summaryrefslogtreecommitdiff
path: root/auth2-pubkey.c
diff options
context:
space:
mode:
authorColin Watson <cjwatson@debian.org>2008-05-26 22:16:40 +0000
committerColin Watson <cjwatson@debian.org>2008-05-26 22:16:40 +0000
commit93e9c23240b154d074dc33f26ccb23f8874f8c3a (patch)
tree2348f401a2148e4ea2e23e09c6ab1be5cf525003 /auth2-pubkey.c
parent85825a2f1ca42576b0f9cd2b170314c107b9af26 (diff)
Refactor rejection of blacklisted user keys into a single
reject_blacklisted_key function in auth.c (thanks, Dmitry V. Levin).
Diffstat (limited to 'auth2-pubkey.c')
-rw-r--r--auth2-pubkey.c18
1 files changed, 2 insertions, 16 deletions
diff --git a/auth2-pubkey.c b/auth2-pubkey.c
index 0870d64f6..4f305ef1b 100644
--- a/auth2-pubkey.c
+++ b/auth2-pubkey.c
@@ -42,7 +42,6 @@
42#include "compat.h" 42#include "compat.h"
43#include "key.h" 43#include "key.h"
44#include "hostfile.h" 44#include "hostfile.h"
45#include "authfile.h"
46#include "auth.h" 45#include "auth.h"
47#include "pathnames.h" 46#include "pathnames.h"
48#include "uidswap.h" 47#include "uidswap.h"
@@ -270,24 +269,11 @@ user_key_allowed2(struct passwd *pw, Key *key, char *file)
270int 269int
271user_key_allowed(struct passwd *pw, Key *key) 270user_key_allowed(struct passwd *pw, Key *key)
272{ 271{
273 char *fp;
274 int success; 272 int success;
275 char *file; 273 char *file;
276 274
277 if (blacklisted_key(key) == 1) { 275 if (reject_blacklisted_key(key, 0) == 1)
278 fp = key_fingerprint(key, SSH_FP_MD5, SSH_FP_HEX); 276 return 0;
279 if (options.permit_blacklisted_keys)
280 logit("Public key %s from %s blacklisted (see "
281 "ssh-vulnkey(1)); continuing anyway",
282 fp, get_remote_ipaddr());
283 else
284 logit("Public key %s from %s blacklisted (see "
285 "ssh-vulnkey(1))",
286 fp, get_remote_ipaddr());
287 xfree(fp);
288 if (!options.permit_blacklisted_keys)
289 return 0;
290 }
291 277
292 file = authorized_keys_file(pw); 278 file = authorized_keys_file(pw);
293 success = user_key_allowed2(pw, key, file); 279 success = user_key_allowed2(pw, key, file);