")) | 247 TRACE(("no server-sig-algs, using rsa sha1")) |
248 break; | 248 break; |
249 #else | 249 #else |
250 /* only support rsa-sha256, skip this key */ | 250 /* only support rsa-sha256, skip this key */ |