| version 1.56.2.3, 2005/09/02 03:44:59 |
version 1.57, 2005/01/22 08:17:59 |
|
|
| struct stat st; |
struct stat st; |
| const char *hostname = NULL, *ipaddr = NULL; |
const char *hostname = NULL, *ipaddr = NULL; |
| char *shell; |
char *shell; |
| u_int i; |
int i; |
| |
|
| /* Shouldn't be called if pw is NULL, but better safe than sorry... */ |
/* Shouldn't be called if pw is NULL, but better safe than sorry... */ |
| if (!pw || !pw->pw_name) |
if (!pw || !pw->pw_name) |
|
|
| return 0; |
return 0; |
| } |
} |
| |
|
| if (options.num_deny_users > 0 || options.num_allow_users > 0 || |
if (options.num_deny_users > 0 || options.num_allow_users > 0) { |
| options.num_deny_groups > 0 || options.num_allow_groups > 0) { |
|
| hostname = get_canonical_hostname(options.use_dns); |
hostname = get_canonical_hostname(options.use_dns); |
| ipaddr = get_remote_ipaddr(); |
ipaddr = get_remote_ipaddr(); |
| } |
} |
|
|
| * |
* |
| * This returns a buffer allocated by xmalloc. |
* This returns a buffer allocated by xmalloc. |
| */ |
*/ |
| static char * |
char * |
| expand_authorized_keys(const char *filename, struct passwd *pw) |
expand_filename(const char *filename, struct passwd *pw) |
| { |
{ |
| char *file, *ret; |
Buffer buffer; |
| |
char *file; |
| |
const char *cp; |
| |
|
| file = percent_expand(filename, "h", pw->pw_dir, |
/* |
| "u", pw->pw_name, (char *)NULL); |
* Build the filename string in the buffer by making the appropriate |
| |
* substitutions to the given file name. |
| |
*/ |
| |
buffer_init(&buffer); |
| |
for (cp = filename; *cp; cp++) { |
| |
if (cp[0] == '%' && cp[1] == '%') { |
| |
buffer_append(&buffer, "%", 1); |
| |
cp++; |
| |
continue; |
| |
} |
| |
if (cp[0] == '%' && cp[1] == 'h') { |
| |
buffer_append(&buffer, pw->pw_dir, strlen(pw->pw_dir)); |
| |
cp++; |
| |
continue; |
| |
} |
| |
if (cp[0] == '%' && cp[1] == 'u') { |
| |
buffer_append(&buffer, pw->pw_name, |
| |
strlen(pw->pw_name)); |
| |
cp++; |
| |
continue; |
| |
} |
| |
buffer_append(&buffer, cp, 1); |
| |
} |
| |
buffer_append(&buffer, "\0", 1); |
| |
|
| /* |
/* |
| * Ensure that filename starts anchored. If not, be backward |
* Ensure that filename starts anchored. If not, be backward |
| * compatible and prepend the '%h/' |
* compatible and prepend the '%h/' |
| */ |
*/ |
| if (*file == '/') |
file = xmalloc(MAXPATHLEN); |
| return (file); |
cp = buffer_ptr(&buffer); |
| |
if (*cp != '/') |
| |
snprintf(file, MAXPATHLEN, "%s/%s", pw->pw_dir, cp); |
| |
else |
| |
strlcpy(file, cp, MAXPATHLEN); |
| |
|
| ret = xmalloc(MAXPATHLEN); |
buffer_free(&buffer); |
| if (strlcpy(ret, pw->pw_dir, MAXPATHLEN) >= MAXPATHLEN || |
return file; |
| strlcat(ret, "/", MAXPATHLEN) >= MAXPATHLEN || |
|
| strlcat(ret, file, MAXPATHLEN) >= MAXPATHLEN) |
|
| fatal("expand_authorized_keys: path too long"); |
|
| |
|
| xfree(file); |
|
| return (ret); |
|
| } |
} |
| |
|
| char * |
char * |
| authorized_keys_file(struct passwd *pw) |
authorized_keys_file(struct passwd *pw) |
| { |
{ |
| return expand_authorized_keys(options.authorized_keys_file, pw); |
return expand_filename(options.authorized_keys_file, pw); |
| } |
} |
| |
|
| char * |
char * |
| authorized_keys_file2(struct passwd *pw) |
authorized_keys_file2(struct passwd *pw) |
| { |
{ |
| return expand_authorized_keys(options.authorized_keys_file2, pw); |
return expand_filename(options.authorized_keys_file2, pw); |
| } |
} |
| |
|
| /* return ok if key exists in sysfile or userfile */ |
/* return ok if key exists in sysfile or userfile */ |
![[BACK]](/icons/back.gif){kind=icon}
Return to auth.c CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / src / usr.bin / ssh