feature: exclude ServerAuth certificates

buptczq · May 30, 2020 · fe5cc06 · fe5cc06
1 parent ad1a011
commit fe5cc06
Show file tree

Hide file tree

Showing 2 changed files with 7 additions and 4 deletions.
diff --git a/sshagent/eku.go b/sshagent/eku.go
@@ -16,11 +16,14 @@ func FilterCertificateEKU(cert *capi.Certificate) bool {
 	flagAny := false
 	flagBitLocker := false
 	flagAuth := false
+	flagServerAuth := false
 	for i := range cert.ExtKeyUsage {
 		if cert.ExtKeyUsage[i] == x509.ExtKeyUsageAny {
 			flagAny = true
 		} else if cert.ExtKeyUsage[i] == x509.ExtKeyUsageClientAuth {
 			flagAuth = true
+		} else if cert.ExtKeyUsage[i] == x509.ExtKeyUsageServerAuth {
+			flagServerAuth = true
 		}
 	}
 	for i := range cert.UnknownExtKeyUsage {
@@ -35,7 +38,7 @@ func FilterCertificateEKU(cert *capi.Certificate) bool {
 	if flagAny || flagAuth {
 		return true
 	}
-	if flagBitLocker {
+	if flagBitLocker || flagServerAuth {
 		return false
 	}
 	return true

diff --git a/versioninfo.json b/versioninfo.json
@@ -3,13 +3,13 @@
         "FileVersion": {
             "Major": 1,
             "Minor": 0,
-            "Patch": 4,
+            "Patch": 5,
             "Build": 0
         },
         "ProductVersion": {
             "Major": 1,
             "Minor": 0,
-            "Patch": 4,
+            "Patch": 5,
             "Build": 0
         },
         "FileFlagsMask": "3f",
@@ -29,7 +29,7 @@
         "OriginalFilename": "WinCryptSSHAgent.exe",
         "PrivateBuild": "",
         "ProductName": "WinCrypt SSH Agent",
-        "ProductVersion": "v1.0.4",
+        "ProductVersion": "v1.0.5",
         "SpecialBuild": ""
     },
     "VarFileInfo": {