[openssh-commits] [openssh] 03/05: upstream: ssh-agent: attempt FIDO key signing without PIN and use

[git+noreply at mindrot.org]

This is an automated email from the git hooks/post-receive script.

djm pushed a commit to branch master
in repository openssh.

commit 4b5f91cb959358141181b934156513fcb8a6c1e3
Author: djm at openbsd.org <djm at openbsd.org>
Date:   Wed Sep 14 00:02:03 2022 +0000

    upstream: ssh-agent: attempt FIDO key signing without PIN and use
    
    the error to determine whether a PIN is required and prompt only if
    necessary. from Corinna Vinschen
    
    OpenBSD-Commit-ID: dd6be6a0b7148608e834ee737c3479b3270b00dd
---
 ssh-agent.c | 13 ++-----------
 1 file changed, 2 insertions(+), 11 deletions(-)

diff --git a/ssh-agent.c b/ssh-agent.c
index e8fb7a4f..ddda4d77 100644
--- a/ssh-agent.c
+++ b/ssh-agent.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh-agent.c,v 1.289 2022/09/09 03:31:42 djm Exp $ */
+/* $OpenBSD: ssh-agent.c,v 1.290 2022/09/14 00:02:03 djm Exp $ */
 /*
  * Author: Tatu Ylonen <ylo at cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo at cs.hut.fi>, Espoo, Finland
@@ -813,16 +813,7 @@ process_sign_request2(SocketEntry *e)
 			/* error already logged */
 			goto send;
 		}
-		if ((id->key->sk_flags & SSH_SK_USER_VERIFICATION_REQD)) {
-			/* XXX include sig_dest */
-			xasprintf(&prompt, "Enter PIN%sfor %s key %s: ",
-			    (id->key->sk_flags & SSH_SK_USER_PRESENCE_REQD) ?
-			    " and confirm user presence " : " ",
-			    sshkey_type(id->key), fp);
-			pin = read_passphrase(prompt, RP_USE_ASKPASS);
-			free(prompt);
-			prompt = NULL;
-		} else if ((id->key->sk_flags & SSH_SK_USER_PRESENCE_REQD)) {
+		if (id->key->sk_flags & SSH_SK_USER_PRESENCE_REQD) {
 			notifier = notify_start(0,
 			    "Confirm user presence for key %s %s%s%s",
 			    sshkey_type(id->key), fp,

-- 
To stop receiving notification emails like this one, please contact
djm at mindrot.org.