diff options
author | Damien Miller <djm@mindrot.org> | 2003-06-03 10:25:48 +1000 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 2003-06-03 10:25:48 +1000 |
commit | 3a961dc0d36c1f87788b707130f6d07709822d38 (patch) | |
tree | 57f3a729408e4cbe08fa7f9699de2e583e0b2ca0 /session.c | |
parent | 35276253a60a3e57ec21b82b2e3c81e03c0206de (diff) |
- (djm) OpenBSD CVS Sync
- markus@cvs.openbsd.org 2003/06/02 09:17:34
[auth2-hostbased.c auth.c auth-options.c auth-rhosts.c auth-rh-rsa.c]
[canohost.c monitor.c servconf.c servconf.h session.c sshd_config]
[sshd_config.5]
deprecate VerifyReverseMapping since it's dangerous if combined
with IP based access control as noted by Mike Harding; replace with
a UseDNS option, UseDNS is on by default and includes the
VerifyReverseMapping check; with itojun@, provos@, jakob@ and deraadt@
ok deraadt@, djm@
- (djm) Fix portable-specific uses of verify_reverse_mapping too
Diffstat (limited to 'session.c')
-rw-r--r-- | session.c | 8 |
1 files changed, 4 insertions, 4 deletions
@@ -33,7 +33,7 @@ | |||
33 | */ | 33 | */ |
34 | 34 | ||
35 | #include "includes.h" | 35 | #include "includes.h" |
36 | RCSID("$OpenBSD: session.c,v 1.157 2003/05/14 22:24:42 markus Exp $"); | 36 | RCSID("$OpenBSD: session.c,v 1.158 2003/06/02 09:17:34 markus Exp $"); |
37 | 37 | ||
38 | #include "ssh.h" | 38 | #include "ssh.h" |
39 | #include "ssh1.h" | 39 | #include "ssh1.h" |
@@ -694,7 +694,7 @@ do_pre_login(Session *s) | |||
694 | } | 694 | } |
695 | 695 | ||
696 | record_utmp_only(pid, s->tty, s->pw->pw_name, | 696 | record_utmp_only(pid, s->tty, s->pw->pw_name, |
697 | get_remote_name_or_ip(utmp_len, options.verify_reverse_mapping), | 697 | get_remote_name_or_ip(utmp_len, options.use_dns), |
698 | (struct sockaddr *)&from, fromlen); | 698 | (struct sockaddr *)&from, fromlen); |
699 | } | 699 | } |
700 | #endif | 700 | #endif |
@@ -749,7 +749,7 @@ do_login(Session *s, const char *command) | |||
749 | if (!use_privsep) | 749 | if (!use_privsep) |
750 | record_login(pid, s->tty, pw->pw_name, pw->pw_uid, | 750 | record_login(pid, s->tty, pw->pw_name, pw->pw_uid, |
751 | get_remote_name_or_ip(utmp_len, | 751 | get_remote_name_or_ip(utmp_len, |
752 | options.verify_reverse_mapping), | 752 | options.use_dns), |
753 | (struct sockaddr *)&from, fromlen); | 753 | (struct sockaddr *)&from, fromlen); |
754 | 754 | ||
755 | #ifdef USE_PAM | 755 | #ifdef USE_PAM |
@@ -1353,7 +1353,7 @@ do_child(Session *s, const char *command) | |||
1353 | /* we have to stash the hostname before we close our socket. */ | 1353 | /* we have to stash the hostname before we close our socket. */ |
1354 | if (options.use_login) | 1354 | if (options.use_login) |
1355 | hostname = get_remote_name_or_ip(utmp_len, | 1355 | hostname = get_remote_name_or_ip(utmp_len, |
1356 | options.verify_reverse_mapping); | 1356 | options.use_dns); |
1357 | /* | 1357 | /* |
1358 | * Close the connection descriptors; note that this is the child, and | 1358 | * Close the connection descriptors; note that this is the child, and |
1359 | * the server will still have the socket open, and it is important | 1359 | * the server will still have the socket open, and it is important |