diff options
Diffstat (limited to 'PROTOCOL')
| -rw-r--r-- | PROTOCOL | 21 |
1 files changed, 20 insertions, 1 deletions
@@ -163,6 +163,25 @@ b) After sending or receiving a SSH2_MSG_NEWKEYS message, reset the duration of the connection (i.e. not just the first SSH2_MSG_NEWKEYS). +1.10 transport: SSH2_MSG_EXT_INFO during user authentication + +This protocol extension allows the SSH2_MSG_EXT_INFO to be sent +during user authentication. RFC8308 does allow a second +SSH2_MSG_EXT_INFO notification, but it may only be sent at the end +of user authentication and this is too late to signal per-user +server signature algorithms. + +Support for receiving the SSH2_MSG_EXT_INFO message during user +authentication is signalled by the client including a +"ext-info-in-auth@openssh.com" key via its initial SSH2_MSG_EXT_INFO +set after the SSH2_MSG_NEWKEYS message. + +A server that supports this extension MAY send a second +SSH2_MSG_EXT_INFO message any time after the client's first +SSH2_MSG_USERAUTH_REQUEST, regardless of whether it succeed or fails. +The client SHOULD be prepared to update the server-sig-algs that +it received during an earlier SSH2_MSG_EXT_INFO with the later one. + 2. Connection protocol changes 2.1. connection: Channel write close extension "eow@openssh.com" @@ -771,4 +790,4 @@ master instance and later clients. OpenSSH extends the usual agent protocol. These changes are documented in the PROTOCOL.agent file. -$OpenBSD: PROTOCOL,v 1.50 2023/12/18 14:45:17 djm Exp $ +$OpenBSD: PROTOCOL,v 1.51 2023/12/18 14:45:49 djm Exp $ |