diff options
author | Colin Watson <cjwatson@debian.org> | 2008-05-26 22:16:40 +0000 |
---|---|---|
committer | Colin Watson <cjwatson@debian.org> | 2008-05-26 22:16:40 +0000 |
commit | 93e9c23240b154d074dc33f26ccb23f8874f8c3a (patch) | |
tree | 2348f401a2148e4ea2e23e09c6ab1be5cf525003 /auth2-pubkey.c | |
parent | 85825a2f1ca42576b0f9cd2b170314c107b9af26 (diff) |
Refactor rejection of blacklisted user keys into a single
reject_blacklisted_key function in auth.c (thanks, Dmitry V. Levin).
Diffstat (limited to 'auth2-pubkey.c')
-rw-r--r-- | auth2-pubkey.c | 18 |
1 files changed, 2 insertions, 16 deletions
diff --git a/auth2-pubkey.c b/auth2-pubkey.c index 0870d64f6..4f305ef1b 100644 --- a/auth2-pubkey.c +++ b/auth2-pubkey.c | |||
@@ -42,7 +42,6 @@ | |||
42 | #include "compat.h" | 42 | #include "compat.h" |
43 | #include "key.h" | 43 | #include "key.h" |
44 | #include "hostfile.h" | 44 | #include "hostfile.h" |
45 | #include "authfile.h" | ||
46 | #include "auth.h" | 45 | #include "auth.h" |
47 | #include "pathnames.h" | 46 | #include "pathnames.h" |
48 | #include "uidswap.h" | 47 | #include "uidswap.h" |
@@ -270,24 +269,11 @@ user_key_allowed2(struct passwd *pw, Key *key, char *file) | |||
270 | int | 269 | int |
271 | user_key_allowed(struct passwd *pw, Key *key) | 270 | user_key_allowed(struct passwd *pw, Key *key) |
272 | { | 271 | { |
273 | char *fp; | ||
274 | int success; | 272 | int success; |
275 | char *file; | 273 | char *file; |
276 | 274 | ||
277 | if (blacklisted_key(key) == 1) { | 275 | if (reject_blacklisted_key(key, 0) == 1) |
278 | fp = key_fingerprint(key, SSH_FP_MD5, SSH_FP_HEX); | 276 | return 0; |
279 | if (options.permit_blacklisted_keys) | ||
280 | logit("Public key %s from %s blacklisted (see " | ||
281 | "ssh-vulnkey(1)); continuing anyway", | ||
282 | fp, get_remote_ipaddr()); | ||
283 | else | ||
284 | logit("Public key %s from %s blacklisted (see " | ||
285 | "ssh-vulnkey(1))", | ||
286 | fp, get_remote_ipaddr()); | ||
287 | xfree(fp); | ||
288 | if (!options.permit_blacklisted_keys) | ||
289 | return 0; | ||
290 | } | ||
291 | 277 | ||
292 | file = authorized_keys_file(pw); | 278 | file = authorized_keys_file(pw); |
293 | success = user_key_allowed2(pw, key, file); | 279 | success = user_key_allowed2(pw, key, file); |