diff options
author | Damien Miller <djm@mindrot.org> | 2014-07-02 15:28:02 +1000 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 2014-07-02 15:28:02 +1000 |
commit | 8668706d0f52654fe64c0ca41a96113aeab8d2b8 (patch) | |
tree | 73e78e1ea3d39206e39870bbe0af17d6c430fb51 /auth-options.c | |
parent | 2cd7929250cf9e9f658d70dcd452f529ba08c942 (diff) |
- djm@cvs.openbsd.org 2014/06/24 01:13:21
[Makefile.in auth-bsdauth.c auth-chall.c auth-options.c auth-rsa.c
[auth2-none.c auth2-pubkey.c authfile.c authfile.h cipher-3des1.c
[cipher-chachapoly.c cipher-chachapoly.h cipher.c cipher.h
[digest-libc.c digest-openssl.c digest.h dns.c entropy.c hmac.h
[hostfile.c key.c key.h krl.c monitor.c packet.c rsa.c rsa.h
[ssh-add.c ssh-agent.c ssh-dss.c ssh-ecdsa.c ssh-ed25519.c
[ssh-keygen.c ssh-pkcs11-client.c ssh-pkcs11-helper.c ssh-pkcs11.c
[ssh-rsa.c sshbuf-misc.c sshbuf.h sshconnect.c sshconnect1.c
[sshconnect2.c sshd.c sshkey.c sshkey.h
[openbsd-compat/openssl-compat.c openbsd-compat/openssl-compat.h]
New key API: refactor key-related functions to be more library-like,
existing API is offered as a set of wrappers.
with and ok markus@
Thanks also to Ben Hawkes, David Tomaschik, Ivan Fratric, Matthew
Dempsky and Ron Bowes for a detailed review a few months ago.
NB. This commit also removes portable OpenSSH support for OpenSSL
<0.9.8e.
Diffstat (limited to 'auth-options.c')
-rw-r--r-- | auth-options.c | 14 |
1 files changed, 7 insertions, 7 deletions
diff --git a/auth-options.c b/auth-options.c index fa209eaab..9a3c270e9 100644 --- a/auth-options.c +++ b/auth-options.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: auth-options.c,v 1.62 2013/12/19 00:27:57 djm Exp $ */ | 1 | /* $OpenBSD: auth-options.c,v 1.63 2014/06/24 01:13:21 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
@@ -586,8 +586,8 @@ auth_cert_options(Key *k, struct passwd *pw) | |||
586 | 586 | ||
587 | if (key_cert_is_legacy(k)) { | 587 | if (key_cert_is_legacy(k)) { |
588 | /* All options are in the one field for v00 certs */ | 588 | /* All options are in the one field for v00 certs */ |
589 | if (parse_option_list(buffer_ptr(&k->cert->critical), | 589 | if (parse_option_list(buffer_ptr(k->cert->critical), |
590 | buffer_len(&k->cert->critical), pw, | 590 | buffer_len(k->cert->critical), pw, |
591 | OPTIONS_CRITICAL|OPTIONS_EXTENSIONS, 1, | 591 | OPTIONS_CRITICAL|OPTIONS_EXTENSIONS, 1, |
592 | &cert_no_port_forwarding_flag, | 592 | &cert_no_port_forwarding_flag, |
593 | &cert_no_agent_forwarding_flag, | 593 | &cert_no_agent_forwarding_flag, |
@@ -599,14 +599,14 @@ auth_cert_options(Key *k, struct passwd *pw) | |||
599 | return -1; | 599 | return -1; |
600 | } else { | 600 | } else { |
601 | /* Separate options and extensions for v01 certs */ | 601 | /* Separate options and extensions for v01 certs */ |
602 | if (parse_option_list(buffer_ptr(&k->cert->critical), | 602 | if (parse_option_list(buffer_ptr(k->cert->critical), |
603 | buffer_len(&k->cert->critical), pw, | 603 | buffer_len(k->cert->critical), pw, |
604 | OPTIONS_CRITICAL, 1, NULL, NULL, NULL, NULL, NULL, | 604 | OPTIONS_CRITICAL, 1, NULL, NULL, NULL, NULL, NULL, |
605 | &cert_forced_command, | 605 | &cert_forced_command, |
606 | &cert_source_address_done) == -1) | 606 | &cert_source_address_done) == -1) |
607 | return -1; | 607 | return -1; |
608 | if (parse_option_list(buffer_ptr(&k->cert->extensions), | 608 | if (parse_option_list(buffer_ptr(k->cert->extensions), |
609 | buffer_len(&k->cert->extensions), pw, | 609 | buffer_len(k->cert->extensions), pw, |
610 | OPTIONS_EXTENSIONS, 1, | 610 | OPTIONS_EXTENSIONS, 1, |
611 | &cert_no_port_forwarding_flag, | 611 | &cert_no_port_forwarding_flag, |
612 | &cert_no_agent_forwarding_flag, | 612 | &cert_no_agent_forwarding_flag, |