diff options
author | Damien Miller <djm@mindrot.org> | 2010-08-05 13:03:51 +1000 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 2010-08-05 13:03:51 +1000 |
commit | 1da638895916bc061ff6aca9f373d48a9776810b (patch) | |
tree | cb085a570b7fae045555c12b680c73506f333b03 /ssh-keygen.c | |
parent | 7fa96602e52f02e66897f98a1568cbd3a555192b (diff) |
- djm@cvs.openbsd.org 2010/08/04 05:40:39
[PROTOCOL.certkeys ssh-keygen.c]
tighten the rules for certificate encoding by requiring that options
appear in lexical order and make our ssh-keygen comply. ok markus@
Diffstat (limited to 'ssh-keygen.c')
-rw-r--r-- | ssh-keygen.c | 14 |
1 files changed, 7 insertions, 7 deletions
diff --git a/ssh-keygen.c b/ssh-keygen.c index 56bfee20d..4c60a659f 100644 --- a/ssh-keygen.c +++ b/ssh-keygen.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: ssh-keygen.c,v 1.195 2010/07/16 04:45:30 djm Exp $ */ | 1 | /* $OpenBSD: ssh-keygen.c,v 1.196 2010/08/04 05:40:39 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
4 | * Copyright (c) 1994 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | * Copyright (c) 1994 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
@@ -1295,9 +1295,9 @@ static void | |||
1295 | prepare_options_buf(Buffer *c, int which) | 1295 | prepare_options_buf(Buffer *c, int which) |
1296 | { | 1296 | { |
1297 | buffer_clear(c); | 1297 | buffer_clear(c); |
1298 | if ((which & OPTIONS_EXTENSIONS) != 0 && | 1298 | if ((which & OPTIONS_CRITICAL) != 0 && |
1299 | (certflags_flags & CERTOPT_X_FWD) != 0) | 1299 | certflags_command != NULL) |
1300 | add_flag_option(c, "permit-X11-forwarding"); | 1300 | add_string_option(c, "force-command", certflags_command); |
1301 | if ((which & OPTIONS_EXTENSIONS) != 0 && | 1301 | if ((which & OPTIONS_EXTENSIONS) != 0 && |
1302 | (certflags_flags & CERTOPT_AGENT_FWD) != 0) | 1302 | (certflags_flags & CERTOPT_AGENT_FWD) != 0) |
1303 | add_flag_option(c, "permit-agent-forwarding"); | 1303 | add_flag_option(c, "permit-agent-forwarding"); |
@@ -1310,9 +1310,9 @@ prepare_options_buf(Buffer *c, int which) | |||
1310 | if ((which & OPTIONS_EXTENSIONS) != 0 && | 1310 | if ((which & OPTIONS_EXTENSIONS) != 0 && |
1311 | (certflags_flags & CERTOPT_USER_RC) != 0) | 1311 | (certflags_flags & CERTOPT_USER_RC) != 0) |
1312 | add_flag_option(c, "permit-user-rc"); | 1312 | add_flag_option(c, "permit-user-rc"); |
1313 | if ((which & OPTIONS_CRITICAL) != 0 && | 1313 | if ((which & OPTIONS_EXTENSIONS) != 0 && |
1314 | certflags_command != NULL) | 1314 | (certflags_flags & CERTOPT_X_FWD) != 0) |
1315 | add_string_option(c, "force-command", certflags_command); | 1315 | add_flag_option(c, "permit-X11-forwarding"); |
1316 | if ((which & OPTIONS_CRITICAL) != 0 && | 1316 | if ((which & OPTIONS_CRITICAL) != 0 && |
1317 | certflags_src_addr != NULL) | 1317 | certflags_src_addr != NULL) |
1318 | add_string_option(c, "source-address", certflags_src_addr); | 1318 | add_string_option(c, "source-address", certflags_src_addr); |