diff options
Diffstat (limited to 'auth-options.c')
| -rw-r--r-- | auth-options.c | 18 |
1 files changed, 7 insertions, 11 deletions
diff --git a/auth-options.c b/auth-options.c index 15c00d048..df6133037 100644 --- a/auth-options.c +++ b/auth-options.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: auth-options.c,v 1.61 2013/11/08 00:39:14 djm Exp $ */ | 1 | /* $OpenBSD: auth-options.c,v 1.62 2013/12/19 00:27:57 djm Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
| 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
| @@ -33,10 +33,6 @@ | |||
| 33 | #include "auth-options.h" | 33 | #include "auth-options.h" |
| 34 | #include "hostfile.h" | 34 | #include "hostfile.h" |
| 35 | #include "auth.h" | 35 | #include "auth.h" |
| 36 | #ifdef GSSAPI | ||
| 37 | #include "ssh-gss.h" | ||
| 38 | #endif | ||
| 39 | #include "monitor_wrap.h" | ||
| 40 | 36 | ||
| 41 | /* Flags set authorized_keys flags */ | 37 | /* Flags set authorized_keys flags */ |
| 42 | int no_port_forwarding_flag = 0; | 38 | int no_port_forwarding_flag = 0; |
| @@ -450,7 +446,7 @@ parse_option_list(u_char *optblob, size_t optblob_len, struct passwd *pw, | |||
| 450 | u_char *data_blob = NULL; | 446 | u_char *data_blob = NULL; |
| 451 | u_int nlen, dlen, clen; | 447 | u_int nlen, dlen, clen; |
| 452 | Buffer c, data; | 448 | Buffer c, data; |
| 453 | int ret = -1, found; | 449 | int ret = -1, result, found; |
| 454 | 450 | ||
| 455 | buffer_init(&data); | 451 | buffer_init(&data); |
| 456 | 452 | ||
| @@ -519,11 +515,12 @@ parse_option_list(u_char *optblob, size_t optblob_len, struct passwd *pw, | |||
| 519 | goto out; | 515 | goto out; |
| 520 | } | 516 | } |
| 521 | remote_ip = get_remote_ipaddr(); | 517 | remote_ip = get_remote_ipaddr(); |
| 522 | switch (addr_match_cidr_list(remote_ip, | 518 | result = addr_match_cidr_list(remote_ip, |
| 523 | allowed)) { | 519 | allowed); |
| 520 | free(allowed); | ||
| 521 | switch (result) { | ||
| 524 | case 1: | 522 | case 1: |
| 525 | /* accepted */ | 523 | /* accepted */ |
| 526 | free(allowed); | ||
| 527 | break; | 524 | break; |
| 528 | case 0: | 525 | case 0: |
| 529 | /* no match */ | 526 | /* no match */ |
| @@ -539,12 +536,11 @@ parse_option_list(u_char *optblob, size_t optblob_len, struct passwd *pw, | |||
| 539 | "is not permitted to use this " | 536 | "is not permitted to use this " |
| 540 | "certificate for login.", | 537 | "certificate for login.", |
| 541 | remote_ip); | 538 | remote_ip); |
| 542 | free(allowed); | ||
| 543 | goto out; | 539 | goto out; |
| 544 | case -1: | 540 | case -1: |
| 541 | default: | ||
| 545 | error("Certificate source-address " | 542 | error("Certificate source-address " |
| 546 | "contents invalid"); | 543 | "contents invalid"); |
| 547 | free(allowed); | ||
| 548 | goto out; | 544 | goto out; |
| 549 | } | 545 | } |
| 550 | found = 1; | 546 | found = 1; |