summaryrefslogtreecommitdiff
path: root/auth2-pubkey.c
diff options
context:
space:
mode:
Diffstat (limited to 'auth2-pubkey.c')
-rw-r--r--auth2-pubkey.c18
1 files changed, 12 insertions, 6 deletions
diff --git a/auth2-pubkey.c b/auth2-pubkey.c
index 6b4a99725..faab0e771 100644
--- a/auth2-pubkey.c
+++ b/auth2-pubkey.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: auth2-pubkey.c,v 1.24 2010/05/07 11:30:29 djm Exp $ */ 1/* $OpenBSD: auth2-pubkey.c,v 1.25 2010/05/20 11:25:26 djm Exp $ */
2/* 2/*
3 * Copyright (c) 2000 Markus Friedl. All rights reserved. 3 * Copyright (c) 2000 Markus Friedl. All rights reserved.
4 * 4 *
@@ -291,13 +291,14 @@ user_key_allowed2(struct passwd *pw, Key *key, char *file)
291 continue; 291 continue;
292 } 292 }
293 } 293 }
294 if (auth_parse_options(pw, key_options, file, linenum) != 1)
295 continue;
296 if (key_is_cert(key)) { 294 if (key_is_cert(key)) {
297 if (!key_is_cert_authority)
298 continue;
299 if (!key_equal(found, key->cert->signature_key)) 295 if (!key_equal(found, key->cert->signature_key))
300 continue; 296 continue;
297 if (auth_parse_options(pw, key_options, file,
298 linenum) != 1)
299 continue;
300 if (!key_is_cert_authority)
301 continue;
301 fp = key_fingerprint(found, SSH_FP_MD5, 302 fp = key_fingerprint(found, SSH_FP_MD5,
302 SSH_FP_HEX); 303 SSH_FP_HEX);
303 debug("matching CA found: file %s, line %lu, %s %s", 304 debug("matching CA found: file %s, line %lu, %s %s",
@@ -332,7 +333,12 @@ user_key_allowed2(struct passwd *pw, Key *key, char *file)
332 xfree(fp); 333 xfree(fp);
333 found_key = 1; 334 found_key = 1;
334 break; 335 break;
335 } else if (!key_is_cert_authority && key_equal(found, key)) { 336 } else if (key_equal(found, key)) {
337 if (auth_parse_options(pw, key_options, file,
338 linenum) != 1)
339 continue;
340 if (key_is_cert_authority)
341 continue;
336 found_key = 1; 342 found_key = 1;
337 debug("matching key found: file %s, line %lu", 343 debug("matching key found: file %s, line %lu",
338 file, linenum); 344 file, linenum);