Send ext-info-c with kex algorithms (#622)

Some SSH servers will not honor the negotiated rsa-sha2-256 algorithms if the client does not indicate support for SSH_MSG_EXT_INFO messages. Since we only need to accept these messages, but are free to ignore their contents, adding support amounts to sending "ext-info-c" with our kex algorithm proposal.
2025-12-08 08:10:55 +03:00 · 2020-07-20 15:54:28 +02:00
parent a5efdf1f0d
commit 64f448d438
4 changed files with 43 additions and 1 deletions
--- a/src/main/java/net/schmizz/sshj/DefaultConfig.java
+++ b/src/main/java/net/schmizz/sshj/DefaultConfig.java
@@ -20,6 +20,7 @@ import com.hierynomus.sshj.key.KeyAlgorithms;
 import com.hierynomus.sshj.transport.cipher.BlockCiphers;
 import com.hierynomus.sshj.transport.cipher.StreamCiphers;
 import com.hierynomus.sshj.transport.kex.DHGroups;
+import com.hierynomus.sshj.transport.kex.ExtInfoClientFactory;
 import com.hierynomus.sshj.transport.kex.ExtendedDHGroups;
 import com.hierynomus.sshj.transport.mac.Macs;
 import com.hierynomus.sshj.userauth.keyprovider.OpenSSHKeyV1KeyFile;
@@ -125,7 +126,8 @@ public class DefaultConfig
                    ExtendedDHGroups.Group16SHA256(),
                    ExtendedDHGroups.Group16SHA384AtSSH(),
                    ExtendedDHGroups.Group16SHA512AtSSH(),
-                    ExtendedDHGroups.Group18SHA512AtSSH());
+                    ExtendedDHGroups.Group18SHA512AtSSH(),
+                    new ExtInfoClientFactory());
        } else {
            setKeyExchangeFactories(DHGroups.Group1SHA1(), new DHGexSHA1.Factory());
        }
--- a/src/main/java/net/schmizz/sshj/common/Message.java
+++ b/src/main/java/net/schmizz/sshj/common/Message.java
@@ -25,6 +25,7 @@ public enum Message {
    DEBUG(4),
    SERVICE_REQUEST(5),
    SERVICE_ACCEPT(6),
+    EXT_INFO(7),
    KEXINIT(20),
    NEWKEYS(21),

--- a/src/main/java/net/schmizz/sshj/transport/TransportImpl.java
+++ b/src/main/java/net/schmizz/sshj/transport/TransportImpl.java
@@ -529,6 +529,9 @@ public final class TransportImpl
                case SERVICE_ACCEPT:
                    gotServiceAccept();
                    break;
+                case EXT_INFO:
+                    log.debug("Received SSH_MSG_EXT_INFO");
+                    break;
                case USERAUTH_BANNER:
                    log.debug("Received USERAUTH_BANNER");
                    break;