summaryrefslogtreecommitdiff
path: root/auth-rhosts.c
diff options
context:
space:
mode:
authorBen Lindstrom <mouring@eviladmin.org>2001-04-12 23:34:34 +0000
committerBen Lindstrom <mouring@eviladmin.org>2001-04-12 23:34:34 +0000
commit5eabda303aa26c77e4c383230db9ce9d9175e580 (patch)
treea084d793ff9789b41920bb259c7ff309d21eba24 /auth-rhosts.c
parent0998872972ec9a059204344cf0bec64123b3e28c (diff)
- markus@cvs.openbsd.org 2001/04/12 19:15:26
[auth-rhosts.c auth.h auth2.c buffer.c canohost.c canohost.h compat.c compat.h hostfile.c pathnames.h readconf.c readconf.h servconf.c servconf.h ssh.c sshconnect.c sshconnect.h sshconnect1.c sshconnect2.c sshd_config] implement HostbasedAuthentication (= RhostRSAAuthentication for ssh v2) similar to RhostRSAAuthentication unless you enable (the experimental) HostbasedUsesNameFromPacketOnly option. please test. :)
Diffstat (limited to 'auth-rhosts.c')
-rw-r--r--auth-rhosts.c27
1 files changed, 21 insertions, 6 deletions
diff --git a/auth-rhosts.c b/auth-rhosts.c
index c71e9b55d..324a0f925 100644
--- a/auth-rhosts.c
+++ b/auth-rhosts.c
@@ -14,7 +14,7 @@
14 */ 14 */
15 15
16#include "includes.h" 16#include "includes.h"
17RCSID("$OpenBSD: auth-rhosts.c,v 1.22 2001/04/06 21:00:06 markus Exp $"); 17RCSID("$OpenBSD: auth-rhosts.c,v 1.23 2001/04/12 19:15:24 markus Exp $");
18 18
19#include "packet.h" 19#include "packet.h"
20#include "xmalloc.h" 20#include "xmalloc.h"
@@ -25,6 +25,9 @@ RCSID("$OpenBSD: auth-rhosts.c,v 1.22 2001/04/06 21:00:06 markus Exp $");
25#include "canohost.h" 25#include "canohost.h"
26#include "auth.h" 26#include "auth.h"
27 27
28/* import */
29extern ServerOptions options;
30
28/* 31/*
29 * This function processes an rhosts-style file (.rhosts, .shosts, or 32 * This function processes an rhosts-style file (.rhosts, .shosts, or
30 * /etc/hosts.equiv). This returns true if authentication can be granted 33 * /etc/hosts.equiv). This returns true if authentication can be granted
@@ -150,16 +153,31 @@ check_rhosts_file(const char *filename, const char *hostname,
150int 153int
151auth_rhosts(struct passwd *pw, const char *client_user) 154auth_rhosts(struct passwd *pw, const char *client_user)
152{ 155{
153 extern ServerOptions options;
154 char buf[1024];
155 const char *hostname, *ipaddr; 156 const char *hostname, *ipaddr;
157 int ret;
158
159 hostname = get_canonical_hostname(options.reverse_mapping_check);
160 ipaddr = get_remote_ipaddr();
161 ret = auth_rhosts2(pw, client_user, hostname, ipaddr);
162 return ret;
163}
164
165int
166auth_rhosts2(struct passwd *pw, const char *client_user, const char *hostname,
167 const char *ipaddr)
168{
169 char buf[1024];
156 struct stat st; 170 struct stat st;
157 static const char *rhosts_files[] = {".shosts", ".rhosts", NULL}; 171 static const char *rhosts_files[] = {".shosts", ".rhosts", NULL};
158 u_int rhosts_file_index; 172 u_int rhosts_file_index;
159 173
174 debug2("auth_rhosts2: clientuser %s hostname %s ipaddr %s",
175 client_user, hostname, ipaddr);
176
160 /* no user given */ 177 /* no user given */
161 if (pw == NULL) 178 if (pw == NULL)
162 return 0; 179 return 0;
180
163 /* Switch to the user's uid. */ 181 /* Switch to the user's uid. */
164 temporarily_use_uid(pw); 182 temporarily_use_uid(pw);
165 /* 183 /*
@@ -184,9 +202,6 @@ auth_rhosts(struct passwd *pw, const char *client_user)
184 stat(_PATH_SSH_HOSTS_EQUIV, &st) < 0) 202 stat(_PATH_SSH_HOSTS_EQUIV, &st) < 0)
185 return 0; 203 return 0;
186 204
187 hostname = get_canonical_hostname(options.reverse_mapping_check);
188 ipaddr = get_remote_ipaddr();
189
190 /* If not logging in as superuser, try /etc/hosts.equiv and shosts.equiv. */ 205 /* If not logging in as superuser, try /etc/hosts.equiv and shosts.equiv. */
191 if (pw->pw_uid != 0) { 206 if (pw->pw_uid != 0) {
192 if (check_rhosts_file(_PATH_RHOSTS_EQUIV, hostname, ipaddr, client_user, 207 if (check_rhosts_file(_PATH_RHOSTS_EQUIV, hostname, ipaddr, client_user,
generated by cgit v1.2.3 (git 2.39.1) at 2024-06-01 04:23:42 +0000