version 1.106, 2021/01/27 10:05:28 |
version 1.107, 2021/04/03 06:18:40 |
|
|
goto fail_reason; |
goto fail_reason; |
} |
} |
if (sshkey_cert_check_authority(key, 0, 0, 0, |
if (sshkey_cert_check_authority(key, 0, 0, 0, |
keyopts->cert_principals == NULL ? pw->pw_name : NULL, &reason) != 0) |
keyopts->cert_principals == NULL ? pw->pw_name : NULL, |
|
&reason) != 0) |
goto fail_reason; |
goto fail_reason; |
|
|
verbose("Accepted certificate ID \"%s\" (serial %llu) " |
verbose("Accepted certificate ID \"%s\" (serial %llu) " |
|
|
found_principal = 1; |
found_principal = 1; |
/* If principals file or command is specified, then require a match */ |
/* If principals file or command is specified, then require a match */ |
use_authorized_principals = principals_file != NULL || |
use_authorized_principals = principals_file != NULL || |
options.authorized_principals_command != NULL; |
options.authorized_principals_command != NULL; |
if (!found_principal && use_authorized_principals) { |
if (!found_principal && use_authorized_principals) { |
reason = "Certificate does not contain an authorized principal"; |
reason = "Certificate does not contain an authorized principal"; |
goto fail_reason; |
goto fail_reason; |