| version 1.79, 2018/06/06 18:29:18 |
version 1.80, 2018/07/03 11:39:54 |
|
|
| pktype = sshkey_type_from_name(pkalg); |
pktype = sshkey_type_from_name(pkalg); |
| if (pktype == KEY_UNSPEC) { |
if (pktype == KEY_UNSPEC) { |
| /* this is perfectly legal */ |
/* this is perfectly legal */ |
| logit("%s: unsupported public key algorithm: %s", |
verbose("%s: unsupported public key algorithm: %s", |
| __func__, pkalg); |
__func__, pkalg); |
| goto done; |
goto done; |
| } |
} |
|
|
| logit("refusing previously-used %s key", sshkey_type(key)); |
logit("refusing previously-used %s key", sshkey_type(key)); |
| goto done; |
goto done; |
| } |
} |
| if (match_pattern_list(sshkey_ssh_name(key), |
if (match_pattern_list(pkalg, options.pubkey_key_types, 0) != 1) { |
| options.pubkey_key_types, 0) != 1) { |
|
| logit("%s: key type %s not in PubkeyAcceptedKeyTypes", |
logit("%s: key type %s not in PubkeyAcceptedKeyTypes", |
| __func__, sshkey_ssh_name(key)); |
__func__, sshkey_ssh_name(key)); |
| goto done; |
goto done; |
|
|
| /* test for correct signature */ |
/* test for correct signature */ |
| authenticated = 0; |
authenticated = 0; |
| if (PRIVSEP(user_key_allowed(ssh, pw, key, 1, &authopts)) && |
if (PRIVSEP(user_key_allowed(ssh, pw, key, 1, &authopts)) && |
| PRIVSEP(sshkey_verify(key, sig, slen, sshbuf_ptr(b), |
PRIVSEP(sshkey_verify(key, sig, slen, |
| sshbuf_len(b), NULL, ssh->compat)) == 0) { |
sshbuf_ptr(b), sshbuf_len(b), |
| |
(ssh->compat & SSH_BUG_SIGTYPE) == 0 ? pkalg : NULL, |
| |
ssh->compat)) == 0) { |
| authenticated = 1; |
authenticated = 1; |
| } |
} |
| sshbuf_free(b); |
sshbuf_free(b); |
![[BACK]](/icons/back.gif){kind=icon}
Return to auth2-pubkey.c CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / src / usr.bin / ssh