1 files changed, 5 insertions, 33 deletions
diff --git a/auth2-pubkey.c b/auth2-pubkey.c
index 306515000..daa751ca0 100644
--- a/auth2-pubkey.c
+++ b/auth2-pubkey.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: auth2-pubkey.c,v 1.17 2008/06/13 14:18:51 dtucker Exp $ */
+/* $OpenBSD: auth2-pubkey.c,v 1.18 2008/07/02 12:03:51 dtucker Exp $ */
 /*
 * Copyright (c) 2000 Markus Friedl.  All rights reserved.
 *
@@ -182,10 +182,9 @@ static int
 user_key_allowed2(struct passwd *pw, Key *key, char *file)
 {
        char line[SSH_MAX_PUBKEY_BYTES];
-        int found_key = 0, fd;
+        int found_key = 0;
        FILE *f;
        u_long linenum = 0;
-        struct stat st;
        Key *found;
        char *fp;
@@ -193,37 +192,10 @@ user_key_allowed2(struct passwd *pw, Key *key, char *file)
        temporarily_use_uid(pw);
        debug("trying public key file %s", file);
+        f = auth_openkeyfile(file, pw, options.strict_modes);
-        /*
+        if (!f) {
-         * Open the file containing the authorized keys
+                xfree(file);
-         * Fail quietly if file does not exist
-         */
-        if ((fd = open(file, O_RDONLY|O_NONBLOCK)) == -1) {
-                restore_uid();
-                return 0;
-        }
-        if (fstat(fd, &st) < 0) {
-                close(fd);
-                restore_uid();
-                return 0;
-        }
-        if (!S_ISREG(st.st_mode)) {
-                logit("User %s authorized keys %s is not a regular file",
-                    pw->pw_name, file);
-                close(fd);
-                restore_uid();
-                return 0;
-        }
-        unset_nonblock(fd);
-        if ((f = fdopen(fd, "r")) == NULL) {
-                close(fd);
-                restore_uid();
-                return 0;
-        }
-        if (options.strict_modes &&
-            secure_filename(f, file, pw, line, sizeof(line)) != 0) {
-                fclose(f);
-                logit("Authentication refused: %s", line);
                restore_uid();
                return 0;
        }

diff --git a/auth2-pubkey.c b/auth2-pubkey.c index 306515000..daa751ca0 100644 --- a/auth2-pubkey.c +++ b/auth2-pubkey.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: auth2-pubkey.c,v 1.17 2008/06/13 14:18:51 dtucker Exp $ */	1	/* $OpenBSD: auth2-pubkey.c,v 1.18 2008/07/02 12:03:51 dtucker Exp $ */
2	/*	2	/*
3	* Copyright (c) 2000 Markus Friedl. All rights reserved.	3	* Copyright (c) 2000 Markus Friedl. All rights reserved.
4	*	4	*
@@ -182,10 +182,9 @@ static int
182	user_key_allowed2(struct passwd pw, Key key, char *file)	182	user_key_allowed2(struct passwd pw, Key key, char *file)
183	{	183	{
184	char line[SSH_MAX_PUBKEY_BYTES];	184	char line[SSH_MAX_PUBKEY_BYTES];
185	int found_key = 0, fd;	185	int found_key = 0;
186	FILE *f;	186	FILE *f;
187	u_long linenum = 0;	187	u_long linenum = 0;
188	struct stat st;
189	Key *found;	188	Key *found;
190	char *fp;	189	char *fp;
191		190
@@ -193,37 +192,10 @@ user_key_allowed2(struct passwd pw, Key key, char *file)
193	temporarily_use_uid(pw);	192	temporarily_use_uid(pw);
194		193
195	debug("trying public key file %s", file);	194	debug("trying public key file %s", file);
		195	f = auth_openkeyfile(file, pw, options.strict_modes);
196		196
197	/*	197	if (!f) {
198	* Open the file containing the authorized keys	198	xfree(file);
199	* Fail quietly if file does not exist
200	*/
201	if ((fd = open(file, O_RDONLY\|O_NONBLOCK)) == -1) {
202	restore_uid();
203	return 0;
204	}
205	if (fstat(fd, &st) < 0) {
206	close(fd);
207	restore_uid();
208	return 0;
209	}
210	if (!S_ISREG(st.st_mode)) {
211	logit("User %s authorized keys %s is not a regular file",
212	pw->pw_name, file);
213	close(fd);
214	restore_uid();
215	return 0;
216	}
217	unset_nonblock(fd);
218	if ((f = fdopen(fd, "r")) == NULL) {
219	close(fd);
220	restore_uid();
221	return 0;
222	}
223	if (options.strict_modes &&
224	secure_filename(f, file, pw, line, sizeof(line)) != 0) {
225	fclose(f);
226	logit("Authentication refused: %s", line);
227	restore_uid();	199	restore_uid();
228	return 0;	200	return 0;
229	}	201	}