diff options
-rw-r--r-- | ChangeLog | 7 | ||||
-rw-r--r-- | ssh-agent.c | 13 |
2 files changed, 18 insertions, 2 deletions
@@ -3,6 +3,11 @@ | |||
3 | - markus@cvs.openbsd.org 2003/03/13 11:42:19 | 3 | - markus@cvs.openbsd.org 2003/03/13 11:42:19 |
4 | [authfile.c ssh-keysign.c] | 4 | [authfile.c ssh-keysign.c] |
5 | move RSA_blinding_on to generic key load method | 5 | move RSA_blinding_on to generic key load method |
6 | - markus@cvs.openbsd.org 2003/03/13 11:44:50 | ||
7 | [ssh-agent.c] | ||
8 | ssh-agent is similar to ssh-keysign (allows other processes to use | ||
9 | private rsa keys). however, it gets key over socket and not from | ||
10 | a file, so we have to do blinding here as well. | ||
6 | 11 | ||
7 | 20030310 | 12 | 20030310 |
8 | - (djm) OpenBSD CVS Sync | 13 | - (djm) OpenBSD CVS Sync |
@@ -1209,4 +1214,4 @@ | |||
1209 | save auth method before monitor_reset_key_state(); bugzilla bug #284; | 1214 | save auth method before monitor_reset_key_state(); bugzilla bug #284; |
1210 | ok provos@ | 1215 | ok provos@ |
1211 | 1216 | ||
1212 | $Id: ChangeLog,v 1.2628 2003/03/15 00:36:18 djm Exp $ | 1217 | $Id: ChangeLog,v 1.2629 2003/03/15 00:37:09 djm Exp $ |
diff --git a/ssh-agent.c b/ssh-agent.c index b18dd980c..eb593de73 100644 --- a/ssh-agent.c +++ b/ssh-agent.c | |||
@@ -35,7 +35,7 @@ | |||
35 | 35 | ||
36 | #include "includes.h" | 36 | #include "includes.h" |
37 | #include "openbsd-compat/sys-queue.h" | 37 | #include "openbsd-compat/sys-queue.h" |
38 | RCSID("$OpenBSD: ssh-agent.c,v 1.107 2003/01/23 13:50:27 markus Exp $"); | 38 | RCSID("$OpenBSD: ssh-agent.c,v 1.108 2003/03/13 11:44:50 markus Exp $"); |
39 | 39 | ||
40 | #include <openssl/evp.h> | 40 | #include <openssl/evp.h> |
41 | #include <openssl/md5.h> | 41 | #include <openssl/md5.h> |
@@ -483,6 +483,17 @@ process_add_identity(SocketEntry *e, int version) | |||
483 | } | 483 | } |
484 | break; | 484 | break; |
485 | } | 485 | } |
486 | /* enable blinding */ | ||
487 | switch (k->type) { | ||
488 | case KEY_RSA: | ||
489 | case KEY_RSA1: | ||
490 | if (RSA_blinding_on(k->rsa, NULL) != 1) { | ||
491 | error("process_add_identity: RSA_blinding_on failed"); | ||
492 | key_free(k); | ||
493 | goto send; | ||
494 | } | ||
495 | break; | ||
496 | } | ||
486 | comment = buffer_get_string(&e->request, NULL); | 497 | comment = buffer_get_string(&e->request, NULL); |
487 | if (k == NULL) { | 498 | if (k == NULL) { |
488 | xfree(comment); | 499 | xfree(comment); |