diff options
| author | jsing@openbsd.org <jsing@openbsd.org> | 2015-06-15 18:44:22 +0000 |
|---|---|---|
| committer | Damien Miller <djm@mindrot.org> | 2015-06-17 22:12:05 +1000 |
| commit | 596dbca82f3f567fb3d2d69af4b4e1d3ba1e6403 (patch) | |
| tree | 83d8c183a65709172408da4b4473fe90ab9efca3 /auth2-pubkey.c | |
| parent | aff3e94c0d75d0d0fa84ea392b50ab04f8c57905 (diff) | |
upstream commit
If AuthorizedPrincipalsCommand is specified, however
AuthorizedPrincipalsFile is not (or is set to "none"), authentication will
potentially fail due to key_cert_check_authority() failing to locate a
principal that matches the username, even though an authorized principal has
already been matched in the output of the subprocess. Fix this by using the
same logic to determine if pw->pw_name should be passed, as is used to
determine if a authorized principal must be matched earlier on.
ok djm@
Upstream-ID: 43b42302ec846b0ea68aceb40677245391b9409d
Diffstat (limited to 'auth2-pubkey.c')
| -rw-r--r-- | auth2-pubkey.c | 13 |
1 files changed, 7 insertions, 6 deletions
diff --git a/auth2-pubkey.c b/auth2-pubkey.c index c820c2816..5aa319ccc 100644 --- a/auth2-pubkey.c +++ b/auth2-pubkey.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: auth2-pubkey.c,v 1.52 2015/06/15 18:42:19 jsing Exp $ */ | 1 | /* $OpenBSD: auth2-pubkey.c,v 1.53 2015/06/15 18:44:22 jsing Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Copyright (c) 2000 Markus Friedl. All rights reserved. | 3 | * Copyright (c) 2000 Markus Friedl. All rights reserved. |
| 4 | * | 4 | * |
| @@ -831,7 +831,7 @@ user_cert_trusted_ca(struct passwd *pw, Key *key) | |||
| 831 | { | 831 | { |
| 832 | char *ca_fp, *principals_file = NULL; | 832 | char *ca_fp, *principals_file = NULL; |
| 833 | const char *reason; | 833 | const char *reason; |
| 834 | int ret = 0, found_principal = 0; | 834 | int ret = 0, found_principal = 0, use_authorized_principals; |
| 835 | 835 | ||
| 836 | if (!key_is_cert(key) || options.trusted_user_ca_keys == NULL) | 836 | if (!key_is_cert(key) || options.trusted_user_ca_keys == NULL) |
| 837 | return 0; | 837 | return 0; |
| @@ -859,9 +859,10 @@ user_cert_trusted_ca(struct passwd *pw, Key *key) | |||
| 859 | /* Try querying command if specified */ | 859 | /* Try querying command if specified */ |
| 860 | if (!found_principal && match_principals_command(pw, key->cert)) | 860 | if (!found_principal && match_principals_command(pw, key->cert)) |
| 861 | found_principal = 1; | 861 | found_principal = 1; |
| 862 | /* If principals file or command specify, then require a match here */ | 862 | /* If principals file or command is specified, then require a match */ |
| 863 | if (!found_principal && (principals_file != NULL || | 863 | use_authorized_principals = principals_file != NULL || |
| 864 | options.authorized_principals_command != NULL)) { | 864 | options.authorized_principals_command != NULL; |
| 865 | if (!found_principal && use_authorized_principals) { | ||
| 865 | reason = "Certificate does not contain an authorized principal"; | 866 | reason = "Certificate does not contain an authorized principal"; |
| 866 | fail_reason: | 867 | fail_reason: |
| 867 | error("%s", reason); | 868 | error("%s", reason); |
| @@ -869,7 +870,7 @@ user_cert_trusted_ca(struct passwd *pw, Key *key) | |||
| 869 | goto out; | 870 | goto out; |
| 870 | } | 871 | } |
| 871 | if (key_cert_check_authority(key, 0, 1, | 872 | if (key_cert_check_authority(key, 0, 1, |
| 872 | principals_file == NULL ? pw->pw_name : NULL, &reason) != 0) | 873 | use_authorized_principals ? NULL : pw->pw_name, &reason) != 0) |
| 873 | goto fail_reason; | 874 | goto fail_reason; |
| 874 | if (auth_cert_options(key, pw) != 0) | 875 | if (auth_cert_options(key, pw) != 0) |
| 875 | goto out; | 876 | goto out; |