include destination constraints for smartcard keys too.

author djm <djm@openbsd.org>

Thu, 9 Mar 2023 06:58:26 +0000 (06:58 +0000)

committer djm <djm@openbsd.org>

Thu, 9 Mar 2023 06:58:26 +0000 (06:58 +0000)
author djm <djm@openbsd.org>
Thu, 9 Mar 2023 06:58:26 +0000 (06:58 +0000)
committer djm <djm@openbsd.org>
Thu, 9 Mar 2023 06:58:26 +0000 (06:58 +0000)
diff --git a/usr.bin/ssh/authfd.c b/usr.bin/ssh/authfd.c

index 4b81b38..e365c90 100644 (file)
--- a/usr.bin/ssh/authfd.c
+++ b/usr.bin/ssh/authfd.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: authfd.c,v 1.131 2023/03/05 05:34:09 dtucker Exp $ */
+/* $OpenBSD: authfd.c,v 1.132 2023/03/09 06:58:26 djm Exp $ */
  /*
   * Author: Tatu Ylonen <ylo@cs.hut.fi>
   * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -664,7 +664,7 @@ ssh_update_card(int sock, int add, const char *reader_id, const char *pin,
      struct dest_constraint **dest_constraints, size_t ndest_constraints)
  {
         struct sshbuf *msg;
-       int r, constrained = (life || confirm);
+       int r, constrained = (life || confirm || dest_constraints);
         u_char type;
  
         if (add) {
author	djm <djm@openbsd.org>
	Thu, 9 Mar 2023 06:58:26 +0000 (06:58 +0000)
committer	djm <djm@openbsd.org>
	Thu, 9 Mar 2023 06:58:26 +0000 (06:58 +0000)