- (djm) OpenBSD CVS Sync

- markus@cvs.openbsd.org 2003/06/02 09:17:34 [auth2-hostbased.c auth.c auth-options.c auth-rhosts.c auth-rh-rsa.c] [canohost.c monitor.c servconf.c servconf.h session.c sshd_config] [sshd_config.5] deprecate VerifyReverseMapping since it's dangerous if combined with IP based access control as noted by Mike Harding; replace with a UseDNS option, UseDNS is on by default and includes the VerifyReverseMapping check; with itojun@, provos@, jakob@ and deraadt@ ok deraadt@, djm@ - (djm) Fix portable-specific uses of verify_reverse_mapping too
author: Damien Miller <djm@mindrot.org> 2003-06-03 10:25:48 +1000
committer: Damien Miller <djm@mindrot.org> 2003-06-03 10:25:48 +1000
commit: 3a961dc0d36c1f87788b707130f6d07709822d38 (patch)
tree: 57f3a729408e4cbe08fa7f9699de2e583e0b2ca0 /auth2-hostbased.c
parent: 35276253a60a3e57ec21b82b2e3c81e03c0206de (diff)
1 files changed, 2 insertions, 2 deletions
diff --git a/auth2-hostbased.c b/auth2-hostbased.c
index f8b4ae852..bbc7d8a4d 100644
--- a/auth2-hostbased.c
+++ b/auth2-hostbased.c
@@ -23,7 +23,7 @@
 */
 #include "includes.h"
-RCSID("$OpenBSD: auth2-hostbased.c,v 1.3 2003/04/08 20:21:28 itojun Exp $");
+RCSID("$OpenBSD: auth2-hostbased.c,v 1.4 2003/06/02 09:17:34 markus Exp $");
 #include "ssh2.h"
 #include "xmalloc.h"
@@ -136,7 +136,7 @@ hostbased_key_allowed(struct passwd *pw, const char *cuser, char *chost,
        HostStatus host_status;
        int len;
-        resolvedname = get_canonical_hostname(options.verify_reverse_mapping);
+        resolvedname = get_canonical_hostname(options.use_dns);
        ipaddr = get_remote_ipaddr();
        debug2("userauth_hostbased: chost %s resolvedname %s ipaddr %s",
author	Damien Miller <djm@mindrot.org>	2003-06-03 10:25:48 +1000
committer	Damien Miller <djm@mindrot.org>	2003-06-03 10:25:48 +1000
commit	3a961dc0d36c1f87788b707130f6d07709822d38 (patch)
tree	57f3a729408e4cbe08fa7f9699de2e583e0b2ca0 /auth2-hostbased.c
parent	35276253a60a3e57ec21b82b2e3c81e03c0206de (diff)

diff --git a/auth2-hostbased.c b/auth2-hostbased.c index f8b4ae852..bbc7d8a4d 100644 --- a/auth2-hostbased.c +++ b/auth2-hostbased.c
@@ -23,7 +23,7 @@
23	*/	23	*/
24		24
25	#include "includes.h"	25	#include "includes.h"
26	RCSID("$OpenBSD: auth2-hostbased.c,v 1.3 2003/04/08 20:21:28 itojun Exp $");	26	RCSID("$OpenBSD: auth2-hostbased.c,v 1.4 2003/06/02 09:17:34 markus Exp $");
27		27
28	#include "ssh2.h"	28	#include "ssh2.h"
29	#include "xmalloc.h"	29	#include "xmalloc.h"
@@ -136,7 +136,7 @@ hostbased_key_allowed(struct passwd pw, const char cuser, char *chost,
136	HostStatus host_status;	136	HostStatus host_status;
137	int len;	137	int len;
138		138
139	resolvedname = get_canonical_hostname(options.verify_reverse_mapping);	139	resolvedname = get_canonical_hostname(options.use_dns);
140	ipaddr = get_remote_ipaddr();	140	ipaddr = get_remote_ipaddr();
141		141
142	debug2("userauth_hostbased: chost %s resolvedname %s ipaddr %s",	142	debug2("userauth_hostbased: chost %s resolvedname %s ipaddr %s",