summaryrefslogtreecommitdiff
path: root/auth-options.c
diff options
context:
space:
mode:
authorColin Watson <cjwatson@debian.org>2012-05-17 13:04:02 +0100
committerColin Watson <cjwatson@debian.org>2012-05-17 13:04:02 +0100
commitdd5ed53e20d218607260916a6b04d1c8c5b3d88f (patch)
treec59b4dbcc610f10700945f885adf3bddc2542c26 /auth-options.c
parent8241a65bf12ac53c1b7304bba7ce739aad80b8b8 (diff)
parentb9bc38990c5eb5d99e28ca5af6d3491fd4a0060a (diff)
merge 6.0p1
Diffstat (limited to 'auth-options.c')
-rw-r--r--auth-options.c18
1 files changed, 2 insertions, 16 deletions
diff --git a/auth-options.c b/auth-options.c
index eae45cf2b..0e67bd8c0 100644
--- a/auth-options.c
+++ b/auth-options.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: auth-options.c,v 1.54 2010/12/24 21:41:48 djm Exp $ */ 1/* $OpenBSD: auth-options.c,v 1.56 2011/10/18 04:58:26 djm Exp $ */
2/* 2/*
3 * Author: Tatu Ylonen <ylo@cs.hut.fi> 3 * Author: Tatu Ylonen <ylo@cs.hut.fi>
4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland 4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -341,7 +341,7 @@ auth_parse_options(struct passwd *pw, char *opts, char *file, u_long linenum)
341 goto bad_option; 341 goto bad_option;
342 } 342 }
343 host = cleanhostname(host); 343 host = cleanhostname(host);
344 if (p == NULL || (port = a2port(p)) <= 0) { 344 if (p == NULL || (port = permitopen_port(p)) < 0) {
345 debug("%.100s, line %lu: Bad permitopen port " 345 debug("%.100s, line %lu: Bad permitopen port "
346 "<%.100s>", file, linenum, p ? p : ""); 346 "<%.100s>", file, linenum, p ? p : "");
347 auth_debug_add("%.100s, line %lu: " 347 auth_debug_add("%.100s, line %lu: "
@@ -452,10 +452,6 @@ parse_option_list(u_char *optblob, size_t optblob_len, struct passwd *pw,
452 buffer_append(&data, data_blob, dlen); 452 buffer_append(&data, data_blob, dlen);
453 debug3("found certificate option \"%.100s\" len %u", 453 debug3("found certificate option \"%.100s\" len %u",
454 name, dlen); 454 name, dlen);
455 if (strlen(name) != nlen) {
456 error("Certificate constraint name contains \\0");
457 goto out;
458 }
459 found = 0; 455 found = 0;
460 if ((which & OPTIONS_EXTENSIONS) != 0) { 456 if ((which & OPTIONS_EXTENSIONS) != 0) {
461 if (strcmp(name, "permit-X11-forwarding") == 0) { 457 if (strcmp(name, "permit-X11-forwarding") == 0) {
@@ -485,11 +481,6 @@ parse_option_list(u_char *optblob, size_t optblob_len, struct passwd *pw,
485 "corrupt", name); 481 "corrupt", name);
486 goto out; 482 goto out;
487 } 483 }
488 if (strlen(command) != clen) {
489 error("force-command constraint "
490 "contains \\0");
491 goto out;
492 }
493 if (*cert_forced_command != NULL) { 484 if (*cert_forced_command != NULL) {
494 error("Certificate has multiple " 485 error("Certificate has multiple "
495 "force-command options"); 486 "force-command options");
@@ -506,11 +497,6 @@ parse_option_list(u_char *optblob, size_t optblob_len, struct passwd *pw,
506 "\"%s\" corrupt", name); 497 "\"%s\" corrupt", name);
507 goto out; 498 goto out;
508 } 499 }
509 if (strlen(allowed) != clen) {
510 error("source-address constraint "
511 "contains \\0");
512 goto out;
513 }
514 if ((*cert_source_address_done)++) { 500 if ((*cert_source_address_done)++) {
515 error("Certificate has multiple " 501 error("Certificate has multiple "
516 "source-address options"); 502 "source-address options");