| version 1.51, 2015/05/21 06:43:30 |
version 1.52, 2015/06/15 18:42:19 |
|
|
| * returns 1 if the principal is allowed or 0 otherwise. |
* returns 1 if the principal is allowed or 0 otherwise. |
| */ |
*/ |
| static int |
static int |
| match_principals_command(struct passwd *user_pw, struct sshkey *key) |
match_principals_command(struct passwd *user_pw, struct sshkey_cert *cert) |
| { |
{ |
| FILE *f = NULL; |
FILE *f = NULL; |
| int ok, found_principal = 0; |
int ok, found_principal = 0; |
|
|
| uid_swapped = 1; |
uid_swapped = 1; |
| temporarily_use_uid(pw); |
temporarily_use_uid(pw); |
| |
|
| ok = process_principals(f, NULL, pw, key->cert); |
ok = process_principals(f, NULL, pw, cert); |
| |
|
| if (exited_cleanly(pid, "AuthorizedPrincipalsCommand", command) != 0) |
if (exited_cleanly(pid, "AuthorizedPrincipalsCommand", command) != 0) |
| goto out; |
goto out; |
|
|
| found_principal = 1; |
found_principal = 1; |
| } |
} |
| /* Try querying command if specified */ |
/* Try querying command if specified */ |
| if (!found_principal && match_principals_command(pw, key)) |
if (!found_principal && match_principals_command(pw, key->cert)) |
| found_principal = 1; |
found_principal = 1; |
| /* If principals file or command specify, then require a match here */ |
/* If principals file or command specify, then require a match here */ |
| if (!found_principal && (principals_file != NULL || |
if (!found_principal && (principals_file != NULL || |
![[BACK]](/icons/back.gif){kind=icon}
Return to auth2-pubkey.c CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / src / usr.bin / ssh