diff options
Diffstat (limited to 'auth2-pubkey.c')
-rw-r--r-- | auth2-pubkey.c | 22 |
1 files changed, 4 insertions, 18 deletions
diff --git a/auth2-pubkey.c b/auth2-pubkey.c index 4f305ef1b..4014444fb 100644 --- a/auth2-pubkey.c +++ b/auth2-pubkey.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: auth2-pubkey.c,v 1.15 2006/08/03 03:34:41 deraadt Exp $ */ | 1 | /* $OpenBSD: auth2-pubkey.c,v 1.19 2008/07/03 21:46:58 otto Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 2000 Markus Friedl. All rights reserved. | 3 | * Copyright (c) 2000 Markus Friedl. All rights reserved. |
4 | * | 4 | * |
@@ -28,9 +28,11 @@ | |||
28 | #include <sys/types.h> | 28 | #include <sys/types.h> |
29 | #include <sys/stat.h> | 29 | #include <sys/stat.h> |
30 | 30 | ||
31 | #include <fcntl.h> | ||
31 | #include <pwd.h> | 32 | #include <pwd.h> |
32 | #include <stdio.h> | 33 | #include <stdio.h> |
33 | #include <stdarg.h> | 34 | #include <stdarg.h> |
35 | #include <unistd.h> | ||
34 | 36 | ||
35 | #include "xmalloc.h" | 37 | #include "xmalloc.h" |
36 | #include "ssh.h" | 38 | #include "ssh.h" |
@@ -183,7 +185,6 @@ user_key_allowed2(struct passwd *pw, Key *key, char *file) | |||
183 | int found_key = 0; | 185 | int found_key = 0; |
184 | FILE *f; | 186 | FILE *f; |
185 | u_long linenum = 0; | 187 | u_long linenum = 0; |
186 | struct stat st; | ||
187 | Key *found; | 188 | Key *found; |
188 | char *fp; | 189 | char *fp; |
189 | 190 | ||
@@ -191,24 +192,9 @@ user_key_allowed2(struct passwd *pw, Key *key, char *file) | |||
191 | temporarily_use_uid(pw); | 192 | temporarily_use_uid(pw); |
192 | 193 | ||
193 | debug("trying public key file %s", file); | 194 | debug("trying public key file %s", file); |
195 | f = auth_openkeyfile(file, pw, options.strict_modes); | ||
194 | 196 | ||
195 | /* Fail quietly if file does not exist */ | ||
196 | if (stat(file, &st) < 0) { | ||
197 | /* Restore the privileged uid. */ | ||
198 | restore_uid(); | ||
199 | return 0; | ||
200 | } | ||
201 | /* Open the file containing the authorized keys. */ | ||
202 | f = fopen(file, "r"); | ||
203 | if (!f) { | 197 | if (!f) { |
204 | /* Restore the privileged uid. */ | ||
205 | restore_uid(); | ||
206 | return 0; | ||
207 | } | ||
208 | if (options.strict_modes && | ||
209 | secure_filename(f, file, pw, line, sizeof(line)) != 0) { | ||
210 | fclose(f); | ||
211 | logit("Authentication refused: %s", line); | ||
212 | restore_uid(); | 198 | restore_uid(); |
213 | return 0; | 199 | return 0; |
214 | } | 200 | } |