version 1.62, 2017/01/30 01:03:00 |
version 1.63, 2017/05/30 08:52:19 |
|
|
userauth_pubkey(Authctxt *authctxt) |
userauth_pubkey(Authctxt *authctxt) |
{ |
{ |
Buffer b; |
Buffer b; |
Key *key = NULL; |
struct sshkey *key = NULL; |
char *pkalg, *userstyle, *fp = NULL; |
char *pkalg, *userstyle, *fp = NULL; |
u_char *pkblob, *sig; |
u_char *pkblob, *sig; |
u_int alen, blen, slen; |
u_int alen, blen, slen; |
|
|
} |
} |
|
|
void |
void |
pubkey_auth_info(Authctxt *authctxt, const Key *key, const char *fmt, ...) |
pubkey_auth_info(Authctxt *authctxt, const struct sshkey *key, |
|
const char *fmt, ...) |
{ |
{ |
char *fp, *extra; |
char *fp, *extra; |
va_list ap; |
va_list ap; |
|
|
* returns 1 if the key is allowed or 0 otherwise. |
* returns 1 if the key is allowed or 0 otherwise. |
*/ |
*/ |
static int |
static int |
check_authkeys_file(FILE *f, char *file, Key* key, struct passwd *pw) |
check_authkeys_file(FILE *f, char *file, struct sshkey* key, struct passwd *pw) |
{ |
{ |
char line[SSH_MAX_PUBKEY_BYTES]; |
char line[SSH_MAX_PUBKEY_BYTES]; |
int found_key = 0; |
int found_key = 0; |
u_long linenum = 0; |
u_long linenum = 0; |
Key *found; |
struct sshkey *found; |
|
|
found_key = 0; |
found_key = 0; |
|
|
|
|
|
|
/* Authenticate a certificate key against TrustedUserCAKeys */ |
/* Authenticate a certificate key against TrustedUserCAKeys */ |
static int |
static int |
user_cert_trusted_ca(struct passwd *pw, Key *key) |
user_cert_trusted_ca(struct passwd *pw, struct sshkey *key) |
{ |
{ |
char *ca_fp, *principals_file = NULL; |
char *ca_fp, *principals_file = NULL; |
const char *reason; |
const char *reason; |
|
|
* returns 1 if the key is allowed or 0 otherwise. |
* returns 1 if the key is allowed or 0 otherwise. |
*/ |
*/ |
static int |
static int |
user_key_allowed2(struct passwd *pw, Key *key, char *file) |
user_key_allowed2(struct passwd *pw, struct sshkey *key, char *file) |
{ |
{ |
FILE *f; |
FILE *f; |
int found_key = 0; |
int found_key = 0; |
|
|
* returns 1 if the key is allowed or 0 otherwise. |
* returns 1 if the key is allowed or 0 otherwise. |
*/ |
*/ |
static int |
static int |
user_key_command_allowed2(struct passwd *user_pw, Key *key) |
user_key_command_allowed2(struct passwd *user_pw, struct sshkey *key) |
{ |
{ |
FILE *f = NULL; |
FILE *f = NULL; |
int r, ok, found_key = 0; |
int r, ok, found_key = 0; |
|
|
* Check whether key authenticates and authorises the user. |
* Check whether key authenticates and authorises the user. |
*/ |
*/ |
int |
int |
user_key_allowed(struct passwd *pw, Key *key, int auth_attempt) |
user_key_allowed(struct passwd *pw, struct sshkey *key, int auth_attempt) |
{ |
{ |
u_int success, i; |
u_int success, i; |
char *file; |
char *file; |