diff options
author | djm@openbsd.org <djm@openbsd.org> | 2021-06-06 03:40:39 +0000 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 2021-06-06 13:41:36 +1000 |
commit | 4265215d7300901fd7097061c7517688ade82f8e (patch) | |
tree | 0abf77bd86de563f2d0acd581e84634d749252b0 /compat.h | |
parent | bda270d7fb8522d43c21a79a4b02a052d7c64de8 (diff) |
upstream: Client-side workaround for a bug in OpenSSH 7.4: this release
allows RSA/SHA2 signatures for public key authentication but fails to
advertise this correctly via SSH2_MSG_EXT_INFO. This causes clients of these
server to incorrectly match PubkeyAcceptedAlgorithms and potentially refuse
to offer valid keys.
Reported by and based on patch from Gordon Messmer via bz3213, thanks
also for additional analysis by Jakub Jelen. ok dtucker
OpenBSD-Commit-ID: d6d0b7351d5d44c45f3daaa26efac65847a564f7
Diffstat (limited to 'compat.h')
-rw-r--r-- | compat.h | 4 |
1 files changed, 2 insertions, 2 deletions
@@ -1,4 +1,4 @@ -/* $OpenBSD: compat.h,v 1.56 2021/01/27 09:26:54 djm Exp $ */ +/* $OpenBSD: compat.h,v 1.57 2021/06/06 03:40:39 djm Exp $ */ /* * Copyright (c) 1999, 2000, 2001 Markus Friedl. All rights reserved. @@ -29,7 +29,7 @@ #define SSH_BUG_UTF8TTYMODE 0x00000001 #define SSH_BUG_SIGTYPE 0x00000002 -/* #define unused 0x00000004 */ +#define SSH_BUG_SIGTYPE74 0x00000004 /* #define unused 0x00000008 */ #define SSH_OLD_SESSIONID 0x00000010 /* #define unused 0x00000020 */ |