diff options
author | djm@openbsd.org <djm@openbsd.org> | 2019-01-22 11:26:16 +0000 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 2019-01-22 22:42:01 +1100 |
commit | ff5d2cf4ca373bb4002eef395ed2cbe2ff0826c1 (patch) | |
tree | 1e513adb14749af7094cf74055e462e4ce6c714e | |
parent | 180b520e2bab33b566b4b0cbac7d5f9940935011 (diff) |
upstream: print the full pubkey being attempted at loglevel >=
debug2; bz2939
OpenBSD-Commit-ID: ac0fe5ca1429ebf4d460bad602adc96de0d7e290
-rw-r--r-- | auth2-pubkey.c | 18 |
1 files changed, 17 insertions, 1 deletions
diff --git a/auth2-pubkey.c b/auth2-pubkey.c index 2fb5950ea..0b3975a74 100644 --- a/auth2-pubkey.c +++ b/auth2-pubkey.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: auth2-pubkey.c,v 1.86 2018/09/20 03:28:06 djm Exp $ */ | 1 | /* $OpenBSD: auth2-pubkey.c,v 1.87 2019/01/22 11:26:16 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 2000 Markus Friedl. All rights reserved. | 3 | * Copyright (c) 2000 Markus Friedl. All rights reserved. |
4 | * | 4 | * |
@@ -102,6 +102,22 @@ userauth_pubkey(struct ssh *ssh) | |||
102 | (r = sshpkt_get_cstring(ssh, &pkalg, NULL)) != 0 || | 102 | (r = sshpkt_get_cstring(ssh, &pkalg, NULL)) != 0 || |
103 | (r = sshpkt_get_string(ssh, &pkblob, &blen)) != 0) | 103 | (r = sshpkt_get_string(ssh, &pkblob, &blen)) != 0) |
104 | fatal("%s: parse request failed: %s", __func__, ssh_err(r)); | 104 | fatal("%s: parse request failed: %s", __func__, ssh_err(r)); |
105 | |||
106 | if (log_level_get() >= SYSLOG_LEVEL_DEBUG2) { | ||
107 | char *keystring; | ||
108 | struct sshbuf *pkbuf; | ||
109 | |||
110 | if ((pkbuf = sshbuf_from(pkblob, blen)) == NULL) | ||
111 | fatal("%s: sshbuf_from failed", __func__); | ||
112 | if ((keystring = sshbuf_dtob64(pkbuf)) == NULL) | ||
113 | fatal("%s: sshbuf_dtob64 failed", __func__); | ||
114 | debug2("%s: %s user %s %s public key %s %s", __func__, | ||
115 | authctxt->valid ? "valid" : "invalid", authctxt->user, | ||
116 | have_sig ? "attempting" : "querying", pkalg, keystring); | ||
117 | sshbuf_free(pkbuf); | ||
118 | free(keystring); | ||
119 | } | ||
120 | |||
105 | pktype = sshkey_type_from_name(pkalg); | 121 | pktype = sshkey_type_from_name(pkalg); |
106 | if (pktype == KEY_UNSPEC) { | 122 | if (pktype == KEY_UNSPEC) { |
107 | /* this is perfectly legal */ | 123 | /* this is perfectly legal */ |