upstream: sshsk_sign: trim call to sshkey_fingerprint()

the resulting fingerprint doesn't appear to be used for anything,
and we end up leaking it.

from Pedro Martelletto; ok dtucker & me

OpenBSD-Commit-ID: 5625cf6c68f082bc2cbbd348e69a3ed731d2f9b7
This commit is contained in:
djm@openbsd.org 2022-01-14 03:32:52 +00:00 committed by Damien Miller
parent 1cd1b2eac3
commit c88265f207
1 changed files with 1 additions and 8 deletions

View File

@ -1,4 +1,4 @@
/* $OpenBSD: ssh-sk-client.c,v 1.10 2021/10/28 02:54:18 djm Exp $ */ /* $OpenBSD: ssh-sk-client.c,v 1.11 2022/01/14 03:32:52 djm Exp $ */
/* /*
* Copyright (c) 2019 Google LLC * Copyright (c) 2019 Google LLC
* *
@ -232,7 +232,6 @@ sshsk_sign(const char *provider, struct sshkey *key,
u_int compat, const char *pin) u_int compat, const char *pin)
{ {
int oerrno, r = SSH_ERR_INTERNAL_ERROR; int oerrno, r = SSH_ERR_INTERNAL_ERROR;
char *fp = NULL;
struct sshbuf *kbuf = NULL, *req = NULL, *resp = NULL; struct sshbuf *kbuf = NULL, *req = NULL, *resp = NULL;
*sigp = NULL; *sigp = NULL;
@ -262,12 +261,6 @@ sshsk_sign(const char *provider, struct sshkey *key,
goto out; goto out;
} }
if ((fp = sshkey_fingerprint(key, SSH_FP_HASH_DEFAULT,
SSH_FP_DEFAULT)) == NULL) {
error_f("sshkey_fingerprint failed");
r = SSH_ERR_ALLOC_FAIL;
goto out;
}
if ((r = client_converse(req, &resp, SSH_SK_HELPER_SIGN)) != 0) if ((r = client_converse(req, &resp, SSH_SK_HELPER_SIGN)) != 0)
goto out; goto out;