upstream: process agent requests for RSA certificate private keys using

correct signature algorithm when requested. Patch from Jakub Jelen in bz3016 ok dtucker markus OpenBSD-Commit-ID: 61f86efbeb4a1857a3e91298c1ccc6cf49b79624
author: djm@openbsd.org <djm@openbsd.org> 2019-06-14 05:51:47 +0200
committer: Damien Miller <djm@mindrot.org> 2019-06-14 05:52:48 +0200
commit: 2317ce4b0ed7d8c4b0c684e2d47bff5006bd1178 (patch)
tree: cc9841e512ea064e5f66e241af72fba613014d67 /ssh-agent.c
parent: upstream: for public key authentication, check AuthorizedKeysFiles (diff)
download: openssh-2317ce4b0ed7d8c4b0c684e2d47bff5006bd1178.tar.xz
openssh-2317ce4b0ed7d8c4b0c684e2d47bff5006bd1178.zip
1 files changed, 6 insertions, 1 deletions
diff --git a/ssh-agent.c b/ssh-agent.c
index 034f31387..4669b679c 100644
--- a/ssh-agent.c
+++ b/ssh-agent.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh-agent.c,v 1.234 2019/06/06 05:13:13 otto Exp $ */
+/* $OpenBSD: ssh-agent.c,v 1.235 2019/06/14 03:51:47 djm Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -269,6 +269,11 @@ agent_decode_alg(struct sshkey *key, u_int flags)
 			return "rsa-sha2-256";
 		else if (flags & SSH_AGENT_RSA_SHA2_512)
 			return "rsa-sha2-512";
+	} else if (key->type == KEY_RSA_CERT) {
+		if (flags & SSH_AGENT_RSA_SHA2_256)
+			return "rsa-sha2-256-cert-v01@openssh.com";
+		else if (flags & SSH_AGENT_RSA_SHA2_512)
+			return "rsa-sha2-512-cert-v01@openssh.com";
 	}
 	return NULL;
 }
author	djm@openbsd.org <djm@openbsd.org>	2019-06-14 05:51:47 +0200
committer	Damien Miller <djm@mindrot.org>	2019-06-14 05:52:48 +0200
commit	2317ce4b0ed7d8c4b0c684e2d47bff5006bd1178 (patch)
tree	cc9841e512ea064e5f66e241af72fba613014d67 /ssh-agent.c
parent	upstream: for public key authentication, check AuthorizedKeysFiles (diff)
download	openssh-2317ce4b0ed7d8c4b0c684e2d47bff5006bd1178.tar.xz openssh-2317ce4b0ed7d8c4b0c684e2d47bff5006bd1178.zip