diff options
Diffstat (limited to 'sshd.c')
-rw-r--r-- | sshd.c | 25 |
1 files changed, 25 insertions, 0 deletions
@@ -124,6 +124,13 @@ | |||
124 | #include "ssherr.h" | 124 | #include "ssherr.h" |
125 | #include "sk-api.h" | 125 | #include "sk-api.h" |
126 | 126 | ||
127 | #ifdef LIBWRAP | ||
128 | #include <tcpd.h> | ||
129 | #include <syslog.h> | ||
130 | int allow_severity; | ||
131 | int deny_severity; | ||
132 | #endif /* LIBWRAP */ | ||
133 | |||
127 | /* Re-exec fds */ | 134 | /* Re-exec fds */ |
128 | #define REEXEC_DEVCRYPTO_RESERVED_FD (STDERR_FILENO + 1) | 135 | #define REEXEC_DEVCRYPTO_RESERVED_FD (STDERR_FILENO + 1) |
129 | #define REEXEC_STARTUP_PIPE_FD (STDERR_FILENO + 2) | 136 | #define REEXEC_STARTUP_PIPE_FD (STDERR_FILENO + 2) |
@@ -2183,6 +2190,24 @@ main(int ac, char **av) | |||
2183 | #ifdef SSH_AUDIT_EVENTS | 2190 | #ifdef SSH_AUDIT_EVENTS |
2184 | audit_connection_from(remote_ip, remote_port); | 2191 | audit_connection_from(remote_ip, remote_port); |
2185 | #endif | 2192 | #endif |
2193 | #ifdef LIBWRAP | ||
2194 | allow_severity = options.log_facility|LOG_INFO; | ||
2195 | deny_severity = options.log_facility|LOG_WARNING; | ||
2196 | /* Check whether logins are denied from this host. */ | ||
2197 | if (ssh_packet_connection_is_on_socket(ssh)) { | ||
2198 | struct request_info req; | ||
2199 | |||
2200 | request_init(&req, RQ_DAEMON, __progname, RQ_FILE, sock_in, 0); | ||
2201 | fromhost(&req); | ||
2202 | |||
2203 | if (!hosts_access(&req)) { | ||
2204 | debug("Connection refused by tcp wrapper"); | ||
2205 | refuse(&req); | ||
2206 | /* NOTREACHED */ | ||
2207 | fatal("libwrap refuse returns"); | ||
2208 | } | ||
2209 | } | ||
2210 | #endif /* LIBWRAP */ | ||
2186 | 2211 | ||
2187 | rdomain = ssh_packet_rdomain_in(ssh); | 2212 | rdomain = ssh_packet_rdomain_in(ssh); |
2188 | 2213 | ||