diff options
Diffstat (limited to 'auth2-pubkey.c')
-rw-r--r-- | auth2-pubkey.c | 26 |
1 files changed, 2 insertions, 24 deletions
diff --git a/auth2-pubkey.c b/auth2-pubkey.c index 65db116ed..d567f527c 100644 --- a/auth2-pubkey.c +++ b/auth2-pubkey.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: auth2-pubkey.c,v 1.92 2019/09/03 08:29:58 djm Exp $ */ | 1 | /* $OpenBSD: auth2-pubkey.c,v 1.93 2019/09/03 08:30:47 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 2000 Markus Friedl. All rights reserved. | 3 | * Copyright (c) 2000 Markus Friedl. All rights reserved. |
4 | * | 4 | * |
@@ -539,28 +539,6 @@ match_principals_command(struct ssh *ssh, struct passwd *user_pw, | |||
539 | } | 539 | } |
540 | 540 | ||
541 | /* | 541 | /* |
542 | * Advanced *cpp past the end of key options, defined as the first unquoted | ||
543 | * whitespace character. Returns 0 on success or -1 on failure (e.g. | ||
544 | * unterminated quotes). | ||
545 | */ | ||
546 | static int | ||
547 | advance_past_options(char **cpp) | ||
548 | { | ||
549 | char *cp = *cpp; | ||
550 | int quoted = 0; | ||
551 | |||
552 | for (; *cp && (quoted || (*cp != ' ' && *cp != '\t')); cp++) { | ||
553 | if (*cp == '\\' && cp[1] == '"') | ||
554 | cp++; /* Skip both */ | ||
555 | else if (*cp == '"') | ||
556 | quoted = !quoted; | ||
557 | } | ||
558 | *cpp = cp; | ||
559 | /* return failure for unterminated quotes */ | ||
560 | return (*cp == '\0' && quoted) ? -1 : 0; | ||
561 | } | ||
562 | |||
563 | /* | ||
564 | * Check a single line of an authorized_keys-format file. Returns 0 if key | 542 | * Check a single line of an authorized_keys-format file. Returns 0 if key |
565 | * matches, -1 otherwise. Will return key/cert options via *authoptsp | 543 | * matches, -1 otherwise. Will return key/cert options via *authoptsp |
566 | * on success. "loc" is used as file/line location in log messages. | 544 | * on success. "loc" is used as file/line location in log messages. |
@@ -590,7 +568,7 @@ check_authkey_line(struct ssh *ssh, struct passwd *pw, struct sshkey *key, | |||
590 | /* no key? check for options */ | 568 | /* no key? check for options */ |
591 | debug2("%s: check options: '%s'", loc, cp); | 569 | debug2("%s: check options: '%s'", loc, cp); |
592 | key_options = cp; | 570 | key_options = cp; |
593 | if (advance_past_options(&cp) != 0) { | 571 | if (sshkey_advance_past_options(&cp) != 0) { |
594 | reason = "invalid key option string"; | 572 | reason = "invalid key option string"; |
595 | goto fail_reason; | 573 | goto fail_reason; |
596 | } | 574 | } |