Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / external / openssh / 9f9fad0191028edc43d100d0ded39419b6895fdf
commit9f9fad0191028edc43d100d0ded39419b6895fdf[log] [tgz]
authordjm@openbsd.org <djm@openbsd.org>Mon Nov 17 00:21:40 2014 +0000
committerDamien Miller <djm@mindrot.org>Mon Nov 17 11:20:39 2014 +1100
tree83a1dabec592abd8220ff622857d5e50d15e4c75
parentda8af83d3f7ec00099963e455010e0ed1d7d0140 [diff]
upstream commit

fix KRL generation when multiple CAs are in use

We would generate an invalid KRL when revoking certs by serial
number for multiple CA keys due to a section being written out
twice.

Also extend the regress test to catch this case by having it
produce a multi-CA KRL.

Reported by peter AT pean.org
1 file changed
tree: 83a1dabec592abd8220ff622857d5e50d15e4c75
  1. contrib/
  2. openbsd-compat/
  3. regress/
  4. scard/
  5. .cvsignore
  6. aclocal.m4
  7. addrmatch.c
  8. atomicio.c
  9. atomicio.h
  10. audit-bsm.c
  11. audit-linux.c
  12. audit.c
  13. audit.h
  14. auth-bsdauth.c
  15. auth-chall.c
  16. auth-krb5.c
  17. auth-options.c
  18. auth-options.h
  19. auth-pam.c
  20. auth-pam.h
  21. auth-passwd.c
  22. auth-rh-rsa.c
  23. auth-rhosts.c
  24. auth-rsa.c
  25. auth-shadow.c
  26. auth-sia.c
  27. auth-sia.h
  28. auth-skey.c
  29. auth.c
  30. auth.h
  31. auth1.c
  32. auth2-chall.c
  33. auth2-gss.c
  34. auth2-hostbased.c
  35. auth2-kbdint.c
  36. auth2-none.c
  37. auth2-passwd.c
  38. auth2-pubkey.c
  39. auth2.c
  40. authfd.c
  41. authfd.h
  42. authfile.c
  43. authfile.h
  44. blocks.c
  45. bufaux.c
  46. bufbn.c
  47. bufec.c
  48. buffer.c
  49. buffer.h
  50. buildpkg.sh.in
  51. canohost.c
  52. canohost.h
  53. chacha.c
  54. chacha.h
  55. channels.c
  56. channels.h
  57. cipher-3des1.c
  58. cipher-aes.c
  59. cipher-aesctr.c
  60. cipher-aesctr.h
  61. cipher-bf1.c
  62. cipher-chachapoly.c
  63. cipher-chachapoly.h
  64. cipher-ctr.c
  65. cipher.c
  66. cipher.h
  67. cleanup.c
  68. clientloop.c
  69. clientloop.h
  70. compat.c
  71. compat.h
  72. compress.c
  73. compress.h
  74. config.guess
  75. config.sub
  76. configure.ac
  77. crc32.c
  78. crc32.h
  79. CREDITS
  80. crypto_api.h
  81. deattack.c
  82. deattack.h
  83. defines.h
  84. dh.c
  85. dh.h
  86. digest-libc.c
  87. digest-openssl.c
  88. digest.h
  89. dispatch.c
  90. dispatch.h
  91. dns.c
  92. dns.h
  93. ed25519.c
  94. entropy.c
  95. entropy.h
  96. fatal.c
  97. fe25519.c
  98. fe25519.h
  99. fixalgorithms
  100. fixpaths
  101. fixprogs
  102. ge25519.c
  103. ge25519.h
  104. ge25519_base.data
  105. groupaccess.c
  106. groupaccess.h
  107. gss-genr.c
  108. gss-serv-krb5.c
  109. gss-serv.c
  110. hash.c
  111. hmac.c
  112. hmac.h
  113. hostfile.c
  114. hostfile.h
  115. includes.h
  116. INSTALL
  117. install-sh
  118. kex.c
  119. kex.h
  120. kexc25519.c
  121. kexc25519c.c
  122. kexc25519s.c
  123. kexdh.c
  124. kexdhc.c
  125. kexdhs.c
  126. kexecdh.c
  127. kexecdhc.c
  128. kexecdhs.c
  129. kexgex.c
  130. kexgexc.c
  131. kexgexs.c
  132. key.c
  133. key.h
  134. krl.c
