src/usr.bin/ssh/auth.c - diff

Return to auth.c CVS log

Up to [local] / src / usr.bin / ssh

Diff for /src/usr.bin/ssh/auth.c between version 1.90 and 1.91

version 1.90, 2010/11/23 02:35:50

version 1.91, 2010/11/29 23:45:51

Line 289

check_key_in_hostfiles(struct passwd *pw, Key *key, const char *host,

const char *sysfile, const char *userfile)

{

Key *found;

char *user_hostfile;

struct stat st;

HostStatus host_status;

struct hostkeys *hostkeys;

const struct hostkey_entry *found;

/* Check if we know the host and its host key. */

hostkeys = init_hostkeys();

found = key_new(key_is_cert(key) ? KEY_UNSPEC : key->type);

load_hostkeys(hostkeys, host, sysfile);

host_status = check_host_in_hostfile(sysfile, host, key, found, NULL);

if (userfile != NULL) {

if (host_status != HOST_OK && userfile != NULL) {

user_hostfile = tilde_expand_filename(userfile, pw->pw_uid);

if (options.strict_modes &&

(stat(user_hostfile, &st) == 0) &&

Line 311

Line 310

user_hostfile);

} else {

temporarily_use_uid(pw);

host_status = check_host_in_hostfile(user_hostfile,

load_hostkeys(hostkeys, host, user_hostfile);

host, key, found, NULL);

restore_uid();

}

xfree(user_hostfile);

}

key_free(found);

host_status = check_key_in_hostkeys(hostkeys, key, &found);

if (host_status == HOST_REVOKED)

error("WARNING: revoked key for %s attempted authentication",

found->host);

else if (host_status == HOST_OK)

debug("%s: key for %s found at %s:%ld", __func__,

found->host, found->file, found->line);

else

debug("%s: key for host %s not found", __func__, host);

debug2("check_key_in_hostfiles: key %s for %s", host_status == HOST_OK ?

free_hostkeys(hostkeys);

"ok" : "not found", host);

return host_status;

}