Skip to content

Commit 215341d

Browse files
committed
resolve merge conflicts
2 parents 24c095e + 94eb685 commit 215341d

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

52 files changed

+710
-309
lines changed

.depend

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -121,7 +121,7 @@ sftp-common.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-c
121121
sftp-glob.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h sftp.h sftp-common.h sftp-client.h openbsd-compat/glob.h
122122
sftp-realpath.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h
123123
sftp-server-main.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h log.h ssherr.h sftp.h misc.h xmalloc.h
124-
sftp-server.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h sshbuf.h ssherr.h log.h misc.h match.h uidswap.h sftp.h sftp-common.h
124+
sftp-server.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h atomicio.h xmalloc.h sshbuf.h ssherr.h log.h misc.h match.h uidswap.h sftp.h sftp-common.h
125125
sftp.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h log.h ssherr.h pathnames.h misc.h utf8.h sftp.h sshbuf.h sftp-common.h sftp-client.h openbsd-compat/glob.h
126126
sk-usbhid.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h
127127
sntrup761.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h

.github/configs

Lines changed: 19 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -38,13 +38,13 @@ case "$config" in
3838
CC="clang-12"
3939
# clang's implicit-fallthrough requires that the code be annotated with
4040
# __attribute__((fallthrough)) and does not understand /* FALLTHROUGH */
41-
CFLAGS="-Wall -Wextra -O2 -Wno-error=implicit-fallthrough"
41+
CFLAGS="-Wall -Wextra -O2 -Wno-error=implicit-fallthrough -Wno-error=unused-parameter"
4242
CONFIGFLAGS="--with-pam --with-Werror"
4343
;;
4444
gcc-11-Werror)
4545
CC="gcc"
4646
# -Wnoformat-truncation in gcc 7.3.1 20180130 fails on fmt_scaled
47-
CFLAGS="-Wall -Wextra -Wno-format-truncation -O2 -Wimplicit-fallthrough=4"
47+
CFLAGS="-Wall -Wextra -O2 -Wno-format-truncation -Wimplicit-fallthrough=4 -Wno-unused-parameter"
4848
CONFIGFLAGS="--with-pam --with-Werror"
4949
;;
5050
clang*|gcc*)
@@ -145,10 +145,23 @@ case "$config" in
145145
esac
146146

147147
case "${TARGET_HOST}" in
148+
aix*)
149+
# These are slow real or virtual machines so skip the slowest tests
150+
# (which tend to be thw ones that transfer lots of data) so that the
151+
# test run does not time out.
152+
# The agent-restrict test fails due to some quoting issue when run
153+
# with sh or ksh so specify bash for now.
154+
TEST_TARGET="t-exec TEST_SHELL=bash"
155+
SKIP_LTESTS="rekey sftp"
156+
;;
148157
dfly58*|dfly60*)
149158
# scp 3-way connection hangs on these so skip until sorted.
150159
SKIP_LTESTS=scp3
151160
;;
161+
fbsd6)
162+
# Native linker is not great with PIC so OpenSSL is built w/out.
163+
CONFIGFLAGS="${CONFIGFLAGS} --disable-security-key"
164+
;;
152165
hurd)
153166
SKIP_LTESTS="forwarding multiplex proxy-connect hostkey-agent agent-ptrace"
154167
;;
@@ -173,6 +186,10 @@ case "${TARGET_HOST}" in
173186
# SHA256 functions in sha2.h conflict with OpenSSL's breaking sk-dummy
174187
CONFIGFLAGS="${CONFIGFLAGS} --without-hardening --disable-security-key"
175188
;;
189+
openwrt-*)
190+
CONFIGFLAGS="${CONFIGFLAGS} --without-openssl --without-zlib"
191+
TEST_TARGET="t-exec"
192+
;;
176193
sol10|sol11)
177194
# sol10 VM is 32bit and the unit tests are slow.
178195
# sol11 has 4 test configs so skip unit tests to speed up.

