Attachment 3389 Details for Bug 3157 – Consider CA keys when automatically determining host key order

[patch] Consider CA keys when automatically determining host key order

bz3157.diff (text/plain), 1.34 KB, created by Damien Miller on 2020-05-04 11:13:57 AEST

(hide)

Description:

Filename:

MIME Type:

Creator: Damien Miller

Created: 2020-05-04 11:13:57 AEST

Size: 1.34 KB

patch

obsolete

>diff --git a/hostfile.c b/hostfile.c
>index c661b88..d423702 100644
>--- a/hostfile.c
>+++ b/hostfile.c
>@@ -339,7 +339,8 @@ check_hostkeys_by_key_or_type(struct hostkeys *hostkeys,
> {
> 	u_int i;
> 	HostStatus end_return = HOST_NEW;
>-	int want_cert = sshkey_is_cert(k);
>+	int want_cert = (k == NULL) ?
>+		sshkey_type_is_cert(keytype) : sshkey_is_cert(k);
> 	HostkeyMarker want_marker = want_cert ? MRK_CA : MRK_NONE;
> 
> 	if (found != NULL)
>@@ -349,7 +350,8 @@ check_hostkeys_by_key_or_type(struct hostkeys *hostkeys,
> 		if (hostkeys->entries[i].marker != want_marker)
> 			continue;
> 		if (k == NULL) {
>-			if (hostkeys->entries[i].key->type != keytype)
>+			if (hostkeys->entries[i].key->type !=
>+			    sshkey_type_plain(keytype))
> 				continue;
> 			end_return = HOST_FOUND;
> 			if (found != NULL)
>diff --git a/sshconnect2.c b/sshconnect2.c
>index ad45598..5fc5937 100644
>--- a/sshconnect2.c
>+++ b/sshconnect2.c
>@@ -130,8 +130,7 @@ order_hostkeyalgs(char *host, struct sockaddr *hostaddr, u_short port)
> 	while ((alg = strsep(&avail, ",")) && *alg != '\0') {
> 		if ((ktype = sshkey_type_from_name(alg)) == KEY_UNSPEC)
> 			fatal("%s: unknown alg %s", __func__, alg);
>-		if (lookup_key_in_hostkeys_by_type(hostkeys,
>-		    sshkey_type_plain(ktype), NULL))
>+		if (lookup_key_in_hostkeys_by_type(hostkeys, ktype, NULL))
> 			ALG_APPEND(first, alg);
> 		else
> 			ALG_APPEND(last, alg);

Actions: View | Diff

Attachments on bug 3157: 3389 | 3390