1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
|
From a0b5816f8f1f645acdf74f7bc11b34455ec30bac Mon Sep 17 00:00:00 2001
From: "djm@openbsd.org" <djm@openbsd.org>
Date: Fri, 18 Mar 2022 02:31:25 +0000
Subject: [PATCH] upstream: ssh-keygen -Y check-novalidate requires namespace
or SEGV
will ensue. Patch from Mateusz Adamowski via GHPR#307
OpenBSD-Commit-ID: 99e8ec38f9feb38bce6de240335be34aedeba5fd
Reference:https://github.com/openssh/openssh-portable/commit/a0b5816f8f1f645acdf74f7bc11b34455ec30bac
Conflict:NA
---
ssh-keygen.c | 8 +++++++-
1 file changed, 7 insertions(+), 1 deletion(-)
diff --git a/ssh-keygen.c b/ssh-keygen.c
index 7fc616c..bd6ea16 100644
--- a/ssh-keygen.c
+++ b/ssh-keygen.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh-keygen.c,v 1.437 2021/09/08 03:23:44 djm Exp $ */
+/* $OpenBSD: ssh-keygen.c,v 1.449 2022/03/18 02:31:25 djm Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1994 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -3489,6 +3489,12 @@ main(int argc, char **argv)
return sig_sign(identity_file, cert_principals,
argc, argv);
} else if (strncmp(sign_op, "check-novalidate", 16) == 0) {
+ if (cert_principals == NULL ||
+ *cert_principals == '\0') {
+ error("Too few arguments for check-novalidate: "
+ "missing namespace");
+ exit(1);
+ }
if (ca_key_path == NULL) {
error("Too few arguments for check-novalidate: "
"missing signature file");
--
2.23.0
|
