diff options
Diffstat (limited to 'auth-options.c')
-rw-r--r-- | auth-options.c | 19 |
1 files changed, 5 insertions, 14 deletions
diff --git a/auth-options.c b/auth-options.c index 210fbe7ea..83ef02c42 100644 --- a/auth-options.c +++ b/auth-options.c | |||
@@ -10,7 +10,7 @@ | |||
10 | */ | 10 | */ |
11 | 11 | ||
12 | #include "includes.h" | 12 | #include "includes.h" |
13 | RCSID("$OpenBSD: auth-options.c,v 1.18 2001/05/31 10:30:12 markus Exp $"); | 13 | RCSID("$OpenBSD: auth-options.c,v 1.19 2001/06/24 05:25:09 markus Exp $"); |
14 | 14 | ||
15 | #include "packet.h" | 15 | #include "packet.h" |
16 | #include "xmalloc.h" | 16 | #include "xmalloc.h" |
@@ -167,7 +167,6 @@ auth_parse_options(struct passwd *pw, char *opts, char *file, u_long linenum) | |||
167 | } | 167 | } |
168 | cp = "from=\""; | 168 | cp = "from=\""; |
169 | if (strncasecmp(opts, cp, strlen(cp)) == 0) { | 169 | if (strncasecmp(opts, cp, strlen(cp)) == 0) { |
170 | int mname, mip; | ||
171 | const char *remote_ip = get_remote_ipaddr(); | 170 | const char *remote_ip = get_remote_ipaddr(); |
172 | const char *remote_host = get_canonical_hostname( | 171 | const char *remote_host = get_canonical_hostname( |
173 | options.reverse_mapping_check); | 172 | options.reverse_mapping_check); |
@@ -195,18 +194,9 @@ auth_parse_options(struct passwd *pw, char *opts, char *file, u_long linenum) | |||
195 | } | 194 | } |
196 | patterns[i] = 0; | 195 | patterns[i] = 0; |
197 | opts++; | 196 | opts++; |
198 | /* | 197 | if (match_host_and_ip(remote_host, remote_ip, |
199 | * Deny access if we get a negative | 198 | patterns) != 1) { |
200 | * match for the hostname or the ip | 199 | xfree(patterns); |
201 | * or if we get not match at all | ||
202 | */ | ||
203 | mname = match_hostname(remote_host, patterns, | ||
204 | strlen(patterns)); | ||
205 | mip = match_hostname(remote_ip, patterns, | ||
206 | strlen(patterns)); | ||
207 | xfree(patterns); | ||
208 | if (mname == -1 || mip == -1 || | ||
209 | (mname != 1 && mip != 1)) { | ||
210 | log("Authentication tried for %.100s with " | 200 | log("Authentication tried for %.100s with " |
211 | "correct key but not from a permitted " | 201 | "correct key but not from a permitted " |
212 | "host (host=%.200s, ip=%.200s).", | 202 | "host (host=%.200s, ip=%.200s).", |
@@ -217,6 +207,7 @@ auth_parse_options(struct passwd *pw, char *opts, char *file, u_long linenum) | |||
217 | /* deny access */ | 207 | /* deny access */ |
218 | return 0; | 208 | return 0; |
219 | } | 209 | } |
210 | xfree(patterns); | ||
220 | /* Host name matches. */ | 211 | /* Host name matches. */ |
221 | goto next_option; | 212 | goto next_option; |
222 | } | 213 | } |