beenull/SparkleShare
1
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity

ssh fetcher: No longer allow deprecated and insecure DSA algorithm

Browse source
This commit is contained in:
Hylke Bons 2016-06-09 18:56:07 -07:00 committed by Hylke Bons
parent b45b4c8165
commit 7f5b5e5b5b
2 changed files with 11 additions and 18 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

15
Sparkles/SSHFetcher.cs
View file

@ -89,23 +89,16 @@ namespace Sparkles {
string FetchHostKey ()
{
Logger.LogInfo ("Auth", "Fetching host key for " + RemoteUrl.Host);
string [] key_types = {"rsa", "dsa", "ecdsa"};
Logger.LogInfo ("Auth", string.Format ("Fetching host key for {0}", RemoteUrl.Host));
var ssh_keyscan = new Command ("ssh-keyscan", string.Format ("-t rsa -p 22 {0}", RemoteUrl.Host));
foreach (string key_type in key_types) {
string args = "-t " + key_type + " " + "-p" + " ";
if (RemoteUrl.Port > 0)
ssh_keyscan.StartInfo.Arguments = string.Format ("-t rsa -p {0} {1}", RemoteUrl.Port, RemoteUrl.Host);
if (RemoteUrl.Port < 1)
args += "22 " + RemoteUrl.Host;
else
args += RemoteUrl.Port + " " + RemoteUrl.Host;
var ssh_keyscan = new Command ("ssh-keyscan", args);
string host_key = ssh_keyscan.StartAndReadStandardOutput ();
if (ssh_keyscan.ExitCode == 0 && !string.IsNullOrWhiteSpace (host_key))
return host_key;
}
return null;
}