From 2a7e3449908571af601a4c2d12ab140096442e47 Mon Sep 17 00:00:00 2001 From: "dtucker@openbsd.org" Date: Fri, 17 Feb 2023 04:22:50 +0000 Subject: upstream: Remove now-unused compat bit SSH_BUG_RSASIGMD5. The code to set this was removed in OpenSSH 7.7 when support for SSH implementations dating back to before RFC standardization were removed. "burn it all" djm@ OpenBSD-Commit-ID: 6330935fbe23dd00be79891505e06d1ffdac7cda --- auth2-hostbased.c | 8 +------- 1 file changed, 1 insertion(+), 7 deletions(-) (limited to 'auth2-hostbased.c') diff --git a/auth2-hostbased.c b/auth2-hostbased.c index 6b517db41..cdfe7fd85 100644 --- a/auth2-hostbased.c +++ b/auth2-hostbased.c @@ -1,4 +1,4 @@ -/* $OpenBSD: auth2-hostbased.c,v 1.50 2022/09/17 10:34:29 djm Exp $ */ +/* $OpenBSD: auth2-hostbased.c,v 1.51 2023/02/17 04:22:50 dtucker Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. * @@ -101,12 +101,6 @@ userauth_hostbased(struct ssh *ssh, const char *method) "(received %d, expected %d)", key->type, pktype); goto done; } - if (sshkey_type_plain(key->type) == KEY_RSA && - (ssh->compat & SSH_BUG_RSASIGMD5) != 0) { - error("Refusing RSA key because peer uses unsafe " - "signature format"); - goto done; - } if (match_pattern_list(pkalg, options.hostbased_accepted_algos, 0) != 1) { logit_f("signature algorithm %s not in " "HostbasedAcceptedAlgorithms", pkalg); -- cgit v1.2.3