  135. krl.h
  136. LICENCE
  137. log.c
  138. log.h
  139. loginrec.c
  140. loginrec.h
  141. logintest.c
  142. mac.c
  143. mac.h
  144. Makefile.in
  145. match.c
  146. match.h
  147. md-sha256.c
  148. md5crypt.c
  149. md5crypt.h
  150. mdoc2man.awk
  151. misc.c
  152. misc.h
  153. mkinstalldirs
  154. moduli
  155. moduli.5
  156. moduli.c
  157. monitor.c
  158. monitor.h
  159. monitor_fdpass.c
  160. monitor_fdpass.h
  161. monitor_mm.c
  162. monitor_mm.h
  163. monitor_wrap.c
  164. monitor_wrap.h
  165. msg.c
  166. msg.h
  167. mux.c
  168. myproposal.h
  169. nchan.c
  170. nchan.ms
  171. nchan2.ms
  172. openssh.xml.in
  173. opensshd.init.in
  174. OVERVIEW
  175. packet.c
  176. packet.h
  177. pathnames.h
  178. pkcs11.h
  179. platform.c
  180. platform.h
  181. poly1305.c
  182. poly1305.h
  183. progressmeter.c
  184. progressmeter.h
  185. PROTOCOL
  186. PROTOCOL.agent
  187. PROTOCOL.certkeys
  188. PROTOCOL.chacha20poly1305
  189. PROTOCOL.key
  190. PROTOCOL.krl
  191. PROTOCOL.mux
  192. readconf.c
  193. readconf.h
  194. README
  195. README.dns
  196. README.platform
  197. README.privsep
  198. README.tun
  199. readpass.c
  200. rijndael.c
  201. rijndael.h
  202. roaming.h
  203. roaming_client.c
  204. roaming_common.c
  205. roaming_dummy.c
  206. roaming_serv.c
  207. rsa.c
  208. rsa.h
  209. sandbox-capsicum.c
  210. sandbox-darwin.c
  211. sandbox-null.c
  212. sandbox-rlimit.c
  213. sandbox-seccomp-filter.c
  214. sandbox-systrace.c
  215. sc25519.c
  216. sc25519.h
  217. scp.1
  218. scp.c
  219. servconf.c
  220. servconf.h
  221. serverloop.c
  222. serverloop.h
  223. session.c
  224. session.h
  225. sftp-client.c
  226. sftp-client.h
  227. sftp-common.c
  228. sftp-common.h
  229. sftp-glob.c
  230. sftp-server-main.c
  231. sftp-server.8
  232. sftp-server.c
  233. sftp.1
  234. sftp.c
  235. sftp.h
  236. smult_curve25519_ref.c
  237. ssh-add.1
  238. ssh-add.c
  239. ssh-agent.1
  240. ssh-agent.c
  241. ssh-dss.c
  242. ssh-ecdsa.c
  243. ssh-ed25519.c
  244. ssh-gss.h
  245. ssh-keygen.1
  246. ssh-keygen.c
  247. ssh-keyscan.1
  248. ssh-keyscan.c
  249. ssh-keysign.8
  250. ssh-keysign.c
  251. ssh-pkcs11-client.c
  252. ssh-pkcs11-helper.8
  253. ssh-pkcs11-helper.c
  254. ssh-pkcs11.c
  255. ssh-pkcs11.h
  256. ssh-rsa.c
  257. ssh-sandbox.h
  258. ssh.1
  259. ssh.c
  260. ssh.h
  261. ssh1.h
  262. ssh2.h
  263. ssh_config
  264. ssh_config.5
  265. sshbuf-getput-basic.c
  266. sshbuf-getput-crypto.c
  267. sshbuf-misc.c
  268. sshbuf.c
  269. sshbuf.h
  270. sshconnect.c
  271. sshconnect.h
  272. sshconnect1.c
  273. sshconnect2.c
  274. sshd.8
  275. sshd.c
  276. sshd_config
  277. sshd_config.5
  278. ssherr.c
  279. ssherr.h
  280. sshkey.c
  281. sshkey.h
  282. sshlogin.c
  283. sshlogin.h
  284. sshpty.c
  285. sshpty.h
  286. sshtty.c
  287. survey.sh.in
  288. TODO
  289. ttymodes.c
  290. ttymodes.h
  291. uidswap.c
  292. uidswap.h
  293. umac.c
  294. umac.h
  295. uuencode.c
  296. uuencode.h
  297. verify.c
  298. version.h
  299. xmalloc.c
  300. xmalloc.h