[openssh-commits] [openssh] 08/08: upstream commit
git+noreply at mindrot.org
git+noreply at mindrot.org
Wed Jan 27 16:55:07 AEDT 2016
This is an automated email from the git hooks/post-receive script.
djm pushed a commit to branch master
in repository openssh.
commit ebacd377769ac07d1bf3c75169644336056b7060
Author: djm at openbsd.org <djm at openbsd.org>
Date: Wed Jan 27 00:53:12 2016 +0000
upstream commit
make the debug messages a bit more useful here
Upstream-ID: 478ccd4e897e0af8486b294aa63aa3f90ab78d64
---
auth2-pubkey.c | 27 ++++++++++++++++-----------
1 file changed, 16 insertions(+), 11 deletions(-)
diff --git a/auth2-pubkey.c b/auth2-pubkey.c
index b1b5b74..41b34ae 100644
--- a/auth2-pubkey.c
+++ b/auth2-pubkey.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: auth2-pubkey.c,v 1.54 2015/10/27 01:44:45 djm Exp $ */
+/* $OpenBSD: auth2-pubkey.c,v 1.55 2016/01/27 00:53:12 djm Exp $ */
/*
* Copyright (c) 2000 Markus Friedl. All rights reserved.
*
@@ -79,19 +79,19 @@ userauth_pubkey(Authctxt *authctxt)
{
Buffer b;
Key *key = NULL;
- char *pkalg, *userstyle;
+ char *pkalg, *userstyle, *fp = NULL;
u_char *pkblob, *sig;
u_int alen, blen, slen;
int have_sig, pktype;
int authenticated = 0;
if (!authctxt->valid) {
- debug2("userauth_pubkey: disabled because of invalid user");
+ debug2("%s: disabled because of invalid user", __func__);
return 0;
}
have_sig = packet_get_char();
if (datafellows & SSH_BUG_PKAUTH) {
- debug2("userauth_pubkey: SSH_BUG_PKAUTH");
+ debug2("%s: SSH_BUG_PKAUTH", __func__);
/* no explicit pkalg given */
pkblob = packet_get_string(&blen);
buffer_init(&b);
@@ -106,18 +106,18 @@ userauth_pubkey(Authctxt *authctxt)
pktype = key_type_from_name(pkalg);
if (pktype == KEY_UNSPEC) {
/* this is perfectly legal */
- logit("userauth_pubkey: unsupported public key algorithm: %s",
- pkalg);
+ logit("%s: unsupported public key algorithm: %s",
+ __func__, pkalg);
goto done;
}
key = key_from_blob(pkblob, blen);
if (key == NULL) {
- error("userauth_pubkey: cannot decode key: %s", pkalg);
+ error("%s: cannot decode key: %s", __func__, pkalg);
goto done;
}
if (key->type != pktype) {
- error("userauth_pubkey: type mismatch for decoded key "
- "(received %d, expected %d)", key->type, pktype);
+ error("%s: type mismatch for decoded key "
+ "(received %d, expected %d)", __func__, key->type, pktype);
goto done;
}
if (key_type_plain(key->type) == KEY_RSA &&
@@ -126,6 +126,7 @@ userauth_pubkey(Authctxt *authctxt)
"signature scheme");
goto done;
}
+ fp = sshkey_fingerprint(key, options.fingerprint_hash, SSH_FP_DEFAULT);
if (auth2_userkey_already_used(authctxt, key)) {
logit("refusing previously-used %s key", key_type(key));
goto done;
@@ -138,6 +139,8 @@ userauth_pubkey(Authctxt *authctxt)
}
if (have_sig) {
+ debug3("%s: have signature for %s %s",
+ __func__, sshkey_type(key), fp);
sig = packet_get_string(&slen);
packet_check_eom();
buffer_init(&b);
@@ -183,7 +186,8 @@ userauth_pubkey(Authctxt *authctxt)
buffer_free(&b);
free(sig);
} else {
- debug("test whether pkalg/pkblob are acceptable");
+ debug("%s: test whether pkalg/pkblob are acceptable for %s %s",
+ __func__, sshkey_type(key), fp);
packet_check_eom();
/* XXX fake reply and always send PK_OK ? */
@@ -206,11 +210,12 @@ userauth_pubkey(Authctxt *authctxt)
if (authenticated != 1)
auth_clear_options();
done:
- debug2("userauth_pubkey: authenticated %d pkalg %s", authenticated, pkalg);
+ debug2("%s: authenticated %d pkalg %s", __func__, authenticated, pkalg);
if (key != NULL)
key_free(key);
free(pkalg);
free(pkblob);
+ free(fp);
return authenticated;
}
--
To stop receiving notification emails like this one, please contact
djm at mindrot.org.
More information about the openssh-commits
mailing list