[openssh-commits] [openssh] 01/03: upstream: Only add ssh-dss to allowed key types if it's supported

git+noreply at mindrot.org git+noreply at mindrot.org
Tue Jul 23 22:51:46 AEST 2019


This is an automated email from the git hooks/post-receive script.

dtucker pushed a commit to branch master
in repository openssh.

commit 7e66b7d98c6e3f48a1918c3e1940c9b11b10ec63
Author: dtucker at openbsd.org <dtucker at openbsd.org>
Date:   Tue Jul 23 07:39:43 2019 +0000

    upstream: Only add ssh-dss to allowed key types if it's supported
    
    by the binary.
    
    OpenBSD-Regress-ID: 395a54cab16e9e4ece9aec047ab257954eebd413
---
 regress/agent.sh | 9 +++++----
 1 file changed, 5 insertions(+), 4 deletions(-)

diff --git a/regress/agent.sh b/regress/agent.sh
index 788b0206..48fa12b0 100644
--- a/regress/agent.sh
+++ b/regress/agent.sh
@@ -1,4 +1,4 @@
-#	$OpenBSD: agent.sh,v 1.14 2019/01/28 00:12:36 dtucker Exp $
+#	$OpenBSD: agent.sh,v 1.15 2019/07/23 07:39:43 dtucker Exp $
 #	Placed in the Public Domain.
 
 tid="simple agent test"
@@ -27,9 +27,6 @@ ${SSHKEYGEN} -q -N '' -t ed25519 -f $OBJ/user_ca_key \
 trace "overwrite authorized keys"
 printf '' > $OBJ/authorized_keys_$USER
 
-echo "PubkeyAcceptedKeyTypes +ssh-dss" >> $OBJ/ssh_proxy
-echo "PubkeyAcceptedKeyTypes +ssh-dss" >> $OBJ/sshd_proxy
-
 for t in ${SSH_KEYTYPES}; do
 	# generate user key for agent
 	rm -f $OBJ/$t-agent $OBJ/$t-agent.pub*
@@ -75,6 +72,10 @@ fi
 
 for t in ${SSH_KEYTYPES}; do
 	trace "connect via agent using $t key"
+	if [ "$t" = "ssh-dss" ]; then
+		echo "PubkeyAcceptedKeyTypes +ssh-dss" >> $OBJ/ssh_proxy
+		echo "PubkeyAcceptedKeyTypes +ssh-dss" >> $OBJ/sshd_proxy
+	fi
 	${SSH} -F $OBJ/ssh_proxy -i $OBJ/$t-agent.pub -oIdentitiesOnly=yes \
 		somehost exit 52
 	r=$?

-- 
To stop receiving notification emails like this one, please contact
djm at mindrot.org.


More information about the openssh-commits mailing list