diff options
Diffstat (limited to 'sshd.c')
-rw-r--r-- | sshd.c | 25 |
1 files changed, 25 insertions, 0 deletions
@@ -127,6 +127,13 @@ | |||
127 | #include <Security/AuthSession.h> | 127 | #include <Security/AuthSession.h> |
128 | #endif | 128 | #endif |
129 | 129 | ||
130 | #ifdef LIBWRAP | ||
131 | #include <tcpd.h> | ||
132 | #include <syslog.h> | ||
133 | int allow_severity; | ||
134 | int deny_severity; | ||
135 | #endif /* LIBWRAP */ | ||
136 | |||
130 | /* Re-exec fds */ | 137 | /* Re-exec fds */ |
131 | #define REEXEC_DEVCRYPTO_RESERVED_FD (STDERR_FILENO + 1) | 138 | #define REEXEC_DEVCRYPTO_RESERVED_FD (STDERR_FILENO + 1) |
132 | #define REEXEC_STARTUP_PIPE_FD (STDERR_FILENO + 2) | 139 | #define REEXEC_STARTUP_PIPE_FD (STDERR_FILENO + 2) |
@@ -2062,6 +2069,24 @@ main(int ac, char **av) | |||
2062 | #ifdef SSH_AUDIT_EVENTS | 2069 | #ifdef SSH_AUDIT_EVENTS |
2063 | audit_connection_from(remote_ip, remote_port); | 2070 | audit_connection_from(remote_ip, remote_port); |
2064 | #endif | 2071 | #endif |
2072 | #ifdef LIBWRAP | ||
2073 | allow_severity = options.log_facility|LOG_INFO; | ||
2074 | deny_severity = options.log_facility|LOG_WARNING; | ||
2075 | /* Check whether logins are denied from this host. */ | ||
2076 | if (ssh_packet_connection_is_on_socket(ssh)) { | ||
2077 | struct request_info req; | ||
2078 | |||
2079 | request_init(&req, RQ_DAEMON, __progname, RQ_FILE, sock_in, 0); | ||
2080 | fromhost(&req); | ||
2081 | |||
2082 | if (!hosts_access(&req)) { | ||
2083 | debug("Connection refused by tcp wrapper"); | ||
2084 | refuse(&req); | ||
2085 | /* NOTREACHED */ | ||
2086 | fatal("libwrap refuse returns"); | ||
2087 | } | ||
2088 | } | ||
2089 | #endif /* LIBWRAP */ | ||
2065 | 2090 | ||
2066 | rdomain = ssh_packet_rdomain_in(ssh); | 2091 | rdomain = ssh_packet_rdomain_in(ssh); |
2067 | 2092 | ||