- djm@cvs.openbsd.org 2010/05/11 02:58:04 [auth-rsa.c] don't accept certificates marked as "cert-authority" here; ok markus@

commit: 3b903827ebe16c97f705cb3b6ef6e9702d770087 [log] [tgz]
author: Damien Miller <djm@mindrot.org> Fri May 21 14:56:25 2010 +1000
committer: Damien Miller <djm@mindrot.org> Fri May 21 14:56:25 2010 +1000
tree: 4c10236ed3ef5c75eba44e4e0586ca3634ff88cf
parent: 3bcce80b544174b70dfd6e0a4e9f1488ca6fa69b [diff] [blame]
diff --git a/auth-rsa.c b/auth-rsa.c
index 326937a..ef6767b 100644
--- a/auth-rsa.c
+++ b/auth-rsa.c

@@ -1,4 +1,4 @@
-/* $OpenBSD: auth-rsa.c,v 1.75 2010/04/16 01:47:26 djm Exp $ */
+/* $OpenBSD: auth-rsa.c,v 1.76 2010/05/11 02:58:04 djm Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -256,7 +256,8 @@
 		 */
 		if (!auth_parse_options(pw, key_options, file, linenum))
 			continue;
-
+		if (key_is_cert_authority)
+			continue;
 		/* break out, this key is allowed */
 		allowed = 1;
 		break;
commit	3b903827ebe16c97f705cb3b6ef6e9702d770087	[log] [tgz]
author	Damien Miller <djm@mindrot.org>	Fri May 21 14:56:25 2010 +1000
committer	Damien Miller <djm@mindrot.org>	Fri May 21 14:56:25 2010 +1000
tree	4c10236ed3ef5c75eba44e4e0586ca3634ff88cf
parent	3bcce80b544174b70dfd6e0a4e9f1488ca6fa69b [diff] [blame]