CVSROOT: /cvs
Module name: src
Changes by: [email protected] 2026/04/02 01:48:13
Modified files:
usr.bin/ssh : auth2-hostbased.c auth2-pubkey.c
auth2-pubkeyfile.c sshconnect2.c
Log message:
correctly match ECDSA signature algorithms against algorithm
allowlists: HostKeyAlgorithms, PubkeyAcceptedAlgorithms and
HostbasedAcceptedAlgorithms.
Previously, if any ECDSA type (say "ecdsa-sha2-nistp521") was
present in one of these lists, then all ECDSA algorithms would
be permitted.
Reported by Christos Papakonstantinou of Cantina and Spearbit.
