[BACK]Return to auth2-pubkey.c CVS log [TXT][DIR] Up to [local] / src / usr.bin / ssh

Diff for /src/usr.bin/ssh/auth2-pubkey.c between version 1.59 and 1.60

version 1.59, 2016/09/21 17:44:20 version 1.60, 2016/11/30 02:57:40
Line 754 
Line 754 
 check_authkeys_file(FILE *f, char *file, Key* key, struct passwd *pw)  check_authkeys_file(FILE *f, char *file, Key* key, struct passwd *pw)
 {  {
         char line[SSH_MAX_PUBKEY_BYTES];          char line[SSH_MAX_PUBKEY_BYTES];
         const char *reason;  
         int found_key = 0;          int found_key = 0;
         u_long linenum = 0;          u_long linenum = 0;
         Key *found;          Key *found;
         char *fp;  
   
         found_key = 0;          found_key = 0;
   
         found = NULL;          found = NULL;
         while (read_keyfile_line(f, file, line, sizeof(line), &linenum) != -1) {          while (read_keyfile_line(f, file, line, sizeof(line), &linenum) != -1) {
                 char *cp, *key_options = NULL;                  char *cp, *key_options = NULL, *fp = NULL;
                   const char *reason = NULL;
   
                 if (found != NULL)                  if (found != NULL)
                         key_free(found);                          key_free(found);
                 found = key_new(key_is_cert(key) ? KEY_UNSPEC : key->type);                  found = key_new(key_is_cert(key) ? KEY_UNSPEC : key->type);
Line 829 
Line 829 
                             authorized_principals == NULL ? pw->pw_name : NULL,                              authorized_principals == NULL ? pw->pw_name : NULL,
                             &reason) != 0)                              &reason) != 0)
                                 goto fail_reason;                                  goto fail_reason;
                         if (auth_cert_options(key, pw) != 0) {                          if (auth_cert_options(key, pw, &reason) != 0)
                                 free(fp);                                  goto fail_reason;
                                 continue;  
                         }  
                         verbose("Accepted certificate ID \"%s\" (serial %llu) "                          verbose("Accepted certificate ID \"%s\" (serial %llu) "
                             "signed by %s CA %s via %s", key->cert->key_id,                              "signed by %s CA %s via %s", key->cert->key_id,
                             (unsigned long long)key->cert->serial,                              (unsigned long long)key->cert->serial,
Line 910 
Line 908 
         if (key_cert_check_authority(key, 0, 1,          if (key_cert_check_authority(key, 0, 1,
             use_authorized_principals ? NULL : pw->pw_name, &reason) != 0)              use_authorized_principals ? NULL : pw->pw_name, &reason) != 0)
                 goto fail_reason;                  goto fail_reason;
         if (auth_cert_options(key, pw) != 0)          if (auth_cert_options(key, pw, &reason) != 0)
                 goto out;                  goto fail_reason;
   
         verbose("Accepted certificate ID \"%s\" (serial %llu) signed by "          verbose("Accepted certificate ID \"%s\" (serial %llu) signed by "
             "%s CA %s via %s", key->cert->key_id,              "%s CA %s via %s", key->cert->key_id,
Legend:
Removed from v.1.59  
changed lines
  Added in v.1.60