RepoMirrors
/
openssh
mirror of git://anongit.mindrot.org/openssh.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

upstream: sshsk_sign: trim call to sshkey_fingerprint() 

the resulting fingerprint doesn't appear to be used for anything,
and we end up leaking it.

from Pedro Martelletto; ok dtucker & me

OpenBSD-Commit-ID: 5625cf6c68f082bc2cbbd348e69a3ed731d2f9b7
This commit is contained in:
djm@openbsd.org 2022-01-14 03:32:52 +00:00 committed by Damien Miller
parent 1cd1b2eac3
commit c88265f207
1 changed files with 1 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
ssh-sk-client.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: ssh-sk-client.c,v 1.10 2021/10/28 02:54:18 djm Exp $ */
/* $OpenBSD: ssh-sk-client.c,v 1.11 2022/01/14 03:32:52 djm Exp $ */
/*
* Copyright (c) 2019 Google LLC
*
@ -232,7 +232,6 @@ sshsk_sign(const char *provider, struct sshkey *key,
u_int compat, const char *pin)
{
int oerrno, r = SSH_ERR_INTERNAL_ERROR;
char *fp = NULL;
struct sshbuf *kbuf = NULL, *req = NULL, *resp = NULL;
*sigp = NULL;
@ -262,12 +261,6 @@ sshsk_sign(const char *provider, struct sshkey *key,
goto out;
}
if ((fp = sshkey_fingerprint(key, SSH_FP_HASH_DEFAULT,
SSH_FP_DEFAULT)) == NULL) {
error_f("sshkey_fingerprint failed");
r = SSH_ERR_ALLOC_FAIL;
goto out;
}
if ((r = client_converse(req, &resp, SSH_SK_HELPER_SIGN)) != 0)
goto out;