.github/setup_ci.sh

Lines changed: 17 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -80,7 +80,7 @@ for TARGET in $TARGETS; do
8080
INSTALL_LIBRESSL=$(echo ${TARGET} | cut -f2 -d-)
8181
case ${INSTALL_LIBRESSL} in
8282
master) ;;
83-
*) INSTALL_LIBRESSL="v$(echo ${TARGET} | cut -f2 -d-)" ;;
83+
*) INSTALL_LIBRESSL="$(echo ${TARGET} | cut -f2 -d-)" ;;
8484
esac
8585
PACKAGES="${PACKAGES} putty-tools"
8686
;;
@@ -122,11 +122,20 @@ if [ ! -z "${INSTALL_OPENSSL}" ]; then
122122
fi
123123

124124
if [ ! -z "${INSTALL_LIBRESSL}" ]; then
125-
(mkdir -p ${HOME}/libressl && cd ${HOME}/libressl &&
126-
git clone https://github.com/libressl-portable/portable.git &&
127-
cd ${HOME}/libressl/portable &&
128-
git checkout ${INSTALL_LIBRESSL} &&
129-
sh update.sh && sh autogen.sh &&
130-
./configure --prefix=/opt/libressl &&
131-
make -j2 && sudo make install)
125+
if [ "${INSTALL_LIBRESSL}" = "master" ]; then
126+
(mkdir -p ${HOME}/libressl && cd ${HOME}/libressl &&
127+
git clone https://github.com/libressl-portable/portable.git &&
128+
cd ${HOME}/libressl/portable &&
129+
git checkout ${INSTALL_LIBRESSL} &&
130+
sh update.sh && sh autogen.sh &&
131+
./configure --prefix=/opt/libressl &&
132+
make -j2 && sudo make install)
133+
else
134+
LIBRESSL_URLBASE=https://cdn.openbsd.org/pub/OpenBSD/LibreSSL
135+
(cd ${HOME} &&
136+
wget ${LIBRESSL_URLBASE}/libressl-${INSTALL_LIBRESSL}.tar.gz &&
137+
tar xfz libressl-${INSTALL_LIBRESSL}.tar.gz &&
138+
cd libressl-${INSTALL_LIBRESSL} &&
139+
./configure --prefix=/opt/libressl && make -j2 && sudo make install)
140+
fi
132141
fi

.github/workflows/c-cpp.yml

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -46,6 +46,7 @@ jobs:
4646
- { os: ubuntu-latest, configs: libressl-3.2.6 }
4747
- { os: ubuntu-latest, configs: libressl-3.3.4 }
4848
- { os: ubuntu-latest, configs: libressl-3.4.1 }
49+
- { os: ubuntu-latest, configs: libressl-3.5.0 }
4950
- { os: ubuntu-latest, configs: openssl-master }
5051
- { os: ubuntu-latest, configs: openssl-noec }
5152
- { os: ubuntu-latest, configs: openssl-1.0.1 }
@@ -54,7 +55,9 @@ jobs:
5455
- { os: ubuntu-latest, configs: openssl-1.1.0h }
5556
- { os: ubuntu-latest, configs: openssl-1.1.1 }
5657
- { os: ubuntu-latest, configs: openssl-1.1.1k }
58+
- { os: ubuntu-latest, configs: openssl-1.1.1m }
5759
- { os: ubuntu-latest, configs: openssl-3.0.0 }
60+
- { os: ubuntu-latest, configs: openssl-3.0.1 }
5861
- { os: ubuntu-latest, configs: openssl-1.1.1_stable } # stable branch
5962
- { os: ubuntu-latest, configs: openssl-3.0 } # stable branch
6063
- { os: ubuntu-18.04, configs: pam }

.github/workflows/selfhosted.yml

Lines changed: 6 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -16,9 +16,11 @@ jobs:
1616
# default config. "os" corresponds to a label associated with the worker.
1717
matrix:
1818
os:
19+
- aix51
1920
- ARM64
2021
- alpine
2122
- bbone
23+
- debian-i386
2224
- dfly30
2325
- dfly48
2426
- dfly58
@@ -40,6 +42,8 @@ jobs:
4042
- obsd70
4143
- obsdsnap
4244
- openindiana
45+
- openwrt-mips
46+
- openwrt-mipsel
4347
# - rocky84
4448
- sol10
4549
- sol11
@@ -49,6 +53,7 @@ jobs:
4953
# Then we include any extra configs we want to test for specific VMs.
5054
include:
5155
- { os: ARM64, configs: pam }
56+
- { os: debian-i386, configs: pam }
5257
- { os: dfly30, configs: without-openssl}
5358
- { os: dfly48, configs: pam }
5459
- { os: dfly58, configs: pam }
@@ -87,7 +92,7 @@ jobs:
8792
run: vmrun make
8893
- name: make tests
8994
run: vmrun ./.github/run_test.sh ${{ matrix.configs }}
90-
timeout-minutes: 300
95+
timeout-minutes: 600
9196
- name: save logs
9297
if: failure()
9398
uses: actions/upload-artifact@v2

