CVSROOT: /cvs
Module name: src
Changes by: [email protected] 2026/01/21 16:58:20
Modified files:
usr.bin/ssh : sshconnect2.c
Log message:
In ssh(1), don't try to match certificates held in an agent to
private keys.
This matching is done to support certificates that were
loaded without their private key material, but is unnecessary for
agent-hosted certificate which always have private key material
loaded in the agent. Worse, this matching would mess up the
request sent to the agent in such a way as to break usage of these
keys when the key usage was restricted in the agent.
Patch from Thibault Cools via bz3752, ok dtucker@
