[openssh-commits] [openssh] 13/13: upstream: allow hostbased auth to select RSA keys when only
git+noreply at mindrot.org
git+noreply at mindrot.org
Fri Jan 7 09:22:00 AEDT 2022
This is an automated email from the git hooks/post-receive script.
djm pushed a commit to branch master
in repository openssh.
commit d9dbb5d9a0326e252d3c7bc13beb9c2434f59409
Author: djm at openbsd.org <djm at openbsd.org>
Date: Thu Jan 6 22:06:51 2022 +0000
upstream: allow hostbased auth to select RSA keys when only
RSA/SHA2 are configured (this is the default case); ok markus@
OpenBSD-Commit-ID: 411c18c7bde40c60cc6dfb7017968577b4d4a827
---
sshconnect2.c | 9 +++++----
1 file changed, 5 insertions(+), 4 deletions(-)
diff --git a/sshconnect2.c b/sshconnect2.c
index 622ba4c6..6b884831 100644
--- a/sshconnect2.c
+++ b/sshconnect2.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: sshconnect2.c,v 1.354 2021/12/19 22:14:47 djm Exp $ */
+/* $OpenBSD: sshconnect2.c,v 1.355 2022/01/06 22:06:51 djm Exp $ */
/*
* Copyright (c) 2000 Markus Friedl. All rights reserved.
* Copyright (c) 2008 Damien Miller. All rights reserved.
@@ -2169,9 +2169,9 @@ userauth_hostbased(struct ssh *ssh)
if (authctxt->sensitive->keys[i] == NULL ||
authctxt->sensitive->keys[i]->type == KEY_UNSPEC)
continue;
- if (match_pattern_list(
+ if (!sshkey_match_keyname_to_sigalgs(
sshkey_ssh_name(authctxt->sensitive->keys[i]),
- authctxt->active_ktype, 0) != 1)
+ authctxt->active_ktype))
continue;
/* we take and free the key */
private = authctxt->sensitive->keys[i];
@@ -2197,7 +2197,8 @@ userauth_hostbased(struct ssh *ssh)
error_f("sshkey_fingerprint failed");
goto out;
}
- debug_f("trying hostkey %s %s", sshkey_ssh_name(private), fp);
+ debug_f("trying hostkey %s %s using sigalg %s",
+ sshkey_ssh_name(private), fp, authctxt->active_ktype);
/* figure out a name for the client host */
lname = get_local_name(ssh_packet_get_connection_in(ssh));
--
To stop receiving notification emails like this one, please contact
djm at mindrot.org.
More information about the openssh-commits
mailing list