- djm@cvs.openbsd.org 2011/05/17 07:13:31

[key.c]
     fatal() if asked to generate a legacy ECDSA cert (these don't exist)
     and fix the regress test that was trying to generate them :)
This commit is contained in:
Damien Miller 2011-05-20 19:03:08 +10:00
parent 814ace0875
commit 8f639fe722
2 changed files with 8 additions and 1 deletions

View File

@ -11,6 +11,10 @@
- djm@cvs.openbsd.org 2011/05/15 08:09:01
[authfd.c monitor.c serverloop.c]
use FD_CLOEXEC consistently; patch from zion AT x96.org
- djm@cvs.openbsd.org 2011/05/17 07:13:31
[key.c]
fatal() if asked to generate a legacy ECDSA cert (these don't exist)
and fix the regress test that was trying to generate them :)
20110515
- (djm) OpenBSD CVS Sync

5
key.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: key.c,v 1.96 2011/02/04 00:44:21 djm Exp $ */
/* $OpenBSD: key.c,v 1.97 2011/05/17 07:13:31 djm Exp $ */
/*
* read_bignum():
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@ -1817,6 +1817,9 @@ key_to_certified(Key *k, int legacy)
k->type = legacy ? KEY_DSA_CERT_V00 : KEY_DSA_CERT;
return 0;
case KEY_ECDSA:
if (legacy)
fatal("%s: legacy ECDSA certificates are not supported",
__func__);
k->cert = cert_new();
k->type = KEY_ECDSA_CERT;
return 0;