summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--usr.bin/ssh/auth-options.c16
-rw-r--r--usr.bin/ssh/key.c7
2 files changed, 2 insertions, 21 deletions
diff --git a/usr.bin/ssh/auth-options.c b/usr.bin/ssh/auth-options.c
index bafff36d735..c6116ec1c2e 100644
--- a/usr.bin/ssh/auth-options.c
+++ b/usr.bin/ssh/auth-options.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: auth-options.c,v 1.55 2011/09/23 00:22:04 dtucker Exp $ */
+/* $OpenBSD: auth-options.c,v 1.56 2011/10/18 04:58:26 djm Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -450,10 +450,6 @@ parse_option_list(u_char *optblob, size_t optblob_len, struct passwd *pw,
buffer_append(&data, data_blob, dlen);
debug3("found certificate option \"%.100s\" len %u",
name, dlen);
- if (strlen(name) != nlen) {
- error("Certificate constraint name contains \\0");
- goto out;
- }
found = 0;
if ((which & OPTIONS_EXTENSIONS) != 0) {
if (strcmp(name, "permit-X11-forwarding") == 0) {
@@ -483,11 +479,6 @@ parse_option_list(u_char *optblob, size_t optblob_len, struct passwd *pw,
"corrupt", name);
goto out;
}
- if (strlen(command) != clen) {
- error("force-command constraint "
- "contains \\0");
- goto out;
- }
if (*cert_forced_command != NULL) {
error("Certificate has multiple "
"force-command options");
@@ -504,11 +495,6 @@ parse_option_list(u_char *optblob, size_t optblob_len, struct passwd *pw,
"\"%s\" corrupt", name);
goto out;
}
- if (strlen(allowed) != clen) {
- error("source-address constraint "
- "contains \\0");
- goto out;
- }
if ((*cert_source_address_done)++) {
error("Certificate has multiple "
"source-address options");
diff --git a/usr.bin/ssh/key.c b/usr.bin/ssh/key.c
index 00439009fa0..5761320fbd3 100644
--- a/usr.bin/ssh/key.c
+++ b/usr.bin/ssh/key.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: key.c,v 1.97 2011/05/17 07:13:31 djm Exp $ */
+/* $OpenBSD: key.c,v 1.98 2011/10/18 04:58:26 djm Exp $ */
/*
* read_bignum():
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -1310,11 +1310,6 @@ cert_parse(Buffer *b, Key *key, const u_char *blob, u_int blen)
goto out;
}
- if (kidlen != strlen(key->cert->key_id)) {
- error("%s: key ID contains \\0 character", __func__);
- goto out;
- }
-
/* Signature is left in the buffer so we can calculate this length */
signed_len = buffer_len(&key->cert->certblob) - buffer_len(b);