diff options
| author | Damien Miller <djm@mindrot.org> | 2011-05-15 08:51:05 +1000 |
|---|---|---|
| committer | Damien Miller <djm@mindrot.org> | 2011-05-15 08:51:05 +1000 |
| commit | 7c1b2c4ea8a5d06908dda3f8e406b902b81fe905 (patch) | |
| tree | d4feec6013425aa759cb0e0d4863de23c8cc2997 | |
| parent | 3219824f2d8b0ea1711818745b046931ffcd3918 (diff) | |
- djm@cvs.openbsd.org 2011/05/11 04:47:06
[auth.c auth.h auth2-pubkey.c pathnames.h servconf.c servconf.h]
remove support for authorized_keys2; it is a relic from the early days
of protocol v.2 support and has been undocumented for many years;
ok markus@
| -rw-r--r-- | ChangeLog | 5 | ||||
| -rw-r--r-- | auth.c | 8 | ||||
| -rw-r--r-- | auth.h | 3 | ||||
| -rw-r--r-- | auth2-pubkey.c | 8 | ||||
| -rw-r--r-- | pathnames.h | 5 | ||||
| -rw-r--r-- | servconf.c | 15 | ||||
| -rw-r--r-- | servconf.h | 3 |
7 files changed, 11 insertions, 36 deletions
@@ -66,6 +66,11 @@ [authfile.c] despam debug() logs by detecting that we are trying to load a private key in key_try_load_public() and returning early; ok markus@ + - djm@cvs.openbsd.org 2011/05/11 04:47:06 + [auth.c auth.h auth2-pubkey.c pathnames.h servconf.c servconf.h] + remove support for authorized_keys2; it is a relic from the early days + of protocol v.2 support and has been undocumented for many years; + ok markus@ 20110510 - (dtucker) [openbsd-compat/openssl-compat.{c,h}] Bug #1882: fix @@ -1,4 +1,4 @@ -/* $OpenBSD: auth.c,v 1.91 2010/11/29 23:45:51 djm Exp $ */ +/* $OpenBSD: auth.c,v 1.92 2011/05/11 04:47:06 djm Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. * @@ -361,12 +361,6 @@ authorized_keys_file(struct passwd *pw) } char * -authorized_keys_file2(struct passwd *pw) -{ - return expand_authorized_keys(options.authorized_keys_file2, pw); -} - -char * authorized_principals_file(struct passwd *pw) { if (options.authorized_principals_file == NULL) @@ -1,4 +1,4 @@ -/* $OpenBSD: auth.h,v 1.67 2011/03/10 11:34:25 djm Exp $ */ +/* $OpenBSD: auth.h,v 1.68 2011/05/11 04:47:06 djm Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. @@ -169,7 +169,6 @@ int verify_response(Authctxt *, const char *); void abandon_challenge_response(Authctxt *); char *authorized_keys_file(struct passwd *); -char *authorized_keys_file2(struct passwd *); char *authorized_principals_file(struct passwd *); FILE *auth_openkeyfile(const char *, struct passwd *, int); diff --git a/auth2-pubkey.c b/auth2-pubkey.c index 7d214135..a97509c2 100644 --- a/auth2-pubkey.c +++ b/auth2-pubkey.c @@ -1,4 +1,4 @@ -/* $OpenBSD: auth2-pubkey.c,v 1.27 2010/11/20 05:12:38 deraadt Exp $ */ +/* $OpenBSD: auth2-pubkey.c,v 1.28 2011/05/11 04:47:06 djm Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. * @@ -451,13 +451,7 @@ user_key_allowed(struct passwd *pw, Key *key) file = authorized_keys_file(pw); success = user_key_allowed2(pw, key, file); xfree(file); - if (success) - return success; - /* try suffix "2" for backward compat, too */ - file = authorized_keys_file2(pw); - success = user_key_allowed2(pw, key, file); - xfree(file); return success; } diff --git a/pathnames.h b/pathnames.h index e2dd49a9..787bdb67 100644 --- a/pathnames.h +++ b/pathnames.h @@ -1,4 +1,4 @@ -/* $OpenBSD: pathnames.h,v 1.20 2010/08/31 11:54:45 djm Exp $ */ +/* $OpenBSD: pathnames.h,v 1.21 2011/05/11 04:47:06 djm Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> @@ -96,9 +96,6 @@ */ #define _PATH_SSH_USER_PERMITTED_KEYS ".ssh/authorized_keys" -/* backward compat for protocol v2 */ -#define _PATH_SSH_USER_PERMITTED_KEYS2 ".ssh/authorized_keys2" - /* * Per-user and system-wide ssh "rc" files. These files are executed with * /bin/sh before starting the shell or command if they exist. They will be @@ -1,4 +1,4 @@ -/* $OpenBSD: servconf.c,v 1.214 2011/03/29 18:54:17 stevesk Exp $ */ +/* $OpenBSD: servconf.c,v 1.215 2011/05/11 04:47:06 djm Exp $ */ /* * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland * All rights reserved @@ -127,7 +127,6 @@ initialize_server_options(ServerOptions *options) options->client_alive_interval = -1; options->client_alive_count_max = -1; options->authorized_keys_file = NULL; - options->authorized_keys_file2 = NULL; options->num_accept_env = 0; options->permit_tun = -1; options->num_permitted_opens = -1; @@ -264,13 +263,6 @@ fill_default_server_options(ServerOptions *options) options->client_alive_interval = 0; if (options->client_alive_count_max == -1) options->client_alive_count_max = 3; - if (options->authorized_keys_file2 == NULL) { - /* authorized_keys_file2 falls back to authorized_keys_file */ - if (options->authorized_keys_file != NULL) - options->authorized_keys_file2 = xstrdup(options->authorized_keys_file); - else - options->authorized_keys_file2 = xstrdup(_PATH_SSH_USER_PERMITTED_KEYS2); - } if (options->authorized_keys_file == NULL) options->authorized_keys_file = xstrdup(_PATH_SSH_USER_PERMITTED_KEYS); if (options->permit_tun == -1) @@ -1252,9 +1244,6 @@ process_server_config_line(ServerOptions *options, char *line, case sAuthorizedKeysFile: charptr = &options->authorized_keys_file; goto parse_tilde_filename; - case sAuthorizedKeysFile2: - charptr = &options->authorized_keys_file2; - goto parse_tilde_filename; case sAuthorizedPrincipalsFile: charptr = &options->authorized_principals_file; parse_tilde_filename: @@ -1519,7 +1508,6 @@ copy_set_server_options(ServerOptions *dst, ServerOptions *src, int preauth) M_CP_STROPT(trusted_user_ca_keys); M_CP_STROPT(revoked_keys_file); M_CP_STROPT(authorized_keys_file); - M_CP_STROPT(authorized_keys_file2); M_CP_STROPT(authorized_principals_file); } @@ -1737,7 +1725,6 @@ dump_config(ServerOptions *o) dump_cfg_string(sMacs, o->macs); dump_cfg_string(sBanner, o->banner); dump_cfg_string(sAuthorizedKeysFile, o->authorized_keys_file); - dump_cfg_string(sAuthorizedKeysFile2, o->authorized_keys_file2); dump_cfg_string(sForceCommand, o->adm_forced_command); dump_cfg_string(sChrootDirectory, o->chroot_directory); dump_cfg_string(sTrustedUserCAKeys, o->trusted_user_ca_keys); @@ -1,4 +1,4 @@ -/* $OpenBSD: servconf.h,v 1.95 2010/11/13 23:27:50 djm Exp $ */ +/* $OpenBSD: servconf.h,v 1.96 2011/05/11 04:47:06 djm Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> @@ -146,7 +146,6 @@ typedef struct { */ char *authorized_keys_file; /* File containing public keys */ - char *authorized_keys_file2; char *adm_forced_command; |