packages/libssh2
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
libssh2/backport-Support-rsa-sha2-agent-flags.patch
renmingshuai 5758f88d2c Support rsa-sha2 agent flags
2023-02-16 09:59:01 +08:00

64 lines
2.1 KiB
Diff
Raw Blame History

From 50a1262772fd9cdbdd8f747958e42ef480aecb2b Mon Sep 17 00:00:00 2001
From: Ian Hattendorf <ian@ianhattendorf.com>
Date: Thu, 13 Jan 2022 16:05:53 -0700
Subject: [PATCH] Support rsa-sha2 agent flags (#661)
File: agent.c
Notes: implements rsa-sha2 flags used to tell the agent which signing algo to use.
https://tools.ietf.org/id/draft-miller-ssh-agent-01.html#rfc.section.4.5.1
Credit:
Ian Hattendorf
Conflict:NA
Reference:https://github.com/libssh2/commit/50a1262772fd9cdbdd8f747958e42ef480aecb2b
---
src/agent.c | 18 +++++++++++++++++-
1 file changed, 17 insertions(+), 1 deletion(-)
diff --git a/src/agent.c b/src/agent.c
index a526c77..bce7175 100644
--- a/src/agent.c
+++ b/src/agent.c
@@ -94,6 +94,10 @@
#define SSH_AGENT_CONSTRAIN_LIFETIME 1
#define SSH_AGENT_CONSTRAIN_CONFIRM 2
+/* Signature request methods */
+#define SSH_AGENT_RSA_SHA2_256 2
+#define SSH_AGENT_RSA_SHA2_512 4
+
#ifdef PF_UNIX
static int
agent_connect_unix(LIBSSH2_AGENT *agent)
@@ -375,6 +379,7 @@ agent_sign(LIBSSH2_SESSION *session, unsigned char **sig, size_t *sig_len,
ssize_t method_len;
unsigned char *s;
int rc;
+ uint32_t sign_flags = 0;
/* Create a request to sign the data */
if(transctx->state == agent_NB_state_init) {
@@ -391,7 +396,18 @@ agent_sign(LIBSSH2_SESSION *session, unsigned char **sig, size_t *sig_len,
_libssh2_store_str(&s, (const char *)data, data_len);
/* flags */
- _libssh2_store_u32(&s, 0);
+ if(session->userauth_pblc_method_len > 0 &&
+ session->userauth_pblc_method) {
+ if(session->userauth_pblc_method_len == 12 &&
+ !memcmp(session->userauth_pblc_method, "rsa-sha2-512", 12)) {
+ sign_flags = SSH_AGENT_RSA_SHA2_512;
+ }
+ else if(session->userauth_pblc_method_len == 12 &&
+ !memcmp(session->userauth_pblc_method, "rsa-sha2-256", 12)) {
+ sign_flags = SSH_AGENT_RSA_SHA2_256;
+ }
+ }
+ _libssh2_store_u32(&s, sign_flags);
transctx->request_len = s - transctx->request;
transctx->send_recv_total = 0;
--
2.23.0
Reference in New Issue View Git Blame Copy Permalink