From c7032050b30cd7e4bbb7323a821cf236d2b64cf1 Mon Sep 17 00:00:00 2001 From: Kenny Root Date: Sat, 4 Apr 2015 23:09:34 -0700 Subject: Keep order for crypto wishlist Switch from TreeSet to LinkedHashMap since the preference is determined by iterating over the Set for both KEX_ALGS and HOST_KEY_ALGS. The order before was based on string comparisons(!) Change-Id: Ia4573d67f35a5371eb8c70dde631085d61570fe9 --- CHANGELOG.md | 3 +++ src/com/trilead/ssh2/transport/KexManager.java | 5 +++-- 2 files changed, 6 insertions(+), 2 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 665105b..895d821 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -3,3 +3,6 @@ All notable changes to this project will be documented in this file. This project adheres to [Semantic Versioning](http://semver.org/). ## [Unreleased][unreleased] +### Fixed +- Key exchange and host key algorithm preference order was not being + respected. diff --git a/src/com/trilead/ssh2/transport/KexManager.java b/src/com/trilead/ssh2/transport/KexManager.java index 2476b76..acf2812 100644 --- a/src/com/trilead/ssh2/transport/KexManager.java +++ b/src/com/trilead/ssh2/transport/KexManager.java @@ -8,6 +8,7 @@ import java.security.SecureRandom; import java.security.interfaces.DSAPublicKey; import java.security.interfaces.ECPublicKey; import java.security.interfaces.RSAPublicKey; +import java.util.LinkedHashSet; import java.util.Set; import java.util.TreeSet; @@ -61,7 +62,7 @@ public class KexManager supportsEc = keyFact != null; } - private static final Set HOSTKEY_ALGS = new TreeSet(); + private static final Set HOSTKEY_ALGS = new LinkedHashSet(); static { if (supportsEc) { HOSTKEY_ALGS.add("ecdsa-sha2-nistp256"); @@ -72,7 +73,7 @@ public class KexManager HOSTKEY_ALGS.add("ssh-dsa"); } - private static final Set KEX_ALGS = new TreeSet(); + private static final Set KEX_ALGS = new LinkedHashSet(); static { if (supportsEc) { KEX_ALGS.add("ecdh-sha2-nistp256"); -- cgit v1.2.3