HomePhabricator

tests/pkd: repro rsa-sha2-{256,512} negotiation bug

Authored by simonsj on Mon, Feb 4, 11:39 PM.

Description

tests/pkd: repro rsa-sha2-{256,512} negotiation bug

Add four passes to the pkd tests to exercise codepaths where an
OpenSSH client requests these HostKeyAlgorithms combinations:

  • rsa-sha2-256
  • rsa-sha2-512
  • rsa-sha2-256,rsa-sha2-512
  • rsa-sha2-512,rsa-sha2-256

The tests demonstrate that the third combination currently fails:
libssh ends up choosing rsa-sha2-512 instead of rsa-sha2-256,
and the initial exchange fails on the client side citing a signature
failure.

Signed-off-by: Jon Simons <jon@jonsimons.org>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
(cherry picked from commit c2077ab7752c9d1fa149d7b5337d9e4aaeb96188)

Details

Committed
asnThu, Feb 7, 2:22 PM
Parents
rLIBSSHa4948f621278: kex: honor client preference for rsa-sha2-{256,512} host key algorithms
Branches
Unknown
Tags
Unknown
References
stable-0.8