diff options
Diffstat (limited to 'auth-options.c')
-rw-r--r-- | auth-options.c | 18 |
1 files changed, 2 insertions, 16 deletions
diff --git a/auth-options.c b/auth-options.c index 8d1ef0a18..146b3d174 100644 --- a/auth-options.c +++ b/auth-options.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: auth-options.c,v 1.54 2010/12/24 21:41:48 djm Exp $ */ | 1 | /* $OpenBSD: auth-options.c,v 1.56 2011/10/18 04:58:26 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
@@ -355,7 +355,7 @@ auth_parse_options(struct passwd *pw, char *opts, char *file, u_long linenum) | |||
355 | goto bad_option; | 355 | goto bad_option; |
356 | } | 356 | } |
357 | host = cleanhostname(host); | 357 | host = cleanhostname(host); |
358 | if (p == NULL || (port = a2port(p)) <= 0) { | 358 | if (p == NULL || (port = permitopen_port(p)) < 0) { |
359 | debug("%.100s, line %lu: Bad permitopen port " | 359 | debug("%.100s, line %lu: Bad permitopen port " |
360 | "<%.100s>", file, linenum, p ? p : ""); | 360 | "<%.100s>", file, linenum, p ? p : ""); |
361 | auth_debug_add("%.100s, line %lu: " | 361 | auth_debug_add("%.100s, line %lu: " |
@@ -466,10 +466,6 @@ parse_option_list(u_char *optblob, size_t optblob_len, struct passwd *pw, | |||
466 | buffer_append(&data, data_blob, dlen); | 466 | buffer_append(&data, data_blob, dlen); |
467 | debug3("found certificate option \"%.100s\" len %u", | 467 | debug3("found certificate option \"%.100s\" len %u", |
468 | name, dlen); | 468 | name, dlen); |
469 | if (strlen(name) != nlen) { | ||
470 | error("Certificate constraint name contains \\0"); | ||
471 | goto out; | ||
472 | } | ||
473 | found = 0; | 469 | found = 0; |
474 | if ((which & OPTIONS_EXTENSIONS) != 0) { | 470 | if ((which & OPTIONS_EXTENSIONS) != 0) { |
475 | if (strcmp(name, "permit-X11-forwarding") == 0) { | 471 | if (strcmp(name, "permit-X11-forwarding") == 0) { |
@@ -499,11 +495,6 @@ parse_option_list(u_char *optblob, size_t optblob_len, struct passwd *pw, | |||
499 | "corrupt", name); | 495 | "corrupt", name); |
500 | goto out; | 496 | goto out; |
501 | } | 497 | } |
502 | if (strlen(command) != clen) { | ||
503 | error("force-command constraint " | ||
504 | "contains \\0"); | ||
505 | goto out; | ||
506 | } | ||
507 | if (*cert_forced_command != NULL) { | 498 | if (*cert_forced_command != NULL) { |
508 | error("Certificate has multiple " | 499 | error("Certificate has multiple " |
509 | "force-command options"); | 500 | "force-command options"); |
@@ -520,11 +511,6 @@ parse_option_list(u_char *optblob, size_t optblob_len, struct passwd *pw, | |||
520 | "\"%s\" corrupt", name); | 511 | "\"%s\" corrupt", name); |
521 | goto out; | 512 | goto out; |
522 | } | 513 | } |
523 | if (strlen(allowed) != clen) { | ||
524 | error("source-address constraint " | ||
525 | "contains \\0"); | ||
526 | goto out; | ||
527 | } | ||
528 | if ((*cert_source_address_done)++) { | 514 | if ((*cert_source_address_done)++) { |
529 | error("Certificate has multiple " | 515 | error("Certificate has multiple " |
530 | "source-address options"); | 516 | "source-address options"); |