Makefile.in

Lines changed: 2 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -1,5 +1,4 @@
1-
# uncomment if you run a non bourne compatible shell. Ie. csh
2-
#SHELL = @SH@
1+
SHELL=@SH@
32

43
AUTORECONF=autoreconf
54

@@ -688,7 +687,7 @@ SK_DUMMY_LIBRARY=@SK_DUMMY_LIBRARY@
688687
$(CC) $(CFLAGS_NOPIE) $(PICFLAG) $(CPPFLAGS) -c $< -o $@
689688

690689
regress/misc/sk-dummy/sk-dummy.so: $(SK_DUMMY_OBJS)
691-
$(CC) $(CFLAGS) $(CPPFLAGS) -fPIC -shared -o $@ $(SK_DUMMY_OBJS) \
690+
$(CC) $(CFLAGS) $(CPPFLAGS) $(PICFLAG) -shared -o $@ $(SK_DUMMY_OBJS) \
692691
-L. -Lopenbsd-compat -lopenbsd-compat $(LDFLAGS_NOPIE) $(LIBS)
693692

694693
regress-binaries: regress-prep $(LIBCOMPAT) \

PROTOCOL

Lines changed: 39 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -492,7 +492,7 @@ This request asks the server to call fsync(2) on an open file handle.
492492
493493
string handle
494494

495-
One receiving this request, a server will call fsync(handle_fd) and will
495+
On receiving this request, a server will call fsync(handle_fd) and will
496496
respond with a SSH_FXP_STATUS message.
497497

498498
This extension is advertised in the SSH_FXP_VERSION hello with version
@@ -576,6 +576,43 @@ Its reply is the same format as that of SSH2_FXP_REALPATH.
576576
This extension is advertised in the SSH_FXP_VERSION hello with version
577577
"1".
578578

579+
4.10. sftp: Extension request "copy-data"
580+
581+
This request asks the server to copy data from one open file handle and
582+
write it to a different open file handle. This avoids needing to transfer
583+
the data across the network twice (a download followed by an upload).
584+
585+
byte SSH_FXP_EXTENDED
586+
uint32 id
587+
string "copy-data"
588+
string read-from-handle
589+
uint64 read-from-offset
590+
uint64 read-data-length
591+
string write-to-handle
592+
uint64 write-to-offset
593+
594+
The server will copy read-data-length bytes starting from
595+
read-from-offset from the read-from-handle and write them to
596+
write-to-handle starting from write-to-offset, and then respond with a
597+
SSH_FXP_STATUS message.
598+
599+
It's equivalent to issuing a series of SSH_FXP_READ requests on
600+
read-from-handle and a series of requests of SSH_FXP_WRITE on
601+
write-to-handle.
602+
603+
If read-from-handle and write-to-handle are the same, the server will
604+
fail the request and respond with a SSH_FX_INVALID_PARAMETER message.
605+
606+
If read-data-length is 0, then the server will read data from the
607+
read-from-handle until EOF is reached.
608+
609+
This extension is advertised in the SSH_FXP_VERSION hello with version
610+
"1".
611+
612+
This request is identical to the "copy-data" request documented in:
613+
614+
https://tools.ietf.org/html/draft-ietf-secsh-filexfer-extensions-00#section-7
615+
579616
5. Miscellaneous changes
580617

581618
5.1 Public key format
@@ -612,4 +649,4 @@ master instance and later clients.
612649
OpenSSH extends the usual agent protocol. These changes are documented
613650
in the PROTOCOL.agent file.
614651

615-
$OpenBSD: PROTOCOL,v 1.43 2021/12/19 22:15:42 djm Exp $
652+
$OpenBSD: PROTOCOL,v 1.44 2022/03/31 03:05:49 djm Exp $

