kex: Only advertise allowed signature types
Previously, if the client supported rsa-sha2-256 or rsa-sha2-512, the
server would advertise the extensions as supported without checking its
own list of allowed algorithms. Now the server will only advertise
allowed signature algorithms.
Signed-off-by: Anderson Toshiyuki Sasaki <email@example.com>
Reviewed-by: Andreas Schneider <firstname.lastname@example.org>