Limit rekey to current hostkey type

During rekey dropbear process may be running with user privileges, that
can't write a new hostkey when auto-generating keys.
Only offer the original hostkey when rekeying, also for non-autogenerate
case.

Author: mkj

src/runopts.h

@@ -61,6 +61,7 @@ extern runopts opts;
 int readhostkey(const char * filename, sign_key * hostkey,
 	enum signkey_type *type);
 void load_all_hostkeys(void);
+void disable_sig_except(enum signature_type sig_type);
 
 typedef struct svr_runopts {
 

src/svr-kex.c

@@ -99,6 +99,14 @@ void recv_msg_kexdh_init() {
 	}
 #endif
 
+	if (!ses.kexstate.donesecondkex) {
+		/* Disable other signature types.
+		 * During future rekeying, privileges may have been dropped
+		 * so other keys won't be loadable.
+		 * This must occur after send_msg_ext_info() which uses the hostkey list */
+		disable_sig_except(ses.newkeys->algo_signature);
+	}
+
 	ses.requirenext = SSH_MSG_NEWKEYS;
 	TRACE(("leave recv_msg_kexdh_init"))
 }

src/svr-runopts.c

@@ -515,6 +515,17 @@ static void disablekey(enum signature_type type) {
 	}
 }
 
+void disable_sig_except(enum signature_type allow_type) {
+	int i;
+	TRACE(("Disabling other sigs except %d", allow_type));
+	for (i = 0; sigalgs[i].name != NULL; i++) {
+		enum signature_type sig_type = sigalgs[i].val;
+		if (sig_type != allow_type) {
+			sigalgs[i].usable = 0;
+		}
+	}
+}
+
 static void loadhostkey_helper(const char *name, void** src, void** dst, int fatal_duplicate) {
 	if (*dst) {
 		if (fatal_duplicate) {