|
Lines 509-515
Link Here
|
| 509 |
struct stat st; |
509 |
struct stat st; |
| 510 |
int status, devnull, p[2], i; |
510 |
int status, devnull, p[2], i; |
| 511 |
pid_t pid; |
511 |
pid_t pid; |
| 512 |
char *username, errmsg[512]; |
512 |
char *username, errmsg[512], *key_fp; |
|
|
513 |
const char *key_type_name; |
| 513 |
|
514 |
|
| 514 |
if (options.authorized_keys_command == NULL || |
515 |
if (options.authorized_keys_command == NULL || |
| 515 |
options.authorized_keys_command[0] != '/') |
516 |
options.authorized_keys_command[0] != '/') |
|
Lines 549-556
Link Here
|
| 549 |
goto out; |
550 |
goto out; |
| 550 |
} |
551 |
} |
| 551 |
|
552 |
|
| 552 |
debug3("Running AuthorizedKeysCommand: \"%s %s\" as \"%s\"", |
553 |
key_type_name = key_ssh_name(key); |
| 553 |
options.authorized_keys_command, user_pw->pw_name, pw->pw_name); |
554 |
if (key_type_name == NULL) |
|
|
555 |
key_type_name = "ssh-unknown"; |
| 556 |
|
| 557 |
key_fp = key_fingerprint(key, SSH_FP_MD5, SSH_FP_HEX); |
| 558 |
|
| 559 |
debug3("Running AuthorizedKeysCommand: \"%s %s %s %s\" as \"%s\"", |
| 560 |
options.authorized_keys_command, user_pw->pw_name, |
| 561 |
key_type_name, key_fp, pw->pw_name); |
| 554 |
|
562 |
|
| 555 |
/* |
563 |
/* |
| 556 |
* Don't want to call this in the child, where it can fatal() and |
564 |
* Don't want to call this in the child, where it can fatal() and |
|
Lines 563-568
Link Here
|
| 563 |
error("%s: fork: %s", __func__, strerror(errno)); |
571 |
error("%s: fork: %s", __func__, strerror(errno)); |
| 564 |
close(p[0]); |
572 |
close(p[0]); |
| 565 |
close(p[1]); |
573 |
close(p[1]); |
|
|
574 |
free(key_fp); |
| 566 |
return 0; |
575 |
return 0; |
| 567 |
case 0: /* child */ |
576 |
case 0: /* child */ |
| 568 |
for (i = 0; i < NSIG; i++) |
577 |
for (i = 0; i < NSIG; i++) |
|
Lines 599-605
Link Here
|
| 599 |
} |
608 |
} |
| 600 |
|
609 |
|
| 601 |
execl(options.authorized_keys_command, |
610 |
execl(options.authorized_keys_command, |
| 602 |
options.authorized_keys_command, user_pw->pw_name, NULL); |
611 |
options.authorized_keys_command, user_pw->pw_name, |
|
|
612 |
key_type_name, key_fp, NULL); |
| 603 |
|
613 |
|
| 604 |
error("AuthorizedKeysCommand %s exec failed: %s", |
614 |
error("AuthorizedKeysCommand %s exec failed: %s", |
| 605 |
options.authorized_keys_command, strerror(errno)); |
615 |
options.authorized_keys_command, strerror(errno)); |
|
Lines 611-616
Link Here
|
| 611 |
temporarily_use_uid(pw); |
621 |
temporarily_use_uid(pw); |
| 612 |
|
622 |
|
| 613 |
close(p[1]); |
623 |
close(p[1]); |
|
|
624 |
free(key_fp); |
| 614 |
if ((f = fdopen(p[0], "r")) == NULL) { |
625 |
if ((f = fdopen(p[0], "r")) == NULL) { |
| 615 |
error("%s: fdopen: %s", __func__, strerror(errno)); |
626 |
error("%s: fdopen: %s", __func__, strerror(errno)); |
| 616 |
close(p[0]); |
627 |
close(p[0]); |