upstream: Do not apply authorized_keys options when signature

author djm@openbsd.org <djm@openbsd.org>

Sun, 15 Sep 2024 00:41:18 +0000 (00:41 +0000)

committer Damien Miller <djm@mindrot.org>

Sun, 15 Sep 2024 01:23:07 +0000 (11:23 +1000)
author djm@openbsd.org <djm@openbsd.org>
Sun, 15 Sep 2024 00:41:18 +0000 (00:41 +0000)
committer Damien Miller <djm@mindrot.org>
Sun, 15 Sep 2024 01:23:07 +0000 (11:23 +1000)
diff --git a/monitor.c b/monitor.c

index f4a835eee0f789e8027d2dac1690e8c21571dc5d..4e68c4f80e9e5e86f87b8ce95a807389775916b6 100644 (file)
--- a/monitor.c
+++ b/monitor.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: monitor.c,v 1.242 2024/09/09 02:39:57 djm Exp $ */
+/* $OpenBSD: monitor.c,v 1.243 2024/09/15 00:41:18 djm Exp $ */
  /*
   * Copyright 2002 Niels Provos <provos@citi.umich.edu>
   * Copyright 2002 Markus Friedl <markus@openbsd.org>
@@ -1496,7 +1496,7 @@ mm_answer_keyverify(struct ssh *ssh, int sock, struct sshbuf *m)
         }
         auth2_record_key(authctxt, ret == 0, key);
  
-       if (key_blobtype == MM_USERKEY)
+       if (key_blobtype == MM_USERKEY && ret == 0)
                 auth_activate_options(ssh, key_opts);
         monitor_reset_key_state();
author	djm@openbsd.org <djm@openbsd.org>
	Sun, 15 Sep 2024 00:41:18 +0000 (00:41 +0000)
committer	Damien Miller <djm@mindrot.org>
	Sun, 15 Sep 2024 01:23:07 +0000 (11:23 +1000)