diff options
author | Damien Miller <djm@cvs.openbsd.org> | 2010-05-11 02:58:05 +0000 |
---|---|---|
committer | Damien Miller <djm@cvs.openbsd.org> | 2010-05-11 02:58:05 +0000 |
commit | 011385e6acf27bd8b2fdf46cf99f6cc511375420 (patch) | |
tree | 80d24c1224652e810085a9b7ec6377f851f1632d | |
parent | 6dd93af6d3a7fd3d8699d52bad70db1957f01d41 (diff) |
don't accept certificates marked as "cert-authority" here; ok markus@
-rw-r--r-- | usr.bin/ssh/auth-rsa.c | 5 |
1 files changed, 3 insertions, 2 deletions
diff --git a/usr.bin/ssh/auth-rsa.c b/usr.bin/ssh/auth-rsa.c index 2c8277dcd7e..43022b00de8 100644 --- a/usr.bin/ssh/auth-rsa.c +++ b/usr.bin/ssh/auth-rsa.c @@ -1,4 +1,4 @@ -/* $OpenBSD: auth-rsa.c,v 1.75 2010/04/16 01:47:26 djm Exp $ */ +/* $OpenBSD: auth-rsa.c,v 1.76 2010/05/11 02:58:04 djm Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland @@ -253,7 +253,8 @@ auth_rsa_key_allowed(struct passwd *pw, BIGNUM *client_n, Key **rkey) */ if (!auth_parse_options(pw, key_options, file, linenum)) continue; - + if (key_is_cert_authority) + continue; /* break out, this key is allowed */ allowed = 1; break; |