diff options
Diffstat (limited to 'ssh-add.c')
| -rw-r--r-- | ssh-add.c | 10 |
1 files changed, 9 insertions, 1 deletions
| @@ -142,7 +142,7 @@ static int | |||
| 142 | add_file(AuthenticationConnection *ac, const char *filename) | 142 | add_file(AuthenticationConnection *ac, const char *filename) |
| 143 | { | 143 | { |
| 144 | Key *private, *cert; | 144 | Key *private, *cert; |
| 145 | char *comment = NULL; | 145 | char *comment = NULL, *fp; |
| 146 | char msg[1024], *certpath; | 146 | char msg[1024], *certpath; |
| 147 | int fd, perms_ok, ret = -1; | 147 | int fd, perms_ok, ret = -1; |
| 148 | 148 | ||
| @@ -187,6 +187,14 @@ add_file(AuthenticationConnection *ac, const char *filename) | |||
| 187 | "Bad passphrase, try again for %.200s: ", comment); | 187 | "Bad passphrase, try again for %.200s: ", comment); |
| 188 | } | 188 | } |
| 189 | } | 189 | } |
| 190 | if (blacklisted_key(private, &fp) == 1) { | ||
| 191 | fprintf(stderr, "Public key %s blacklisted (see " | ||
| 192 | "ssh-vulnkey(1)); refusing to add it\n", fp); | ||
| 193 | xfree(fp); | ||
| 194 | key_free(private); | ||
| 195 | xfree(comment); | ||
| 196 | return -1; | ||
| 197 | } | ||
| 190 | 198 | ||
| 191 | if (ssh_add_identity_constrained(ac, private, comment, lifetime, | 199 | if (ssh_add_identity_constrained(ac, private, comment, lifetime, |
| 192 | confirm)) { | 200 | confirm)) { |