From 93e9c23240b154d074dc33f26ccb23f8874f8c3a Mon Sep 17 00:00:00 2001
From: Colin Watson <cjwatson@debian.org>
Date: Mon, 26 May 2008 22:16:40 +0000
Subject: Refactor rejection of blacklisted user keys into a single
 reject_blacklisted_key function in auth.c (thanks, Dmitry V. Levin).

---
 auth-rsa.c | 19 ++-----------------
 1 file changed, 2 insertions(+), 17 deletions(-)

(limited to 'auth-rsa.c')

diff --git a/auth-rsa.c b/auth-rsa.c
index 898e9eb50..b7cbc0fe5 100644
--- a/auth-rsa.c
+++ b/auth-rsa.c
@@ -40,9 +40,7 @@
 #include "servconf.h"
 #include "key.h"
 #include "hostfile.h"
-#include "authfile.h"
 #include "auth.h"
-#include "canohost.h"
 #ifdef GSSAPI
 #include "ssh-gss.h"
 #endif
@@ -223,7 +221,6 @@ auth_rsa_key_allowed(struct passwd *pw, BIGNUM *client_n, Key **rkey)
 		char *cp;
 		char *key_options;
 		int keybits;
-		char *fp;
 
 		/* Skip leading whitespace, empty and comment lines. */
 		for (cp = line; *cp == ' ' || *cp == '\t'; cp++)
@@ -268,20 +265,8 @@ auth_rsa_key_allowed(struct passwd *pw, BIGNUM *client_n, Key **rkey)
 			    "actual %d vs. announced %d.",
 			    file, linenum, BN_num_bits(key->rsa->n), bits);
 
-		if (blacklisted_key(key) == 1) {
-			fp = key_fingerprint(key, SSH_FP_MD5, SSH_FP_HEX);
-			if (options.permit_blacklisted_keys)
-				logit("Public key %s from %s blacklisted (see "
-				    "ssh-vulnkey(1)); continuing anyway",
-				    fp, get_remote_ipaddr());
-			else
-				logit("Public key %s from %s blacklisted (see "
-				    "ssh-vulnkey(1))",
-				    fp, get_remote_ipaddr());
-			xfree(fp);
-			if (!options.permit_blacklisted_keys)
-				continue;
-		}
+		if (reject_blacklisted_key(key, 0) == 1)
+			continue;
 
 		/* We have found the desired key. */
 		/*
-- 
cgit v1.2.3