upstream: move advance_past_options to authfile.c and make it

public; ok markus@

OpenBSD-Commit-ID: edda2fbba2c5b1f48e60f857a2010479e80c5f3c
This commit is contained in:
djm@openbsd.org 2019-09-03 08:30:47 +00:00 committed by Damien Miller
parent c72d78ccbe
commit dd8002fbe6
3 changed files with 27 additions and 26 deletions

View File

@ -1,4 +1,4 @@
/* $OpenBSD: auth2-pubkey.c,v 1.92 2019/09/03 08:29:58 djm Exp $ */ /* $OpenBSD: auth2-pubkey.c,v 1.93 2019/09/03 08:30:47 djm Exp $ */
/* /*
* Copyright (c) 2000 Markus Friedl. All rights reserved. * Copyright (c) 2000 Markus Friedl. All rights reserved.
* *
@ -538,28 +538,6 @@ match_principals_command(struct ssh *ssh, struct passwd *user_pw,
return found_principal; return found_principal;
} }
/*
* Advanced *cpp past the end of key options, defined as the first unquoted
* whitespace character. Returns 0 on success or -1 on failure (e.g.
* unterminated quotes).
*/
static int
advance_past_options(char **cpp)
{
char *cp = *cpp;
int quoted = 0;
for (; *cp && (quoted || (*cp != ' ' && *cp != '\t')); cp++) {
if (*cp == '\\' && cp[1] == '"')
cp++; /* Skip both */
else if (*cp == '"')
quoted = !quoted;
}
*cpp = cp;
/* return failure for unterminated quotes */
return (*cp == '\0' && quoted) ? -1 : 0;
}
/* /*
* Check a single line of an authorized_keys-format file. Returns 0 if key * Check a single line of an authorized_keys-format file. Returns 0 if key
* matches, -1 otherwise. Will return key/cert options via *authoptsp * matches, -1 otherwise. Will return key/cert options via *authoptsp
@ -590,7 +568,7 @@ check_authkey_line(struct ssh *ssh, struct passwd *pw, struct sshkey *key,
/* no key? check for options */ /* no key? check for options */
debug2("%s: check options: '%s'", loc, cp); debug2("%s: check options: '%s'", loc, cp);
key_options = cp; key_options = cp;
if (advance_past_options(&cp) != 0) { if (sshkey_advance_past_options(&cp) != 0) {
reason = "invalid key option string"; reason = "invalid key option string";
goto fail_reason; goto fail_reason;
} }

View File

@ -1,4 +1,4 @@
/* $OpenBSD: authfile.c,v 1.134 2019/08/05 11:50:33 dtucker Exp $ */ /* $OpenBSD: authfile.c,v 1.135 2019/09/03 08:30:47 djm Exp $ */
/* /*
* Copyright (c) 2000, 2013 Markus Friedl. All rights reserved. * Copyright (c) 2000, 2013 Markus Friedl. All rights reserved.
* *
@ -528,3 +528,25 @@ sshkey_check_revoked(struct sshkey *key, const char *revoked_keys_file)
} }
} }
/*
* Advanced *cpp past the end of key options, defined as the first unquoted
* whitespace character. Returns 0 on success or -1 on failure (e.g.
* unterminated quotes).
*/
int
sshkey_advance_past_options(char **cpp)
{
char *cp = *cpp;
int quoted = 0;
for (; *cp && (quoted || (*cp != ' ' && *cp != '\t')); cp++) {
if (*cp == '\\' && cp[1] == '"')
cp++; /* Skip both */
else if (*cp == '"')
quoted = !quoted;
}
*cpp = cp;
/* return failure for unterminated quotes */
return (*cp == '\0' && quoted) ? -1 : 0;
}

View File

@ -1,4 +1,4 @@
/* $OpenBSD: authfile.h,v 1.22 2019/08/05 11:50:33 dtucker Exp $ */ /* $OpenBSD: authfile.h,v 1.23 2019/09/03 08:30:47 djm Exp $ */
/* /*
* Copyright (c) 2000, 2013 Markus Friedl. All rights reserved. * Copyright (c) 2000, 2013 Markus Friedl. All rights reserved.
@ -48,5 +48,6 @@ int sshkey_load_private_type_fd(int fd, int type, const char *passphrase,
int sshkey_perm_ok(int, const char *); int sshkey_perm_ok(int, const char *);
int sshkey_in_file(struct sshkey *, const char *, int, int); int sshkey_in_file(struct sshkey *, const char *, int, int);
int sshkey_check_revoked(struct sshkey *key, const char *revoked_keys_file); int sshkey_check_revoked(struct sshkey *key, const char *revoked_keys_file);
int sshkey_advance_past_options(char **cpp);
#endif #endif