diff options
Diffstat (limited to 'auth-options.c')
| -rw-r--r-- | auth-options.c | 18 |
1 files changed, 2 insertions, 16 deletions
diff --git a/auth-options.c b/auth-options.c index eae45cf2b..0e67bd8c0 100644 --- a/auth-options.c +++ b/auth-options.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: auth-options.c,v 1.54 2010/12/24 21:41:48 djm Exp $ */ | 1 | /* $OpenBSD: auth-options.c,v 1.56 2011/10/18 04:58:26 djm Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
| 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
| @@ -341,7 +341,7 @@ auth_parse_options(struct passwd *pw, char *opts, char *file, u_long linenum) | |||
| 341 | goto bad_option; | 341 | goto bad_option; |
| 342 | } | 342 | } |
| 343 | host = cleanhostname(host); | 343 | host = cleanhostname(host); |
| 344 | if (p == NULL || (port = a2port(p)) <= 0) { | 344 | if (p == NULL || (port = permitopen_port(p)) < 0) { |
| 345 | debug("%.100s, line %lu: Bad permitopen port " | 345 | debug("%.100s, line %lu: Bad permitopen port " |
| 346 | "<%.100s>", file, linenum, p ? p : ""); | 346 | "<%.100s>", file, linenum, p ? p : ""); |
| 347 | auth_debug_add("%.100s, line %lu: " | 347 | auth_debug_add("%.100s, line %lu: " |
| @@ -452,10 +452,6 @@ parse_option_list(u_char *optblob, size_t optblob_len, struct passwd *pw, | |||
| 452 | buffer_append(&data, data_blob, dlen); | 452 | buffer_append(&data, data_blob, dlen); |
| 453 | debug3("found certificate option \"%.100s\" len %u", | 453 | debug3("found certificate option \"%.100s\" len %u", |
| 454 | name, dlen); | 454 | name, dlen); |
| 455 | if (strlen(name) != nlen) { | ||
| 456 | error("Certificate constraint name contains \\0"); | ||
| 457 | goto out; | ||
| 458 | } | ||
| 459 | found = 0; | 455 | found = 0; |
| 460 | if ((which & OPTIONS_EXTENSIONS) != 0) { | 456 | if ((which & OPTIONS_EXTENSIONS) != 0) { |
| 461 | if (strcmp(name, "permit-X11-forwarding") == 0) { | 457 | if (strcmp(name, "permit-X11-forwarding") == 0) { |
| @@ -485,11 +481,6 @@ parse_option_list(u_char *optblob, size_t optblob_len, struct passwd *pw, | |||
| 485 | "corrupt", name); | 481 | "corrupt", name); |
| 486 | goto out; | 482 | goto out; |
| 487 | } | 483 | } |
| 488 | if (strlen(command) != clen) { | ||
| 489 | error("force-command constraint " | ||
| 490 | "contains \\0"); | ||
| 491 | goto out; | ||
| 492 | } | ||
| 493 | if (*cert_forced_command != NULL) { | 484 | if (*cert_forced_command != NULL) { |
| 494 | error("Certificate has multiple " | 485 | error("Certificate has multiple " |
| 495 | "force-command options"); | 486 | "force-command options"); |
| @@ -506,11 +497,6 @@ parse_option_list(u_char *optblob, size_t optblob_len, struct passwd *pw, | |||
| 506 | "\"%s\" corrupt", name); | 497 | "\"%s\" corrupt", name); |
| 507 | goto out; | 498 | goto out; |
| 508 | } | 499 | } |
| 509 | if (strlen(allowed) != clen) { | ||
| 510 | error("source-address constraint " | ||
| 511 | "contains \\0"); | ||
| 512 | goto out; | ||
| 513 | } | ||
| 514 | if ((*cert_source_address_done)++) { | 500 | if ((*cert_source_address_done)++) { |
| 515 | error("Certificate has multiple " | 501 | error("Certificate has multiple " |
| 516 | "source-address options"); | 502 | "source-address options"); |