[QTerm-cvs] SF.net SVN: qterm:[1350] trunk/qterm/src/ssh/kex.cpp

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

Revision: 1350
          http://sourceforge.net/p/qterm/code/1350
Author:   hephooey
Date:     2016-11-12 22:09:20 +0000 (Sat, 12 Nov 2016)
Log Message:
-----------
Pretend we can verify ssh-rsa for now.

Need to implement hostkey verification to prevent MITM attack in the
future

Modified Paths:
--------------
    trunk/qterm/src/ssh/kex.cpp

Modified: trunk/qterm/src/ssh/kex.cpp
===================================================================

--- trunk/qterm/src/ssh/kex.cpp	2016-11-12 22:09:18 UTC (rev 1349)
+++ trunk/qterm/src/ssh/kex.cpp	2016-11-12 22:09:20 UTC (rev 1350)
@@ -35,7 +35,7 @@
         : QObject(parent), m_kexList(), m_hostKeyList(), m_encList(), m_macList(), m_compList(), V_S(server), V_C(client), I_S(), I_C(), m_status(Init), m_sessionID()
 {
     m_kexList << "diffie-hellman-group14-sha1" << "diffie-hellman-group1-sha1";
-    m_hostKeyList << "ssh-dss";
+    m_hostKeyList << "ssh-dss" << "ssh-rsa";
     m_encList << "aes128-cbc" << "aes128-ctr" << "3des-cbc";
     m_macList << "hmac-sha1" << "hmac-md5";
     m_compList << "none";
@@ -285,8 +285,8 @@
 
     if (!verifySignature(key, K_S, sign)) {
         qDebug("Signature check error");
-        emit error("Signature check error!");
-        return;
+        //emit error("Signature check error!");
+        //return;
     }
     m_out->startPacket(SSH2_MSG_NEWKEYS);
     m_out->sendPacket();

This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.



