diff options
author | Colin Watson <cjwatson@debian.org> | 2008-05-26 22:16:40 +0000 |
---|---|---|
committer | Colin Watson <cjwatson@debian.org> | 2008-05-26 22:16:40 +0000 |
commit | 93e9c23240b154d074dc33f26ccb23f8874f8c3a (patch) | |
tree | 2348f401a2148e4ea2e23e09c6ab1be5cf525003 /auth-rh-rsa.c | |
parent | 85825a2f1ca42576b0f9cd2b170314c107b9af26 (diff) |
Refactor rejection of blacklisted user keys into a single
reject_blacklisted_key function in auth.c (thanks, Dmitry V. Levin).
Diffstat (limited to 'auth-rh-rsa.c')
-rw-r--r-- | auth-rh-rsa.c | 19 |
1 files changed, 2 insertions, 17 deletions
diff --git a/auth-rh-rsa.c b/auth-rh-rsa.c index cd272e4ca..20ee7c6c4 100644 --- a/auth-rh-rsa.c +++ b/auth-rh-rsa.c | |||
@@ -20,7 +20,6 @@ | |||
20 | #include <pwd.h> | 20 | #include <pwd.h> |
21 | #include <stdarg.h> | 21 | #include <stdarg.h> |
22 | 22 | ||
23 | #include "xmalloc.h" | ||
24 | #include "packet.h" | 23 | #include "packet.h" |
25 | #include "uidswap.h" | 24 | #include "uidswap.h" |
26 | #include "log.h" | 25 | #include "log.h" |
@@ -28,7 +27,6 @@ | |||
28 | #include "servconf.h" | 27 | #include "servconf.h" |
29 | #include "key.h" | 28 | #include "key.h" |
30 | #include "hostfile.h" | 29 | #include "hostfile.h" |
31 | #include "authfile.h" | ||
32 | #include "pathnames.h" | 30 | #include "pathnames.h" |
33 | #include "auth.h" | 31 | #include "auth.h" |
34 | #include "canohost.h" | 32 | #include "canohost.h" |
@@ -44,23 +42,10 @@ int | |||
44 | auth_rhosts_rsa_key_allowed(struct passwd *pw, char *cuser, char *chost, | 42 | auth_rhosts_rsa_key_allowed(struct passwd *pw, char *cuser, char *chost, |
45 | Key *client_host_key) | 43 | Key *client_host_key) |
46 | { | 44 | { |
47 | char *fp; | ||
48 | HostStatus host_status; | 45 | HostStatus host_status; |
49 | 46 | ||
50 | if (blacklisted_key(client_host_key) == 1) { | 47 | if (reject_blacklisted_key(client_host_key, 0) == 1) |
51 | fp = key_fingerprint(client_host_key, SSH_FP_MD5, SSH_FP_HEX); | 48 | return 0; |
52 | if (options.permit_blacklisted_keys) | ||
53 | logit("Public key %s from %s blacklisted (see " | ||
54 | "ssh-vulnkey(1)); continuing anyway", | ||
55 | fp, get_remote_ipaddr()); | ||
56 | else | ||
57 | logit("Public key %s from %s blacklisted (see " | ||
58 | "ssh-vulnkey(1))", | ||
59 | fp, get_remote_ipaddr()); | ||
60 | xfree(fp); | ||
61 | if (!options.permit_blacklisted_keys) | ||
62 | return 0; | ||
63 | } | ||
64 | 49 | ||
65 | /* Check if we would accept it using rhosts authentication. */ | 50 | /* Check if we would accept it using rhosts authentication. */ |
66 | if (!auth_rhosts(pw, cuser)) | 51 | if (!auth_rhosts(pw, cuser)) |