diff options
Diffstat (limited to 'auth-options.c')
-rw-r--r-- | auth-options.c | 18 |
1 files changed, 7 insertions, 11 deletions
diff --git a/auth-options.c b/auth-options.c index 15c00d048..df6133037 100644 --- a/auth-options.c +++ b/auth-options.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: auth-options.c,v 1.61 2013/11/08 00:39:14 djm Exp $ */ | 1 | /* $OpenBSD: auth-options.c,v 1.62 2013/12/19 00:27:57 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
@@ -33,10 +33,6 @@ | |||
33 | #include "auth-options.h" | 33 | #include "auth-options.h" |
34 | #include "hostfile.h" | 34 | #include "hostfile.h" |
35 | #include "auth.h" | 35 | #include "auth.h" |
36 | #ifdef GSSAPI | ||
37 | #include "ssh-gss.h" | ||
38 | #endif | ||
39 | #include "monitor_wrap.h" | ||
40 | 36 | ||
41 | /* Flags set authorized_keys flags */ | 37 | /* Flags set authorized_keys flags */ |
42 | int no_port_forwarding_flag = 0; | 38 | int no_port_forwarding_flag = 0; |
@@ -450,7 +446,7 @@ parse_option_list(u_char *optblob, size_t optblob_len, struct passwd *pw, | |||
450 | u_char *data_blob = NULL; | 446 | u_char *data_blob = NULL; |
451 | u_int nlen, dlen, clen; | 447 | u_int nlen, dlen, clen; |
452 | Buffer c, data; | 448 | Buffer c, data; |
453 | int ret = -1, found; | 449 | int ret = -1, result, found; |
454 | 450 | ||
455 | buffer_init(&data); | 451 | buffer_init(&data); |
456 | 452 | ||
@@ -519,11 +515,12 @@ parse_option_list(u_char *optblob, size_t optblob_len, struct passwd *pw, | |||
519 | goto out; | 515 | goto out; |
520 | } | 516 | } |
521 | remote_ip = get_remote_ipaddr(); | 517 | remote_ip = get_remote_ipaddr(); |
522 | switch (addr_match_cidr_list(remote_ip, | 518 | result = addr_match_cidr_list(remote_ip, |
523 | allowed)) { | 519 | allowed); |
520 | free(allowed); | ||
521 | switch (result) { | ||
524 | case 1: | 522 | case 1: |
525 | /* accepted */ | 523 | /* accepted */ |
526 | free(allowed); | ||
527 | break; | 524 | break; |
528 | case 0: | 525 | case 0: |
529 | /* no match */ | 526 | /* no match */ |
@@ -539,12 +536,11 @@ parse_option_list(u_char *optblob, size_t optblob_len, struct passwd *pw, | |||
539 | "is not permitted to use this " | 536 | "is not permitted to use this " |
540 | "certificate for login.", | 537 | "certificate for login.", |
541 | remote_ip); | 538 | remote_ip); |
542 | free(allowed); | ||
543 | goto out; | 539 | goto out; |
544 | case -1: | 540 | case -1: |
541 | default: | ||
545 | error("Certificate source-address " | 542 | error("Certificate source-address " |
546 | "contents invalid"); | 543 | "contents invalid"); |
547 | free(allowed); | ||
548 | goto out; | 544 | goto out; |
549 | } | 545 | } |
550 | found = 1; | 546 | found = 1; |