diff options
| author | Stan Hu <stanhu@gmail.com> | 2022-06-14 16:20:38 -0700 |
|---|---|---|
| committer | Stan Hu <stanhu@gmail.com> | 2022-06-15 23:51:37 -0700 |
| commit | 72d615beaa87a8e07e65499246b55221586ddc35 (patch) | |
| tree | affa74879eca6d592c927815dfc698618928426f /go.sum | |
| parent | ba1d0e657b958c4bb0720aec9799097e88b0aecc (diff) | |
| download | gitlab-shell-72d615beaa87a8e07e65499246b55221586ddc35.tar.gz | |
gitlab-sshd: Update crypto module to fix RSA keys with old gpg-agent
When we put gitlab-sshd in production, we noticed a number of clients
using RSA keys would fail to login. The server would report:
```
ssh: signature "ssh-rsa" not compatible with selected algorithm "rsa-sha2-512"
```
This is reproducible on Ubuntu 18.04, which ships gpg-agent v2.2.4 and
OpenSSH v7.6. That version of gpg-agent does not support
`rsa-sha2-256` or `rsa-sha2-512`, but OpenSSH does. As a result,
OpenSSH specifies `rsa-sha-512` as the public key algorithm to use in
the user authentication request message, but gpg-agent includes an
`ssh-rsa` signature. OpenSSH servers tolerates this discrepancy, but
the Go implementation fails because it expects a strict match.
This commit pulls in
https://gitlab.com/gitlab-org/golang-crypto/-/merge_requests/9 to fix
the problem.
Relates to:
1. https://github.com/golang/go/issues/53391
2. https://gitlab.com/gitlab-org/gitlab-shell/-/issues/587
Changelog: fixed
Diffstat (limited to 'go.sum')
| -rw-r--r-- | go.sum | 4 |
1 files changed, 2 insertions, 2 deletions
@@ -888,8 +888,8 @@ gitlab.com/gitlab-org/gitaly/v14 v14.9.0-rc5.0.20220329111719-51da8bc17059 h1:X7 gitlab.com/gitlab-org/gitaly/v14 v14.9.0-rc5.0.20220329111719-51da8bc17059/go.mod h1:uX1qhFKBDuPqATlpMcFL2dKDiX8D/tbUg7CYWx7OXt4= gitlab.com/gitlab-org/gitlab-shell v1.9.8-0.20201117050822-3f9890ef73dc/go.mod h1:5QSTbpAHY2v0iIH5uHh2KA9w7sPUqPmnLjDApI/sv1U= gitlab.com/gitlab-org/gitlab-shell v1.9.8-0.20210720163109-50da611814d2/go.mod h1:QWDYBwuy24qGMandtCngLRPzFgnGPg6LSNoJWPKmJMc= -gitlab.com/gitlab-org/golang-crypto v0.0.0-20220518204012-9dd4a7273aac h1:qNUzqBTbEGGjF5Fp0NWz3rNmqamwchxM+QKUZYeOS1c= -gitlab.com/gitlab-org/golang-crypto v0.0.0-20220518204012-9dd4a7273aac/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= +gitlab.com/gitlab-org/golang-crypto v0.0.0-20220616060731-4818747c9fed h1:aXSyBpG6K/QsTGevZnpFoDR7Nwvn24RpkDoWe37B8eY= +gitlab.com/gitlab-org/golang-crypto v0.0.0-20220616060731-4818747c9fed/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= gitlab.com/gitlab-org/labkit v0.0.0-20190221122536-0c3fc7cdd57c/go.mod h1:rYhLgfrbEcyfinG+R3EvKu6bZSsmwQqcXzLfHWSfUKM= gitlab.com/gitlab-org/labkit v0.0.0-20200908084045-45895e129029/go.mod h1:SNfxkfUwVNECgtmluVayv0GWFgEjjBs5AzgsowPQuo0= gitlab.com/gitlab-org/labkit v1.0.0/go.mod h1:nohrYTSLDnZix0ebXZrbZJjymRar8HeV2roWL5/jw2U= |