version 1.82, 2013/05/17 00:13:13 |
version 1.83, 2013/05/19 02:42:42 |
|
|
rsa_key_allowed_in_file(struct passwd *pw, char *file, |
rsa_key_allowed_in_file(struct passwd *pw, char *file, |
const BIGNUM *client_n, Key **rkey) |
const BIGNUM *client_n, Key **rkey) |
{ |
{ |
char line[SSH_MAX_PUBKEY_BYTES]; |
char *fp, line[SSH_MAX_PUBKEY_BYTES]; |
int allowed = 0; |
int allowed = 0; |
u_int bits; |
u_int bits; |
FILE *f; |
FILE *f; |
|
|
"actual %d vs. announced %d.", |
"actual %d vs. announced %d.", |
file, linenum, BN_num_bits(key->rsa->n), bits); |
file, linenum, BN_num_bits(key->rsa->n), bits); |
|
|
|
fp = key_fingerprint(key, SSH_FP_MD5, SSH_FP_HEX); |
|
debug("matching key found: file %s, line %lu %s %s", |
|
file, linenum, key_type(key), fp); |
|
free(fp); |
|
|
/* Never accept a revoked key */ |
/* Never accept a revoked key */ |
if (auth_key_is_revoked(key)) |
if (auth_key_is_revoked(key)) |
break; |
break; |
|
|
auth_rsa(Authctxt *authctxt, BIGNUM *client_n) |
auth_rsa(Authctxt *authctxt, BIGNUM *client_n) |
{ |
{ |
Key *key; |
Key *key; |
char *fp; |
|
struct passwd *pw = authctxt->pw; |
struct passwd *pw = authctxt->pw; |
|
|
/* no user given */ |
/* no user given */ |
|
|
* options; this will be reset if the options cause the |
* options; this will be reset if the options cause the |
* authentication to be rejected. |
* authentication to be rejected. |
*/ |
*/ |
fp = key_fingerprint(key, SSH_FP_MD5, SSH_FP_HEX); |
pubkey_auth_info(authctxt, key); |
verbose("Found matching %s key: %s", |
|
key_type(key), fp); |
|
free(fp); |
|
key_free(key); |
|
|
|
packet_send_debug("RSA authentication accepted."); |
packet_send_debug("RSA authentication accepted."); |
return (1); |
return (1); |