diff options
author | djm@openbsd.org <djm@openbsd.org> | 2021-01-26 00:49:30 +0000 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 2021-01-26 12:21:48 +1100 |
commit | 3b44f2513cae89c920e8fe927b9bc910a1c8c65a (patch) | |
tree | c67b9a8583b9795bec5a5dd56f7a8556c8da2d5e /auth2-pubkey.c | |
parent | 1fe16fd61bb53944ec510882acc0491abd66ff76 (diff) |
upstream: move check_host_cert() from sshconnect,c to sshkey.c and
refactor it to make it more generally usable and testable.
ok markus@
OpenBSD-Commit-ID: 536f489f5ff38808c1fa711ba58d4579b636f9e4
Diffstat (limited to 'auth2-pubkey.c')
-rw-r--r-- | auth2-pubkey.c | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/auth2-pubkey.c b/auth2-pubkey.c index 6961b0c9..5a24af89 100644 --- a/auth2-pubkey.c +++ b/auth2-pubkey.c @@ -1,4 +1,4 @@ -/* $OpenBSD: auth2-pubkey.c,v 1.104 2021/01/22 02:44:58 dtucker Exp $ */ +/* $OpenBSD: auth2-pubkey.c,v 1.105 2021/01/26 00:49:30 djm Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. * @@ -674,7 +674,7 @@ check_authkey_line(struct ssh *ssh, struct passwd *pw, struct sshkey *key, reason = "Certificate does not contain an authorized principal"; goto fail_reason; } - if (sshkey_cert_check_authority(key, 0, 0, + if (sshkey_cert_check_authority(key, 0, 0, 0, keyopts->cert_principals == NULL ? pw->pw_name : NULL, &reason) != 0) goto fail_reason; @@ -793,7 +793,7 @@ user_cert_trusted_ca(struct ssh *ssh, struct passwd *pw, struct sshkey *key, } if (use_authorized_principals && principals_opts == NULL) fatal_f("internal error: missing principals_opts"); - if (sshkey_cert_check_authority(key, 0, 1, + if (sshkey_cert_check_authority(key, 0, 1, 0, use_authorized_principals ? NULL : pw->pw_name, &reason) != 0) goto fail_reason; |