summaryrefslogtreecommitdiff
path: root/auth-rsa.c
diff options
context:
space:
mode:
authorColin Watson <cjwatson@debian.org>2008-05-25 23:24:33 +0000
committerColin Watson <cjwatson@debian.org>2008-05-25 23:24:33 +0000
commitd61c655626e74e65dba34e4e9d5aa6616cc72f93 (patch)
tree039e0946fb19b073b13605142e5737875107dba9 /auth-rsa.c
parentfe3af0a26497234bbae83a25fadf81a78cf2cf66 (diff)
Log IP addresses of hosts attempting to use blacklisted keys (closes:
#481721).
Diffstat (limited to 'auth-rsa.c')
-rw-r--r--auth-rsa.c11
1 files changed, 7 insertions, 4 deletions
diff --git a/auth-rsa.c b/auth-rsa.c
index 87e1fbf59..898e9eb50 100644
--- a/auth-rsa.c
+++ b/auth-rsa.c
@@ -42,6 +42,7 @@
42#include "hostfile.h" 42#include "hostfile.h"
43#include "authfile.h" 43#include "authfile.h"
44#include "auth.h" 44#include "auth.h"
45#include "canohost.h"
45#ifdef GSSAPI 46#ifdef GSSAPI
46#include "ssh-gss.h" 47#include "ssh-gss.h"
47#endif 48#endif
@@ -270,11 +271,13 @@ auth_rsa_key_allowed(struct passwd *pw, BIGNUM *client_n, Key **rkey)
270 if (blacklisted_key(key) == 1) { 271 if (blacklisted_key(key) == 1) {
271 fp = key_fingerprint(key, SSH_FP_MD5, SSH_FP_HEX); 272 fp = key_fingerprint(key, SSH_FP_MD5, SSH_FP_HEX);
272 if (options.permit_blacklisted_keys) 273 if (options.permit_blacklisted_keys)
273 logit("Public key %s blacklisted (see " 274 logit("Public key %s from %s blacklisted (see "
274 "ssh-vulnkey(1)); continuing anyway", fp); 275 "ssh-vulnkey(1)); continuing anyway",
276 fp, get_remote_ipaddr());
275 else 277 else
276 logit("Public key %s blacklisted (see " 278 logit("Public key %s from %s blacklisted (see "
277 "ssh-vulnkey(1))", fp); 279 "ssh-vulnkey(1))",
280 fp, get_remote_ipaddr());
278 xfree(fp); 281 xfree(fp);
279 if (!options.permit_blacklisted_keys) 282 if (!options.permit_blacklisted_keys)
280 continue; 283 continue;
generated by cgit v1.2.3 (git 2.39.1) at 2024-07-20 12:02:18 +0000