- djm@cvs.openbsd.org 2014/03/12 04:51:12

     [authfile.c]
     correct test that kdf name is not "none" or "bcrypt"

2 files changed, 5 insertions, 2 deletions

diff --git a/ChangeLog b/ChangeLog
index 61786ac96..5d8b9540f 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -12,6 +12,9 @@
      [auth-bsdauth.c ssh-keygen.c]
      don't count on things that accept arguments by reference to clear
      things for us on error; most things do, but it's unsafe form.
+   - djm@cvs.openbsd.org 2014/03/12 04:51:12
+     [authfile.c]
+     correct test that kdf name is not "none" or "bcrypt"
 
 20140401
  - (djm) On platforms that support it, use prctl() to prevent sftp-server
diff --git a/authfile.c b/authfile.c
index d7eaa9dec..0e97ba4ea 100644
--- a/authfile.c
+++ b/authfile.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: authfile.c,v 1.103 2014/02/02 03:44:31 djm Exp $ */
+/* $OpenBSD: authfile.c,v 1.104 2014/03/12 04:51:12 djm Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -281,7 +281,7 @@ key_parse_private2(Buffer *blob, int type, const char *passphrase,
         }
         kdfname = buffer_get_cstring_ret(&copy, NULL);
         if (kdfname == NULL ||
-            (!strcmp(kdfname, "none") && !strcmp(kdfname, "bcrypt"))) {
+            (strcmp(kdfname, "none") != 0 && strcmp(kdfname, "bcrypt") != 0)) {
                 error("%s: unknown kdf name", __func__);
                 goto out;
         }