diff options
author | Wim <wim@42.be> | 2022-03-19 22:04:13 +0100 |
---|---|---|
committer | Wim <wim@42.be> | 2022-03-20 14:57:48 +0100 |
commit | 2623a412c42a81104b97ae8c81a5f66760fee4b6 (patch) | |
tree | 502c6d4473baac3792d14fda51dbb56179f19424 /vendor/golang.org/x/crypto/ssh/client.go | |
parent | d64eed49bc6f2e8a01f922727795eea158cbc56d (diff) | |
download | matterbridge-msglm-2623a412c42a81104b97ae8c81a5f66760fee4b6.tar.gz matterbridge-msglm-2623a412c42a81104b97ae8c81a5f66760fee4b6.tar.bz2 matterbridge-msglm-2623a412c42a81104b97ae8c81a5f66760fee4b6.zip |
Update vendor (whatsapp)
Diffstat (limited to 'vendor/golang.org/x/crypto/ssh/client.go')
-rw-r--r-- | vendor/golang.org/x/crypto/ssh/client.go | 25 |
1 files changed, 8 insertions, 17 deletions
diff --git a/vendor/golang.org/x/crypto/ssh/client.go b/vendor/golang.org/x/crypto/ssh/client.go index ba8621a8..bdc356cb 100644 --- a/vendor/golang.org/x/crypto/ssh/client.go +++ b/vendor/golang.org/x/crypto/ssh/client.go @@ -113,25 +113,16 @@ func (c *connection) clientHandshake(dialAddress string, config *ClientConfig) e return c.clientAuthenticate(config) } -// verifyHostKeySignature verifies the host key obtained in the key -// exchange. +// verifyHostKeySignature verifies the host key obtained in the key exchange. +// algo is the negotiated algorithm, and may be a certificate type. func verifyHostKeySignature(hostKey PublicKey, algo string, result *kexResult) error { sig, rest, ok := parseSignatureBody(result.Signature) if len(rest) > 0 || !ok { return errors.New("ssh: signature parse error") } - // For keys, underlyingAlgo is exactly algo. For certificates, - // we have to look up the underlying key algorithm that SSH - // uses to evaluate signatures. - underlyingAlgo := algo - for sigAlgo, certAlgo := range certAlgoNames { - if certAlgo == algo { - underlyingAlgo = sigAlgo - } - } - if sig.Format != underlyingAlgo { - return fmt.Errorf("ssh: invalid signature algorithm %q, expected %q", sig.Format, underlyingAlgo) + if a := underlyingAlgo(algo); sig.Format != a { + return fmt.Errorf("ssh: invalid signature algorithm %q, expected %q", sig.Format, a) } return hostKey.Verify(result.H, sig) @@ -237,11 +228,11 @@ type ClientConfig struct { // be used for the connection. If empty, a reasonable default is used. ClientVersion string - // HostKeyAlgorithms lists the key types that the client will - // accept from the server as host key, in order of + // HostKeyAlgorithms lists the public key algorithms that the client will + // accept from the server for host key authentication, in order of // preference. If empty, a reasonable default is used. Any - // string returned from PublicKey.Type method may be used, or - // any of the CertAlgoXxxx and KeyAlgoXxxx constants. + // string returned from a PublicKey.Type method may be used, or + // any of the CertAlgo and KeyAlgo constants. HostKeyAlgorithms []string // Timeout is the maximum amount of time for the TCP connection to establish. |