- markus@cvs.openbsd.org 2002/05/23 19:24:30

     [authfile.c authfile.h pathnames.h ssh.c sshconnect.c sshconnect.h
      sshconnect1.c sshconnect2.c ssh-keysign.8 ssh-keysign.c Makefile.in]
     add /usr/libexec/ssh-keysign: a setuid helper program for hostbased
     authentication in protocol v2 (needs to access the hostkeys).

Note: Makefile.in untested.  Will test after merge is finished.

1 files changed, 7 insertions, 5 deletions

diff --git a/sshconnect1.c b/sshconnect1.c
index d2024a2b7..e28b7fc72 100644
--- a/sshconnect1.c
+++ b/sshconnect1.c
@@ -13,7 +13,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: sshconnect1.c,v 1.50 2002/04/21 16:25:06 stevesk Exp $");
+RCSID("$OpenBSD: sshconnect1.c,v 1.51 2002/05/23 19:24:30 markus Exp $");
 
 #include <openssl/bn.h>
 #include <openssl/md5.h>
@@ -1138,7 +1138,7 @@ ssh_kex(char *host, struct sockaddr *hostaddr)
  */
 void
 ssh_userauth1(const char *local_user, const char *server_user, char *host,
-    Key **keys, int nkeys)
+    Sensitive *sensitive)
 {
 #ifdef KRB5
         krb5_context context = NULL;
@@ -1224,9 +1224,11 @@ ssh_userauth1(const char *local_user, const char *server_user, char *host,
          */
         if ((supported_authentications & (1 << SSH_AUTH_RHOSTS_RSA)) &&
             options.rhosts_rsa_authentication) {
-                for (i = 0; i < nkeys; i++) {
-                        if (keys[i] != NULL && keys[i]->type == KEY_RSA1 &&
-                            try_rhosts_rsa_authentication(local_user, keys[i]))
+                for (i = 0; i < sensitive->nkeys; i++) {
+                        if (sensitive->keys[i] != NULL &&
+                            sensitive->keys[i]->type == KEY_RSA1 &&
+                            try_rhosts_rsa_authentication(local_user,
+                            sensitive->keys[i]))
                                 goto success;
                 }
         }