diff options
Diffstat (limited to 'monitor.c')
| -rw-r--r-- | monitor.c | 10 |
1 files changed, 8 insertions, 2 deletions
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: monitor.c,v 1.135 2014/07/15 15:54:14 millert Exp $ */ | 1 | /* $OpenBSD: monitor.c,v 1.136 2014/12/22 07:51:30 djm Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Copyright 2002 Niels Provos <provos@citi.umich.edu> | 3 | * Copyright 2002 Niels Provos <provos@citi.umich.edu> |
| 4 | * Copyright 2002 Markus Friedl <markus@openbsd.org> | 4 | * Copyright 2002 Markus Friedl <markus@openbsd.org> |
| @@ -1170,6 +1170,7 @@ mm_answer_keyallowed(int sock, Buffer *m) | |||
| 1170 | switch (type) { | 1170 | switch (type) { |
| 1171 | case MM_USERKEY: | 1171 | case MM_USERKEY: |
| 1172 | allowed = options.pubkey_authentication && | 1172 | allowed = options.pubkey_authentication && |
| 1173 | !auth2_userkey_already_used(authctxt, key) && | ||
| 1173 | user_key_allowed(authctxt->pw, key); | 1174 | user_key_allowed(authctxt->pw, key); |
| 1174 | pubkey_auth_info(authctxt, key, NULL); | 1175 | pubkey_auth_info(authctxt, key, NULL); |
| 1175 | auth_method = "publickey"; | 1176 | auth_method = "publickey"; |
| @@ -1397,7 +1398,12 @@ mm_answer_keyverify(int sock, Buffer *m) | |||
| 1397 | debug3("%s: key %p signature %s", | 1398 | debug3("%s: key %p signature %s", |
| 1398 | __func__, key, (verified == 1) ? "verified" : "unverified"); | 1399 | __func__, key, (verified == 1) ? "verified" : "unverified"); |
| 1399 | 1400 | ||
| 1400 | key_free(key); | 1401 | /* If auth was successful then record key to ensure it isn't reused */ |
| 1402 | if (verified == 1) | ||
| 1403 | auth2_record_userkey(authctxt, key); | ||
| 1404 | else | ||
| 1405 | key_free(key); | ||
| 1406 | |||
| 1401 | free(blob); | 1407 | free(blob); |
| 1402 | free(signature); | 1408 | free(signature); |
| 1403 | free(data); | 1409 | free(data); |