diff options
author | Marshall Cottrell <mcottrell@gitlab.com> | 2022-05-23 16:54:14 -0400 |
---|---|---|
committer | Marshall Cottrell <mcottrell@gitlab.com> | 2022-05-23 16:54:14 -0400 |
commit | 06a0ffe73ccde266f6e80b3846087caa20dfec96 (patch) | |
tree | 35e026007eb7c63829d407aea8a9bf0439f73c1f | |
parent | c40ad688ed72357a58ba8481ba9382cabfc59375 (diff) | |
download | gitlab-shell-06a0ffe73ccde266f6e80b3846087caa20dfec96.tar.gz |
reference kex and mac algo constantsmarshall_algo-consts
Depends on gitlab-org/golang-crypto!5
-rw-r--r-- | go.mod | 5 | ||||
-rw-r--r-- | go.sum | 2 | ||||
-rw-r--r-- | internal/sshd/server_config.go | 24 | ||||
-rw-r--r-- | internal/sshd/server_config_test.go | 4 |
4 files changed, 19 insertions, 16 deletions
@@ -15,7 +15,7 @@ require ( github.com/stretchr/testify v1.7.0 gitlab.com/gitlab-org/gitaly/v14 v14.9.0-rc5.0.20220329111719-51da8bc17059 gitlab.com/gitlab-org/labkit v1.14.0 - golang.org/x/crypto v0.0.0-20210921155107-089bfa567519 + golang.org/x/crypto v0.0.0-20220518034528-6f7dac969898 golang.org/x/sync v0.0.0-20210220032951-036812b2e83c google.golang.org/grpc v1.40.0 gopkg.in/yaml.v2 v2.4.0 @@ -70,6 +70,7 @@ require ( golang.org/x/net v0.0.0-20211112202133-69e39bad7dc2 // indirect golang.org/x/oauth2 v0.0.0-20210805134026-6f1e6394065a // indirect golang.org/x/sys v0.0.0-20220114195835-da31bd327af9 // indirect + golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1 // indirect golang.org/x/text v0.3.7 // indirect golang.org/x/time v0.0.0-20210220033141-f8bda1e9f3ba // indirect golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1 // indirect @@ -81,4 +82,4 @@ require ( gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c // indirect ) -replace golang.org/x/crypto => gitlab.com/gitlab-org/golang-crypto v0.0.0-20220518204012-9dd4a7273aac +replace golang.org/x/crypto => gitlab.com/gitlab-org/golang-crypto v0.0.0-20220523184437-e427c5017c17 @@ -890,6 +890,8 @@ gitlab.com/gitlab-org/gitlab-shell v1.9.8-0.20201117050822-3f9890ef73dc/go.mod h gitlab.com/gitlab-org/gitlab-shell v1.9.8-0.20210720163109-50da611814d2/go.mod h1:QWDYBwuy24qGMandtCngLRPzFgnGPg6LSNoJWPKmJMc= gitlab.com/gitlab-org/golang-crypto v0.0.0-20220518204012-9dd4a7273aac h1:qNUzqBTbEGGjF5Fp0NWz3rNmqamwchxM+QKUZYeOS1c= gitlab.com/gitlab-org/golang-crypto v0.0.0-20220518204012-9dd4a7273aac/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= +gitlab.com/gitlab-org/golang-crypto v0.0.0-20220523184437-e427c5017c17 h1:zbnh+Y2TX7D+EFNO56GOW3/WXBLly40QdFxkRChXnFQ= +gitlab.com/gitlab-org/golang-crypto v0.0.0-20220523184437-e427c5017c17/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= gitlab.com/gitlab-org/labkit v0.0.0-20190221122536-0c3fc7cdd57c/go.mod h1:rYhLgfrbEcyfinG+R3EvKu6bZSsmwQqcXzLfHWSfUKM= gitlab.com/gitlab-org/labkit v0.0.0-20200908084045-45895e129029/go.mod h1:SNfxkfUwVNECgtmluVayv0GWFgEjjBs5AzgsowPQuo0= gitlab.com/gitlab-org/labkit v1.0.0/go.mod h1:nohrYTSLDnZix0ebXZrbZJjymRar8HeV2roWL5/jw2U= diff --git a/internal/sshd/server_config.go b/internal/sshd/server_config.go index 7fb73dc..44c5912 100644 --- a/internal/sshd/server_config.go +++ b/internal/sshd/server_config.go @@ -18,21 +18,21 @@ import ( var ( supportedMACs = []string{ - "hmac-sha2-256-etm@openssh.com", - "hmac-sha2-512-etm@openssh.com", - "hmac-sha2-256", - "hmac-sha2-512", - "hmac-sha1", + ssh.MacAlgoHmacSHA2256ETM, + ssh.MacAlgoHmacSHA2512ETM, + ssh.MacAlgoHmacSHA2256, + ssh.MacAlgoHmacSHA2512, + ssh.MacAlgoHmacSHA1, } supportedKeyExchanges = []string{ - "curve25519-sha256", - "curve25519-sha256@libssh.org", - "ecdh-sha2-nistp256", - "ecdh-sha2-nistp384", - "ecdh-sha2-nistp521", - "diffie-hellman-group14-sha256", - "diffie-hellman-group14-sha1", + ssh.KexAlgoCurve25519SHA256, + ssh.KexAlgoCurve25519SHA256LibSSH, + ssh.KexAlgoECDH256, + ssh.KexAlgoECDH384, + ssh.KexAlgoECDH521, + ssh.KexAlgoDH14SHA256, + ssh.KexAlgoDH14SHA1, } ) diff --git a/internal/sshd/server_config_test.go b/internal/sshd/server_config_test.go index f7e0575..a13f3f7 100644 --- a/internal/sshd/server_config_test.go +++ b/internal/sshd/server_config_test.go @@ -105,8 +105,8 @@ func TestDefaultAlgorithms(t *testing.T) { } func TestCustomAlgorithms(t *testing.T) { - customMACs := []string{"hmac-sha2-512-etm@openssh.com"} - customKexAlgos := []string{"curve25519-sha256"} + customMACs := []string{ssh.MacAlgoHmacSHA2512ETM} + customKexAlgos := []string{ssh.KexAlgoCurve25519SHA256} customCiphers := []string{"aes256-gcm@openssh.com"} srvCfg := &serverConfig{ |