From 445e218878035b59c704c18406e8aeaff4c8aa25 Mon Sep 17 00:00:00 2001
From: "djm@openbsd.org" <djm@openbsd.org>
Date: Mon, 12 Sep 2016 23:39:34 +0000
Subject: upstream commit

handle certs in rsa_hash_alg_from_ident(), saving an
unnecessary special case elsewhere.

Upstream-ID: 901cb081c59d6d2698b57901c427f3f6dc7397d4
---
 ssh-rsa.c | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

(limited to 'ssh-rsa.c')

diff --git a/ssh-rsa.c b/ssh-rsa.c
index a6db2a06b..cde05df10 100644
--- a/ssh-rsa.c
+++ b/ssh-rsa.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh-rsa.c,v 1.59 2016/04/21 06:08:02 djm Exp $ */
+/* $OpenBSD: ssh-rsa.c,v 1.60 2016/09/12 23:39:34 djm Exp $ */
 /*
  * Copyright (c) 2000, 2003 Markus Friedl <markus@openbsd.org>
  *
@@ -53,7 +53,8 @@ rsa_hash_alg_ident(int hash_alg)
 static int
 rsa_hash_alg_from_ident(const char *ident)
 {
-	if (strcmp(ident, "ssh-rsa") == 0)
+	if (strcmp(ident, "ssh-rsa") == 0 ||
+	    strcmp(ident, "ssh-rsa-cert-v01@openssh.com") == 0)
 		return SSH_DIGEST_SHA1;
 	if (strcmp(ident, "rsa-sha2-256") == 0)
 		return SSH_DIGEST_SHA256;
@@ -93,8 +94,7 @@ ssh_rsa_sign(const struct sshkey *key, u_char **sigp, size_t *lenp,
 	if (sigp != NULL)
 		*sigp = NULL;
 
-	if (alg_ident == NULL || strlen(alg_ident) == 0 ||
-	    strncmp(alg_ident, "ssh-rsa-cert", strlen("ssh-rsa-cert")) == 0)
+	if (alg_ident == NULL || strlen(alg_ident) == 0)
 		hash_alg = SSH_DIGEST_SHA1;
 	else
 		hash_alg = rsa_hash_alg_from_ident(alg_ident);
-- 
cgit v1.2.3