diff options
author | Darren Tucker <dtucker@zip.com.au> | 2009-10-07 08:47:02 +1100 |
---|---|---|
committer | Darren Tucker <dtucker@zip.com.au> | 2009-10-07 08:47:02 +1100 |
commit | 893d73549d7cfa277434bf0113688a5a14055408 (patch) | |
tree | 7cc83baeb70199c132f8f239be7acfcf694d0384 /ssh-add.c | |
parent | 6b286a46821fa230258f1da82d0e013cfe3bf685 (diff) |
- djm@cvs.openbsd.org 2009/08/27 17:44:52
[authfd.c ssh-add.c authfd.h]
Do not fall back to adding keys without contraints (ssh-add -c / -t ...)
when the agent refuses the constrained add request. This was a useful
migration measure back in 2002 when constraints were new, but just
adds risk now.
bz #1612, report and patch from dkg AT fifthhorseman.net; ok markus@
Diffstat (limited to 'ssh-add.c')
-rw-r--r-- | ssh-add.c | 5 |
1 files changed, 1 insertions, 4 deletions
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: ssh-add.c,v 1.90 2007/09/09 11:38:01 sobrado Exp $ */ | 1 | /* $OpenBSD: ssh-add.c,v 1.91 2009/08/27 17:44:52 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
@@ -195,9 +195,6 @@ add_file(AuthenticationConnection *ac, const char *filename) | |||
195 | if (confirm != 0) | 195 | if (confirm != 0) |
196 | fprintf(stderr, | 196 | fprintf(stderr, |
197 | "The user has to confirm each use of the key\n"); | 197 | "The user has to confirm each use of the key\n"); |
198 | } else if (ssh_add_identity(ac, private, comment)) { | ||
199 | fprintf(stderr, "Identity added: %s (%s)\n", filename, comment); | ||
200 | ret = 0; | ||
201 | } else { | 198 | } else { |
202 | fprintf(stderr, "Could not add identity: %s\n", filename); | 199 | fprintf(stderr, "Could not add identity: %s\n", filename); |
203 | } | 200 | } |