CVSROOT: /cvs Module name: src Changes by: [email protected] 2022/01/06 14:55:23
Modified files:
usr.bin/ssh : kex.c kex.h serverloop.c
Log message:
Fix signature algorithm selection logic for UpdateHostkeys on the
server side. The previous code tried to prefer RSA/SHA2 for hostkey
proofs of RSA keys, but missed some cases. This will use RSA/SHA2
signatures for RSA keys if the client proposed these algorithms in
initial KEX. bz3375
Mostly by Dmitry Belyavskiy with some tweaks by me.
ok markus@
