From dd8002fbe63d903ffea5be7b7f5fc2714acab4a0 Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Tue, 3 Sep 2019 08:30:47 +0000 Subject: upstream: move advance_past_options to authfile.c and make it public; ok markus@ OpenBSD-Commit-ID: edda2fbba2c5b1f48e60f857a2010479e80c5f3c --- auth2-pubkey.c | 26 ++------------------------ authfile.c | 24 +++++++++++++++++++++++- authfile.h | 3 ++- 3 files changed, 27 insertions(+), 26 deletions(-) diff --git a/auth2-pubkey.c b/auth2-pubkey.c index 65db116ed..d567f527c 100644 --- a/auth2-pubkey.c +++ b/auth2-pubkey.c @@ -1,4 +1,4 @@ -/* $OpenBSD: auth2-pubkey.c,v 1.92 2019/09/03 08:29:58 djm Exp $ */ +/* $OpenBSD: auth2-pubkey.c,v 1.93 2019/09/03 08:30:47 djm Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. * @@ -538,28 +538,6 @@ match_principals_command(struct ssh *ssh, struct passwd *user_pw, return found_principal; } -/* - * Advanced *cpp past the end of key options, defined as the first unquoted - * whitespace character. Returns 0 on success or -1 on failure (e.g. - * unterminated quotes). - */ -static int -advance_past_options(char **cpp) -{ - char *cp = *cpp; - int quoted = 0; - - for (; *cp && (quoted || (*cp != ' ' && *cp != '\t')); cp++) { - if (*cp == '\\' && cp[1] == '"') - cp++; /* Skip both */ - else if (*cp == '"') - quoted = !quoted; - } - *cpp = cp; - /* return failure for unterminated quotes */ - return (*cp == '\0' && quoted) ? -1 : 0; -} - /* * Check a single line of an authorized_keys-format file. Returns 0 if key * matches, -1 otherwise. Will return key/cert options via *authoptsp @@ -590,7 +568,7 @@ check_authkey_line(struct ssh *ssh, struct passwd *pw, struct sshkey *key, /* no key? check for options */ debug2("%s: check options: '%s'", loc, cp); key_options = cp; - if (advance_past_options(&cp) != 0) { + if (sshkey_advance_past_options(&cp) != 0) { reason = "invalid key option string"; goto fail_reason; } diff --git a/authfile.c b/authfile.c index 5e335ce43..37341189c 100644 --- a/authfile.c +++ b/authfile.c @@ -1,4 +1,4 @@ -/* $OpenBSD: authfile.c,v 1.134 2019/08/05 11:50:33 dtucker Exp $ */ +/* $OpenBSD: authfile.c,v 1.135 2019/09/03 08:30:47 djm Exp $ */ /* * Copyright (c) 2000, 2013 Markus Friedl. All rights reserved. * @@ -528,3 +528,25 @@ sshkey_check_revoked(struct sshkey *key, const char *revoked_keys_file) } } +/* + * Advanced *cpp past the end of key options, defined as the first unquoted + * whitespace character. Returns 0 on success or -1 on failure (e.g. + * unterminated quotes). + */ +int +sshkey_advance_past_options(char **cpp) +{ + char *cp = *cpp; + int quoted = 0; + + for (; *cp && (quoted || (*cp != ' ' && *cp != '\t')); cp++) { + if (*cp == '\\' && cp[1] == '"') + cp++; /* Skip both */ + else if (*cp == '"') + quoted = !quoted; + } + *cpp = cp; + /* return failure for unterminated quotes */ + return (*cp == '\0' && quoted) ? -1 : 0; +} + diff --git a/authfile.h b/authfile.h index 54df169b3..9c8a95a01 100644 --- a/authfile.h +++ b/authfile.h @@ -1,4 +1,4 @@ -/* $OpenBSD: authfile.h,v 1.22 2019/08/05 11:50:33 dtucker Exp $ */ +/* $OpenBSD: authfile.h,v 1.23 2019/09/03 08:30:47 djm Exp $ */ /* * Copyright (c) 2000, 2013 Markus Friedl. All rights reserved. @@ -48,5 +48,6 @@ int sshkey_load_private_type_fd(int fd, int type, const char *passphrase, int sshkey_perm_ok(int, const char *); int sshkey_in_file(struct sshkey *, const char *, int, int); int sshkey_check_revoked(struct sshkey *key, const char *revoked_keys_file); +int sshkey_advance_past_options(char **cpp); #endif -- cgit v1.2.3