From 5c8c379b69907fb1fd5cdf4bb42c249aa8fc3c7b Mon Sep 17 00:00:00 2001 From: John Thacker Date: Sat, 13 Jan 2024 19:05:48 -0500 Subject: extcap: Add ability to enable SHA-1 algorithms libssh 0.10.0 removed SHA-1 based keys and algorithms from its default configuration, though they are still supported. We ship with 0.10.5 in Windows and macOS now, and many Linux distributions are on 0.10.x as well. Add the ability to re-enable SHA-1 RSA keys, MAC, and KEX algorithms with a preference to ciscodump, sshdump, and wifidump. This will be a little easier in 0.11.0, where it's possible to just specify the algorithms you want to add to the default list, instead of having to specify the entire list. Fix #19510. Fix #19594 --- extcap/ssh-base.h | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) (limited to 'extcap/ssh-base.h') diff --git a/extcap/ssh-base.h b/extcap/ssh-base.h index 8283bffcc2..9ac592300c 100644 --- a/extcap/ssh-base.h +++ b/extcap/ssh-base.h @@ -38,7 +38,8 @@ { "remote-count", ws_required_argument, NULL, OPT_REMOTE_COUNT}, \ { "sshkey", ws_required_argument, NULL, OPT_SSHKEY}, \ { "sshkey-passphrase", ws_required_argument, NULL, OPT_SSHKEY_PASSPHRASE}, \ - { "proxycommand", ws_required_argument, NULL, OPT_PROXYCOMMAND} + { "proxycommand", ws_required_argument, NULL, OPT_PROXYCOMMAND}, \ + { "ssh-sha1", ws_no_argument, NULL, OPT_SSH_SHA1} typedef struct _ssh_params { char* host; @@ -48,6 +49,7 @@ typedef struct _ssh_params { char* sshkey_path; char* sshkey_passphrase; char* proxycommand; + bool ssh_sha1; bool debug; } ssh_params_t; -- cgit v1.2.3