From 603e68f1a29c954f0c08a08b3f429956008ac244 Mon Sep 17 00:00:00 2001
From: Damien Miller <djm@mindrot.org>
Date: Sun, 23 Apr 2006 12:05:32 +1000
Subject:    - dtucker@cvs.openbsd.org 2006/04/02 08:34:52      [ssh-keysign.c]
      sessionid can be 32 bytes now too when sha256 kex is used; ok djm@

---
 ssh-keysign.c | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

(limited to 'ssh-keysign.c')

diff --git a/ssh-keysign.c b/ssh-keysign.c
index 1f78c7a05..017af5307 100644
--- a/ssh-keysign.c
+++ b/ssh-keysign.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh-keysign.c,v 1.22 2006/03/25 13:17:02 djm Exp $ */
+/* $OpenBSD: ssh-keysign.c,v 1.23 2006/04/02 08:34:52 dtucker Exp $ */
 /*
  * Copyright (c) 2002 Markus Friedl.  All rights reserved.
  *
@@ -68,9 +68,9 @@ valid_request(struct passwd *pw, char *host, Key **ret, u_char *data,
 	buffer_init(&b);
 	buffer_append(&b, data, datalen);
 
-	/* session id, currently limited to SHA1 (20 bytes) */
+	/* session id, currently limited to SHA1 (20 bytes) or SHA256 (32) */
 	p = buffer_get_string(&b, &len);
-	if (len != 20)
+	if (len != 20 && len != 32)
 		fail++;
 	xfree(p);
 
-- 
cgit v1.2.3