- dtucker@cvs.openbsd.org 2004/12/06 11:41:03

     [auth-rsa.c auth2-pubkey.c authfile.c misc.c misc.h ssh.h sshd.8]
     Discard over-length authorized_keys entries rather than complaining when
     they don't decode.  bz #884, with & ok djm@

1 files changed, 5 insertions, 4 deletions

diff --git a/auth2-pubkey.c b/auth2-pubkey.c
index bafea09d..41e23beb 100644
--- a/auth2-pubkey.c
+++ b/auth2-pubkey.c
@@ -23,8 +23,9 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: auth2-pubkey.c,v 1.7 2004/06/21 17:36:31 avsm Exp $");
+RCSID("$OpenBSD: auth2-pubkey.c,v 1.8 2004/12/06 11:41:03 dtucker Exp $");
 
+#include "ssh.h"
 #include "ssh2.h"
 #include "xmalloc.h"
 #include "packet.h"
@@ -167,7 +168,7 @@ done:
 static int
 user_key_allowed2(struct passwd *pw, Key *key, char *file)
 {
-	char line[8192];
+	char line[SSH_MAX_PUBKEY_BYTES];
 	int found_key = 0;
 	FILE *f;
 	u_long linenum = 0;
@@ -204,9 +205,9 @@ user_key_allowed2(struct passwd *pw, Key *key, char *file)
 	found_key = 0;
 	found = key_new(key->type);
 
-	while (fgets(line, sizeof(line), f)) {
+	while (read_keyfile_line(f, file, line, sizeof(line), &linenum) != -1) {
 		char *cp, *key_options = NULL;
-		linenum++;
+
 		/* Skip leading whitespace, empty and comment lines. */
 		for (cp = line; *cp == ' ' || *cp == '\t'; cp++)
 			;