diff options
author | Colin Watson <cjwatson@debian.org> | 2011-07-28 14:32:20 +0100 |
---|---|---|
committer | Colin Watson <cjwatson@debian.org> | 2011-07-28 14:32:20 +0100 |
commit | 7a15b74572af22c2642ce0b125a90f35a92a10b4 (patch) | |
tree | 5a93c65cbc21e3657703863169a17390da156e6b /auth2-pubkey.c | |
parent | b231e29fdc2c76309619e2fbc45e5779df4fe147 (diff) |
Quieten logs when multiple from= restrictions are used in different
authorized_keys lines for the same key; it's still not ideal, but at
least you'll only get one log entry per key (closes: #630606).
Diffstat (limited to 'auth2-pubkey.c')
-rw-r--r-- | auth2-pubkey.c | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/auth2-pubkey.c b/auth2-pubkey.c index 62a553612..dbf0d0d22 100644 --- a/auth2-pubkey.c +++ b/auth2-pubkey.c | |||
@@ -211,6 +211,7 @@ match_principals_file(char *file, struct passwd *pw, struct KeyCert *cert) | |||
211 | restore_uid(); | 211 | restore_uid(); |
212 | return 0; | 212 | return 0; |
213 | } | 213 | } |
214 | auth_start_parse_options(); | ||
214 | while (read_keyfile_line(f, file, line, sizeof(line), &linenum) != -1) { | 215 | while (read_keyfile_line(f, file, line, sizeof(line), &linenum) != -1) { |
215 | /* Skip leading whitespace. */ | 216 | /* Skip leading whitespace. */ |
216 | for (cp = line; *cp == ' ' || *cp == '\t'; cp++) | 217 | for (cp = line; *cp == ' ' || *cp == '\t'; cp++) |
@@ -280,6 +281,8 @@ user_key_allowed2(struct passwd *pw, Key *key, char *file) | |||
280 | found_key = 0; | 281 | found_key = 0; |
281 | found = key_new(key_is_cert(key) ? KEY_UNSPEC : key->type); | 282 | found = key_new(key_is_cert(key) ? KEY_UNSPEC : key->type); |
282 | 283 | ||
284 | auth_start_parse_options(); | ||
285 | |||
283 | while (read_keyfile_line(f, file, line, sizeof(line), &linenum) != -1) { | 286 | while (read_keyfile_line(f, file, line, sizeof(line), &linenum) != -1) { |
284 | char *cp, *key_options = NULL; | 287 | char *cp, *key_options = NULL; |
285 | 288 | ||
@@ -416,6 +419,7 @@ user_cert_trusted_ca(struct passwd *pw, Key *key) | |||
416 | if (key_cert_check_authority(key, 0, 1, | 419 | if (key_cert_check_authority(key, 0, 1, |
417 | principals_file == NULL ? pw->pw_name : NULL, &reason) != 0) | 420 | principals_file == NULL ? pw->pw_name : NULL, &reason) != 0) |
418 | goto fail_reason; | 421 | goto fail_reason; |
422 | auth_start_parse_options(); | ||
419 | if (auth_cert_options(key, pw) != 0) | 423 | if (auth_cert_options(key, pw) != 0) |
420 | goto out; | 424 | goto out; |
421 | 425 | ||