diff options
| author | Markus Friedl <markus@cvs.openbsd.org> | 2003-03-13 11:44:51 +0000 |
|---|---|---|
| committer | Markus Friedl <markus@cvs.openbsd.org> | 2003-03-13 11:44:51 +0000 |
| commit | 3c6b708cda6873c991ccb29232a3621aa274d138 (patch) | |
| tree | 6c05442265fc4c5d35f9b112a5a7839aa19b2a76 | |
| parent | 67b07a2a540ec123e8de4d792b435fea8cc4db2b (diff) | |
ssh-agent is similar to ssh-keysign (allows other processes to use
private rsa keys). however, it gets key over socket and not from
a file, so we have to do blinding here as well.
| -rw-r--r-- | usr.bin/ssh/ssh-agent.c | 13 |
1 files changed, 12 insertions, 1 deletions
diff --git a/usr.bin/ssh/ssh-agent.c b/usr.bin/ssh/ssh-agent.c index 49ed36b12ae..134805dc9cf 100644 --- a/usr.bin/ssh/ssh-agent.c +++ b/usr.bin/ssh/ssh-agent.c @@ -35,7 +35,7 @@ #include "includes.h" #include <sys/queue.h> -RCSID("$OpenBSD: ssh-agent.c,v 1.107 2003/01/23 13:50:27 markus Exp $"); +RCSID("$OpenBSD: ssh-agent.c,v 1.108 2003/03/13 11:44:50 markus Exp $"); #include <openssl/evp.h> #include <openssl/md5.h> @@ -479,6 +479,17 @@ process_add_identity(SocketEntry *e, int version) } break; } + /* enable blinding */ + switch (k->type) { + case KEY_RSA: + case KEY_RSA1: + if (RSA_blinding_on(k->rsa, NULL) != 1) { + error("process_add_identity: RSA_blinding_on failed"); + key_free(k); + goto send; + } + break; + } comment = buffer_get_string(&e->request, NULL); if (k == NULL) { xfree(comment); |