diff options
| author | Ben Lindstrom <mouring@eviladmin.org> | 2001-06-25 05:17:53 +0000 |
|---|---|---|
| committer | Ben Lindstrom <mouring@eviladmin.org> | 2001-06-25 05:17:53 +0000 |
| commit | f0c50293dddf8b36e9511fdf1c2f3f443800e51c (patch) | |
| tree | da67f013d1129a39fab6e528ffb47e7e7cec392a /auth-options.c | |
| parent | 05209451795171b9c851daa3473e4a52745c50d5 (diff) | |
- markus@cvs.openbsd.org 2001/06/24 05:25:10
[auth-options.c match.c match.h]
move ip+hostname check to match.c
Diffstat (limited to 'auth-options.c')
| -rw-r--r-- | auth-options.c | 19 |
1 files changed, 5 insertions, 14 deletions
diff --git a/auth-options.c b/auth-options.c index 210fbe7ea..83ef02c42 100644 --- a/auth-options.c +++ b/auth-options.c | |||
| @@ -10,7 +10,7 @@ | |||
| 10 | */ | 10 | */ |
| 11 | 11 | ||
| 12 | #include "includes.h" | 12 | #include "includes.h" |
| 13 | RCSID("$OpenBSD: auth-options.c,v 1.18 2001/05/31 10:30:12 markus Exp $"); | 13 | RCSID("$OpenBSD: auth-options.c,v 1.19 2001/06/24 05:25:09 markus Exp $"); |
| 14 | 14 | ||
| 15 | #include "packet.h" | 15 | #include "packet.h" |
| 16 | #include "xmalloc.h" | 16 | #include "xmalloc.h" |
| @@ -167,7 +167,6 @@ auth_parse_options(struct passwd *pw, char *opts, char *file, u_long linenum) | |||
| 167 | } | 167 | } |
| 168 | cp = "from=\""; | 168 | cp = "from=\""; |
| 169 | if (strncasecmp(opts, cp, strlen(cp)) == 0) { | 169 | if (strncasecmp(opts, cp, strlen(cp)) == 0) { |
| 170 | int mname, mip; | ||
| 171 | const char *remote_ip = get_remote_ipaddr(); | 170 | const char *remote_ip = get_remote_ipaddr(); |
| 172 | const char *remote_host = get_canonical_hostname( | 171 | const char *remote_host = get_canonical_hostname( |
| 173 | options.reverse_mapping_check); | 172 | options.reverse_mapping_check); |
| @@ -195,18 +194,9 @@ auth_parse_options(struct passwd *pw, char *opts, char *file, u_long linenum) | |||
| 195 | } | 194 | } |
| 196 | patterns[i] = 0; | 195 | patterns[i] = 0; |
| 197 | opts++; | 196 | opts++; |
| 198 | /* | 197 | if (match_host_and_ip(remote_host, remote_ip, |
| 199 | * Deny access if we get a negative | 198 | patterns) != 1) { |
| 200 | * match for the hostname or the ip | 199 | xfree(patterns); |
| 201 | * or if we get not match at all | ||
| 202 | */ | ||
| 203 | mname = match_hostname(remote_host, patterns, | ||
| 204 | strlen(patterns)); | ||
| 205 | mip = match_hostname(remote_ip, patterns, | ||
| 206 | strlen(patterns)); | ||
| 207 | xfree(patterns); | ||
| 208 | if (mname == -1 || mip == -1 || | ||
| 209 | (mname != 1 && mip != 1)) { | ||
| 210 | log("Authentication tried for %.100s with " | 200 | log("Authentication tried for %.100s with " |
| 211 | "correct key but not from a permitted " | 201 | "correct key but not from a permitted " |
| 212 | "host (host=%.200s, ip=%.200s).", | 202 | "host (host=%.200s, ip=%.200s).", |
| @@ -217,6 +207,7 @@ auth_parse_options(struct passwd *pw, char *opts, char *file, u_long linenum) | |||
| 217 | /* deny access */ | 207 | /* deny access */ |
| 218 | return 0; | 208 | return 0; |
| 219 | } | 209 | } |
| 210 | xfree(patterns); | ||
| 220 | /* Host name matches. */ | 211 | /* Host name matches. */ |
| 221 | goto next_option; | 212 | goto next_option; |
| 222 | } | 213 | } |