[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH v2 0/2] kex: fix RFC8332 RSA extension selection bug


Thank you. It looks good now.

Reviewed-by: Jakub Jelen <jjelen@xxxxxxxxxx>

On Wed, 2019-02-06 at 12:39 -0500, Jon Simons wrote:
> Changes since first version: I've fixed the `strcmp` comparison style
> to fit better with existing code, per review from Jakub.
> 
> Included here is an update to the pkd tests to reproduce a bug in
> RFC8332 RSA extension selection, as well as a fix which makes the
> test pass.
> 
> When libssh server is provided "rsa-sha2-256,rsa-sha2-512" by the
> client for host key algorithms, it will unconditionally reply using
> the rsa-sha2-512 variant.  But, the server should respect the
> client's preference in this case and use rsa-sha2-256.
> 
> Jon Simons (2):
>   tests/pkd: repro rsa-sha2-{256,512} negotiation bug
>   kex: honor client preference for rsa-sha2-{256,512} host key
>     algorithms
> 
>  src/kex.c              | 24 ++++++++++++++++++++++++
>  tests/pkd/pkd_client.h | 15 +++++++++------
>  tests/pkd/pkd_hello.c  |  8 ++++++++
>  3 files changed, 41 insertions(+), 6 deletions(-)
> 
-- 
Jakub Jelen
Software Engineer
Security Technologies
Red Hat, Inc.


Follow-Ups:
Re: [PATCH v2 0/2] kex: fix RFC8332 RSA extension selection bugAndreas Schneider <asn@xxxxxxxxxxxxxx>
References:
[PATCH v2 0/2] kex: fix RFC8332 RSA extension selection bugJon Simons <jon@xxxxxxxxxxxxx>
Archive administrator: postmaster@lists.cynapses.org