[openssh-commits] [openssh] 02/02: upstream commit

git+noreply at mindrot.org git+noreply at mindrot.org
Wed Mar 15 13:34:27 AEDT 2017


This is an automated email from the git hooks/post-receive script.

djm pushed a commit to branch master
in repository openssh.

commit 25f837646be8c2017c914d34be71ca435dfc0e07
Author: djm at openbsd.org <djm at openbsd.org>
Date:   Wed Mar 15 02:25:09 2017 +0000

    upstream commit
    
    fix regression in 7.4: deletion of PKCS#11-hosted keys
    would fail unless they were specified by full physical pathname. Report and
    fix from Jakub Jelen via bz#2682; ok dtucker@
    
    Upstream-ID: 5b5bc20ca11cacb5d5eb29c3f93fd18425552268
---
 ssh-agent.c | 15 +++++++++++----
 1 file changed, 11 insertions(+), 4 deletions(-)

diff --git a/ssh-agent.c b/ssh-agent.c
index 1320cda..72d538e 100644
--- a/ssh-agent.c
+++ b/ssh-agent.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh-agent.c,v 1.216 2017/01/04 02:21:43 djm Exp $ */
+/* $OpenBSD: ssh-agent.c,v 1.217 2017/03/15 02:25:09 djm Exp $ */
 /*
  * Author: Tatu Ylonen <ylo at cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo at cs.hut.fi>, Espoo, Finland
@@ -821,7 +821,7 @@ send:
 static void
 process_remove_smartcard_key(SocketEntry *e)
 {
-	char *provider = NULL, *pin = NULL;
+	char *provider = NULL, *pin = NULL, canonical_provider[PATH_MAX];
 	int r, version, success = 0;
 	Identity *id, *nxt;
 	Idtab *tab;
@@ -831,6 +831,13 @@ process_remove_smartcard_key(SocketEntry *e)
 		fatal("%s: buffer error: %s", __func__, ssh_err(r));
 	free(pin);
 
+	if (realpath(provider, canonical_provider) == NULL) {
+		verbose("failed PKCS#11 add of \"%.100s\": realpath: %s",
+		    provider, strerror(errno));
+		goto send;
+	}
+
+	debug("%s: remove %.100s", __func__, canonical_provider);
 	for (version = 1; version < 3; version++) {
 		tab = idtab_lookup(version);
 		for (id = TAILQ_FIRST(&tab->idlist); id; id = nxt) {
@@ -838,14 +845,14 @@ process_remove_smartcard_key(SocketEntry *e)
 			/* Skip file--based keys */
 			if (id->provider == NULL)
 				continue;
-			if (!strcmp(provider, id->provider)) {
+			if (!strcmp(canonical_provider, id->provider)) {
 				TAILQ_REMOVE(&tab->idlist, id, next);
 				free_identity(id);
 				tab->nentries--;
 			}
 		}
 	}
-	if (pkcs11_del_provider(provider) == 0)
+	if (pkcs11_del_provider(canonical_provider) == 0)
 		success = 1;
 	else
 		error("process_remove_smartcard_key:"

-- 
To stop receiving notification emails like this one, please contact
djm at mindrot.org.


More information about the openssh-commits mailing list