diff options
-rw-r--r-- | usr.bin/ssh/auth-options.c | 16 | ||||
-rw-r--r-- | usr.bin/ssh/key.c | 7 |
2 files changed, 2 insertions, 21 deletions
diff --git a/usr.bin/ssh/auth-options.c b/usr.bin/ssh/auth-options.c index bafff36d735..c6116ec1c2e 100644 --- a/usr.bin/ssh/auth-options.c +++ b/usr.bin/ssh/auth-options.c @@ -1,4 +1,4 @@ -/* $OpenBSD: auth-options.c,v 1.55 2011/09/23 00:22:04 dtucker Exp $ */ +/* $OpenBSD: auth-options.c,v 1.56 2011/10/18 04:58:26 djm Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland @@ -450,10 +450,6 @@ parse_option_list(u_char *optblob, size_t optblob_len, struct passwd *pw, buffer_append(&data, data_blob, dlen); debug3("found certificate option \"%.100s\" len %u", name, dlen); - if (strlen(name) != nlen) { - error("Certificate constraint name contains \\0"); - goto out; - } found = 0; if ((which & OPTIONS_EXTENSIONS) != 0) { if (strcmp(name, "permit-X11-forwarding") == 0) { @@ -483,11 +479,6 @@ parse_option_list(u_char *optblob, size_t optblob_len, struct passwd *pw, "corrupt", name); goto out; } - if (strlen(command) != clen) { - error("force-command constraint " - "contains \\0"); - goto out; - } if (*cert_forced_command != NULL) { error("Certificate has multiple " "force-command options"); @@ -504,11 +495,6 @@ parse_option_list(u_char *optblob, size_t optblob_len, struct passwd *pw, "\"%s\" corrupt", name); goto out; } - if (strlen(allowed) != clen) { - error("source-address constraint " - "contains \\0"); - goto out; - } if ((*cert_source_address_done)++) { error("Certificate has multiple " "source-address options"); diff --git a/usr.bin/ssh/key.c b/usr.bin/ssh/key.c index 00439009fa0..5761320fbd3 100644 --- a/usr.bin/ssh/key.c +++ b/usr.bin/ssh/key.c @@ -1,4 +1,4 @@ -/* $OpenBSD: key.c,v 1.97 2011/05/17 07:13:31 djm Exp $ */ +/* $OpenBSD: key.c,v 1.98 2011/10/18 04:58:26 djm Exp $ */ /* * read_bignum(): * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland @@ -1310,11 +1310,6 @@ cert_parse(Buffer *b, Key *key, const u_char *blob, u_int blen) goto out; } - if (kidlen != strlen(key->cert->key_id)) { - error("%s: key ID contains \\0 character", __func__); - goto out; - } - /* Signature is left in the buffer so we can calculate this length */ signed_len = buffer_len(&key->cert->certblob) - buffer_len(b); |