version 1.52, 2023/03/05 05:34:09 |
version 1.53, 2024/05/17 00:30:23 |
|
|
|
|
/* import */ |
/* import */ |
extern ServerOptions options; |
extern ServerOptions options; |
|
extern struct authmethod_cfg methodcfg_hostbased; |
|
|
static int |
static int |
userauth_hostbased(struct ssh *ssh, const char *method) |
userauth_hostbased(struct ssh *ssh, const char *method) |
|
|
|
|
/* test for allowed key and correct signature */ |
/* test for allowed key and correct signature */ |
authenticated = 0; |
authenticated = 0; |
if (PRIVSEP(hostbased_key_allowed(ssh, authctxt->pw, cuser, |
if (mm_hostbased_key_allowed(ssh, authctxt->pw, cuser, |
chost, key)) && |
chost, key) && |
PRIVSEP(sshkey_verify(key, sig, slen, |
mm_sshkey_verify(key, sig, slen, |
sshbuf_ptr(b), sshbuf_len(b), pkalg, ssh->compat, NULL)) == 0) |
sshbuf_ptr(b), sshbuf_len(b), pkalg, ssh->compat, NULL) == 0) |
authenticated = 1; |
authenticated = 1; |
|
|
auth2_record_key(authctxt, authenticated, key); |
auth2_record_key(authctxt, authenticated, key); |
|
|
} |
} |
|
|
Authmethod method_hostbased = { |
Authmethod method_hostbased = { |
"hostbased", |
&methodcfg_hostbased, |
NULL, |
|
userauth_hostbased, |
userauth_hostbased, |
&options.hostbased_authentication |
|
}; |
}; |