summaryrefslogtreecommitdiff
path: root/auth2-pubkey.c
diff options
context:
space:
mode:
Diffstat (limited to 'auth2-pubkey.c')
-rw-r--r--auth2-pubkey.c16
1 files changed, 9 insertions, 7 deletions
diff --git a/auth2-pubkey.c b/auth2-pubkey.c
index 0a3c1deee..04b70e362 100644
--- a/auth2-pubkey.c
+++ b/auth2-pubkey.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: auth2-pubkey.c,v 1.42 2014/12/04 02:24:32 djm Exp $ */ 1/* $OpenBSD: auth2-pubkey.c,v 1.43 2014/12/21 22:27:56 djm Exp $ */
2/* 2/*
3 * Copyright (c) 2000 Markus Friedl. All rights reserved. 3 * Copyright (c) 2000 Markus Friedl. All rights reserved.
4 * 4 *
@@ -213,7 +213,7 @@ pubkey_auth_info(Authctxt *authctxt, const Key *key, const char *fmt, ...)
213 213
214 if (key_is_cert(key)) { 214 if (key_is_cert(key)) {
215 fp = key_fingerprint(key->cert->signature_key, 215 fp = key_fingerprint(key->cert->signature_key,
216 SSH_FP_MD5, SSH_FP_HEX); 216 options.fingerprint_hash, SSH_FP_DEFAULT);
217 auth_info(authctxt, "%s ID %s (serial %llu) CA %s %s%s%s", 217 auth_info(authctxt, "%s ID %s (serial %llu) CA %s %s%s%s",
218 key_type(key), key->cert->key_id, 218 key_type(key), key->cert->key_id,
219 (unsigned long long)key->cert->serial, 219 (unsigned long long)key->cert->serial,
@@ -221,7 +221,8 @@ pubkey_auth_info(Authctxt *authctxt, const Key *key, const char *fmt, ...)
221 extra == NULL ? "" : ", ", extra == NULL ? "" : extra); 221 extra == NULL ? "" : ", ", extra == NULL ? "" : extra);
222 free(fp); 222 free(fp);
223 } else { 223 } else {
224 fp = key_fingerprint(key, SSH_FP_MD5, SSH_FP_HEX); 224 fp = key_fingerprint(key, options.fingerprint_hash,
225 SSH_FP_DEFAULT);
225 auth_info(authctxt, "%s %s%s%s", key_type(key), fp, 226 auth_info(authctxt, "%s %s%s%s", key_type(key), fp,
226 extra == NULL ? "" : ", ", extra == NULL ? "" : extra); 227 extra == NULL ? "" : ", ", extra == NULL ? "" : extra);
227 free(fp); 228 free(fp);
@@ -365,8 +366,8 @@ check_authkeys_file(FILE *f, char *file, Key* key, struct passwd *pw)
365 continue; 366 continue;
366 if (!key_is_cert_authority) 367 if (!key_is_cert_authority)
367 continue; 368 continue;
368 fp = key_fingerprint(found, SSH_FP_MD5, 369 fp = key_fingerprint(found, options.fingerprint_hash,
369 SSH_FP_HEX); 370 SSH_FP_DEFAULT);
370 debug("matching CA found: file %s, line %lu, %s %s", 371 debug("matching CA found: file %s, line %lu, %s %s",
371 file, linenum, key_type(found), fp); 372 file, linenum, key_type(found), fp);
372 /* 373 /*
@@ -406,7 +407,8 @@ check_authkeys_file(FILE *f, char *file, Key* key, struct passwd *pw)
406 if (key_is_cert_authority) 407 if (key_is_cert_authority)
407 continue; 408 continue;
408 found_key = 1; 409 found_key = 1;
409 fp = key_fingerprint(found, SSH_FP_MD5, SSH_FP_HEX); 410 fp = key_fingerprint(found, options.fingerprint_hash,
411 SSH_FP_DEFAULT);
410 debug("matching key found: file %s, line %lu %s %s", 412 debug("matching key found: file %s, line %lu %s %s",
411 file, linenum, key_type(found), fp); 413 file, linenum, key_type(found), fp);
412 free(fp); 414 free(fp);
@@ -432,7 +434,7 @@ user_cert_trusted_ca(struct passwd *pw, Key *key)
432 return 0; 434 return 0;
433 435
434 ca_fp = key_fingerprint(key->cert->signature_key, 436 ca_fp = key_fingerprint(key->cert->signature_key,
435 SSH_FP_MD5, SSH_FP_HEX); 437 options.fingerprint_hash, SSH_FP_DEFAULT);
436 438
437 if (sshkey_in_file(key->cert->signature_key, 439 if (sshkey_in_file(key->cert->signature_key,
438 options.trusted_user_ca_keys, 1, 0) != 0) { 440 options.trusted_user_ca_keys, 1, 0) != 0) {