diff options
| author | Kenneth Hsu <kennethhsu@gmail.com> | 2021-05-18 19:17:13 +0300 |
|---|---|---|
| committer | Kenneth Hsu <kennethhsu@gmail.com> | 2021-05-18 20:07:33 +0300 |
| commit | 22564bb2a332e6455afd0ea66780044ffcbf035b (patch) | |
| tree | f2076f1a3ef39d3b22e88c79ab53e7d0873756f2 /Duplicati/Library/Backend | |
| parent | bfa240c8eca57c927c0779c2f27acf994a17714f (diff) | |
Cache knowledge of ECDSA support.
Diffstat (limited to 'Duplicati/Library/Backend')
| -rw-r--r-- | Duplicati/Library/Backend/SSHv2/SSHv2Backend.cs | 54 |
1 files changed, 32 insertions, 22 deletions
diff --git a/Duplicati/Library/Backend/SSHv2/SSHv2Backend.cs b/Duplicati/Library/Backend/SSHv2/SSHv2Backend.cs index 3237d8a4e..1fca6aad7 100644 --- a/Duplicati/Library/Backend/SSHv2/SSHv2Backend.cs +++ b/Duplicati/Library/Backend/SSHv2/SSHv2Backend.cs @@ -59,6 +59,8 @@ namespace Duplicati.Library.Backend private SftpClient m_con;
+ private readonly Lazy<bool> supportsECDSA = new Lazy<bool>(SSHv2.SupportsECDSA, true);
+
public SSHv2()
{
}
@@ -334,32 +336,40 @@ namespace Duplicati.Library.Backend m_con = con;
}
+ /// <summary>
+ /// SSH.NET relies on the System.Security.Cryptography.ECDsaCng class for
+ /// ECDSA algorithms, which is not implemented in Mono (as of 6.12.0.144).
+ /// This prevents clients from connecting if one of the ECDSA algorithms is
+ /// chosen as the host key algorithm. In this case, we will prevent the
+ /// client from advertising support for ECDSA algorithms.
+ /// </summary>
+ /// <seealso href="https://github.com/mono/mono/blob/mono-6.12.0.144/mcs/class/referencesource/System.Core/System/Security/Cryptography/ECDsaCng.cs">Mono ECDsaCng implementation.</seealso>
+ /// <returns>Whether ECDSA algorithms are supported or not.</returns>
+ private static bool SupportsECDSA()
+ {
+ try
+ {
+ ECDsaCng unused = new ECDsaCng();
+ return true;
+ }
+ catch (NotImplementedException)
+ {
+ return false;
+ }
+ catch
+ {
+ return true;
+ }
+ }
+
private void TryConnect(SftpClient client)
{
- if (Utility.Utility.IsMono)
+ if (!this.supportsECDSA.Value)
{
- // SSH.NET relies on the System.Security.Cryptography.ECDsaCng class for
- // ECDSA algorithms, which is not implemented in Mono (as of 6.12.0.144).
- // This prevents clients from connecting if one of the ECDSA algorithms is
- // chosen as the host key algorithm. In this case, we will prevent the
- // client from advertising support for ECDSA algorithms.
- //
- // See https://github.com/mono/mono/blob/mono-6.12.0.144/mcs/class/referencesource/System.Core/System/Security/Cryptography/ECDsaCng.cs
- try
- {
- ECDsaCng unused = new ECDsaCng();
- }
- catch (NotImplementedException)
- {
- List<string> ecdsaKeys = client.ConnectionInfo.HostKeyAlgorithms.Keys.Where(x => x.StartsWith("ecdsa")).ToList();
- foreach (string key in ecdsaKeys)
- {
- client.ConnectionInfo.HostKeyAlgorithms.Remove(key);
- }
- }
- catch
+ List<string> ecdsaKeys = client.ConnectionInfo.HostKeyAlgorithms.Keys.Where(x => x.StartsWith("ecdsa")).ToList();
+ foreach (string key in ecdsaKeys)
{
- // Ignore other exceptions and assume that we have ECDSA support.
+ client.ConnectionInfo.HostKeyAlgorithms.Remove(key);
}
}
|