1 files changed, 4 insertions, 4 deletions
diff --git a/auth2-pubkey.c b/auth2-pubkey.c
index c4e80b01b..c820c2816 100644
--- a/auth2-pubkey.c
+++ b/auth2-pubkey.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: auth2-pubkey.c,v 1.51 2015/05/21 06:43:30 djm Exp $ */
+/* $OpenBSD: auth2-pubkey.c,v 1.52 2015/06/15 18:42:19 jsing Exp $ */
 /*
 * Copyright (c) 2000 Markus Friedl.  All rights reserved.
 *
@@ -624,7 +624,7 @@ match_principals_file(char *file, struct passwd *pw, struct sshkey_cert *cert)
 * returns 1 if the principal is allowed or 0 otherwise.
 */
 static int
-match_principals_command(struct passwd *user_pw, struct sshkey *key)
+match_principals_command(struct passwd *user_pw, struct sshkey_cert *cert)
 {
        FILE *f = NULL;
        int ok, found_principal = 0;
@@ -689,7 +689,7 @@ match_principals_command(struct passwd *user_pw, struct sshkey *key)
        uid_swapped = 1;
        temporarily_use_uid(pw);
-        ok = process_principals(f, NULL, pw, key->cert);
+        ok = process_principals(f, NULL, pw, cert);
        if (exited_cleanly(pid, "AuthorizedPrincipalsCommand", command) != 0)
                goto out;
@@ -857,7 +857,7 @@ user_cert_trusted_ca(struct passwd *pw, Key *key)
                        found_principal = 1;
        }
        /* Try querying command if specified */
-        if (!found_principal && match_principals_command(pw, key))
+        if (!found_principal && match_principals_command(pw, key->cert))
                found_principal = 1;
        /* If principals file or command specify, then require a match here */
        if (!found_principal && (principals_file != NULL ||

diff --git a/auth2-pubkey.c b/auth2-pubkey.c index c4e80b01b..c820c2816 100644 --- a/auth2-pubkey.c +++ b/auth2-pubkey.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: auth2-pubkey.c,v 1.51 2015/05/21 06:43:30 djm Exp $ */	1	/* $OpenBSD: auth2-pubkey.c,v 1.52 2015/06/15 18:42:19 jsing Exp $ */
2	/*	2	/*
3	* Copyright (c) 2000 Markus Friedl. All rights reserved.	3	* Copyright (c) 2000 Markus Friedl. All rights reserved.
4	*	4	*
@@ -624,7 +624,7 @@ match_principals_file(char file, struct passwd pw, struct sshkey_cert *cert)
624	* returns 1 if the principal is allowed or 0 otherwise.	624	* returns 1 if the principal is allowed or 0 otherwise.
625	*/	625	*/
626	static int	626	static int
627	match_principals_command(struct passwd user_pw, struct sshkey key)	627	match_principals_command(struct passwd user_pw, struct sshkey_cert cert)
628	{	628	{
629	FILE *f = NULL;	629	FILE *f = NULL;
630	int ok, found_principal = 0;	630	int ok, found_principal = 0;
@@ -689,7 +689,7 @@ match_principals_command(struct passwd user_pw, struct sshkey key)
689	uid_swapped = 1;	689	uid_swapped = 1;
690	temporarily_use_uid(pw);	690	temporarily_use_uid(pw);
691		691
692	ok = process_principals(f, NULL, pw, key->cert);	692	ok = process_principals(f, NULL, pw, cert);
693		693
694	if (exited_cleanly(pid, "AuthorizedPrincipalsCommand", command) != 0)	694	if (exited_cleanly(pid, "AuthorizedPrincipalsCommand", command) != 0)
695	goto out;	695	goto out;
@@ -857,7 +857,7 @@ user_cert_trusted_ca(struct passwd pw, Key key)
857	found_principal = 1;	857	found_principal = 1;
858	}	858	}
859	/* Try querying command if specified */	859	/* Try querying command if specified */
860	if (!found_principal && match_principals_command(pw, key))	860	if (!found_principal && match_principals_command(pw, key->cert))
861	found_principal = 1;	861	found_principal = 1;
862	/* If principals file or command specify, then require a match here */	862	/* If principals file or command specify, then require a match here */
863	if (!found_principal && (principals_file != NULL \|\|	863	if (!found_principal && (principals_file != NULL \|\|