diff options
| author | cvs2svn <cvs2svn@FreeBSD.org> | 2003-01-16 05:08:57 +0000 |
|---|---|---|
| committer | cvs2svn <cvs2svn@FreeBSD.org> | 2003-01-16 05:08:57 +0000 |
| commit | df3e7e93b8317ece24fbe7d0c9e4aa1ebb0feca0 (patch) | |
| tree | 1d9ecedb74d255866c8e1e5df9db0f2739a8ba66 /security/hpn-ssh/files/patch-auth2.c | |
| parent | c31f9d6cf28e3aa831ff2390ee3ab6ea031dbc76 (diff) | |
Notes
Diffstat (limited to 'security/hpn-ssh/files/patch-auth2.c')
| -rw-r--r-- | security/hpn-ssh/files/patch-auth2.c | 68 |
1 files changed, 0 insertions, 68 deletions
diff --git a/security/hpn-ssh/files/patch-auth2.c b/security/hpn-ssh/files/patch-auth2.c deleted file mode 100644 index 8d999bf1bbd9..000000000000 --- a/security/hpn-ssh/files/patch-auth2.c +++ /dev/null @@ -1,68 +0,0 @@ ---- auth2.c.orig Fri Jun 21 08:21:11 2002 -+++ auth2.c Fri Jun 28 06:57:56 2002 -@@ -35,6 +35,7 @@ - #include "dispatch.h" - #include "pathnames.h" - #include "monitor_wrap.h" -+#include "canohost.h" - - /* import */ - extern ServerOptions options; -@@ -137,6 +138,15 @@ - Authmethod *m = NULL; - char *user, *service, *method, *style = NULL; - int authenticated = 0; -+#ifdef HAVE_LOGIN_CAP -+ login_cap_t *lc; -+#endif /* HAVE_LOGIN_CAP */ -+#if defined(HAVE_LOGIN_CAP) || defined(LOGIN_ACCESS) -+ const char *from_host, *from_ip; -+ -+ from_host = get_canonical_hostname(options.verify_reverse_mapping); -+ from_ip = get_remote_ipaddr(); -+#endif /* HAVE_LOGIN_CAP || LOGIN_ACCESS */ - - if (authctxt == NULL) - fatal("input_userauth_request: no authctxt"); -@@ -178,6 +188,41 @@ - "(%s,%s) -> (%s,%s)", - authctxt->user, authctxt->service, user, service); - } -+ -+#ifdef HAVE_LOGIN_CAP -+ if (authctxt->pw != NULL) { -+ lc = login_getpwclass(authctxt->pw); -+ if (lc == NULL) -+ lc = login_getclassbyname(NULL, authctxt->pw); -+ if (!auth_hostok(lc, from_host, from_ip)) { -+ log("Denied connection for %.200s from %.200s [%.200s].", -+ authctxt->pw->pw_name, from_host, from_ip); -+ packet_disconnect("Sorry, you are not allowed to connect."); -+ } -+ if (!auth_timeok(lc, time(NULL))) { -+ log("LOGIN %.200s REFUSED (TIME) FROM %.200s", -+ authctxt->pw->pw_name, from_host); -+ packet_disconnect("Logins not available right now."); -+ } -+ login_close(lc); -+ lc = NULL; -+ } -+#endif /* HAVE_LOGIN_CAP */ -+#ifdef LOGIN_ACCESS -+ if (authctxt->pw != NULL && -+ !login_access(authctxt->pw->pw_name, from_host)) { -+ log("Denied connection for %.200s from %.200s [%.200s].", -+ authctxt->pw->pw_name, from_host, from_ip); -+ packet_disconnect("Sorry, you are not allowed to connect."); -+ } -+#endif /* LOGIN_ACCESS */ -+#ifdef BSD_AUTH -+ if (authctxt->as) { -+ auth_close(authctxt->as); -+ authctxt->as = NULL; -+ } -+#endif -+ - /* reset state */ - auth2_challenge_stop(authctxt); - authctxt->postponed = 0; |