diff options
| author | damien <damien> | 1999-11-12 04:19:27 +0000 |
|---|---|---|
| committer | damien <damien> | 1999-11-12 04:19:27 +0000 |
| commit | c9e9fd6714f8c45cca6d1bd023d20d79fcc33b70 (patch) | |
| tree | 9c34abc2723760ce00b6f3867d7e0cfbd6a7424e /auth-rhosts.c | |
| parent | 23fb03489381f0a64fc9e5d18bad77a2a193ffec (diff) | |
| download | openssh-c9e9fd6714f8c45cca6d1bd023d20d79fcc33b70.tar.gz | |
- Merged yet more changes from OpenBSD CVS
- [auth-rh-rsa.c auth-rhosts.c auth-rsa.c channels.c clientloop.c]
[ssh.c ssh.h sshconnect.c sshd.c]
make all access to options via 'extern Options options'
and 'extern ServerOptions options' respectively;
options are no longer passed as arguments:
* make options handling more consistent
* remove #include "readconf.h" from ssh.h
* readconf.h is only included if necessary
- [mpaux.c] clear temp buffer
- [servconf.c] print _all_ bad options found in configfile
Diffstat (limited to 'auth-rhosts.c')
| -rw-r--r-- | auth-rhosts.c | 13 |
1 files changed, 7 insertions, 6 deletions
diff --git a/auth-rhosts.c b/auth-rhosts.c index ebf2fcbc..7e5614cb 100644 --- a/auth-rhosts.c +++ b/auth-rhosts.c @@ -16,12 +16,13 @@ the login based on rhosts authentication. This file also processes */ #include "includes.h" -RCSID("$Id: auth-rhosts.c,v 1.1 1999/10/27 03:42:43 damien Exp $"); +RCSID("$Id: auth-rhosts.c,v 1.2 1999/11/12 04:19:27 damien Exp $"); #include "packet.h" #include "ssh.h" #include "xmalloc.h" #include "uidswap.h" +#include "servconf.h" /* This function processes an rhosts-style file (.rhosts, .shosts, or /etc/hosts.equiv). This returns true if authentication can be granted @@ -155,9 +156,9 @@ int check_rhosts_file(const char *filename, const char *hostname, true, only /etc/hosts.equiv will be considered (.rhosts and .shosts are ignored). */ -int auth_rhosts(struct passwd *pw, const char *client_user, - int ignore_rhosts, int strict_modes) +int auth_rhosts(struct passwd *pw, const char *client_user) { + extern ServerOptions options; char buf[1024]; const char *hostname, *ipaddr; int port; @@ -234,7 +235,7 @@ int auth_rhosts(struct passwd *pw, const char *client_user, pw->pw_name, pw->pw_dir); return 0; } - if (strict_modes && + if (options.strict_modes && ((st.st_uid != 0 && st.st_uid != pw->pw_uid) || (st.st_mode & 022) != 0)) { @@ -261,7 +262,7 @@ int auth_rhosts(struct passwd *pw, const char *client_user, and make sure it is not writable by anyone but the owner. This is to help avoid novices accidentally allowing access to their account by anyone. */ - if (strict_modes && + if (options.strict_modes && ((st.st_uid != 0 && st.st_uid != pw->pw_uid) || (st.st_mode & 022) != 0)) { @@ -273,7 +274,7 @@ int auth_rhosts(struct passwd *pw, const char *client_user, /* Check if we have been configured to ignore .rhosts and .shosts files. */ - if (ignore_rhosts) + if (options.ignore_rhosts) { packet_send_debug("Server has been configured to ignore %.100s.", rhosts_files[rhosts_file_index]); |