diff options
Diffstat (limited to 'ssh-add.c')
| -rw-r--r-- | ssh-add.c | 10 |
1 files changed, 9 insertions, 1 deletions
| @@ -142,7 +142,7 @@ static int | |||
| 142 | add_file(AuthenticationConnection *ac, const char *filename, int key_only) | 142 | add_file(AuthenticationConnection *ac, const char *filename, int key_only) |
| 143 | { | 143 | { |
| 144 | Key *private, *cert; | 144 | Key *private, *cert; |
| 145 | char *comment = NULL; | 145 | char *comment = NULL, *fp; |
| 146 | char msg[1024], *certpath = NULL; | 146 | char msg[1024], *certpath = NULL; |
| 147 | int fd, perms_ok, ret = -1; | 147 | int fd, perms_ok, ret = -1; |
| 148 | Buffer keyblob; | 148 | Buffer keyblob; |
| @@ -218,6 +218,14 @@ add_file(AuthenticationConnection *ac, const char *filename, int key_only) | |||
| 218 | } else { | 218 | } else { |
| 219 | fprintf(stderr, "Could not add identity: %s\n", filename); | 219 | fprintf(stderr, "Could not add identity: %s\n", filename); |
| 220 | } | 220 | } |
| 221 | if (blacklisted_key(private, &fp) == 1) { | ||
| 222 | fprintf(stderr, "Public key %s blacklisted (see " | ||
| 223 | "ssh-vulnkey(1)); refusing to add it\n", fp); | ||
| 224 | xfree(fp); | ||
| 225 | key_free(private); | ||
| 226 | xfree(comment); | ||
| 227 | return -1; | ||
| 228 | } | ||
| 221 | 229 | ||
| 222 | /* Skip trying to load the cert if requested */ | 230 | /* Skip trying to load the cert if requested */ |
| 223 | if (key_only) | 231 | if (key_only) |