diff options
author | Darren Tucker <dtucker@zip.com.au> | 2009-10-07 08:47:02 +1100 |
---|---|---|
committer | Darren Tucker <dtucker@zip.com.au> | 2009-10-07 08:47:02 +1100 |
commit | 893d73549d7cfa277434bf0113688a5a14055408 (patch) | |
tree | 7cc83baeb70199c132f8f239be7acfcf694d0384 /authfd.h | |
parent | 6b286a46821fa230258f1da82d0e013cfe3bf685 (diff) |
- djm@cvs.openbsd.org 2009/08/27 17:44:52
[authfd.c ssh-add.c authfd.h]
Do not fall back to adding keys without contraints (ssh-add -c / -t ...)
when the agent refuses the constrained add request. This was a useful
migration measure back in 2002 when constraints were new, but just
adds risk now.
bz #1612, report and patch from dkg AT fifthhorseman.net; ok markus@
Diffstat (limited to 'authfd.h')
-rw-r--r-- | authfd.h | 3 |
1 files changed, 1 insertions, 2 deletions
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: authfd.h,v 1.36 2006/08/03 03:34:41 deraadt Exp $ */ | 1 | /* $OpenBSD: authfd.h,v 1.37 2009/08/27 17:44:52 djm Exp $ */ |
2 | 2 | ||
3 | /* | 3 | /* |
4 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 4 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
@@ -75,7 +75,6 @@ void ssh_close_authentication_connection(AuthenticationConnection *); | |||
75 | int ssh_get_num_identities(AuthenticationConnection *, int); | 75 | int ssh_get_num_identities(AuthenticationConnection *, int); |
76 | Key *ssh_get_first_identity(AuthenticationConnection *, char **, int); | 76 | Key *ssh_get_first_identity(AuthenticationConnection *, char **, int); |
77 | Key *ssh_get_next_identity(AuthenticationConnection *, char **, int); | 77 | Key *ssh_get_next_identity(AuthenticationConnection *, char **, int); |
78 | int ssh_add_identity(AuthenticationConnection *, Key *, const char *); | ||
79 | int ssh_add_identity_constrained(AuthenticationConnection *, Key *, | 78 | int ssh_add_identity_constrained(AuthenticationConnection *, Key *, |
80 | const char *, u_int, u_int); | 79 | const char *, u_int, u_int); |
81 | int ssh_remove_identity(AuthenticationConnection *, Key *); | 80 | int ssh_remove_identity(AuthenticationConnection *, Key *); |