|
 |
9fd6981 |
diff -up openssh-8.7p1/pam_ssh_agent_auth-pam_ssh_agent_auth-0.10.4/userauth_pubkey_from_id.c.rsasha2 openssh-8.7p1/pam_ssh_agent_auth-pam_ssh_agent_auth-0.10.4/userauth_pubkey_from_id.c
|
|
|
9fd6981 |
--- openssh-8.7p1/pam_ssh_agent_auth-pam_ssh_agent_auth-0.10.4/userauth_pubkey_from_id.c.rsasha2 2022-07-15 15:08:12.865585410 +0200
|
|
|
9fd6981 |
+++ openssh-8.7p1/pam_ssh_agent_auth-pam_ssh_agent_auth-0.10.4/userauth_pubkey_from_id.c 2022-07-15 15:16:25.164282372 +0200
|
|
|
9fd6981 |
@@ -87,8 +87,13 @@ userauth_pubkey_from_id(const char *ruse
|
|
|
9fd6981 |
(r = sshbuf_put_string(b, pkblob, blen)) != 0)
|
|
|
9fd6981 |
fatal("%s: buffer error: %s", __func__, ssh_err(r));
|
|
|
9fd6981 |
|
|
|
9fd6981 |
- if (ssh_agent_sign(id->ac->fd, id->key, &sig, &slen, sshbuf_ptr(b), sshbuf_len(b), NULL, 0) != 0)
|
|
|
9fd6981 |
- goto user_auth_clean_exit;
|
|
|
9fd6981 |
+ if (sshkey_type_plain(id->key->type) == KEY_RSA
|
|
|
9fd6981 |
+ && ssh_agent_sign(id->ac->fd, id->key, &sig, &slen, sshbuf_ptr(b), sshbuf_len(b), "rsa-sha2-256", 0) == 0) {
|
|
|
9fd6981 |
+ /* Do nothing */
|
|
|
9fd6981 |
+ } else {
|
|
|
9fd6981 |
+ if (ssh_agent_sign(id->ac->fd, id->key, &sig, &slen, sshbuf_ptr(b), sshbuf_len(b), NULL, 0) != 0)
|
|
|
9fd6981 |
+ goto user_auth_clean_exit;
|
|
|
9fd6981 |
+ }
|
|
|
9fd6981 |
|
|
|
9fd6981 |
/* test for correct signature */
|
|
|
9fd6981 |
if (sshkey_verify(id->key, sig, slen, sshbuf_ptr(b), sshbuf_len(b), NULL, 0, NULL) == 0)
|