go.crypto/ssh: Add certificate verification, step up support for authorized keys R=agl, hanwen, jpsugar, dave CC=golang-dev https://golang.org/cl/14540051

commit: 9112f50fcd3d20c885cb320db643f60e0ae77821 [log] [tgz]
author: Jonathan Pittman <jmpittman@google.com> Tue Oct 22 15:12:41 2013 -0400
committer: Adam Langley <agl@golang.org> Tue Oct 22 15:12:41 2013 -0400
tree: 9a8a43d2736b554b01a6716dafd235101b667dc7
parent: f5f25bdad0cb2b768bdea003ed92329914931542 [diff] [blame]
diff --git a/ssh/keys.go b/ssh/keys.go
index fa1e236..b41fefc 100644
--- a/ssh/keys.go
+++ b/ssh/keys.go

@@ -102,22 +102,8 @@
 			continue
 		}
 
-		field := string(in[:i])
-		switch field {
-		case KeyAlgoRSA, KeyAlgoDSA:
-			out, comment, ok = parseAuthorizedKey(in[i:])
-			if ok {
-				return
-			}
-		case KeyAlgoECDSA256, KeyAlgoECDSA384, KeyAlgoECDSA521:
-			// We don't support these keys.
-			in = rest
-			continue
-		case CertAlgoRSAv01, CertAlgoDSAv01,
-			CertAlgoECDSA256v01, CertAlgoECDSA384v01, CertAlgoECDSA521v01:
-			// We don't support these certificates.
-			in = rest
-			continue
+		if out, comment, ok = parseAuthorizedKey(in[i:]); ok {
+			return
 		}
 
 		// No key type recognised. Maybe there's an options field at
@@ -157,14 +143,9 @@
 			continue
 		}
 
-		field = string(in[:i])
-		switch field {
-		case KeyAlgoRSA, KeyAlgoDSA:
-			out, comment, ok = parseAuthorizedKey(in[i:])
-			if ok {
-				options = candidateOptions
-				return
-			}
+		if out, comment, ok = parseAuthorizedKey(in[i:]); ok {
+			options = candidateOptions
+			return
 		}
 
 		in = rest
commit	9112f50fcd3d20c885cb320db643f60e0ae77821	[log] [tgz]
author	Jonathan Pittman <jmpittman@google.com>	Tue Oct 22 15:12:41 2013 -0400
committer	Adam Langley <agl@golang.org>	Tue Oct 22 15:12:41 2013 -0400
tree	9a8a43d2736b554b01a6716dafd235101b667dc7
parent	f5f25bdad0cb2b768bdea003ed92329914931542 [diff] [blame]