diff options
| author | djm <djm> | 2003-06-03 00:25:48 +0000 |
|---|---|---|
| committer | djm <djm> | 2003-06-03 00:25:48 +0000 |
| commit | f1a485fc401de1c6e3f8e9e59caab578637654c1 (patch) | |
| tree | 42fa1fe2bf29623b7432822abbac4b10fa3cb6af /auth-passwd.c | |
| parent | fce65848545fb3b82e7bf6d461af60d8efc0f956 (diff) | |
| download | openssh-f1a485fc401de1c6e3f8e9e59caab578637654c1.tar.gz | |
- (djm) OpenBSD CVS Sync
- markus@cvs.openbsd.org 2003/06/02 09:17:34
[auth2-hostbased.c auth.c auth-options.c auth-rhosts.c auth-rh-rsa.c]
[canohost.c monitor.c servconf.c servconf.h session.c sshd_config]
[sshd_config.5]
deprecate VerifyReverseMapping since it's dangerous if combined
with IP based access control as noted by Mike Harding; replace with
a UseDNS option, UseDNS is on by default and includes the
VerifyReverseMapping check; with itojun@, provos@, jakob@ and deraadt@
ok deraadt@, djm@
- (djm) Fix portable-specific uses of verify_reverse_mapping too
Diffstat (limited to 'auth-passwd.c')
| -rw-r--r-- | auth-passwd.c | 16 |
1 files changed, 9 insertions, 7 deletions
diff --git a/auth-passwd.c b/auth-passwd.c index b893165b..9a94c373 100644 --- a/auth-passwd.c +++ b/auth-passwd.c @@ -144,22 +144,24 @@ auth_password(Authctxt *authctxt, const char *password) HANDLE hToken = cygwin_logon_user(pw, password); if (hToken == INVALID_HANDLE_VALUE) - return 0; + return (0); cygwin_set_impersonation_token(hToken); - return 1; + return (1); } # endif # ifdef WITH_AIXAUTHENTICATE authsuccess = (authenticate(pw->pw_name,password,&reenter,&authmsg) == 0); - if (authsuccess) + if (authsuccess) { /* We don't have a pty yet, so just label the line as "ssh" */ if (loginsuccess(authctxt->user, - get_canonical_hostname(options.verify_reverse_mapping), - "ssh", &aixloginmsg) < 0) - aixloginmsg = NULL; + get_canonical_hostname(options.use_dns), + "ssh", &aixloginmsg) < 0) { + aixloginmsg = NULL; + } + } - return(authsuccess); + return (authsuccess); # endif # ifdef KRB4 if (options.kerberos_authentication == 1) { |