]> git.ipfire.org Git - thirdparty/openssh-portable.git/commit
projects / thirdparty / openssh-portable.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: d902d72) | patch
upstream: ssh-keygen -Y find-principals was verifying key validity
authordjm@openbsd.org <djm@openbsd.org>
Thu, 18 Nov 2021 03:50:41 +0000 (03:50 +0000)
committerDamien Miller <djm@mindrot.org>
Thu, 18 Nov 2021 21:12:51 +0000 (08:12 +1100)
commitc74aa0eb73bd1edf79947d92d9c618fc3424c4a6
tree854e87f1d7b4a208af131148d5d708295fb2aed0tree | snapshot
parentd902d728dfd81622454260e23bc09d5e5a9a795ecommit | diff
upstream: ssh-keygen -Y find-principals was verifying key validity

when using ca certs but not with simple key lifetimes within the allowed
signers file.

Since it returns the first keys principal it finds this could
result in a principal with an expired key even though a valid
one is just below.

patch from Fabian Stelzer; feedback/ok djm markus

OpenBSD-Commit-ID: b108ed0a76b813226baf683ab468dc1cc79e0905
sshsig.c diff | blob | blame | history
Mirror of https://github.com/openssh/openssh-portable.git