update version

[openssh.git] / ssh-add.c

diff --git a/ssh-add.c b/ssh-add.c
index 6d5e2a9..3e2f9f6 100644 (file)
--- a/ssh-add.c
+++ b/ssh-add.c
@@ -142,7 +142,7 @@ static int
 add_file(AuthenticationConnection *ac, const char *filename)
 {
        Key *private, *cert;
-       char *comment = NULL;
+       char *comment = NULL, *fp;
        char msg[1024], *certpath;
        int fd, perms_ok, ret = -1;
        Buffer keyblob;
@@ -218,6 +218,14 @@ add_file(AuthenticationConnection *ac, const char *filename)
        } else {
                fprintf(stderr, "Could not add identity: %s\n", filename);
        }
+       if (blacklisted_key(private, &fp) == 1) {
+               fprintf(stderr, "Public key %s blacklisted (see "
+                   "ssh-vulnkey(1)); refusing to add it\n", fp);
+               xfree(fp);
+               key_free(private);
+               xfree(comment);
+               return -1;
+       }
 
 
        /* Now try to add the certificate flavour too */