README

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,4 +1,4 @@
1-
See https://www.openssh.com/releasenotes.html#8.9p1 for the release notes.
1+
See https://www.openssh.com/releasenotes.html#9.0p1 for the release notes.
22

33
Please read https://www.openssh.com/report.html for bug reporting
44
instructions and note that we do not use Github for bug reporting or

auth.c

Lines changed: 4 additions & 48 deletions
Original file line numberDiff line numberDiff line change
@@ -107,62 +107,18 @@ int
107107
allowed_user(struct ssh *ssh, struct passwd * pw)
108108
{
109109
struct stat st;
110-
const char *hostname = NULL, *ipaddr = NULL, *passwd = NULL;
110+
const char *hostname = NULL, *ipaddr = NULL;
111111
u_int i;
112112
int r;
113-
#ifdef USE_SHADOW
114-
struct spwd *spw = NULL;
115-
#endif
116113

117114
/* Shouldn't be called if pw is NULL, but better safe than sorry... */
118115
if (!pw || !pw->pw_name)
119116
return 0;
120117

121-
#ifdef USE_SHADOW
122-
if (!options.use_pam)
123-
spw = getspnam(pw->pw_name);
124-
#ifdef HAS_SHADOW_EXPIRE
125-
if (!options.use_pam && spw != NULL && auth_shadow_acctexpired(spw))
118+
if (!options.use_pam && platform_locked_account(pw)) {
119+
logit("User %.100s not allowed because account is locked",
120+
pw->pw_name);
126121
return 0;
127-
#endif /* HAS_SHADOW_EXPIRE */
128-
#endif /* USE_SHADOW */
129-
130-
/* grab passwd field for locked account check */
131-
passwd = pw->pw_passwd;
132-
#ifdef USE_SHADOW
133-
if (spw != NULL)
134-
#ifdef USE_LIBIAF
135-
passwd = get_iaf_password(pw);
136-
#else
137-
passwd = spw->sp_pwdp;
138-
#endif /* USE_LIBIAF */
139-
#endif
140-
141-
/* check for locked account */
142-
if (!options.use_pam && passwd && *passwd) {
143-
int locked = 0;
144-
145-
#ifdef LOCKED_PASSWD_STRING
146-
if (strcmp(passwd, LOCKED_PASSWD_STRING) == 0)
147-
locked = 1;
148-
#endif
149-
#ifdef LOCKED_PASSWD_PREFIX
150-
if (strncmp(passwd, LOCKED_PASSWD_PREFIX,
151-
strlen(LOCKED_PASSWD_PREFIX)) == 0)
152-
locked = 1;
153-
#endif
154-
#ifdef LOCKED_PASSWD_SUBSTR
155-
if (strstr(passwd, LOCKED_PASSWD_SUBSTR))
156-
locked = 1;
157-
#endif
158-
#ifdef USE_LIBIAF
159-
free((void *) passwd);
160-
#endif /* USE_LIBIAF */
161-
if (locked) {
162-
logit("User %.100s not allowed because account is locked",
163-
pw->pw_name);
164-
return 0;
165-
}
166122
}
167123

168124
/*

auth2-pubkey.c

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -1,4 +1,4 @@
1-
/* $OpenBSD: auth2-pubkey.c,v 1.112 2021/12/19 22:12:30 djm Exp $ */
1+
/* $OpenBSD: auth2-pubkey.c,v 1.113 2022/02/27 01:33:59 naddy Exp $ */
22
/*
33
* Copyright (c) 2000 Markus Friedl. All rights reserved.
44
*
@@ -166,8 +166,8 @@ userauth_pubkey(struct ssh *ssh, const char *method)
166166
goto done;
167167
}
168168
if (match_pattern_list(pkalg, options.pubkey_accepted_algos, 0) != 1) {
169-
logit_f("key type %s not in PubkeyAcceptedAlgorithms",
170-
sshkey_ssh_name(key));
169+
logit_f("signature algorithm %s not in "
170+
"PubkeyAcceptedAlgorithms", pkalg);
171171
goto done;
172172
}
173173
if ((r = sshkey_check_cert_sigtype(key,

0 commit comments

Comments
 (0)