summaryrefslogtreecommitdiff
path: root/auth-rh-rsa.c
diff options
context:
space:
mode:
Diffstat (limited to 'auth-rh-rsa.c')
-rw-r--r--auth-rh-rsa.c16
1 files changed, 16 insertions, 0 deletions
diff --git a/auth-rh-rsa.c b/auth-rh-rsa.c
index eca750275..093461e83 100644
--- a/auth-rh-rsa.c
+++ b/auth-rh-rsa.c
@@ -20,6 +20,7 @@
20#include <pwd.h> 20#include <pwd.h>
21#include <stdarg.h> 21#include <stdarg.h>
22 22
23#include "xmalloc.h"
23#include "packet.h" 24#include "packet.h"
24#include "uidswap.h" 25#include "uidswap.h"
25#include "log.h" 26#include "log.h"
@@ -27,6 +28,7 @@
27#include "servconf.h" 28#include "servconf.h"
28#include "key.h" 29#include "key.h"
29#include "hostfile.h" 30#include "hostfile.h"
31#include "authfile.h"
30#include "pathnames.h" 32#include "pathnames.h"
31#include "auth.h" 33#include "auth.h"
32#include "canohost.h" 34#include "canohost.h"
@@ -42,8 +44,22 @@ int
42auth_rhosts_rsa_key_allowed(struct passwd *pw, char *cuser, char *chost, 44auth_rhosts_rsa_key_allowed(struct passwd *pw, char *cuser, char *chost,
43 Key *client_host_key) 45 Key *client_host_key)
44{ 46{
47 char *fp;
45 HostStatus host_status; 48 HostStatus host_status;
46 49
50 if (blacklisted_key(client_host_key)) {
51 fp = key_fingerprint(client_host_key, SSH_FP_MD5, SSH_FP_HEX);
52 if (options.permit_blacklisted_keys)
53 logit("Public key %s blacklisted (see "
54 "ssh-vulnkey(1)); continuing anyway", fp);
55 else
56 logit("Public key %s blacklisted (see "
57 "ssh-vulnkey(1))", fp);
58 xfree(fp);
59 if (!options.permit_blacklisted_keys)
60 return 0;
61 }
62
47 /* Check if we would accept it using rhosts authentication. */ 63 /* Check if we would accept it using rhosts authentication. */
48 if (!auth_rhosts(pw, cuser)) 64 if (!auth_rhosts(pw, cuser))
49 return 0; 65 return 0;
generated by cgit v1.2.3 (git 2.39.1) at 2024-11-13 10:13:45 +0000