upstream: print the full pubkey being attempted at loglevel >=

debug2; bz2939

OpenBSD-Commit-ID: ac0fe5ca1429ebf4d460bad602adc96de0d7e290
This commit is contained in:
djm@openbsd.org 2019-01-22 11:26:16 +00:00 committed by Damien Miller
parent 180b520e2b
commit ff5d2cf4ca

View File

@ -1,4 +1,4 @@
/* $OpenBSD: auth2-pubkey.c,v 1.86 2018/09/20 03:28:06 djm Exp $ */
/* $OpenBSD: auth2-pubkey.c,v 1.87 2019/01/22 11:26:16 djm Exp $ */
/*
* Copyright (c) 2000 Markus Friedl. All rights reserved.
*
@ -102,6 +102,22 @@ userauth_pubkey(struct ssh *ssh)
(r = sshpkt_get_cstring(ssh, &pkalg, NULL)) != 0 ||
(r = sshpkt_get_string(ssh, &pkblob, &blen)) != 0)
fatal("%s: parse request failed: %s", __func__, ssh_err(r));
if (log_level_get() >= SYSLOG_LEVEL_DEBUG2) {
char *keystring;
struct sshbuf *pkbuf;
if ((pkbuf = sshbuf_from(pkblob, blen)) == NULL)
fatal("%s: sshbuf_from failed", __func__);
if ((keystring = sshbuf_dtob64(pkbuf)) == NULL)
fatal("%s: sshbuf_dtob64 failed", __func__);
debug2("%s: %s user %s %s public key %s %s", __func__,
authctxt->valid ? "valid" : "invalid", authctxt->user,
have_sig ? "attempting" : "querying", pkalg, keystring);
sshbuf_free(pkbuf);
free(keystring);
}
pktype = sshkey_type_from_name(pkalg);
if (pktype == KEY_UNSPEC) {
/* this is perfectly legal */