diff options
| -rw-r--r-- | ChangeLog | 6 | ||||
| -rw-r--r-- | auth2-hostbased.c | 11 |
2 files changed, 11 insertions, 6 deletions
| @@ -3,6 +3,10 @@ | |||
| 3 | - djm@cvs.openbsd.org 2008/07/17 08:48:00 | 3 | - djm@cvs.openbsd.org 2008/07/17 08:48:00 |
| 4 | [sshconnect2.c] | 4 | [sshconnect2.c] |
| 5 | strnvis preauth banner; pointed out by mpf@ ok markus@ | 5 | strnvis preauth banner; pointed out by mpf@ ok markus@ |
| 6 | - djm@cvs.openbsd.org 2008/07/17 08:51:07 | ||
| 7 | [auth2-hostbased.c] | ||
| 8 | strip trailing '.' from hostname when HostbasedUsesNameFromPacketOnly=yes | ||
| 9 | report and patch from res AT qoxp.net (bz#1200); ok markus@ | ||
| 6 | 10 | ||
| 7 | 20080716 | 11 | 20080716 |
| 8 | - OpenBSD CVS Sync | 12 | - OpenBSD CVS Sync |
| @@ -4690,4 +4694,4 @@ | |||
| 4690 | OpenServer 6 and add osr5bigcrypt support so when someone migrates | 4694 | OpenServer 6 and add osr5bigcrypt support so when someone migrates |
| 4691 | passwords between UnixWare and OpenServer they will still work. OK dtucker@ | 4695 | passwords between UnixWare and OpenServer they will still work. OK dtucker@ |
| 4692 | 4696 | ||
| 4693 | $Id: ChangeLog,v 1.5088 2008/07/17 08:57:06 djm Exp $ | 4697 | $Id: ChangeLog,v 1.5089 2008/07/17 08:57:19 djm Exp $ |
diff --git a/auth2-hostbased.c b/auth2-hostbased.c index 663dec5d9..041051c53 100644 --- a/auth2-hostbased.c +++ b/auth2-hostbased.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: auth2-hostbased.c,v 1.11 2006/08/03 03:34:41 deraadt Exp $ */ | 1 | /* $OpenBSD: auth2-hostbased.c,v 1.12 2008/07/17 08:51:07 djm Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Copyright (c) 2000 Markus Friedl. All rights reserved. | 3 | * Copyright (c) 2000 Markus Friedl. All rights reserved. |
| 4 | * | 4 | * |
| @@ -151,15 +151,16 @@ hostbased_key_allowed(struct passwd *pw, const char *cuser, char *chost, | |||
| 151 | debug2("userauth_hostbased: chost %s resolvedname %s ipaddr %s", | 151 | debug2("userauth_hostbased: chost %s resolvedname %s ipaddr %s", |
| 152 | chost, resolvedname, ipaddr); | 152 | chost, resolvedname, ipaddr); |
| 153 | 153 | ||
| 154 | if (((len = strlen(chost)) > 0) && chost[len - 1] == '.') { | ||
| 155 | debug2("stripping trailing dot from chost %s", chost); | ||
| 156 | chost[len - 1] = '\0'; | ||
| 157 | } | ||
| 158 | |||
| 154 | if (options.hostbased_uses_name_from_packet_only) { | 159 | if (options.hostbased_uses_name_from_packet_only) { |
| 155 | if (auth_rhosts2(pw, cuser, chost, chost) == 0) | 160 | if (auth_rhosts2(pw, cuser, chost, chost) == 0) |
| 156 | return 0; | 161 | return 0; |
| 157 | lookup = chost; | 162 | lookup = chost; |
| 158 | } else { | 163 | } else { |
| 159 | if (((len = strlen(chost)) > 0) && chost[len - 1] == '.') { | ||
| 160 | debug2("stripping trailing dot from chost %s", chost); | ||
| 161 | chost[len - 1] = '\0'; | ||
| 162 | } | ||
| 163 | if (strcasecmp(resolvedname, chost) != 0) | 164 | if (strcasecmp(resolvedname, chost) != 0) |
| 164 | logit("userauth_hostbased mismatch: " | 165 | logit("userauth_hostbased mismatch: " |
| 165 | "client sends %s, but we resolve %s to %s", | 166 | "client sends %s, but we resolve %s to %s", |