diff options
Diffstat (limited to 'ssh-add.c')
-rw-r--r-- | ssh-add.c | 10 |
1 files changed, 9 insertions, 1 deletions
@@ -138,7 +138,7 @@ static int | |||
138 | add_file(AuthenticationConnection *ac, const char *filename) | 138 | add_file(AuthenticationConnection *ac, const char *filename) |
139 | { | 139 | { |
140 | Key *private; | 140 | Key *private; |
141 | char *comment = NULL; | 141 | char *comment = NULL, *fp; |
142 | char msg[1024]; | 142 | char msg[1024]; |
143 | int fd, perms_ok, ret = -1; | 143 | int fd, perms_ok, ret = -1; |
144 | 144 | ||
@@ -183,6 +183,14 @@ add_file(AuthenticationConnection *ac, const char *filename) | |||
183 | "Bad passphrase, try again for %.200s: ", comment); | 183 | "Bad passphrase, try again for %.200s: ", comment); |
184 | } | 184 | } |
185 | } | 185 | } |
186 | if (blacklisted_key(private, &fp) == 1) { | ||
187 | fprintf(stderr, "Public key %s blacklisted (see " | ||
188 | "ssh-vulnkey(1)); refusing to add it\n", fp); | ||
189 | xfree(fp); | ||
190 | key_free(private); | ||
191 | xfree(comment); | ||
192 | return -1; | ||
193 | } | ||
186 | 194 | ||
187 | if (ssh_add_identity_constrained(ac, private, comment, lifetime, | 195 | if (ssh_add_identity_constrained(ac, private, comment, lifetime, |
188 | confirm)) { | 196 | confirm)) { |