1 files changed, 41 insertions, 0 deletions

diff --git a/backport-upstream-ssh-keygen-Y-check-novalidate-requires-name.patch b/backport-upstream-ssh-keygen-Y-check-novalidate-requires-name.patch
new file mode 100644
index 0000000..aa9f80c
--- /dev/null
+++ b/backport-upstream-ssh-keygen-Y-check-novalidate-requires-name.patch
@@ -0,0 +1,41 @@
+From a0b5816f8f1f645acdf74f7bc11b34455ec30bac Mon Sep 17 00:00:00 2001
+From: "djm@openbsd.org" <djm@openbsd.org>
+Date: Fri, 18 Mar 2022 02:31:25 +0000
+Subject: [PATCH] upstream: ssh-keygen -Y check-novalidate requires namespace
+ or SEGV
+
+will ensue. Patch from Mateusz Adamowski via GHPR#307
+
+OpenBSD-Commit-ID: 99e8ec38f9feb38bce6de240335be34aedeba5fd
+Reference:https://github.com/openssh/openssh-portable/commit/a0b5816f8f1f645acdf74f7bc11b34455ec30bac
+Conflict:NA
+---
+ ssh-keygen.c | 8 +++++++-
+ 1 file changed, 7 insertions(+), 1 deletion(-)
+
+diff --git a/ssh-keygen.c b/ssh-keygen.c
+index 7fc616c..bd6ea16 100644
+--- a/ssh-keygen.c
++++ b/ssh-keygen.c
+@@ -1,4 +1,4 @@
+-/* $OpenBSD: ssh-keygen.c,v 1.437 2021/09/08 03:23:44 djm Exp $ */
++/* $OpenBSD: ssh-keygen.c,v 1.449 2022/03/18 02:31:25 djm Exp $ */
+ /*
+  * Author: Tatu Ylonen <ylo@cs.hut.fi>
+  * Copyright (c) 1994 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
+@@ -3489,6 +3489,12 @@ main(int argc, char **argv)
+ 			return sig_sign(identity_file, cert_principals,
+ 			    argc, argv);
+ 		} else if (strncmp(sign_op, "check-novalidate", 16) == 0) {
++            if (cert_principals == NULL ||
++                *cert_principals == '\0') {
++                error("Too few arguments for check-novalidate: "
++                    "missing namespace");
++                exit(1);
++            }
+ 			if (ca_key_path == NULL) {
+ 				error("Too few arguments for check-novalidate: "
+ 				    "missing signature file");
+-- 
+2.23.0
+