rpms/openssh
7
0
Fork 1
Code Issues Pull Requests Releases Activity

Avoid spirous message on connecting to the machine with ssh-rsa keys

Browse Source 
Related: rhbz#2115246
This commit is contained in:
Dmitry Belyavskiy 2022-08-16 14:32:50 +02:00
parent b53c538acd
commit a0db6b2b7f
2 changed files with 20 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
openssh-8.7p1-minimize-sha1-use.patch
View File

@ -87,6 +87,19 @@ diff --color -ru a/clientloop.c b/clientloop.c
error_fr(r, "server gave bad signature for %s key %zu", error_fr(r, "server gave bad signature for %s key %zu",
sshkey_type(ctx->keys[i]), i); sshkey_type(ctx->keys[i]), i);
goto out; goto out;
diff --git a/hostfile.c b/hostfile.c
index a035b381..bd49e3ac 100644
--- a/hostfile.c
+++ b/hostfile.c
@@ -642,7 +642,7 @@ hostfile_replace_entries(const char *filename, const char *host, const char *ip,
/* Re-add the requested keys */
want = HKF_MATCH_HOST | (ip == NULL ? 0 : HKF_MATCH_IP);
for (i = 0; i < nkeys; i++) {
- if ((want & ctx.match_keys[i]) == want)
+ if (keys[i] == NULL || (want & ctx.match_keys[i]) == want)
continue;
if ((fp = sshkey_fingerprint(keys[i], hash_alg,
SSH_FP_DEFAULT)) == NULL) {
diff --color -ru a/kex.c b/kex.c diff --color -ru a/kex.c b/kex.c
--- a/kex.c 2022-06-29 16:35:06.775599179 +0200 --- a/kex.c 2022-06-29 16:35:06.775599179 +0200
+++ b/kex.c 2022-06-29 16:42:00.839710940 +0200 +++ b/kex.c 2022-06-29 16:42:00.839710940 +0200

8
openssh.spec
View File

@ -51,7 +51,7 @@
# Do not forget to bump pam_ssh_agent_auth release if you rewind the main package release to 1 # Do not forget to bump pam_ssh_agent_auth release if you rewind the main package release to 1
%global openssh_ver 8.7p1 %global openssh_ver 8.7p1
%global openssh_rel 21 %global openssh_rel 22
%global pam_ssh_agent_ver 0.10.4 %global pam_ssh_agent_ver 0.10.4
%global pam_ssh_agent_rel 5 %global pam_ssh_agent_rel 5
@ -226,6 +226,8 @@ Patch984: openssh-8.7p1-ibmca.patch
# upstream commits: # upstream commits:
# 291721bc7c840d113a49518f3fca70e86248b8e8 # 291721bc7c840d113a49518f3fca70e86248b8e8
# 0fa33683223c76289470a954404047bc762be84c # 0fa33683223c76289470a954404047bc762be84c
# Avoid dubious diagnostics on update known hosts (#2115246)
# 8832402bd500d1661ccc80a476fd563335ef6cdc
Patch1000: openssh-8.7p1-minimize-sha1-use.patch Patch1000: openssh-8.7p1-minimize-sha1-use.patch
# Fix for scp clearing file when src and dest are the same (#2056884) # Fix for scp clearing file when src and dest are the same (#2056884)
# upstream commits: # upstream commits:
@ -732,6 +734,10 @@ test -f %{sysconfig_anaconda} && \
%endif %endif
%changelog %changelog
* Tue Aug 16 2022 Dmitry Belyavskiy <dbelyavs@redhat.com> - 8.7p1-22
- Avoid spirous message on connecting to the machine with ssh-rsa keys
Related: rhbz#2115246
* Thu Aug 04 2022 Dmitry Belyavskiy <dbelyavs@redhat.com> - 8.7p1-21 * Thu Aug 04 2022 Dmitry Belyavskiy <dbelyavs@redhat.com> - 8.7p1-21
- IBMCA workaround - IBMCA workaround
Related: rhbz#1976202 Related: rhbz#1976202