RSA SHA2 256/512 key upgrade support RFC 8332 #536 (#626) #1888
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Notes: * Host Key RSA 256/512 support nodegit#536 * Client side key hash upgrading for RFC 8332 * Support for server-sig-algs, ext-info-c server messages * Customizing preferred server-sig-algs via the preference LIBSSH2_METHOD_SIGN_ALGO Credit: Anders Borum, Will Cosgrove
…odegit#656 ) Notes: Fixed supported algo prefs list check when upgrading rsa keys Credit: Michael Buckley
The new libssh2_userauth_banner API allows to get an optional userauth banner sent with SSH_MSG_USERAUTH_BANNER packet by the server. Closes issue 610
File: agent.c Notes: implements rsa-sha2 flags used to tell the agent which signing algo to use. https://tools.ietf.org/id/draft-miller-ssh-agent-01.html#rfc.section.4.5.1 Credit: Ian Hattendorf
Files: libssh2.h, agent.c, userauth.c Notes: Part 2 of the fix for issue 659. This adds rsa key downgrading for agents that don't support sha2 upgrading. It also adds better trace output for debugging/logging around key upgrading. Credit: Will Cosgrove (signed off by Michael Buckley)
julianmesa-gitkraken
force-pushed
the
fix-rsa-sha1-update-libssh2
branch
2 times, most recently
from
0022e22 to
e1a95fc
Compare
julianmesa-gitkraken
force-pushed
the
fix-rsa-sha1-update-libssh2
branch
from
e1a95fc to
3196a64
Compare
Only for windows
Free `server_sign_algorithms` and `sign_algo_prefs`.
files: packet.c, libssh2_priv.h notes: * Fix heap buffer overflow in _libssh2_key_sign_algorithm When allocating `session->server_sign_algorithms` which is a `char*` is is important to also allocate space for the string-terminating null byte at the end and make sure the string is actually null terminated. Without this fix, the `strchr()` call inside the `_libssh2_key_sign_algorithm` (line 1219) function will try to parse the string and go out of buffer on the last invocation. Credit: tihmstar Co-authored-by: Will Cosgrove <will@panic.com>
julianmesa-gitkraken
force-pushed
the
fix-rsa-sha1-update-libssh2
branch
from
e144f50 to
089f1e4
Compare
ianhattendorf
approved these changes
Feb 8, 2022
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Notes:
Credit: Anders Borum, Will Cosgrove
This PR will fix the error when trying to use ssh protocol in github due this changes:
Improving Git protocol security on GitHub
Original commit: RSA SHA2 256/512 key upgrade support RFC 8332 #536 (#626)
Also more commits from libssh2 has been added: