diff options
Diffstat (limited to 'sshd.c')
-rw-r--r-- | sshd.c | 25 |
1 files changed, 25 insertions, 0 deletions
@@ -124,6 +124,13 @@ | |||
124 | #include "ssherr.h" | 124 | #include "ssherr.h" |
125 | #include "sk-api.h" | 125 | #include "sk-api.h" |
126 | 126 | ||
127 | #ifdef LIBWRAP | ||
128 | #include <tcpd.h> | ||
129 | #include <syslog.h> | ||
130 | int allow_severity; | ||
131 | int deny_severity; | ||
132 | #endif /* LIBWRAP */ | ||
133 | |||
127 | /* Re-exec fds */ | 134 | /* Re-exec fds */ |
128 | #define REEXEC_DEVCRYPTO_RESERVED_FD (STDERR_FILENO + 1) | 135 | #define REEXEC_DEVCRYPTO_RESERVED_FD (STDERR_FILENO + 1) |
129 | #define REEXEC_STARTUP_PIPE_FD (STDERR_FILENO + 2) | 136 | #define REEXEC_STARTUP_PIPE_FD (STDERR_FILENO + 2) |
@@ -2132,6 +2139,24 @@ main(int ac, char **av) | |||
2132 | #ifdef SSH_AUDIT_EVENTS | 2139 | #ifdef SSH_AUDIT_EVENTS |
2133 | audit_connection_from(remote_ip, remote_port); | 2140 | audit_connection_from(remote_ip, remote_port); |
2134 | #endif | 2141 | #endif |
2142 | #ifdef LIBWRAP | ||
2143 | allow_severity = options.log_facility|LOG_INFO; | ||
2144 | deny_severity = options.log_facility|LOG_WARNING; | ||
2145 | /* Check whether logins are denied from this host. */ | ||
2146 | if (ssh_packet_connection_is_on_socket(ssh)) { | ||
2147 | struct request_info req; | ||
2148 | |||
2149 | request_init(&req, RQ_DAEMON, __progname, RQ_FILE, sock_in, 0); | ||
2150 | fromhost(&req); | ||
2151 | |||
2152 | if (!hosts_access(&req)) { | ||
2153 | debug("Connection refused by tcp wrapper"); | ||
2154 | refuse(&req); | ||
2155 | /* NOTREACHED */ | ||
2156 | fatal("libwrap refuse returns"); | ||
2157 | } | ||
2158 | } | ||
2159 | #endif /* LIBWRAP */ | ||
2135 | 2160 | ||
2136 | rdomain = ssh_packet_rdomain_in(ssh); | 2161 | rdomain = ssh_packet_rdomain_in(ssh); |
2137 | 2162 | ||