| commit | 893d73549d7cfa277434bf0113688a5a14055408 | [log] [download] |
|---|---|---|
| author | Darren Tucker <dtucker@zip.com.au> | Wed Oct 07 08:47:02 2009 +1100 |
| committer | Darren Tucker <dtucker@zip.com.au> | Wed Oct 07 08:47:02 2009 +1100 |
| tree | 7cc83baeb70199c132f8f239be7acfcf694d0384 | |
| parent | 6b286a46821fa230258f1da82d0e013cfe3bf685 [diff] |
- djm@cvs.openbsd.org 2009/08/27 17:44:52
[authfd.c ssh-add.c authfd.h]
Do not fall back to adding keys without contraints (ssh-add -c / -t ...)
when the agent refuses the constrained add request. This was a useful
migration measure back in 2002 when constraints were new, but just
adds risk now.
bz #1612, report and patch from dkg AT fifthhorseman.net; ok markus@