forked from rpms/openssh
bbf61daf97
New upstream release including: * Dropping entropy patch * Remove default support for MD5 fingerprints * Porting all the downstream patches and pam_ssh_agent_auth to new sshbuf and sshkey API * pam_ssh_agent_auth is no longer using MD5 fingerprints
21 lines
1.2 KiB
Diff
21 lines
1.2 KiB
Diff
diff --git a/pam_ssh_agent_auth-0.10.2/pam_user_authorized_keys.c b/pam_ssh_agent_auth-0.10.2/pam_user_authorized_keys.c
|
|
--- a/pam_ssh_agent_auth-0.10.2/pam_user_authorized_keys.c
|
|
+++ b/pam_ssh_agent_auth-0.10.2/pam_user_authorized_keys.c
|
|
@@ -158,11 +158,12 @@ parse_authorized_key_file(const char *user,
|
|
int
|
|
pam_user_key_allowed(const char *ruser, struct sshkey * key)
|
|
{
|
|
+ struct passwd *pw;
|
|
return
|
|
- pamsshagentauth_user_key_allowed2(getpwuid(authorized_keys_file_allowed_owner_uid),
|
|
- key, authorized_keys_file)
|
|
- || pamsshagentauth_user_key_allowed2(getpwuid(0), key,
|
|
- authorized_keys_file)
|
|
+ ( (pw = getpwuid(authorized_keys_file_allowed_owner_uid)) &&
|
|
+ pamsshagentauth_user_key_allowed2(pw, key, authorized_keys_file))
|
|
+ || ((pw = getpwuid(0)) &&
|
|
+ pamsshagentauth_user_key_allowed2(pw, key, authorized_keys_file))
|
|
|| pamsshagentauth_user_key_command_allowed2(authorized_keys_command,
|
|
authorized_keys_command_user,
|
|
getpwnam(ruser), key);
|