From 93e9c23240b154d074dc33f26ccb23f8874f8c3a Mon Sep 17 00:00:00 2001 From: Colin Watson Date: Mon, 26 May 2008 22:16:40 +0000 Subject: Refactor rejection of blacklisted user keys into a single reject_blacklisted_key function in auth.c (thanks, Dmitry V. Levin). --- auth-rh-rsa.c | 19 ++----------------- 1 file changed, 2 insertions(+), 17 deletions(-) (limited to 'auth-rh-rsa.c') diff --git a/auth-rh-rsa.c b/auth-rh-rsa.c index cd272e4ca..20ee7c6c4 100644 --- a/auth-rh-rsa.c +++ b/auth-rh-rsa.c @@ -20,7 +20,6 @@ #include #include -#include "xmalloc.h" #include "packet.h" #include "uidswap.h" #include "log.h" @@ -28,7 +27,6 @@ #include "servconf.h" #include "key.h" #include "hostfile.h" -#include "authfile.h" #include "pathnames.h" #include "auth.h" #include "canohost.h" @@ -44,23 +42,10 @@ int auth_rhosts_rsa_key_allowed(struct passwd *pw, char *cuser, char *chost, Key *client_host_key) { - char *fp; HostStatus host_status; - if (blacklisted_key(client_host_key) == 1) { - fp = key_fingerprint(client_host_key, SSH_FP_MD5, SSH_FP_HEX); - if (options.permit_blacklisted_keys) - logit("Public key %s from %s blacklisted (see " - "ssh-vulnkey(1)); continuing anyway", - fp, get_remote_ipaddr()); - else - logit("Public key %s from %s blacklisted (see " - "ssh-vulnkey(1))", - fp, get_remote_ipaddr()); - xfree(fp); - if (!options.permit_blacklisted_keys) - return 0; - } + if (reject_blacklisted_key(client_host_key, 0) == 1) + return 0; /* Check if we would accept it using rhosts authentication. */ if (!auth_rhosts(pw, cuser)) -- cgit v1.2.3