Re: Call for testing: OpenSSH 7.7

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

 

On Fri, Mar 23, 2018 at 4:06 PM, Damien Miller <djm@xxxxxxxxxxx> wrote:

> Looks like a false positive from the warning code I added recently.
>
> Please try this:
>
> diff --git a/sshconnect2.c b/sshconnect2.c
> index bf0b729..49eb205 100644
> --- a/sshconnect2.c
> +++ b/sshconnect2.c
> @@ -1006,6 +1006,8 @@ check_sigtype(const struct sshkey *key, const u_char *sig, size_t len)
>         char *sigtype = NULL;
>         const char *alg = key_sign_encode(key);
>
> +       if (sshkey_is_cert(key))
> +               return 0;
>         if ((r = sshkey_sigtype(sig, len, &sigtype)) != 0)
>                 return r;
>         if (strcmp(sigtype, alg) != 0) {

$ env SSH_AUTH_SOCK=/tmp/ssh.sock2 ./ssh-add -l
256 SHA256:byQi9IUy4F9Osg/977BQ/zyOHG2Yvlz0nSqpADvlZpQ (ED25519-CERT)

$ env SSH_AUTH_SOCK=/tmp/ssh.sock2 ./ssh host
pmoody@host:~$

looks good.

Thanks!
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux