ssh: return specific error for invalid signature algorithm

Previously, this would return the default error "no auth passed yet". Not only is the new error more specific, it makes it easier to verify the control flow of server authentication code. Change-Id: I6c8de4e3f91da74274acbe9d87ec4f6158b4a94f Reviewed-on: https://go-review.googlesource.com/c/142897 Run-TryBot: Han-Wen Nienhuys <hanwen@google.com> TryBot-Result: Gobot Gobot <gobot@golang.org> Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
author: Han-Wen Nienhuys <hanwen@google.com> 2018-10-17 10:28:34 +0200
committer: Han-Wen Nienhuys <hanwen@google.com> 2018-11-06 17:15:34 +0000
commit: e4dc69e5b2fd71dcaf8bd5d054eb936deb78d1fa (patch)
tree: 5a18660210f93c0bdb2590a3f23b80b3e511a99c /ssh/server.go
parent: bfa7d42eb568d3c454e1853744768cc80718040d (diff)
download: go-x-crypto-e4dc69e5b2fd71dcaf8bd5d054eb936deb78d1fa.tar.xz
1 files changed, 1 insertions, 0 deletions
diff --git a/ssh/server.go b/ssh/server.go
index 122c03e..e86e896 100644
--- a/ssh/server.go
+++ b/ssh/server.go
@@ -484,6 +484,7 @@ userAuthLoop:
 				// sig.Format.  This is usually the same, but
 				// for certs, the names differ.
 				if !isAcceptableAlgo(sig.Format) {
+					authErr = fmt.Errorf("ssh: algorithm %q not accepted", sig.Format)
 					break
 				}
 				signedData := buildDataSignedForAuth(sessionID, userAuthReq, algoBytes, pubKeyData)
author	Han-Wen Nienhuys <hanwen@google.com>	2018-10-17 10:28:34 +0200
committer	Han-Wen Nienhuys <hanwen@google.com>	2018-11-06 17:15:34 +0000
commit	e4dc69e5b2fd71dcaf8bd5d054eb936deb78d1fa (patch)
tree	5a18660210f93c0bdb2590a3f23b80b3e511a99c /ssh/server.go
parent	bfa7d42eb568d3c454e1853744768cc80718040d (diff)
download	go-x-crypto-e4dc69e5b2fd71dcaf8bd5d054eb936deb78d1fa.tar.xz