diff options
Diffstat (limited to 'auth-options.c')
| -rw-r--r-- | auth-options.c | 26 |
1 files changed, 18 insertions, 8 deletions
diff --git a/auth-options.c b/auth-options.c index 8f9df7a76..25361455e 100644 --- a/auth-options.c +++ b/auth-options.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: auth-options.c,v 1.40 2006/08/03 03:34:41 deraadt Exp $ */ | 1 | /* $OpenBSD: auth-options.c,v 1.43 2008/06/10 23:06:19 djm Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
| 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
| @@ -20,6 +20,7 @@ | |||
| 20 | #include <stdio.h> | 20 | #include <stdio.h> |
| 21 | #include <stdarg.h> | 21 | #include <stdarg.h> |
| 22 | 22 | ||
| 23 | #include "openbsd-compat/sys-queue.h" | ||
| 23 | #include "xmalloc.h" | 24 | #include "xmalloc.h" |
| 24 | #include "match.h" | 25 | #include "match.h" |
| 25 | #include "log.h" | 26 | #include "log.h" |
| @@ -225,8 +226,19 @@ auth_parse_options(struct passwd *pw, char *opts, char *file, u_long linenum) | |||
| 225 | } | 226 | } |
| 226 | patterns[i] = '\0'; | 227 | patterns[i] = '\0'; |
| 227 | opts++; | 228 | opts++; |
| 228 | if (match_host_and_ip(remote_host, remote_ip, | 229 | switch (match_host_and_ip(remote_host, remote_ip, |
| 229 | patterns) != 1) { | 230 | patterns)) { |
| 231 | case 1: | ||
| 232 | xfree(patterns); | ||
| 233 | /* Host name matches. */ | ||
| 234 | goto next_option; | ||
| 235 | case -1: | ||
| 236 | debug("%.100s, line %lu: invalid criteria", | ||
| 237 | file, linenum); | ||
| 238 | auth_debug_add("%.100s, line %lu: " | ||
| 239 | "invalid criteria", file, linenum); | ||
| 240 | /* FALLTHROUGH */ | ||
| 241 | case 0: | ||
| 230 | xfree(patterns); | 242 | xfree(patterns); |
| 231 | logit("Authentication tried for %.100s with " | 243 | logit("Authentication tried for %.100s with " |
| 232 | "correct key but not from a permitted " | 244 | "correct key but not from a permitted " |
| @@ -235,12 +247,10 @@ auth_parse_options(struct passwd *pw, char *opts, char *file, u_long linenum) | |||
| 235 | auth_debug_add("Your host '%.200s' is not " | 247 | auth_debug_add("Your host '%.200s' is not " |
| 236 | "permitted to use this key for login.", | 248 | "permitted to use this key for login.", |
| 237 | remote_host); | 249 | remote_host); |
| 238 | /* deny access */ | 250 | break; |
| 239 | return 0; | ||
| 240 | } | 251 | } |
| 241 | xfree(patterns); | 252 | /* deny access */ |
| 242 | /* Host name matches. */ | 253 | return 0; |
| 243 | goto next_option; | ||
| 244 | } | 254 | } |
| 245 | cp = "permitopen=\""; | 255 | cp = "permitopen=\""; |
| 246 | if (strncasecmp(opts, cp, strlen(cp)) == 0) { | 256 | if (strncasecmp(opts, cp, strlen(cp)) == 0) { |