From 56ea360619c4bbe1b604add62d3cbf472392617f Mon Sep 17 00:00:00 2001
From: Colin Watson <cjwatson@debian.org>
Date: Wed, 31 Mar 2010 10:49:51 +0100
Subject: ssh-vulnkey.patch: update another call to auth_key_is_revoked

---
 auth2-pubkey.c                   | 3 ++-
 debian/patches/ssh-vulnkey.patch | 8 ++++++--
 2 files changed, 8 insertions(+), 3 deletions(-)

diff --git a/auth2-pubkey.c b/auth2-pubkey.c
index ae0638825..b6ed62857 100644
--- a/auth2-pubkey.c
+++ b/auth2-pubkey.c
@@ -327,7 +327,8 @@ user_key_allowed(struct passwd *pw, Key *key)
 
 	if (auth_key_is_revoked(key, 0))
 		return 0;
-	if (key_is_cert(key) && auth_key_is_revoked(key->cert->signature_key))
+	if (key_is_cert(key) &&
+	    auth_key_is_revoked(key->cert->signature_key, 0))
 		return 0;
 
 	success = user_cert_trusted_ca(pw, key);
diff --git a/debian/patches/ssh-vulnkey.patch b/debian/patches/ssh-vulnkey.patch
index c2842a4cf..73a30186b 100644
--- a/debian/patches/ssh-vulnkey.patch
+++ b/debian/patches/ssh-vulnkey.patch
@@ -198,15 +198,19 @@ Index: b/auth2-pubkey.c
 ===================================================================
 --- a/auth2-pubkey.c
 +++ b/auth2-pubkey.c
-@@ -325,7 +325,7 @@
+@@ -325,9 +325,10 @@
  	int success;
  	char *file;
  
 -	if (auth_key_is_revoked(key))
 +	if (auth_key_is_revoked(key, 0))
  		return 0;
- 	if (key_is_cert(key) && auth_key_is_revoked(key->cert->signature_key))
+-	if (key_is_cert(key) && auth_key_is_revoked(key->cert->signature_key))
++	if (key_is_cert(key) &&
++	    auth_key_is_revoked(key->cert->signature_key, 0))
  		return 0;
+ 
+ 	success = user_cert_trusted_ca(pw, key);
 Index: b/authfile.c
 ===================================================================
 --- a/authfile.c
-- 
cgit v1.2.3