diff options
author | Damien Miller <djm@mindrot.org> | 2012-10-31 08:58:58 +1100 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 2012-10-31 08:58:58 +1100 |
commit | 09d3e1251250dcf45e5434cd474430e4ec5e8639 (patch) | |
tree | 674ce6528821636740dce3a32ac1634b397643c9 /auth-rsa.c | |
parent | 07daed505f1cd6a0beff4d060b588debcc1ca8c8 (diff) |
- djm@cvs.openbsd.org 2012/10/30 21:29:55
[auth-rsa.c auth.c auth.h auth2-pubkey.c servconf.c servconf.h]
[sshd.c sshd_config sshd_config.5]
new sshd_config option AuthorizedKeysCommand to support fetching
authorized_keys from a command in addition to (or instead of) from
the filesystem. The command is run as the target server user unless
another specified via a new AuthorizedKeysCommandUser option.
patch originally by jchadima AT redhat.com, reworked by me; feedback
and ok markus@
Diffstat (limited to 'auth-rsa.c')
-rw-r--r-- | auth-rsa.c | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/auth-rsa.c b/auth-rsa.c index 4ab46cd51..2c8a7cb35 100644 --- a/auth-rsa.c +++ b/auth-rsa.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: auth-rsa.c,v 1.80 2011/05/23 03:30:07 djm Exp $ */ | 1 | /* $OpenBSD: auth-rsa.c,v 1.81 2012/10/30 21:29:54 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
@@ -276,6 +276,8 @@ auth_rsa_key_allowed(struct passwd *pw, BIGNUM *client_n, Key **rkey) | |||
276 | temporarily_use_uid(pw); | 276 | temporarily_use_uid(pw); |
277 | 277 | ||
278 | for (i = 0; !allowed && i < options.num_authkeys_files; i++) { | 278 | for (i = 0; !allowed && i < options.num_authkeys_files; i++) { |
279 | if (strcasecmp(options.authorized_keys_files[i], "none") == 0) | ||
280 | continue; | ||
279 | file = expand_authorized_keys( | 281 | file = expand_authorized_keys( |
280 | options.authorized_keys_files[i], pw); | 282 | options.authorized_keys_files[i], pw); |
281 | allowed = rsa_key_allowed_in_file(pw, file, client_n, rkey); | 283 | allowed = rsa_key_allowed_in_file(pw, file, client_n, rkey); |