- dtucker@cvs.openbsd.org 2004/12/06 11:41:03

[auth-rsa.c auth2-pubkey.c authfile.c misc.c misc.h ssh.h sshd.8] Discard over-length authorized_keys entries rather than complaining when they don't decode. bz #884, with & ok djm@
author: Darren Tucker <dtucker@zip.com.au> 2004-12-06 22:47:41 +1100
committer: Darren Tucker <dtucker@zip.com.au> 2004-12-06 22:47:41 +1100
commit: 22cc741096c85ff211dfc4c910fd28ec4858ba83 (patch)
tree: 312742d9b3a62da80833cb224d1df1778b2104cd /auth2-pubkey.c
parent: 16e254d17934437a811e0019107ad53cdea8eb76 (diff)
1 files changed, 5 insertions, 4 deletions
diff --git a/auth2-pubkey.c b/auth2-pubkey.c
index bafea09da..41e23bebd 100644
--- a/auth2-pubkey.c
+++ b/auth2-pubkey.c
@@ -23,8 +23,9 @@
 */
 #include "includes.h"
-RCSID("$OpenBSD: auth2-pubkey.c,v 1.7 2004/06/21 17:36:31 avsm Exp $");
+RCSID("$OpenBSD: auth2-pubkey.c,v 1.8 2004/12/06 11:41:03 dtucker Exp $");
+#include "ssh.h"
 #include "ssh2.h"
 #include "xmalloc.h"
 #include "packet.h"
@@ -167,7 +168,7 @@ done:
 static int
 user_key_allowed2(struct passwd *pw, Key *key, char *file)
 {
-        char line[8192];
+        char line[SSH_MAX_PUBKEY_BYTES];
        int found_key = 0;
        FILE *f;
        u_long linenum = 0;
@@ -204,9 +205,9 @@ user_key_allowed2(struct passwd *pw, Key *key, char *file)
        found_key = 0;
        found = key_new(key->type);
-        while (fgets(line, sizeof(line), f)) {
+        while (read_keyfile_line(f, file, line, sizeof(line), &linenum) != -1) {
                char *cp, *key_options = NULL;
-                linenum++;
                /* Skip leading whitespace, empty and comment lines. */
                for (cp = line; *cp == ' ' || *cp == '\t'; cp++)
                        ;
author	Darren Tucker <dtucker@zip.com.au>	2004-12-06 22:47:41 +1100
committer	Darren Tucker <dtucker@zip.com.au>	2004-12-06 22:47:41 +1100
commit	22cc741096c85ff211dfc4c910fd28ec4858ba83 (patch)
tree	312742d9b3a62da80833cb224d1df1778b2104cd /auth2-pubkey.c
parent	16e254d17934437a811e0019107ad53cdea8eb76 (diff)

diff --git a/auth2-pubkey.c b/auth2-pubkey.c index bafea09da..41e23bebd 100644 --- a/auth2-pubkey.c +++ b/auth2-pubkey.c
@@ -23,8 +23,9 @@
23	*/	23	*/
24		24
25	#include "includes.h"	25	#include "includes.h"
26	RCSID("$OpenBSD: auth2-pubkey.c,v 1.7 2004/06/21 17:36:31 avsm Exp $");	26	RCSID("$OpenBSD: auth2-pubkey.c,v 1.8 2004/12/06 11:41:03 dtucker Exp $");
27		27
		28	#include "ssh.h"
28	#include "ssh2.h"	29	#include "ssh2.h"
29	#include "xmalloc.h"	30	#include "xmalloc.h"
30	#include "packet.h"	31	#include "packet.h"
@@ -167,7 +168,7 @@ done:
167	static int	168	static int
168	user_key_allowed2(struct passwd pw, Key key, char *file)	169	user_key_allowed2(struct passwd pw, Key key, char *file)
169	{	170	{
170	char line[8192];	171	char line[SSH_MAX_PUBKEY_BYTES];
171	int found_key = 0;	172	int found_key = 0;
172	FILE *f;	173	FILE *f;
173	u_long linenum = 0;	174	u_long linenum = 0;
@@ -204,9 +205,9 @@ user_key_allowed2(struct passwd pw, Key key, char *file)
204	found_key = 0;	205	found_key = 0;
205	found = key_new(key->type);	206	found = key_new(key->type);
206		207
207	while (fgets(line, sizeof(line), f)) {	208	while (read_keyfile_line(f, file, line, sizeof(line), &linenum) != -1) {
208	char cp, key_options = NULL;	209	char cp, key_options = NULL;
209	linenum++;	210
210	/* Skip leading whitespace, empty and comment lines. */	211	/* Skip leading whitespace, empty and comment lines. */
211	for (cp = line; cp == ' ' \|\| cp == '\t'; cp++)	212	for (cp = line; cp == ' ' \|\| cp == '\t'; cp++)
212	;	213	;