[openssh-commits] [openssh] 13/19: upstream commit

git+noreply at mindrot.org git+noreply at mindrot.org
Mon May 8 10:23:41 AEST 2017 

This is an automated email from the git hooks/post-receive script.

djm pushed a commit to branch master
in repository openssh.

commit 744bde79c3361e2153cb395a2ecdcee6c713585d
Author: djm at openbsd.org <djm at openbsd.org>
Date:   Thu May 4 06:10:57 2017 +0000

    upstream commit
    
    since a couple of people have asked, leave a comment
    explaining why we retain SSH v.1 support in the "delete all keys from agent"
    path.
    
    Upstream-ID: 4b42dcfa339813c15fe9248a2c1b7ed41c21bbb4
---
 authfd.c  | 6 +++++-
 ssh-add.c | 7 ++++++-
 2 files changed, 11 insertions(+), 2 deletions(-)

diff --git a/authfd.c b/authfd.c
index 915a6da4..ea664a16 100644
--- a/authfd.c
+++ b/authfd.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: authfd.c,v 1.101 2017/04/30 23:10:43 djm Exp $ */
+/* $OpenBSD: authfd.c,v 1.102 2017/05/04 06:10:57 djm Exp $ */
 /*
  * Author: Tatu Ylonen <ylo at cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo at cs.hut.fi>, Espoo, Finland
@@ -575,6 +575,10 @@ ssh_update_card(int sock, int add, const char *reader_id, const char *pin,
 /*
  * Removes all identities from the agent.
  * This call is intended only for use by ssh-add(1) and like applications.
+ *
+ * This supports the SSH protocol 1 message to because, when clearing all
+ * keys from an agent, we generally want to clear both protocol v1 and v2
+ * keys.
  */
 int
 ssh_remove_all_identities(int sock, int version)
diff --git a/ssh-add.c b/ssh-add.c
index 37ce56df..5f62420f 100644
--- a/ssh-add.c
+++ b/ssh-add.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh-add.c,v 1.129 2017/04/30 23:10:43 djm Exp $ */
+/* $OpenBSD: ssh-add.c,v 1.130 2017/05/04 06:10:57 djm Exp $ */
 /*
  * Author: Tatu Ylonen <ylo at cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo at cs.hut.fi>, Espoo, Finland
@@ -161,6 +161,11 @@ delete_all(int agent_fd)
 {
 	int ret = -1;
 
+	/*
+	 * Since the agent might be forwarded, old or non-OpenSSH, when asked
+	 * to remove all keys, attempt to remove both protocol v.1 and v.2
+	 * keys.
+	 */
 	if (ssh_remove_all_identities(agent_fd, 2) == 0)
 		ret = 0;
 	/* ignore error-code for ssh1 */

-- 
To stop receiving notification emails like this one, please contact
djm at mindrot.org.

More information about the openssh-commits mailing list