octoleo/phpseclib
1
0
Fork 0
mirror of https://github.com/phpseclib/phpseclib.git synced 2024-09-22 04:29:01 +00:00
Code Issues Packages Projects Releases Wiki Activity

SSH2: ssh-rsa is sometimes incorrectly used instead of rsa-sha2-256

Browse Source
This commit is contained in:
terrafrost 2019-01-16 21:15:11 -06:00
parent 055d6097af
commit b0d63fbfb5
1 changed files with 7 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
phpseclib/Net/SSH2.php
View File

@ -1813,9 +1813,14 @@ class Net_SSH2
} }
if ($public_key_format != $expected_key_format || $this->signature_format != $server_host_key_algorithm) { if ($public_key_format != $expected_key_format || $this->signature_format != $server_host_key_algorithm) {
switch (true) {
case $this->signature_format == $server_host_key_algorithm:
case $server_host_key_algorithm != 'rsa-sha2-256' && $server_host_key_algorithm != 'rsa-sha2-512':
case $this->signature_format != 'ssh-rsa':
user_error('Server Host Key Algorithm Mismatch'); user_error('Server Host Key Algorithm Mismatch');
return $this->_disconnect(NET_SSH2_DISCONNECT_KEY_EXCHANGE_FAILED); return $this->_disconnect(NET_SSH2_DISCONNECT_KEY_EXCHANGE_FAILED);
} }
}
$packet = pack( $packet = pack(
'C', 'C',