agent: unknown flags on ssh signing requests cause an error.

* agent/command-ssh.c (ssh_handler_sign_request): if a flag is passed
during an signature request that we do not know how to apply, return
GPG_ERR_UNKNOWN_OPTION.

--

https://tools.ietf.org/html/draft-miller-ssh-agent-02#section-4.5 says:

    If the agent does not support the requested flags, or is otherwise
    unable or unwilling to generate the signature (e.g. because it
    doesn't have the specified key, or the user refused confirmation of a
    constrained key), it must reply with a SSH_AGENT_FAILURE message.

Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
GnuPG-bug-id: 3880

agent/command-ssh.c

@@ -2864,7 +2864,7 @@ ssh_handler_sign_request (ctrl_t ctrl, estream_t request, estream_t response)
   unsigned char *sig = NULL;
   size_t sig_n;
   u32 data_size;
-  u32 flags;
+  u32 flags, known_flags = 0;
   gpg_error_t err;
   gpg_error_t ret_err;
   int hash_algo;
@@ -2890,6 +2890,7 @@ ssh_handler_sign_request (ctrl_t ctrl, estream_t request, estream_t response)
 
   if (spec.algo == GCRY_PK_RSA)
     {
+      known_flags = SSH_AGENT_RSA_SHA2_256 | SSH_AGENT_RSA_SHA2_512;
       if ((flags & SSH_AGENT_RSA_SHA2_256))
         {
           spec.ssh_identifier = "rsa-sha2-256";
@@ -2902,6 +2903,13 @@ ssh_handler_sign_request (ctrl_t ctrl, estream_t request, estream_t response)
         }
     }
 
+  /* some flag is present that we do not know about. */
+  if (flags & ~known_flags)
+    {
+      err = gpg_error (GPG_ERR_UNKNOWN_OPTION);
+      goto out;
+    }
+
   hash_algo = spec.hash_algo;
   if (!hash_algo)
     hash_algo = GCRY_MD_SHA1;  /* Use the default.  */