diff options
Diffstat (limited to 'auth-options.c')
-rw-r--r-- | auth-options.c | 28 |
1 files changed, 16 insertions, 12 deletions
diff --git a/auth-options.c b/auth-options.c index 0e146ab15..04d12d66e 100644 --- a/auth-options.c +++ b/auth-options.c | |||
@@ -10,7 +10,7 @@ | |||
10 | */ | 10 | */ |
11 | 11 | ||
12 | #include "includes.h" | 12 | #include "includes.h" |
13 | RCSID("$OpenBSD: auth-options.c,v 1.28 2003/06/02 09:17:34 markus Exp $"); | 13 | RCSID("$OpenBSD: auth-options.c,v 1.29 2005/03/01 10:09:52 djm Exp $"); |
14 | 14 | ||
15 | #include "xmalloc.h" | 15 | #include "xmalloc.h" |
16 | #include "match.h" | 16 | #include "match.h" |
@@ -217,7 +217,7 @@ auth_parse_options(struct passwd *pw, char *opts, char *file, u_long linenum) | |||
217 | } | 217 | } |
218 | cp = "permitopen=\""; | 218 | cp = "permitopen=\""; |
219 | if (strncasecmp(opts, cp, strlen(cp)) == 0) { | 219 | if (strncasecmp(opts, cp, strlen(cp)) == 0) { |
220 | char host[256], sport[6]; | 220 | char *host, *p; |
221 | u_short port; | 221 | u_short port; |
222 | char *patterns = xmalloc(strlen(opts) + 1); | 222 | char *patterns = xmalloc(strlen(opts) + 1); |
223 | 223 | ||
@@ -236,25 +236,29 @@ auth_parse_options(struct passwd *pw, char *opts, char *file, u_long linenum) | |||
236 | if (!*opts) { | 236 | if (!*opts) { |
237 | debug("%.100s, line %lu: missing end quote", | 237 | debug("%.100s, line %lu: missing end quote", |
238 | file, linenum); | 238 | file, linenum); |
239 | auth_debug_add("%.100s, line %lu: missing end quote", | 239 | auth_debug_add("%.100s, line %lu: missing " |
240 | file, linenum); | 240 | "end quote", file, linenum); |
241 | xfree(patterns); | 241 | xfree(patterns); |
242 | goto bad_option; | 242 | goto bad_option; |
243 | } | 243 | } |
244 | patterns[i] = 0; | 244 | patterns[i] = 0; |
245 | opts++; | 245 | opts++; |
246 | if (sscanf(patterns, "%255[^:]:%5[0-9]", host, sport) != 2 && | 246 | p = patterns; |
247 | sscanf(patterns, "%255[^/]/%5[0-9]", host, sport) != 2) { | 247 | host = hpdelim(&p); |
248 | debug("%.100s, line %lu: Bad permitopen specification " | 248 | if (host == NULL || strlen(host) >= NI_MAXHOST) { |
249 | "<%.100s>", file, linenum, patterns); | 249 | debug("%.100s, line %lu: Bad permitopen " |
250 | "specification <%.100s>", file, linenum, | ||
251 | patterns); | ||
250 | auth_debug_add("%.100s, line %lu: " | 252 | auth_debug_add("%.100s, line %lu: " |
251 | "Bad permitopen specification", file, linenum); | 253 | "Bad permitopen specification", file, |
254 | linenum); | ||
252 | xfree(patterns); | 255 | xfree(patterns); |
253 | goto bad_option; | 256 | goto bad_option; |
254 | } | 257 | } |
255 | if ((port = a2port(sport)) == 0) { | 258 | host = cleanhostname(host); |
256 | debug("%.100s, line %lu: Bad permitopen port <%.100s>", | 259 | if (p == NULL || (port = a2port(p)) == 0) { |
257 | file, linenum, sport); | 260 | debug("%.100s, line %lu: Bad permitopen port " |
261 | "<%.100s>", file, linenum, p ? p : ""); | ||
258 | auth_debug_add("%.100s, line %lu: " | 262 | auth_debug_add("%.100s, line %lu: " |
259 | "Bad permitopen port", file, linenum); | 263 | "Bad permitopen port", file, linenum); |
260 | xfree(patterns); | 264 | xfree(patterns); |