Send ext-info-c with kex algorithms (#622)

Some SSH servers will not honor the negotiated rsa-sha2-256 algorithms
if the client does not indicate support for SSH_MSG_EXT_INFO messages.
Since we only need to accept these messages, but are free to ignore
their contents, adding support amounts to sending "ext-info-c" with our
kex algorithm proposal.

Author: FabianHenneke

src/main/java/com/hierynomus/sshj/transport/kex/ExtInfoClientFactory.java

@@ -0,0 +1,36 @@
+/*
+ * Copyright (C)2009 - SSHJ Contributors
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package com.hierynomus.sshj.transport.kex;
+
+import net.schmizz.sshj.transport.kex.KeyExchange;
+
+/**
+ * Stub kex algorithm factory that indicates support for SSH2_MSG_EXT_INFO.
+ * Some servers will not send `rsa-sha2-*` signatures if the client doesn't indicate support.
+ *
+ * Note: Since the server sends `ext-info-s` to indicate support, this fake kex algorithm is never negotiated.
+ */
+public class ExtInfoClientFactory implements net.schmizz.sshj.common.Factory.Named<KeyExchange> {
+    @Override
+    public String getName() {
+        return "ext-info-c";
+    }
+
+    @Override
+    public KeyExchange create() {
+        return null;
+    }
+}

src/main/java/net/schmizz/sshj/DefaultConfig.java

@@ -20,6 +20,7 @@
 import com.hierynomus.sshj.transport.cipher.BlockCiphers;
 import com.hierynomus.sshj.transport.cipher.StreamCiphers;
 import com.hierynomus.sshj.transport.kex.DHGroups;
+import com.hierynomus.sshj.transport.kex.ExtInfoClientFactory;
 import com.hierynomus.sshj.transport.kex.ExtendedDHGroups;
 import com.hierynomus.sshj.transport.mac.Macs;
 import com.hierynomus.sshj.userauth.keyprovider.OpenSSHKeyV1KeyFile;
@@ -125,7 +126,8 @@ protected void initKeyExchangeFactories(boolean bouncyCastleRegistered) {
                     ExtendedDHGroups.Group16SHA256(),
                     ExtendedDHGroups.Group16SHA384AtSSH(),
                     ExtendedDHGroups.Group16SHA512AtSSH(),
-                    ExtendedDHGroups.Group18SHA512AtSSH());
+                    ExtendedDHGroups.Group18SHA512AtSSH(),
+                    new ExtInfoClientFactory());
         } else {
             setKeyExchangeFactories(DHGroups.Group1SHA1(), new DHGexSHA1.Factory());
         }

src/main/java/net/schmizz/sshj/common/Message.java

@@ -25,6 +25,7 @@ public enum Message {
     DEBUG(4),
     SERVICE_REQUEST(5),
     SERVICE_ACCEPT(6),
+    EXT_INFO(7),
     KEXINIT(20),
     NEWKEYS(21),
 

src/main/java/net/schmizz/sshj/transport/TransportImpl.java

@@ -529,6 +529,9 @@ public void handle(Message msg, SSHPacket buf)
                 case SERVICE_ACCEPT:
                     gotServiceAccept();
                     break;
+                case EXT_INFO:
+                    log.debug("Received SSH_MSG_EXT_INFO");
+                    break;
                 case USERAUTH_BANNER:
                     log.debug("Received USERAUTH_BANNER");
                     break;