diff options
| author | Damien Miller <djm@mindrot.org> | 2011-10-18 16:06:14 +1100 |
|---|---|---|
| committer | Damien Miller <djm@mindrot.org> | 2011-10-18 16:06:14 +1100 |
| commit | c51a5ab2c6f7ea4ae42e70d1d00bdf57c28f8c36 (patch) | |
| tree | 5e8106f528aaa5fb62536c4ccc314dfb6a840cb3 | |
| parent | 91f3eaec886825c42cf6e38d4e2af0f52b5aa35f (diff) | |
| download | openssh-git-c51a5ab2c6f7ea4ae42e70d1d00bdf57c28f8c36.tar.gz | |
- djm@cvs.openbsd.org 2011/10/18 04:58:26
[auth-options.c key.c]
remove explict search for \0 in packet strings, this job is now done
implicitly by buffer_get_cstring; ok markus
| -rw-r--r-- | ChangeLog | 4 | ||||
| -rw-r--r-- | auth-options.c | 16 | ||||
| -rw-r--r-- | key.c | 7 |
3 files changed, 6 insertions, 21 deletions
@@ -12,6 +12,10 @@ - stsp@cvs.openbsd.org 2011/10/16 15:51:39 [moduli.c] add missing includes to unbreak tree; fix from rpointel + - djm@cvs.openbsd.org 2011/10/18 04:58:26 + [auth-options.c key.c] + remove explict search for \0 in packet strings, this job is now done + implicitly by buffer_get_cstring; ok markus 20111001 - (dtucker) [openbsd-compat/mktemp.c] Fix compiler warning. ok djm diff --git a/auth-options.c b/auth-options.c index b3c19c1c..0e67bd8c 100644 --- a/auth-options.c +++ b/auth-options.c @@ -1,4 +1,4 @@ -/* $OpenBSD: auth-options.c,v 1.55 2011/09/23 00:22:04 dtucker Exp $ */ +/* $OpenBSD: auth-options.c,v 1.56 2011/10/18 04:58:26 djm Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland @@ -452,10 +452,6 @@ parse_option_list(u_char *optblob, size_t optblob_len, struct passwd *pw, buffer_append(&data, data_blob, dlen); debug3("found certificate option \"%.100s\" len %u", name, dlen); - if (strlen(name) != nlen) { - error("Certificate constraint name contains \\0"); - goto out; - } found = 0; if ((which & OPTIONS_EXTENSIONS) != 0) { if (strcmp(name, "permit-X11-forwarding") == 0) { @@ -485,11 +481,6 @@ parse_option_list(u_char *optblob, size_t optblob_len, struct passwd *pw, "corrupt", name); goto out; } - if (strlen(command) != clen) { - error("force-command constraint " - "contains \\0"); - goto out; - } if (*cert_forced_command != NULL) { error("Certificate has multiple " "force-command options"); @@ -506,11 +497,6 @@ parse_option_list(u_char *optblob, size_t optblob_len, struct passwd *pw, "\"%s\" corrupt", name); goto out; } - if (strlen(allowed) != clen) { - error("source-address constraint " - "contains \\0"); - goto out; - } if ((*cert_source_address_done)++) { error("Certificate has multiple " "source-address options"); @@ -1,4 +1,4 @@ -/* $OpenBSD: key.c,v 1.97 2011/05/17 07:13:31 djm Exp $ */ +/* $OpenBSD: key.c,v 1.98 2011/10/18 04:58:26 djm Exp $ */ /* * read_bignum(): * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland @@ -1356,11 +1356,6 @@ cert_parse(Buffer *b, Key *key, const u_char *blob, u_int blen) goto out; } - if (kidlen != strlen(key->cert->key_id)) { - error("%s: key ID contains \\0 character", __func__); - goto out; - } - /* Signature is left in the buffer so we can calculate this length */ signed_len = buffer_len(&key->cert->certblob) - buffer_len(b); |