diff options
Diffstat (limited to 'krl.c')
| -rw-r--r-- | krl.c | 10 |
1 files changed, 5 insertions, 5 deletions
@@ -14,7 +14,7 @@ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ -/* $OpenBSD: krl.c,v 1.32 2015/06/24 23:47:23 djm Exp $ */ +/* $OpenBSD: krl.c,v 1.33 2015/07/03 03:43:18 djm Exp $ */ #include "includes.h" @@ -429,7 +429,7 @@ ssh_krl_revoke_key(struct ssh_krl *krl, const struct sshkey *key) if (!sshkey_is_cert(key)) return ssh_krl_revoke_key_sha1(krl, key); - if (sshkey_cert_is_legacy(key) || key->cert->serial == 0) { + if (key->cert->serial == 0) { return ssh_krl_revoke_cert_by_key_id(krl, key->cert->signature_key, key->cert->key_id); @@ -1180,10 +1180,10 @@ is_cert_revoked(const struct sshkey *key, struct revoked_certs *rc) } /* - * Legacy cert formats lack serial numbers. Zero serials numbers - * are ignored (it's the default when the CA doesn't specify one). + * Zero serials numbers are ignored (it's the default when the + * CA doesn't specify one). */ - if (sshkey_cert_is_legacy(key) || key->cert->serial == 0) + if (key->cert->serial == 0) return 0; memset(&rs, 0, sizeof(rs)); |