diff options
Diffstat (limited to 'auth2-hostbased.c')
-rw-r--r-- | auth2-hostbased.c | 11 |
1 files changed, 10 insertions, 1 deletions
diff --git a/auth2-hostbased.c b/auth2-hostbased.c index 2db3d2524..9f8a01cbe 100644 --- a/auth2-hostbased.c +++ b/auth2-hostbased.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: auth2-hostbased.c,v 1.21 2015/01/08 10:14:08 djm Exp $ */ | 1 | /* $OpenBSD: auth2-hostbased.c,v 1.22 2015/01/13 07:39:19 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 2000 Markus Friedl. All rights reserved. | 3 | * Copyright (c) 2000 Markus Friedl. All rights reserved. |
4 | * | 4 | * |
@@ -48,6 +48,7 @@ | |||
48 | #endif | 48 | #endif |
49 | #include "monitor_wrap.h" | 49 | #include "monitor_wrap.h" |
50 | #include "pathnames.h" | 50 | #include "pathnames.h" |
51 | #include "match.h" | ||
51 | 52 | ||
52 | /* import */ | 53 | /* import */ |
53 | extern ServerOptions options; | 54 | extern ServerOptions options; |
@@ -108,6 +109,14 @@ userauth_hostbased(Authctxt *authctxt) | |||
108 | "signature format"); | 109 | "signature format"); |
109 | goto done; | 110 | goto done; |
110 | } | 111 | } |
112 | if (match_pattern_list(sshkey_ssh_name(key), | ||
113 | options.hostbased_key_types, | ||
114 | strlen(options.hostbased_key_types), 0) != 1) { | ||
115 | logit("%s: key type %s not in HostbasedAcceptedKeyTypes", | ||
116 | __func__, sshkey_type(key)); | ||
117 | goto done; | ||
118 | } | ||
119 | |||
111 | service = datafellows & SSH_BUG_HBSERVICE ? "ssh-userauth" : | 120 | service = datafellows & SSH_BUG_HBSERVICE ? "ssh-userauth" : |
112 | authctxt->service; | 121 | authctxt->service; |
113 | buffer_init(&b); | 122 | buffer_init(&b); |