Included here is an update to the pkd tests to reproduce a bug in RFC8332 RSA extension selection, as well as a fix which makes the test pass.
When libssh server is provided "rsa-sha2-256,rsa-sha2-512" by the client for host key algorithms, it will unconditionally reply using the rsa-sha2-512 variant. But, the server should respect the client's preference in this case and use rsa-sha2-256. Also available here: * https://github.com/simonsj/libssh/tree/simonsj/patch/fix-rfc8332-bug-2-4-2019 * https://gitlab.com/simonsj1/libssh-mirror/tree/simonsj/patch/fix-rfc8332-bug-2-4-2019 Jon Simons (2): tests/pkd: repro rsa-sha2-{256,512} negotiation bug kex: honor client preference for rsa-sha2-{256,512} host key algorithms src/kex.c | 24 ++++++++++++++++++++++++ tests/pkd/pkd_client.h | 15 +++++++++------ tests/pkd/pkd_hello.c | 8 ++++++++ 3 files changed, 41 insertions(+), 6 deletions(-) -- 2.19.1.593.gc670b1f
