dropbear: make rsa-sha2-256 pubkeys usable again
authorPetr Štetiar <ynezz@true.cz>
Wed, 1 Jul 2020 10:29:44 +0000 (12:29 +0200)
committerPetr Štetiar <ynezz@true.cz>
Tue, 7 Jul 2020 17:47:24 +0000 (19:47 +0200)
commit4e57fd5adaf0c937da1e947f32dfa9ae513637a5
treee0b99d171a1f372b4c65d0f15d0986d0210859e7
parent7cb721c03fdc163818f8114692229d0097d2f26b
dropbear: make rsa-sha2-256 pubkeys usable again

Upstream in commit 972d723484d8 ("split signkey_type and signature_type
for RSA sha1 vs sha256") has added strict checking of pubkey algorithms
which made keys with SHA-256 hashing algorithm unusable as they still
reuse the `ssh-rsa` public key format. So fix this by disabling the
check for `rsa-sha2-256` pubkeys.

Ref: https://tools.ietf.org/html/rfc8332#section-3
Fixes: d4c80f5b172e ("dropbear: bump to 2020.80")
Tested-by: Russell Senior <russell@personaltelco.net>
Signed-off-by: Petr Štetiar <ynezz@true.cz>
package/network/services/dropbear/patches/910-signkey-fix-use-of-rsa-sha2-256-pubkeys.patch [new file with mode: 0644]