Bugzilla – Attachment 2814 Details for
Bug 2568
ssh fails to authenticate using RSA keys when agent does not support sha256/512 signatures
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
fall back to olde-style signatures when agent fails to sign neue one
bz2568.diff (text/plain), 888 bytes, created by
Damien Miller
on 2016-05-12 08:57:54 AEST
(
hide
)
Description:
fall back to olde-style signatures when agent fails to sign neue one
Filename:
MIME Type:
Creator:
Damien Miller
Created:
2016-05-12 08:57:54 AEST
Size:
888 bytes
patch
obsolete
>diff --git a/sshconnect2.c b/sshconnect2.c >index 690e97a..dbaa6e6 100644 >--- a/sshconnect2.c >+++ b/sshconnect2.c >@@ -1021,9 +1021,20 @@ identity_sign(struct identity *id, u_char **sigp, size_t *lenp, > alg = identity_sign_encode(id); > > /* the agent supports this key */ >- if (id->agent_fd != -1) >+ if (id->agent_fd != -1) { >+ if ((ret = ssh_agent_sign(id->agent_fd, id->key, sigp, lenp, >+ data, datalen, alg, compat)) == 0) >+ return 0; >+ /* >+ * If the agent failed to sign with a new signature type, >+ * then it may be too old to support them. Fall back to >+ * using an older signature type. >+ */ >+ if (strcmp(alg, key_ssh_name(id->key)) == 0) >+ return ret; > return ssh_agent_sign(id->agent_fd, id->key, sigp, lenp, >- data, datalen, alg, compat); >+ data, datalen, key_ssh_name(id->key), compat); >+ } > > /* > * we have already loaded the private key or
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=2814">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 2568
: 2814