upstream commit

Allow ssh-keygen to use a key held in ssh-agent as a CA when signing certificates. bz#2377 ok markus Upstream-ID: fb42e920b592edcbb5b50465739a867c09329c8f
author: djm@openbsd.org <djm@openbsd.org> 2017-06-28 01:09:22 +0000
committer: Damien Miller <djm@mindrot.org> 2017-06-28 11:13:19 +1000
commit: a98339edbc1fc21342a390f345179a9c3031bef7 (patch)
tree: 574e103d0a458f96213e808118eb75d39bc3387f /authfd.c
parent: c9cdef35524bd59007e17d5bd2502dade69e2dfb (diff)
1 files changed, 3 insertions, 3 deletions
diff --git a/authfd.c b/authfd.c
index 8486e28b3..6c9843c87 100644
--- a/authfd.c
+++ b/authfd.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: authfd.c,v 1.103 2017/05/05 10:42:49 naddy Exp $ */
+/* $OpenBSD: authfd.c,v 1.104 2017/06/28 01:09:22 djm Exp $ */
 /*
 * Author: Tatu Ylonen <ylo@cs.hut.fi>
 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -326,7 +326,7 @@ ssh_free_identitylist(struct ssh_identitylist *idl)
 /* encode signature algoritm in flag bits, so we can keep the msg format */
 static u_int
-agent_encode_alg(struct sshkey *key, const char *alg)
+agent_encode_alg(const struct sshkey *key, const char *alg)
 {
        if (alg != NULL && key->type == KEY_RSA) {
                if (strcmp(alg, "rsa-sha2-256") == 0)
@@ -339,7 +339,7 @@ agent_encode_alg(struct sshkey *key, const char *alg)
 /* ask agent to sign data, returns err.h code on error, 0 on success */
 int
-ssh_agent_sign(int sock, struct sshkey *key,
+ssh_agent_sign(int sock, const struct sshkey *key,
    u_char **sigp, size_t *lenp,
    const u_char *data, size_t datalen, const char *alg, u_int compat)
 {
author	djm@openbsd.org <djm@openbsd.org>	2017-06-28 01:09:22 +0000
committer	Damien Miller <djm@mindrot.org>	2017-06-28 11:13:19 +1000
commit	a98339edbc1fc21342a390f345179a9c3031bef7 (patch)
tree	574e103d0a458f96213e808118eb75d39bc3387f /authfd.c
parent	c9cdef35524bd59007e17d5bd2502dade69e2dfb (diff)

diff --git a/authfd.c b/authfd.c index 8486e28b3..6c9843c87 100644 --- a/authfd.c +++ b/authfd.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: authfd.c,v 1.103 2017/05/05 10:42:49 naddy Exp $ */	1	/* $OpenBSD: authfd.c,v 1.104 2017/06/28 01:09:22 djm Exp $ */
2	/*	2	/*
3	* Author: Tatu Ylonen <ylo@cs.hut.fi>	3	* Author: Tatu Ylonen <ylo@cs.hut.fi>
4	* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland	4	* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -326,7 +326,7 @@ ssh_free_identitylist(struct ssh_identitylist *idl)
326		326
327	/* encode signature algoritm in flag bits, so we can keep the msg format */	327	/* encode signature algoritm in flag bits, so we can keep the msg format */
328	static u_int	328	static u_int
329	agent_encode_alg(struct sshkey key, const char alg)	329	agent_encode_alg(const struct sshkey key, const char alg)
330	{	330	{
331	if (alg != NULL && key->type == KEY_RSA) {	331	if (alg != NULL && key->type == KEY_RSA) {
332	if (strcmp(alg, "rsa-sha2-256") == 0)	332	if (strcmp(alg, "rsa-sha2-256") == 0)
@@ -339,7 +339,7 @@ agent_encode_alg(struct sshkey key, const char alg)
339		339
340	/* ask agent to sign data, returns err.h code on error, 0 on success */	340	/* ask agent to sign data, returns err.h code on error, 0 on success */
341	int	341	int
342	ssh_agent_sign(int sock, struct sshkey *key,	342	ssh_agent_sign(int sock, const struct sshkey *key,
343	u_char *sigp, size_t lenp,	343	u_char *sigp, size_t lenp,
344	const u_char data, size_t datalen, const char alg, u_int compat)	344	const u_char data, size_t datalen, const char alg, u_int compat)
345	{	345	{