From 5eb2d51328a9e06898f25923023e5e84627c30d0 Mon Sep 17 00:00:00 2001
From: Jakub Jelen <jjelen@redhat.com>
Date: Jul 26 2019 07:27:52 +0000
Subject: Add missing hostkey certificate algorithms to the FIPS list


---

diff --git a/openssh-7.7p1-fips.patch b/openssh-7.7p1-fips.patch
index 333a9a2..bbd644a 100644
--- a/openssh-7.7p1-fips.patch
+++ b/openssh-7.7p1-fips.patch
@@ -174,12 +174,14 @@ diff -up openssh-8.0p1/Makefile.in.fips openssh-8.0p1/Makefile.in
 diff -up openssh-8.0p1/myproposal.h.fips openssh-8.0p1/myproposal.h
 --- openssh-8.0p1/myproposal.h.fips	2019-04-18 00:52:57.000000000 +0200
 +++ openssh-8.0p1/myproposal.h	2019-07-23 14:55:45.402526411 +0200
-@@ -111,6 +111,14 @@
+@@ -111,6 +111,16 @@
  	"rsa-sha2-256," \
  	"ssh-rsa"
  
 +#define	KEX_FIPS_PK_ALG	\
 +	HOSTKEY_ECDSA_CERT_METHODS \
++	"rsa-sha2-512-cert-v01@openssh.com," \
++	"rsa-sha2-256-cert-v01@openssh.com," \
 +	"ssh-rsa-cert-v01@openssh.com," \
 +	HOSTKEY_ECDSA_METHODS \
 +	"rsa-sha2-512," \