tyler.durden
/
openssh-portable
mirror of https://github.com/PowerShell/openssh-portable.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

upstream: actually hook up restrict_websafe; the command-line flag 

was never actually used. Spotted by Matthew Garrett

OpenBSD-Commit-ID: 0b363518ac4c2819dbaa3dfad4028633ab9cdff1
This commit is contained in:
djm@openbsd.org 2022-09-17 10:11:29 +00:00 committed by Damien Miller
parent 30b2a7e429
commit 3991a0cf94
No known key found for this signature in database
1 changed files with 3 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
ssh-agent.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: ssh-agent.c,v 1.291 2022/09/14 00:13:13 djm Exp $ */ /* $OpenBSD: ssh-agent.c,v 1.292 2022/09/17 10:11:29 djm Exp $ */
/* /*
* Author: Tatu Ylonen <ylo@cs.hut.fi> * Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@ -808,7 +808,8 @@ process_sign_request2(SocketEntry *e)
goto send; goto send;
} }
if (sshkey_is_sk(id->key)) { if (sshkey_is_sk(id->key)) {
if (strncmp(id->key->sk_application, "ssh:", 4) != 0 && if (restrict_websafe &&
strncmp(id->key->sk_application, "ssh:", 4) != 0 &&
!check_websafe_message_contents(key, data)) { !check_websafe_message_contents(key, data)) {
/* error already logged */ /* error already logged */
goto send; goto send;