← Back to branch summary

~ubuntu-branches/ubuntu/lucid/openssh/lucid

« back to all changes in this revision

Viewing changes to auth-rsa.c

  • Committer: Bazaar Package Importer
  • Author(s): Colin Watson
  • Date: 2008-09-30 23:09:58 UTC
  • mfrom: (1.13.3 upstream) (29 hardy)
  • mto: This revision was merged to the branch mainline in revision 43.
  • Revision ID: james.westby@ubuntu.com-20080930230958-o6vsgn8c4mm959s0
Tags: 1:5.1p1-3
http://bugs.debian.org/496495
http://bugs.debian.org/498681
* Remove unnecessary ssh-vulnkey output in non-verbose mode when no
  compromised or unknown keys were found (closes: #496495).
* Configure with --disable-strip; dh_strip will deal with stripping
  binaries and will honour DEB_BUILD_OPTIONS (thanks, Bernhard R. Link;
  closes: #498681).
* Fix handling of zero-length server banners (thanks, Tomas Mraz; closes:
  #497026).

Show diffs side-by-side

added added

removed removed

Lines of Context:
auth-rsa.c
1
 
/* $OpenBSD: auth-rsa.c,v 1.72 2006/11/06 21:25:27 markus Exp $ */
 
1
/* $OpenBSD: auth-rsa.c,v 1.73 2008/07/02 12:03:51 dtucker Exp $ */
2
2
/*
3
3
 * Author: Tatu Ylonen <ylo@cs.hut.fi>
4
4
 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
173
173
        u_int bits;
174
174
        FILE *f;
175
175
        u_long linenum = 0;
176
 
        struct stat st;
177
176
        Key *key;
178
177
 
179
178
        /* Temporarily use the user's uid. */
182
181
        /* The authorized keys. */
183
182
        file = authorized_keys_file(pw);
184
183
        debug("trying public RSA key file %s", file);
185
 
 
186
 
        /* Fail quietly if file does not exist */
187
 
        if (stat(file, &st) < 0) {
188
 
                /* Restore the privileged uid. */
189
 
                restore_uid();
190
 
                xfree(file);
191
 
                return (0);
192
 
        }
193
 
        /* Open the file containing the authorized keys. */
194
 
        f = fopen(file, "r");
 
184
        f = auth_openkeyfile(file, pw, options.strict_modes);
195
185
        if (!f) {
196
 
                /* Restore the privileged uid. */
197
 
                restore_uid();
198
 
                xfree(file);
199
 
                return (0);
200
 
        }
201
 
        if (options.strict_modes &&
202
 
            secure_filename(f, file, pw, line, sizeof(line)) != 0) {
203
 
                xfree(file);
204
 
                fclose(f);
205
 
                logit("Authentication refused: %s", line);
 
186
                xfree(file);
206
187
                restore_uid();
207
188
                return (0);
208
189
        }
265
246
                            "actual %d vs. announced %d.",
266
247
                            file, linenum, BN_num_bits(key->rsa->n), bits);
267
248
 
 
249
                if (reject_blacklisted_key(key, 0) == 1)
 
250
                        continue;
 
251
 
268
252
                /* We have found the desired key. */
269
253
                /*
270
254
                 * If our options do not allow this key to be used,