summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authordjm@openbsd.org <djm@openbsd.org>2019-01-22 11:26:16 +0000
committerDamien Miller <djm@mindrot.org>2019-01-22 22:42:01 +1100
commitff5d2cf4ca373bb4002eef395ed2cbe2ff0826c1 (patch)
tree1e513adb14749af7094cf74055e462e4ce6c714e
parent180b520e2bab33b566b4b0cbac7d5f9940935011 (diff)
upstream: print the full pubkey being attempted at loglevel >=
debug2; bz2939 OpenBSD-Commit-ID: ac0fe5ca1429ebf4d460bad602adc96de0d7e290
-rw-r--r--auth2-pubkey.c18
1 files changed, 17 insertions, 1 deletions
diff --git a/auth2-pubkey.c b/auth2-pubkey.c
index 2fb5950ea..0b3975a74 100644
--- a/auth2-pubkey.c
+++ b/auth2-pubkey.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: auth2-pubkey.c,v 1.86 2018/09/20 03:28:06 djm Exp $ */ 1/* $OpenBSD: auth2-pubkey.c,v 1.87 2019/01/22 11:26:16 djm Exp $ */
2/* 2/*
3 * Copyright (c) 2000 Markus Friedl. All rights reserved. 3 * Copyright (c) 2000 Markus Friedl. All rights reserved.
4 * 4 *
@@ -102,6 +102,22 @@ userauth_pubkey(struct ssh *ssh)
102 (r = sshpkt_get_cstring(ssh, &pkalg, NULL)) != 0 || 102 (r = sshpkt_get_cstring(ssh, &pkalg, NULL)) != 0 ||
103 (r = sshpkt_get_string(ssh, &pkblob, &blen)) != 0) 103 (r = sshpkt_get_string(ssh, &pkblob, &blen)) != 0)
104 fatal("%s: parse request failed: %s", __func__, ssh_err(r)); 104 fatal("%s: parse request failed: %s", __func__, ssh_err(r));
105
106 if (log_level_get() >= SYSLOG_LEVEL_DEBUG2) {
107 char *keystring;
108 struct sshbuf *pkbuf;
109
110 if ((pkbuf = sshbuf_from(pkblob, blen)) == NULL)
111 fatal("%s: sshbuf_from failed", __func__);
112 if ((keystring = sshbuf_dtob64(pkbuf)) == NULL)
113 fatal("%s: sshbuf_dtob64 failed", __func__);
114 debug2("%s: %s user %s %s public key %s %s", __func__,
115 authctxt->valid ? "valid" : "invalid", authctxt->user,
116 have_sig ? "attempting" : "querying", pkalg, keystring);
117 sshbuf_free(pkbuf);
118 free(keystring);
119 }
120
105 pktype = sshkey_type_from_name(pkalg); 121 pktype = sshkey_type_from_name(pkalg);
106 if (pktype == KEY_UNSPEC) { 122 if (pktype == KEY_UNSPEC) {
107 /* this is perfectly legal */ 123 /* this is perfectly legal */