master

分支 (26)

标签 (21)

管理

管理

master

openEuler-24.03-LTS-SP1

openEuler-24.03-LTS

openEuler-24.03-LTS-Next

openEuler-22.03-LTS-SP1

openEuler-22.03-LTS-SP3

openEuler-22.03-LTS-SP4

openEuler-24.09

openEuler-22.03-LTS-Next

openEuler-22.03-LTS

openEuler-22.03-LTS-SP2

openEuler-20.03-LTS-SP4

openEuler-20.03-LTS-SP1

openEuler-20.03-LTS-SP3

openEuler-23.09

openEuler-23.03

openEuler-22.09

openEuler-20.03-LTS

openEuler-21.03

openEuler-20.09

openEuler-22.03-LTS-SP4-update-before-20241025

openEuler-24.09-release

openEuler-22.03-LTS-SP4-release

openEuler-24.03-LTS-release

openEuler-22.03-LTS-SP3-release

openEuler-23.09-rc5

openEuler-22.03-LTS-SP1-release

openEuler-22.09-release

openEuler-22.09-rc5

openEuler-22.09-20220829

openEuler-22.03-LTS-20220331

openEuler-22.03-LTS-round5

openEuler-22.03-LTS-round3

openEuler-22.03-LTS-round2

openEuler-22.03-LTS-round1

openEuler-20.03-LTS-SP3-release

openEuler-20.03-LTS-SP2-20210624

openEuler-21.03-20210330

openEuler-20.09-20200929

openEuler-20.03-LTS-20200606

openssh
/
backport-upstream-Do-not-apply-author...

From 62bbf8f825cc390ecb0523752ddac1435006f206 Mon Sep 17 00:00:00 2001
From: "djm@openbsd.org" <djm@openbsd.org>
Date: Sun, 15 Sep 2024 00:41:18 +0000
Subject: [PATCH] upstream: Do not apply authorized_keys options when signature
 verification fails. Prevents restrictive key options being incorrectly
 applied to subsequent keys in authorized_keys.

Conflict:NA
Reference:https://anongit.mindrot.org/openssh.git/commit/62bbf8f825cc390ecb0523752ddac1435006f206
---
 monitor.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/monitor.c b/monitor.c
index ceeb035..a2647fd 100644
--- a/monitor.c
+++ b/monitor.c
@@ -1564,7 +1564,7 @@ mm_answer_keyverify(struct ssh *ssh, int sock, struct sshbuf *m)
 	}
 	auth2_record_key(authctxt, ret == 0, key);

-	if (key_blobtype == MM_USERKEY)
+	if (key_blobtype == MM_USERKEY && ret == 0)
 		auth_activate_options(ssh, key_opts);
 	monitor_reset_key_state();

--
2.43.0