- djm@cvs.openbsd.org 2009/08/27 17:44:52

[authfd.c ssh-add.c authfd.h] Do not fall back to adding keys without contraints (ssh-add -c / -t ...) when the agent refuses the constrained add request. This was a useful migration measure back in 2002 when constraints were new, but just adds risk now. bz #1612, report and patch from dkg AT fifthhorseman.net; ok markus@
author: Darren Tucker <dtucker@zip.com.au> 2009-10-07 08:47:02 +1100
committer: Darren Tucker <dtucker@zip.com.au> 2009-10-07 08:47:02 +1100
commit: 893d73549d7cfa277434bf0113688a5a14055408 (patch)
tree: 7cc83baeb70199c132f8f239be7acfcf694d0384 /ssh-add.c
parent: 6b286a46821fa230258f1da82d0e013cfe3bf685 (diff)
download: openssh-git-893d73549d7cfa277434bf0113688a5a14055408.tar.gz
1 files changed, 1 insertions, 4 deletions
diff --git a/ssh-add.c b/ssh-add.c
index 7a43282f..084478d7 100644
--- a/ssh-add.c
+++ b/ssh-add.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh-add.c,v 1.90 2007/09/09 11:38:01 sobrado Exp $ */
+/* $OpenBSD: ssh-add.c,v 1.91 2009/08/27 17:44:52 djm Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -195,9 +195,6 @@ add_file(AuthenticationConnection *ac, const char *filename)
 		if (confirm != 0)
 			fprintf(stderr,
 			    "The user has to confirm each use of the key\n");
-	} else if (ssh_add_identity(ac, private, comment)) {
-		fprintf(stderr, "Identity added: %s (%s)\n", filename, comment);
-		ret = 0;
 	} else {
 		fprintf(stderr, "Could not add identity: %s\n", filename);
 	}
author	Darren Tucker <dtucker@zip.com.au>	2009-10-07 08:47:02 +1100
committer	Darren Tucker <dtucker@zip.com.au>	2009-10-07 08:47:02 +1100
commit	893d73549d7cfa277434bf0113688a5a14055408 (patch)
tree	7cc83baeb70199c132f8f239be7acfcf694d0384 /ssh-add.c
parent	6b286a46821fa230258f1da82d0e013cfe3bf685 (diff)
download	openssh-git-893d73549d7cfa277434bf0113688a5a14055408.tar.gz