From acb2059febaddd71ee06c2ebf63dcf211d9ab9f2 Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Fri, 3 Jun 2022 04:47:21 +0000 Subject: upstream: move auth_openprincipals() and auth_openkeyfile() over to auth2-pubkeyfile.c too; they make more sense there. OpenBSD-Commit-ID: 9970d99f900e1117fdaab13e9e910a621b7c60ee --- auth.c | 58 +--------------------------------------------------------- 1 file changed, 1 insertion(+), 57 deletions(-) (limited to 'auth.c') diff --git a/auth.c b/auth.c index 9ad9034aa..13e8d7998 100644 --- a/auth.c +++ b/auth.c @@ -1,4 +1,4 @@ -/* $OpenBSD: auth.c,v 1.157 2022/05/27 05:02:46 djm Exp $ */ +/* $OpenBSD: auth.c,v 1.158 2022/06/03 04:47:21 djm Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. * @@ -460,62 +460,6 @@ check_key_in_hostfiles(struct passwd *pw, struct sshkey *key, const char *host, return host_status; } -static FILE * -auth_openfile(const char *file, struct passwd *pw, int strict_modes, - int log_missing, char *file_type) -{ - char line[1024]; - struct stat st; - int fd; - FILE *f; - - if ((fd = open(file, O_RDONLY|O_NONBLOCK)) == -1) { - if (log_missing || errno != ENOENT) - debug("Could not open %s '%s': %s", file_type, file, - strerror(errno)); - return NULL; - } - - if (fstat(fd, &st) == -1) { - close(fd); - return NULL; - } - if (!S_ISREG(st.st_mode)) { - logit("User %s %s %s is not a regular file", - pw->pw_name, file_type, file); - close(fd); - return NULL; - } - unset_nonblock(fd); - if ((f = fdopen(fd, "r")) == NULL) { - close(fd); - return NULL; - } - if (strict_modes && - safe_path_fd(fileno(f), file, pw, line, sizeof(line)) != 0) { - fclose(f); - logit("Authentication refused: %s", line); - auth_debug_add("Ignored %s: %s", file_type, line); - return NULL; - } - - return f; -} - - -FILE * -auth_openkeyfile(const char *file, struct passwd *pw, int strict_modes) -{ - return auth_openfile(file, pw, strict_modes, 1, "authorized keys"); -} - -FILE * -auth_openprincipals(const char *file, struct passwd *pw, int strict_modes) -{ - return auth_openfile(file, pw, strict_modes, 0, - "authorized principals"); -} - struct passwd * getpwnamallow(struct ssh *ssh, const char *user) { -- cgit v1.2.3