From 0f4c022fdaabb41962e7fde1baca7bf73122f534 Mon Sep 17 00:00:00 2001
From: Justin Zandbergen <justin.zandbergen@topicus.nl>
Date: Mon, 26 Feb 2024 10:09:46 +0100
Subject: [PATCH] Simply check against cleaned key from disk.

---
 salt/channel/server.py | 10 +---------
 1 file changed, 1 insertion(+), 9 deletions(-)

diff --git a/salt/channel/server.py b/salt/channel/server.py
index b8a3aae3658..aced8316516 100644
--- a/salt/channel/server.py
+++ b/salt/channel/server.py
@@ -371,15 +371,7 @@ class ReqServerChannel:
         elif os.path.isfile(pubfn):
             # The key has been accepted, check it
             with salt.utils.files.fopen(pubfn, "r") as pubfn_handle:
-                keyFromDisk = pubfn_handle.read()
-
-                # if the keyFromDisk has a final newline it is a oldstyle key
-                # if we clean it, it will not match. Only clean the key if it
-                # is a new style key.
-                if keyFromDisk[-1:] != "\n":
-                    keyFromDisk = salt.crypt.clean_key(keyFromDisk)
-
-                if  keyFromDisk != load["pub"]:
+                if salt.crypt.clean_key(pubfn_handle.read()) != salt.crypt.clean_key(load["pub"])
                     log.error(
                         "Authentication attempt from %s failed, the public "
                         "keys did not match. This may be an attempt to compromise "