- dtucker@cvs.openbsd.org 2004/12/06 11:41:03
[auth-rsa.c auth2-pubkey.c authfile.c misc.c misc.h ssh.h sshd.8]
Discard over-length authorized_keys entries rather than complaining when
they don't decode. bz #884, with & ok djm@
diff --git a/ssh.h b/ssh.h
index a3b2ebb..0759241 100644
--- a/ssh.h
+++ b/ssh.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh.h,v 1.75 2003/12/02 17:01:15 markus Exp $ */
+/* $OpenBSD: ssh.h,v 1.76 2004/12/06 11:41:03 dtucker Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
@@ -40,6 +40,13 @@
#define SSH_MAX_IDENTITY_FILES 100
/*
+ * Maximum length of lines in authorized_keys file.
+ * Current value permits 16kbit RSA and RSA1 keys and 8kbit DSA keys, with
+ * some room for options and comments.
+ */
+#define SSH_MAX_PUBKEY_BYTES 8192
+
+/*
* Major protocol version. Different version indicates major incompatibility
* that prevents communication.
*