]> andersk Git - gssapi-openssh.git/blobdiff - openssh/auth2-pubkey.c
andersk / gssapi-openssh.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
merged OpenSSH 5.3p1 to trunk
[gssapi-openssh.git] / openssh / auth2-pubkey.c
diff --git a/openssh/auth2-pubkey.c b/openssh/auth2-pubkey.c
index 9898d4a63b8c4fd907f7bad58c99e014bf40a6e5..2886f1275f025f17e2424c8252bd2c201bf28f73 100644 (file)
--- a/openssh/auth2-pubkey.c
+++ b/openssh/auth2-pubkey.c
@@ -1,3 +1,4 @@
+/* $OpenBSD: auth2-pubkey.c,v 1.19 2008/07/03 21:46:58 otto Exp $ */
 /*
  * Copyright (c) 2000 Markus Friedl.  All rights reserved.
  *
@@ -23,23 +24,36 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: auth2-pubkey.c,v 1.7 2004/06/21 17:36:31 avsm Exp $");
 
-#include "ssh2.h"
+#include <sys/types.h>
+#include <sys/stat.h>
+
+#include <fcntl.h>
+#include <pwd.h>
+#include <stdio.h>
+#include <stdarg.h>
+#include <unistd.h>
+
 #include "xmalloc.h"
+#include "ssh.h"
+#include "ssh2.h"
 #include "packet.h"
 #include "buffer.h"
 #include "log.h"
 #include "servconf.h"
 #include "compat.h"
-#include "bufaux.h"
-#include "auth.h"
 #include "key.h"
+#include "hostfile.h"
+#include "auth.h"
 #include "pathnames.h"
 #include "uidswap.h"
 #include "auth-options.h"
 #include "canohost.h"
+#ifdef GSSAPI
+#include "ssh-gss.h"
+#endif
 #include "monitor_wrap.h"
+#include "misc.h"
 
 /* import */
 extern ServerOptions options;
@@ -156,10 +170,6 @@ done:
                key_free(key);
        xfree(pkalg);
        xfree(pkblob);
-#ifdef HAVE_CYGWIN
-       if (check_nt_auth(0, authctxt->pw) == 0)
-               return(0);
-#endif
        return authenticated;
 }
 
@@ -167,11 +177,10 @@ done:
 static int
 user_key_allowed2(struct passwd *pw, Key *key, char *file)
 {
-       char line[8192];
+       char line[SSH_MAX_PUBKEY_BYTES];
        int found_key = 0;
        FILE *f;
        u_long linenum = 0;
-       struct stat st;
        Key *found;
        char *fp;
 
@@ -179,24 +188,9 @@ user_key_allowed2(struct passwd *pw, Key *key, char *file)
        temporarily_use_uid(pw);
 
        debug("trying public key file %s", file);
+       f = auth_openkeyfile(file, pw, options.strict_modes);
 
-       /* Fail quietly if file does not exist */
-       if (stat(file, &st) < 0) {
-               /* Restore the privileged uid. */
-               restore_uid();
-               return 0;
-       }
-       /* Open the file containing the authorized keys. */
-       f = fopen(file, "r");
        if (!f) {
-               /* Restore the privileged uid. */
-               restore_uid();
-               return 0;
-       }
-       if (options.strict_modes &&
-           secure_filename(f, file, pw, line, sizeof(line)) != 0) {
-               fclose(f);
-               logit("Authentication refused: %s", line);
                restore_uid();
                return 0;
        }
@@ -204,9 +198,9 @@ user_key_allowed2(struct passwd *pw, Key *key, char *file)
        found_key = 0;
        found = key_new(key->type);
 
-       while (fgets(line, sizeof(line), f)) {
+       while (read_keyfile_line(f, file, line, sizeof(line), &linenum) != -1) {
                char *cp, *key_options = NULL;
-               linenum++;
+
                /* Skip leading whitespace, empty and comment lines. */
                for (cp = line; *cp == ' ' || *cp == '\t'; cp++)
                        ;
git-cvsimport mirror of GSI OpenSSH
This page took 0.122733 seconds and 4 git commands to generate.