diff options
Diffstat (limited to 'sshd.c')
-rw-r--r-- | sshd.c | 25 |
1 files changed, 25 insertions, 0 deletions
@@ -129,6 +129,13 @@ | |||
129 | #include <Security/AuthSession.h> | 129 | #include <Security/AuthSession.h> |
130 | #endif | 130 | #endif |
131 | 131 | ||
132 | #ifdef LIBWRAP | ||
133 | #include <tcpd.h> | ||
134 | #include <syslog.h> | ||
135 | int allow_severity; | ||
136 | int deny_severity; | ||
137 | #endif /* LIBWRAP */ | ||
138 | |||
132 | #ifndef O_NOCTTY | 139 | #ifndef O_NOCTTY |
133 | #define O_NOCTTY 0 | 140 | #define O_NOCTTY 0 |
134 | #endif | 141 | #endif |
@@ -2133,6 +2140,24 @@ main(int ac, char **av) | |||
2133 | #ifdef SSH_AUDIT_EVENTS | 2140 | #ifdef SSH_AUDIT_EVENTS |
2134 | audit_connection_from(remote_ip, remote_port); | 2141 | audit_connection_from(remote_ip, remote_port); |
2135 | #endif | 2142 | #endif |
2143 | #ifdef LIBWRAP | ||
2144 | allow_severity = options.log_facility|LOG_INFO; | ||
2145 | deny_severity = options.log_facility|LOG_WARNING; | ||
2146 | /* Check whether logins are denied from this host. */ | ||
2147 | if (packet_connection_is_on_socket()) { | ||
2148 | struct request_info req; | ||
2149 | |||
2150 | request_init(&req, RQ_DAEMON, __progname, RQ_FILE, sock_in, 0); | ||
2151 | fromhost(&req); | ||
2152 | |||
2153 | if (!hosts_access(&req)) { | ||
2154 | debug("Connection refused by tcp wrapper"); | ||
2155 | refuse(&req); | ||
2156 | /* NOTREACHED */ | ||
2157 | fatal("libwrap refuse returns"); | ||
2158 | } | ||
2159 | } | ||
2160 | #endif /* LIBWRAP */ | ||
2136 | 2161 | ||
2137 | /* Log the connection. */ | 2162 | /* Log the connection. */ |
2138 | verbose("Connection from %s port %d on %s port %d", | 2163 | verbose("Connection from %s port %d on %s port %d", |