| version 1.285, 2022/01/01 04:18:06 |
version 1.286, 2022/01/12 03:30:32 |
|
|
| const struct dest_constraint_hop *dch) |
const struct dest_constraint_hop *dch) |
| { |
{ |
| const char *reason = NULL; |
const char *reason = NULL; |
| |
const char *hostname = dch->hostname ? dch->hostname : "(ORIGIN)"; |
| u_int i; |
u_int i; |
| char *fp; |
char *fp; |
| |
|
|
|
| SSH_FP_DEFAULT)) == NULL) |
SSH_FP_DEFAULT)) == NULL) |
| fatal_f("fingerprint failed"); |
fatal_f("fingerprint failed"); |
| debug3_f("%s: entering hostname %s, requested key %s %s, %u keys avail", |
debug3_f("%s: entering hostname %s, requested key %s %s, %u keys avail", |
| tag, dch->hostname, sshkey_type(key), fp, dch->nkeys); |
tag, hostname, sshkey_type(key), fp, dch->nkeys); |
| free(fp); |
free(fp); |
| for (i = 0; i < dch->nkeys; i++) { |
for (i = 0; i < dch->nkeys; i++) { |
| if (dch->keys[i] == NULL) |
if (dch->keys[i] == NULL) |
|
|
| return -1; /* shouldn't happen */ |
return -1; /* shouldn't happen */ |
| if (!sshkey_equal(key->cert->signature_key, dch->keys[i])) |
if (!sshkey_equal(key->cert->signature_key, dch->keys[i])) |
| continue; |
continue; |
| if (sshkey_cert_check_host(key, dch->hostname, 1, |
if (sshkey_cert_check_host(key, hostname, 1, |
| SSH_ALLOWED_CA_SIGALGS, &reason) != 0) { |
SSH_ALLOWED_CA_SIGALGS, &reason) != 0) { |
| debug_f("cert %s / hostname %s rejected: %s", |
debug_f("cert %s / hostname %s rejected: %s", |
| key->cert->key_id, dch->hostname, reason); |
key->cert->key_id, hostname, reason); |
| continue; |
continue; |
| } |
} |
| return 0; |
return 0; |
![[BACK]](/icons/back.gif){kind=icon}
Return to ssh-agent.c CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / src / usr.bin / ssh