kex: Only advertise allowed signature types
Previously, if the client supported rsa-sha2-256 or rsa-sha2-512, the
server would advertise the extensions as supported without checking its
own list of allowed algorithms. Now the server will only advertise
allowed signature algorithms.
Signed-off-by: Anderson Toshiyuki Sasaki <firstname.lastname@example.org>
Reviewed-by: Andreas Schneider <email@example.com>