From 09d3e1251250dcf45e5434cd474430e4ec5e8639 Mon Sep 17 00:00:00 2001
From: Damien Miller <djm@mindrot.org>
Date: Wed, 31 Oct 2012 08:58:58 +1100
Subject:    - djm@cvs.openbsd.org 2012/10/30 21:29:55      [auth-rsa.c auth.c
 auth.h auth2-pubkey.c servconf.c servconf.h]      [sshd.c sshd_config
 sshd_config.5]      new sshd_config option AuthorizedKeysCommand to support
 fetching      authorized_keys from a command in addition to (or instead of)
 from      the filesystem. The command is run as the target server user unless
      another specified via a new AuthorizedKeysCommandUser option.

     patch originally by jchadima AT redhat.com, reworked by me; feedback
     and ok markus@
---
 auth-rsa.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

(limited to 'auth-rsa.c')

diff --git a/auth-rsa.c b/auth-rsa.c
index 4ab46cd51..2c8a7cb35 100644
--- a/auth-rsa.c
+++ b/auth-rsa.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: auth-rsa.c,v 1.80 2011/05/23 03:30:07 djm Exp $ */
+/* $OpenBSD: auth-rsa.c,v 1.81 2012/10/30 21:29:54 djm Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -276,6 +276,8 @@ auth_rsa_key_allowed(struct passwd *pw, BIGNUM *client_n, Key **rkey)
 	temporarily_use_uid(pw);
 
 	for (i = 0; !allowed && i < options.num_authkeys_files; i++) {
+		if (strcasecmp(options.authorized_keys_files[i], "none") == 0)
+			continue;
 		file = expand_authorized_keys(
 		    options.authorized_keys_files[i], pw);
 		allowed = rsa_key_allowed_in_file(pw, file, client_n, rkey);
-- 
cgit v1.2.3