variable renames, store key type

author: Andrew Cady <d@jerkface.net> 2018-08-26 07:31:58 -0400
committer: Andrew Cady <d@jerkface.net> 2019-06-06 11:52:35 -0400
commit: 4738aeb85fa56865244969dee521ef7f24d4f7c1 (patch)
tree: 961b1a1e035958884d1d5405e63fa1045fc3b128
parent: 25fc10d774e95dff10918b889e61f171d6081d95 (diff)
4 files changed, 17 insertions, 11 deletions
diff --git a/auth-options.c b/auth-options.c
index d4569b091..1337121ef 100644
--- a/auth-options.c
+++ b/auth-options.c
@@ -39,8 +39,9 @@
 #include "ssh2.h"
 #include "auth-options.h"
-char *wildcard_match = NULL;
+char *wildcard_remote_key = NULL;
-char *wildcard_fingerprint = NULL;
+char *wildcard_remote_key_type = NULL;
+char *wildcard_remote_key_fingerprint = NULL;
 /*
 * Match flag 'opt' in *optsp, and if allow_negate is set then also match
diff --git a/auth-options.h b/auth-options.h
index a6efa8ee3..5773812bf 100644
--- a/auth-options.h
+++ b/auth-options.h
@@ -67,9 +67,9 @@ struct sshauthopt {
        char *required_from_host_keys;
 };
+extern char *wildcard_remote_key;
-extern char *wildcard_match;
+extern char *wildcard_remote_key_type;
-extern char *wildcard_fingerprint;
+extern char *wildcard_remote_key_fingerprint;
 struct sshauthopt *sshauthopt_new(void);
 struct sshauthopt *sshauthopt_new_with_keys_defaults(void);
diff --git a/auth2-pubkey.c b/auth2-pubkey.c
index bf075c47d..d630d43ef 100644
--- a/auth2-pubkey.c
+++ b/auth2-pubkey.c
@@ -620,12 +620,13 @@ check_authkey_line(struct ssh *ssh, struct passwd *pw, struct sshkey *key,
                        goto fail_reason;
                }
-                wildcard_match = keytext;
+                wildcard_remote_key = keytext;
-                wildcard_fingerprint = sshkey_fingerprint(key, SSH_DIGEST_SHA256, SSH_FP_HEX);
+                wildcard_remote_key_type = sshkey_type(key);
+                wildcard_remote_key_fingerprint = sshkey_fingerprint(key, SSH_DIGEST_SHA256, SSH_FP_HEX);
                verbose("Accepted wildcard authorization for %s key %s with forced_command=%s",
                                                sshkey_type(key),
-                                                wildcard_fingerprint,
+                                                wildcard_remote_key_fingerprint,
                                                keyopts->force_command);
                finalopts = keyopts;
diff --git a/session.c b/session.c
index a5634ccc2..fca7e4095 100644
--- a/session.c
+++ b/session.c
@@ -1094,11 +1094,15 @@ do_setup_env(struct ssh *ssh, Session *s, const char *shell)
                child_set_env(&env, &envsize, "TERM", s->term);
        if (s->display)
                child_set_env(&env, &envsize, "DISPLAY", s->display);
-        if (wildcard_match) {
+        if (wildcard_remote_key) {
+    /* This is basically obsolete because of SSH_USER_AUTH */
+    /* I'm leaving it here only because I have code that uses these variables. */
                child_set_env(&env, &envsize, "SSH_REMOTE_KEY",
-                    wildcard_match);
+                        wildcard_remote_key);
+                child_set_env(&env, &envsize, "SSH_REMOTE_KEY_TYPE",
+                        wildcard_remote_key_type);
                child_set_env(&env, &envsize, "SSH_REMOTE_FINGERPRINT",
-                    wildcard_fingerprint);
+                        wildcard_remote_key_fingerprint);
        }
author	Andrew Cady <d@jerkface.net>	2018-08-26 07:31:58 -0400
committer	Andrew Cady <d@jerkface.net>	2019-06-06 11:52:35 -0400
commit	4738aeb85fa56865244969dee521ef7f24d4f7c1 (patch)
tree	961b1a1e035958884d1d5405e63fa1045fc3b128
parent	25fc10d774e95dff10918b889e61f171d6081d95 (diff)

