From 6bf5696c8578782a25227c0806ce5f8abcafb603 Mon Sep 17 00:00:00 2001 From: Werner Koch Date: Wed, 22 Jan 2025 16:12:49 +0100 Subject: agent: Fix ssh-agent's request_identities for skipped keys. * agent/command-ssh.c (ssh_send_available_keys): Adjust key counter for skipped keys. -- Fixes-commit: 8b8a8b246c443d5631a88ec59b88edf00aa0ff51 which introduced a regression due to an extra variable for counting the keys. The bug showed up for example if a card with a Brainpool Auth key was also used. Unfortunately OpenSSH still does not allow for Brainpool keys. (cherry picked from commit 2469dc5aae671247100339493ad7919919a02db9) --- agent/command-ssh.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/agent/command-ssh.c b/agent/command-ssh.c index 189acd7f8..dd4df38be 100644 --- a/agent/command-ssh.c +++ b/agent/command-ssh.c @@ -2585,7 +2585,7 @@ ssh_send_available_keys (ctrl_t ctrl, estream_t key_blobs, u32 *r_key_counter) struct card_key_info_s *keyinfo_on_cards, *l; char *cardsn; gcry_sexp_t key_public = NULL; - int count; + int count, skipped; struct key_collection_s keyarray = { NULL }; err = open_control_file (&cf, 0); @@ -2749,6 +2749,7 @@ ssh_send_available_keys (ctrl_t ctrl, estream_t key_blobs, u32 *r_key_counter) keyarray.items[count].key, keyarray.items[count].cardsn); /* And print the keys. */ + skipped = 0; for (count=0; count < keyarray.nitems; count++) { err = ssh_send_key_public (key_blobs, keyarray.items[count].key, @@ -2763,12 +2764,13 @@ ssh_send_available_keys (ctrl_t ctrl, estream_t key_blobs, u32 *r_key_counter) /* For example a Brainpool curve or a curve we don't * support at all but a smartcard lists that curve. * We ignore them. */ + skipped++; } else goto leave; } } - *r_key_counter = count; + *r_key_counter = count - skipped; leave: agent_card_free_keyinfo (keyinfo_on_cards); -- cgit v1.2.3