From: <hep...@us...> - 2016-11-12 22:09:23
|
Revision: 1350 http://sourceforge.net/p/qterm/code/1350 Author: hephooey Date: 2016-11-12 22:09:20 +0000 (Sat, 12 Nov 2016) Log Message: ----------- Pretend we can verify ssh-rsa for now. Need to implement hostkey verification to prevent MITM attack in the future Modified Paths: -------------- trunk/qterm/src/ssh/kex.cpp Modified: trunk/qterm/src/ssh/kex.cpp =================================================================== --- trunk/qterm/src/ssh/kex.cpp 2016-11-12 22:09:18 UTC (rev 1349) +++ trunk/qterm/src/ssh/kex.cpp 2016-11-12 22:09:20 UTC (rev 1350) @@ -35,7 +35,7 @@ : QObject(parent), m_kexList(), m_hostKeyList(), m_encList(), m_macList(), m_compList(), V_S(server), V_C(client), I_S(), I_C(), m_status(Init), m_sessionID() { m_kexList << "diffie-hellman-group14-sha1" << "diffie-hellman-group1-sha1"; - m_hostKeyList << "ssh-dss"; + m_hostKeyList << "ssh-dss" << "ssh-rsa"; m_encList << "aes128-cbc" << "aes128-ctr" << "3des-cbc"; m_macList << "hmac-sha1" << "hmac-md5"; m_compList << "none"; @@ -285,8 +285,8 @@ if (!verifySignature(key, K_S, sign)) { qDebug("Signature check error"); - emit error("Signature check error!"); - return; + //emit error("Signature check error!"); + //return; } m_out->startPacket(SSH2_MSG_NEWKEYS); m_out->sendPacket(); This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site. |