===================================================================
RCS file: /cvsrepo/anoncvs/cvs/src/usr.bin/ssh/auth-options.c,v
retrieving revision 1.55
retrieving revision 1.56
diff -u -r1.55 -r1.56
--- src/usr.bin/ssh/auth-options.c	2011/09/23 00:22:04	1.55
+++ src/usr.bin/ssh/auth-options.c	2011/10/18 04:58:26	1.56
@@ -1,4 +1,4 @@
-/* $OpenBSD: auth-options.c,v 1.55 2011/09/23 00:22:04 dtucker Exp $ */
+/* $OpenBSD: auth-options.c,v 1.56 2011/10/18 04:58:26 djm Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -450,10 +450,6 @@
 		buffer_append(&data, data_blob, dlen);
 		debug3("found certificate option \"%.100s\" len %u",
 		    name, dlen);
-		if (strlen(name) != nlen) {
-			error("Certificate constraint name contains \\0");
-			goto out;
-		}
 		found = 0;
 		if ((which & OPTIONS_EXTENSIONS) != 0) {
 			if (strcmp(name, "permit-X11-forwarding") == 0) {
@@ -483,11 +479,6 @@
 					    "corrupt", name);
 					goto out;
 				}
-				if (strlen(command) != clen) {
-					error("force-command constraint "
-					    "contains \\0");
-					goto out;
-				}
 				if (*cert_forced_command != NULL) {
 					error("Certificate has multiple "
 					    "force-command options");
@@ -502,11 +493,6 @@
 				    &clen)) == NULL) {
 					error("Certificate constraint "
 					    "\"%s\" corrupt", name);
-					goto out;
-				}
-				if (strlen(allowed) != clen) {
-					error("source-address constraint "
-					    "contains \\0");
 					goto out;
 				}
 				if ((*cert_source_address_done)++) {