Bugzilla – Attachment 2903 Details for
Bug 2617
sign_and_send_pubkey: no separate private key for certificate
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
Load key files for matching cert names
loadkeys.patch (text/plain), 1.88 KB, created by
Adam Eijdenberg
on 2016-12-07 00:05:20 AEDT
(
hide
)
Description:
Load key files for matching cert names
Filename:
MIME Type:
Creator:
Adam Eijdenberg
Created:
2016-12-07 00:05:20 AEDT
Size:
1.88 KB
patch
obsolete
>diff --git a/readconf.c b/readconf.c >index fa3fab8..96cdc4b 100644 >--- a/readconf.c >+++ b/readconf.c >@@ -1958,7 +1958,9 @@ fill_default_options(Options * options) > options->protocol = SSH_PROTO_2; > if (options->add_keys_to_agent == -1) > options->add_keys_to_agent = 0; >- if (options->num_identity_files == 0) { >+ if (options->num_identity_files == 0 >+ && options->num_certificate_files == 0 /* a cert is equivalent to an identity */ >+ && options->identities_only != 1) { /* don't add implicit identity when explicit desired */ > if (options->protocol & SSH_PROTO_1) { > add_identity_file(options, "~/", > _PATH_SSH_CLIENT_IDENTITY, 0); >diff --git a/ssh.c b/ssh.c >index 8aa8daa..041a115 100644 >--- a/ssh.c >+++ b/ssh.c >@@ -2046,6 +2046,8 @@ load_public_identity_files(void) > Key *identity_keys[SSH_MAX_IDENTITY_FILES]; > char *certificate_files[SSH_MAX_CERTIFICATE_FILES]; > struct sshkey *certificates[SSH_MAX_CERTIFICATE_FILES]; >+ size_t filename_len; >+ struct stat sb; > #ifdef ENABLE_PKCS11 > Key **keys; > int nkeys; >@@ -2162,6 +2164,28 @@ load_public_identity_files(void) > certificate_files[n_certs] = filename; > certificates[n_certs] = public; > ++n_certs; >+ >+ /* >+ * If no keys have been explicitly listed then try >+ * to add the default private key variant too. >+ */ >+ if (options.num_identity_files != 0) >+ continue; >+ if (n_ids >= SSH_MAX_IDENTITY_FILES) >+ continue; >+ filename_len = strlen(filename); >+ if (filename_len > 9 && strncmp("-cert.pub", filename + (filename_len - 9), 9) == 0) { >+ xasprintf(&cp, "%.*s", (int)(filename_len - 9), filename); >+ if (stat(cp, &sb) == 0) { /* file exists */ >+ debug("identity file %s type %d", cp, -1); >+ identity_files[n_ids] = cp; >+ identity_keys[n_ids] = NULL; /* since it's a private key, we'll load lazily */ >+ n_ids++; >+ } else { >+ free(cp); >+ } >+ } >+ > } > > options.num_identity_files = n_ids;
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=2903">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 2617
:
2884
|
2886
|
2899
|
2901
|
2902
| 2903 |
2904
|
2905
|
2906
|
2909