From c7e3ab42d9b8135282f38786a76cfefcf08c004c Mon Sep 17 00:00:00 2001
From: Eugene Pankov <e@ajenti.org>
Date: Mon, 31 Jan 2022 09:22:55 +0100
Subject: [PATCH] ssh: added DSA host key support - fixes #5120, fixes #3430

---
 patches/ssh2+1.5.0.patch | 39 +++++++++++++++++++++++++++++++++++++++
 1 file changed, 39 insertions(+)
 create mode 100644 patches/ssh2+1.5.0.patch

diff --git a/patches/ssh2+1.5.0.patch b/patches/ssh2+1.5.0.patch
new file mode 100644
index 00000000..d8d342e5
--- /dev/null
+++ b/patches/ssh2+1.5.0.patch
@@ -0,0 +1,39 @@
+diff --git a/node_modules/ssh2/lib/protocol/keyParser.js b/node_modules/ssh2/lib/protocol/keyParser.js
+index 9860e3f..ee82e51 100644
+--- a/node_modules/ssh2/lib/protocol/keyParser.js
++++ b/node_modules/ssh2/lib/protocol/keyParser.js
+@@ -15,6 +15,7 @@ const {
+   sign: sign_,
+   verify: verify_,
+ } = require('crypto');
++const { createVerify: createVerifyDSS } = require('browserify-sign')
+ const supportedOpenSSLCiphers = getCiphers();
+
+ const { Ber } = require('asn1');
+@@ -404,6 +405,17 @@ const BaseKey = {
+           return new Error('No public key available');
+         if (!algo || typeof algo !== 'string')
+           algo = this[SYM_HASH_ALGO];
++
++        if (algo === 'dss1') {
++          const verifier = createVerifyDSS('DSA-SHA1');
++          verifier.update(data);
++          try {
++            return verifier.verify(pem, signature);
++          } catch (ex) {
++            return ex;
++          }
++        }
++
+         try {
+           return verify_(algo, data, pem, signature);
+         } catch (ex) {
+@@ -1343,7 +1355,7 @@ function parseDER(data, baseType, comment, fullType) {
+         return new Error('Malformed OpenSSH public key');
+       pubPEM = genOpenSSLDSAPub(p, q, g, y);
+       pubSSH = genOpenSSHDSAPub(p, q, g, y);
+-      algo = 'sha1';
++      algo = 'dss1';
+       break;
+     }
+     case 'ssh-ed25519': {