-/* $OpenBSD: auth2-pubkey.c,v 1.12 2006/03/25 13:17:01 djm Exp $ */
+/* $OpenBSD: auth2-pubkey.c,v 1.19 2008/07/03 21:46:58 otto Exp $ */
/*
* Copyright (c) 2000 Markus Friedl. All rights reserved.
*
#include <sys/types.h>
#include <sys/stat.h>
+#include <fcntl.h>
+#include <pwd.h>
+#include <stdio.h>
+#include <stdarg.h>
+#include <unistd.h>
+
+#include "xmalloc.h"
#include "ssh.h"
#include "ssh2.h"
-#include "xmalloc.h"
#include "packet.h"
#include "buffer.h"
#include "log.h"
#include "servconf.h"
#include "compat.h"
-#include "bufaux.h"
-#include "auth.h"
#include "key.h"
+#include "hostfile.h"
+#include "auth.h"
#include "pathnames.h"
#include "uidswap.h"
#include "auth-options.h"
#include "canohost.h"
+#ifdef GSSAPI
+#include "ssh-gss.h"
+#endif
#include "monitor_wrap.h"
#include "misc.h"
key_free(key);
xfree(pkalg);
xfree(pkblob);
-#ifdef HAVE_CYGWIN
- if (check_nt_auth(0, authctxt->pw) == 0)
- authenticated = 0;
-#endif
return authenticated;
}
int found_key = 0;
FILE *f;
u_long linenum = 0;
- struct stat st;
Key *found;
char *fp;
temporarily_use_uid(pw);
debug("trying public key file %s", file);
+ f = auth_openkeyfile(file, pw, options.strict_modes);
- /* Fail quietly if file does not exist */
- if (stat(file, &st) < 0) {
- /* Restore the privileged uid. */
- restore_uid();
- return 0;
- }
- /* Open the file containing the authorized keys. */
- f = fopen(file, "r");
if (!f) {
- /* Restore the privileged uid. */
- restore_uid();
- return 0;
- }
- if (options.strict_modes &&
- secure_filename(f, file, pw, line, sizeof(line)) != 0) {
- fclose(f);
- logit("Authentication refused: %s", line);
restore_uid();
return 0;
}