version 1.66, 2017/05/31 09:15:42 |
version 1.67, 2017/05/31 10:54:00 |
|
|
} |
} |
|
|
static int |
static int |
process_principals(FILE *f, char *file, struct passwd *pw, |
process_principals(FILE *f, const char *file, struct passwd *pw, |
const struct sshkey_cert *cert) |
const struct sshkey_cert *cert) |
{ |
{ |
char line[SSH_MAX_PUBKEY_BYTES], *cp, *ep, *line_opts; |
char line[SSH_MAX_PUBKEY_BYTES], *cp, *ep, *line_opts; |
|
|
for (i = 0; i < cert->nprincipals; i++) { |
for (i = 0; i < cert->nprincipals; i++) { |
if (strcmp(cp, cert->principals[i]) == 0) { |
if (strcmp(cp, cert->principals[i]) == 0) { |
debug3("%s:%lu: matched principal \"%.100s\"", |
debug3("%s:%lu: matched principal \"%.100s\"", |
file == NULL ? "(command)" : file, |
file, linenum, cert->principals[i]); |
linenum, cert->principals[i]); |
|
if (auth_parse_options(pw, line_opts, |
if (auth_parse_options(pw, line_opts, |
file, linenum) != 1) |
file, linenum) != 1) |
continue; |
continue; |
|
|
uid_swapped = 1; |
uid_swapped = 1; |
temporarily_use_uid(pw); |
temporarily_use_uid(pw); |
|
|
ok = process_principals(f, NULL, pw, cert); |
ok = process_principals(f, "(command)", pw, cert); |
|
|
fclose(f); |
fclose(f); |
f = NULL; |
f = NULL; |