diff --git a/auth-options.c b/auth-options.c index d4569b091..1337121ef 100644 --- a/auth-options.c +++ b/auth-options.c
@@ -39,8 +39,9 @@
39	#include "ssh2.h"	39	#include "ssh2.h"
40	#include "auth-options.h"	40	#include "auth-options.h"
41		41
42	char *wildcard_match = NULL;	42	char *wildcard_remote_key = NULL;
43	char *wildcard_fingerprint = NULL;	43	char *wildcard_remote_key_type = NULL;
		44	char *wildcard_remote_key_fingerprint = NULL;
44		45
45	/*	46	/*
46	* Match flag 'opt' in *optsp, and if allow_negate is set then also match	47	* Match flag 'opt' in *optsp, and if allow_negate is set then also match


diff --git a/auth-options.h b/auth-options.h index a6efa8ee3..5773812bf 100644 --- a/auth-options.h +++ b/auth-options.h
@@ -67,9 +67,9 @@ struct sshauthopt {
67	char *required_from_host_keys;	67	char *required_from_host_keys;
68	};	68	};
69		69
70		70	extern char *wildcard_remote_key;
71	extern char *wildcard_match;	71	extern char *wildcard_remote_key_type;
72	extern char *wildcard_fingerprint;	72	extern char *wildcard_remote_key_fingerprint;
73		73
74	struct sshauthopt *sshauthopt_new(void);	74	struct sshauthopt *sshauthopt_new(void);
75	struct sshauthopt *sshauthopt_new_with_keys_defaults(void);	75	struct sshauthopt *sshauthopt_new_with_keys_defaults(void);


diff --git a/auth2-pubkey.c b/auth2-pubkey.c index bf075c47d..d630d43ef 100644 --- a/auth2-pubkey.c +++ b/auth2-pubkey.c
@@ -620,12 +620,13 @@ check_authkey_line(struct ssh ssh, struct passwd pw, struct sshkey *key,
620	goto fail_reason;	620	goto fail_reason;
621	}	621	}
622		622
623	wildcard_match = keytext;	623	wildcard_remote_key = keytext;
624	wildcard_fingerprint = sshkey_fingerprint(key, SSH_DIGEST_SHA256, SSH_FP_HEX);	624	wildcard_remote_key_type = sshkey_type(key);
		625	wildcard_remote_key_fingerprint = sshkey_fingerprint(key, SSH_DIGEST_SHA256, SSH_FP_HEX);
625		626
626	verbose("Accepted wildcard authorization for %s key %s with forced_command=%s",	627	verbose("Accepted wildcard authorization for %s key %s with forced_command=%s",
627	sshkey_type(key),	628	sshkey_type(key),
628	wildcard_fingerprint,	629	wildcard_remote_key_fingerprint,
629	keyopts->force_command);	630	keyopts->force_command);
630		631
631	finalopts = keyopts;	632	finalopts = keyopts;


diff --git a/session.c b/session.c index a5634ccc2..fca7e4095 100644 --- a/session.c +++ b/session.c
@@ -1094,11 +1094,15 @@ do_setup_env(struct ssh ssh, Session s, const char *shell)
1094	child_set_env(&env, &envsize, "TERM", s->term);	1094	child_set_env(&env, &envsize, "TERM", s->term);
1095	if (s->display)	1095	if (s->display)
1096	child_set_env(&env, &envsize, "DISPLAY", s->display);	1096	child_set_env(&env, &envsize, "DISPLAY", s->display);
1097	if (wildcard_match) {	1097	if (wildcard_remote_key) {
		1098	/* This is basically obsolete because of SSH_USER_AUTH */
		1099	/* I'm leaving it here only because I have code that uses these variables. */
1098	child_set_env(&env, &envsize, "SSH_REMOTE_KEY",	1100	child_set_env(&env, &envsize, "SSH_REMOTE_KEY",
1099	wildcard_match);	1101	wildcard_remote_key);
		1102	child_set_env(&env, &envsize, "SSH_REMOTE_KEY_TYPE",
		1103	wildcard_remote_key_type);
1100	child_set_env(&env, &envsize, "SSH_REMOTE_FINGERPRINT",	1104	child_set_env(&env, &envsize, "SSH_REMOTE_FINGERPRINT",
1101	wildcard_fingerprint);	1105	wildcard_remote_key_fingerprint);
1102	}	1106	}
1103		1107
1104		1108