[openssh-commits] [openssh] 01/01: upstream commit

git+noreply at mindrot.org git+noreply at mindrot.org
Fri Mar 3 17:14:43 AEDT 2017


This is an automated email from the git hooks/post-receive script.

djm pushed a commit to branch master
in repository openssh.

commit 12d3767ba4c84c32150cbe6ff6494498780f12c9
Author: djm at openbsd.org <djm at openbsd.org>
Date:   Fri Mar 3 06:13:11 2017 +0000

    upstream commit
    
    fix ssh-keygen -H accidentally corrupting known_hosts that
    contained already-hashed entries. HKF_MATCH_HOST_HASHED is only set by
    hostkeys_foreach() when hostname matching is in use, so we need to look for
    the hash marker explicitly.
    
    Upstream-ID: da82ad653b93e8a753580d3cf5cd448bc2520528
---
 ssh-keygen.c | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/ssh-keygen.c b/ssh-keygen.c
index 33d405a..2259b34 100644
--- a/ssh-keygen.c
+++ b/ssh-keygen.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh-keygen.c,v 1.295 2017/02/17 02:32:05 dtucker Exp $ */
+/* $OpenBSD: ssh-keygen.c,v 1.296 2017/03/03 06:13:11 djm Exp $ */
 /*
  * Author: Tatu Ylonen <ylo at cs.hut.fi>
  * Copyright (c) 1994 Tatu Ylonen <ylo at cs.hut.fi>, Espoo, Finland
@@ -1084,6 +1084,7 @@ known_hosts_hash(struct hostkey_foreach_line *l, void *_ctx)
 	struct known_hosts_ctx *ctx = (struct known_hosts_ctx *)_ctx;
 	char *hashed, *cp, *hosts, *ohosts;
 	int has_wild = l->hosts && strcspn(l->hosts, "*?!") != strlen(l->hosts);
+	int was_hashed = l->hosts[0] == HASH_DELIM;
 
 	switch (l->status) {
 	case HKF_STATUS_OK:
@@ -1092,8 +1093,7 @@ known_hosts_hash(struct hostkey_foreach_line *l, void *_ctx)
 		 * Don't hash hosts already already hashed, with wildcard
 		 * characters or a CA/revocation marker.
 		 */
-		if ((l->match & HKF_MATCH_HOST_HASHED) != 0 ||
-		    has_wild || l->marker != MRK_NONE) {
+		if (was_hashed || has_wild || l->marker != MRK_NONE) {
 			fprintf(ctx->out, "%s\n", l->line);
 			if (has_wild && !find_host) {
 				logit("%s:%ld: ignoring host name "

-- 
To stop receiving notification emails like this one, please contact
djm at mindrot.org.


More information about the openssh-commits mailing list