1 files changed, 24 insertions, 48 deletions

diff --git a/auth2-pubkey.c b/auth2-pubkey.c
index 0b3975a74..df12c2c60 100644
--- a/auth2-pubkey.c
+++ b/auth2-pubkey.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: auth2-pubkey.c,v 1.87 2019/01/22 11:26:16 djm Exp $ */
+/* $OpenBSD: auth2-pubkey.c,v 1.94 2019/09/06 04:53:27 djm Exp $ */
 /*
  * Copyright (c) 2000 Markus Friedl.  All rights reserved.
  *
@@ -28,6 +28,7 @@
 #include <sys/types.h>
 #include <sys/stat.h>
 
+#include <stdlib.h>
 #include <errno.h>
 #include <fcntl.h>
 #ifdef HAVE_PATHS_H
@@ -109,7 +110,7 @@ userauth_pubkey(struct ssh *ssh)
 
                 if ((pkbuf = sshbuf_from(pkblob, blen)) == NULL)
                         fatal("%s: sshbuf_from failed", __func__);
-                if ((keystring = sshbuf_dtob64(pkbuf)) == NULL)
+                if ((keystring = sshbuf_dtob64_string(pkbuf, 0)) == NULL)
                         fatal("%s: sshbuf_dtob64 failed", __func__);
                 debug2("%s: %s user %s %s public key %s %s", __func__,
                     authctxt->valid ? "valid" : "invalid", authctxt->user,
@@ -418,7 +419,7 @@ match_principals_command(struct ssh *ssh, struct passwd *user_pw,
         pid_t pid;
         char *tmp, *username = NULL, *command = NULL, **av = NULL;
         char *ca_fp = NULL, *key_fp = NULL, *catext = NULL, *keytext = NULL;
-        char serial_s[16], uidstr[32];
+        char serial_s[32], uidstr[32];
         void (*osigchld)(int);
 
         if (authoptsp != NULL)
@@ -450,12 +451,12 @@ match_principals_command(struct ssh *ssh, struct passwd *user_pw,
         /* Turn the command into an argument vector */
         if (argv_split(options.authorized_principals_command, &ac, &av) != 0) {
                 error("AuthorizedPrincipalsCommand \"%s\" contains "
-                    "invalid quotes", command);
+                    "invalid quotes", options.authorized_principals_command);
                 goto out;
         }
         if (ac == 0) {
                 error("AuthorizedPrincipalsCommand \"%s\" yielded no arguments",
-                    command);
+                    options.authorized_principals_command);
                 goto out;
         }
         if ((ca_fp = sshkey_fingerprint(cert->signature_key,
@@ -538,38 +539,6 @@ match_principals_command(struct ssh *ssh, struct passwd *user_pw,
         return found_principal;
 }
 
-static void
-skip_space(char **cpp)
-{
-        char *cp;
-
-        for (cp = *cpp; *cp == ' ' || *cp == '\t'; cp++)
-                ;
-        *cpp = cp;
-}
-
-/*
- * Advanced *cpp past the end of key options, defined as the first unquoted
- * whitespace character. Returns 0 on success or -1 on failure (e.g.
- * unterminated quotes).
- */
-static int
-advance_past_options(char **cpp)
-{
-        char *cp = *cpp;
-        int quoted = 0;
-
-        for (; *cp && (quoted || (*cp != ' ' && *cp != '\t')); cp++) {
-                if (*cp == '\\' && cp[1] == '"')
-                        cp++;   /* Skip both */
-                else if (*cp == '"')
-                        quoted = !quoted;
-        }
-        *cpp = cp;
-        /* return failure for unterminated quotes */
-        return (*cp == '\0' && quoted) ? -1 : 0;
-}
-
 /*
  * Check a single line of an authorized_keys-format file. Returns 0 if key
  * matches, -1 otherwise. Will return key/cert options via *authoptsp
@@ -600,7 +569,7 @@ check_authkey_line(struct ssh *ssh, struct passwd *pw, struct sshkey *key,
                 /* no key?  check for options */
                 debug2("%s: check options: '%s'", loc, cp);
                 key_options = cp;
-                if (advance_past_options(&cp) != 0) {
+                if (sshkey_advance_past_options(&cp) != 0) {
                         reason = "invalid key option string";
                         goto fail_reason;
                 }
@@ -1014,9 +983,10 @@ int
 user_key_allowed(struct ssh *ssh, struct passwd *pw, struct sshkey *key,
     int auth_attempt, struct sshauthopt **authoptsp)
 {
-        u_int success, i;
+        u_int success = 0, i;
         char *file;
         struct sshauthopt *opts = NULL;
+
         if (authoptsp != NULL)
                 *authoptsp = NULL;
 
@@ -1026,6 +996,21 @@ user_key_allowed(struct ssh *ssh, struct passwd *pw, struct sshkey *key,
             auth_key_is_revoked(key->cert->signature_key))
                 return 0;
 
+        for (i = 0; !success && i < options.num_authkeys_files; i++) {
+                if (strcasecmp(options.authorized_keys_files[i], "none") == 0)
+                        continue;
+                file = expand_authorized_keys(
+                    options.authorized_keys_files[i], pw);
+                success = user_key_allowed2(ssh, pw, key, file, &opts);
+                free(file);
+                if (!success) {
+                        sshauthopt_free(opts);
+                        opts = NULL;
+                }
+        }
+        if (success)
+                goto out;
+
         if ((success = user_cert_trusted_ca(ssh, pw, key, &opts)) != 0)
                 goto out;
         sshauthopt_free(opts);
@@ -1036,15 +1021,6 @@ user_key_allowed(struct ssh *ssh, struct passwd *pw, struct sshkey *key,
         sshauthopt_free(opts);
         opts = NULL;
 
-        for (i = 0; !success && i < options.num_authkeys_files; i++) {
-                if (strcasecmp(options.authorized_keys_files[i], "none") == 0)
-                        continue;
-                file = expand_authorized_keys(
-                    options.authorized_keys_files[i], pw);
-                success = user_key_allowed2(ssh, pw, key, file, &opts);
-                free(file);
-        }
-
  out:
         if (success && authoptsp != NULL) {
                 *authoptsp = opts;