diff options
| author | Damien Miller <djm@cvs.openbsd.org> | 2022-09-17 10:11:30 +0000 |
|---|---|---|
| committer | Damien Miller <djm@cvs.openbsd.org> | 2022-09-17 10:11:30 +0000 |
| commit | 02d176345e9fda95c93b7e30d375c7d621b7c9a3 (patch) | |
| tree | 55ea98b365831435e004cce4fbf1b39d997ad7fd | |
| parent | ed37c685eb0b887fea74d7df646881b34714b9f2 (diff) | |
actually hook up restrict_websafe; the command-line flag was
never actually used. Spotted by Matthew Garrett
| -rw-r--r-- | usr.bin/ssh/ssh-agent.c | 5 |
1 files changed, 3 insertions, 2 deletions
diff --git a/usr.bin/ssh/ssh-agent.c b/usr.bin/ssh/ssh-agent.c index 27f2442ef7a..9b0dcffad9b 100644 --- a/usr.bin/ssh/ssh-agent.c +++ b/usr.bin/ssh/ssh-agent.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-agent.c,v 1.291 2022/09/14 00:13:13 djm Exp $ */ +/* $OpenBSD: ssh-agent.c,v 1.292 2022/09/17 10:11:29 djm Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland @@ -795,7 +795,8 @@ process_sign_request2(SocketEntry *e) goto send; } if (sshkey_is_sk(id->key)) { - if (strncmp(id->key->sk_application, "ssh:", 4) != 0 && + if (restrict_websafe && + strncmp(id->key->sk_application, "ssh:", 4) != 0 && !check_websafe_message_contents(key, data)) { /* error already logged */ goto send; |