source.dussan.org Git - jgit.git/commit

author	Thomas Wolf <thomas.wolf@paranor.ch>
	Thu, 23 Jun 2022 10:14:37 +0000 (12:14 +0200)
committer	Thomas Wolf <thomas.wolf@paranor.ch>
	Thu, 23 Jun 2022 10:14:37 +0000 (12:14 +0200)
commit	db4f7dffb78113a6ba7bea35f7a27b6260e31646
tree	bd23122b723974a53b7cf28f0cc557ff61db1052	tree \| snapshot
parent	0c32889ebcc61845765514fee56d6641bd91b542	commit \| diff

[sshd] Correct signature for RSA keys from an SSH agent

Ensure that there is always a list of signature factories in public key
authentication. For keys loaded directly, Apache MINA sshd will use the
(always set) list from the SSH session by default, but for keys from an
SSH agent it won't and instead consider the list set locally on the
UserAuthPublicKey instance. Only that one is null by default, and then
Apache MINA sshd just uses the key type as signature type. Which for
RSA keys from an agent is the "ssh-rsa" signature, i.e., the deprecated
SHA1 signature.

Fix this by explicitly propagating the list from the session to the
UserAuthPublicKey instance if not set already.

Upstream issue is SSHD-1272.[1]

[1] https://issues.apache.org/jira/browse/SSHD-1272

Bug: 580073
Change-Id: Id7a783f19d06c9e7c8494b1fbf7465d392ffc366
Signed-off-by: Thomas Wolf <thomas.wolf@paranor.ch>