version 1.2, 2002/05/31 11:35:15 |
version 1.2.8.2, 2004/03/04 18:18:15 |
|
|
/* import */ |
/* import */ |
extern ServerOptions options; |
extern ServerOptions options; |
extern u_char *session_id2; |
extern u_char *session_id2; |
extern int session_id2_len; |
extern u_int session_id2_len; |
|
|
static int |
static int |
userauth_pubkey(Authctxt *authctxt) |
userauth_pubkey(Authctxt *authctxt) |
|
|
pktype = key_type_from_name(pkalg); |
pktype = key_type_from_name(pkalg); |
if (pktype == KEY_UNSPEC) { |
if (pktype == KEY_UNSPEC) { |
/* this is perfectly legal */ |
/* this is perfectly legal */ |
log("userauth_pubkey: unsupported public key algorithm: %s", |
logit("userauth_pubkey: unsupported public key algorithm: %s", |
pkalg); |
pkalg); |
goto done; |
goto done; |
} |
} |
|
|
authenticated = 0; |
authenticated = 0; |
if (PRIVSEP(user_key_allowed(authctxt->pw, key)) && |
if (PRIVSEP(user_key_allowed(authctxt->pw, key)) && |
PRIVSEP(key_verify(key, sig, slen, buffer_ptr(&b), |
PRIVSEP(key_verify(key, sig, slen, buffer_ptr(&b), |
buffer_len(&b))) == 1) |
buffer_len(&b))) == 1) |
authenticated = 1; |
authenticated = 1; |
buffer_clear(&b); |
buffer_free(&b); |
xfree(sig); |
xfree(sig); |
} else { |
} else { |
debug("test whether pkalg/pkblob are acceptable"); |
debug("test whether pkalg/pkblob are acceptable"); |
|
|
Key *found; |
Key *found; |
char *fp; |
char *fp; |
|
|
if (pw == NULL) |
|
return 0; |
|
|
|
/* Temporarily use the user's uid. */ |
/* Temporarily use the user's uid. */ |
temporarily_use_uid(pw); |
temporarily_use_uid(pw); |
|
|
|
|
if (options.strict_modes && |
if (options.strict_modes && |
secure_filename(f, file, pw, line, sizeof(line)) != 0) { |
secure_filename(f, file, pw, line, sizeof(line)) != 0) { |
fclose(f); |
fclose(f); |
log("Authentication refused: %s", line); |
logit("Authentication refused: %s", line); |
restore_uid(); |
restore_uid(); |
return 0; |
return 0; |
} |
} |