[BACK]Return to auth-rhosts.c CVS log [TXT][DIR] Up to [local] / src / usr.bin / ssh

Diff for /src/usr.bin/ssh/auth-rhosts.c between version 1.16 and 1.16.2.4

version 1.16, 2000/10/03 18:03:03 version 1.16.2.4, 2001/05/07 21:09:25
Line 17 
Line 17 
 RCSID("$OpenBSD$");  RCSID("$OpenBSD$");
   
 #include "packet.h"  #include "packet.h"
 #include "ssh.h"  
 #include "xmalloc.h"  #include "xmalloc.h"
 #include "uidswap.h"  #include "uidswap.h"
   #include "pathnames.h"
   #include "log.h"
 #include "servconf.h"  #include "servconf.h"
   #include "canohost.h"
   #include "auth.h"
   
   /* import */
   extern ServerOptions options;
   
 /*  /*
  * This function processes an rhosts-style file (.rhosts, .shosts, or   * This function processes an rhosts-style file (.rhosts, .shosts, or
  * /etc/hosts.equiv).  This returns true if authentication can be granted   * /etc/hosts.equiv).  This returns true if authentication can be granted
Line 147 
Line 153 
 int  int
 auth_rhosts(struct passwd *pw, const char *client_user)  auth_rhosts(struct passwd *pw, const char *client_user)
 {  {
         extern ServerOptions options;  
         char buf[1024];  
         const char *hostname, *ipaddr;          const char *hostname, *ipaddr;
           int ret;
   
           hostname = get_canonical_hostname(options.reverse_mapping_check);
           ipaddr = get_remote_ipaddr();
           ret = auth_rhosts2(pw, client_user, hostname, ipaddr);
           return ret;
   }
   
   int
   auth_rhosts2(struct passwd *pw, const char *client_user, const char *hostname,
       const char *ipaddr)
   {
           char buf[1024];
         struct stat st;          struct stat st;
         static const char *rhosts_files[] = {".shosts", ".rhosts", NULL};          static const char *rhosts_files[] = {".shosts", ".rhosts", NULL};
         unsigned int rhosts_file_index;          u_int rhosts_file_index;
   
           debug2("auth_rhosts2: clientuser %s hostname %s ipaddr %s",
               client_user, hostname, ipaddr);
   
         /* no user given */          /* no user given */
         if (pw == NULL)          if (pw == NULL)
                 return 0;                  return 0;
   
         /* Switch to the user's uid. */          /* Switch to the user's uid. */
         temporarily_use_uid(pw->pw_uid);          temporarily_use_uid(pw);
         /*          /*
          * Quick check: if the user has no .shosts or .rhosts files, return           * Quick check: if the user has no .shosts or .rhosts files, return
          * failure immediately without doing costly lookups from name           * failure immediately without doing costly lookups from name
Line 177 
Line 198 
   
         /* Deny if The user has no .shosts or .rhosts file and there are no system-wide files. */          /* Deny if The user has no .shosts or .rhosts file and there are no system-wide files. */
         if (!rhosts_files[rhosts_file_index] &&          if (!rhosts_files[rhosts_file_index] &&
             stat("/etc/hosts.equiv", &st) < 0 &&              stat(_PATH_RHOSTS_EQUIV, &st) < 0 &&
             stat(SSH_HOSTS_EQUIV, &st) < 0)              stat(_PATH_SSH_HOSTS_EQUIV, &st) < 0)
                 return 0;                  return 0;
   
         hostname = get_canonical_hostname();  
         ipaddr = get_remote_ipaddr();  
   
         /* If not logging in as superuser, try /etc/hosts.equiv and shosts.equiv. */          /* If not logging in as superuser, try /etc/hosts.equiv and shosts.equiv. */
         if (pw->pw_uid != 0) {          if (pw->pw_uid != 0) {
                 if (check_rhosts_file("/etc/hosts.equiv", hostname, ipaddr, client_user,                  if (check_rhosts_file(_PATH_RHOSTS_EQUIV, hostname, ipaddr, client_user,
                                       pw->pw_name)) {                                        pw->pw_name)) {
                         packet_send_debug("Accepted for %.100s [%.100s] by /etc/hosts.equiv.",                          packet_send_debug("Accepted for %.100s [%.100s] by /etc/hosts.equiv.",
                                           hostname, ipaddr);                                            hostname, ipaddr);
                         return 1;                          return 1;
                 }                  }
                 if (check_rhosts_file(SSH_HOSTS_EQUIV, hostname, ipaddr, client_user,                  if (check_rhosts_file(_PATH_SSH_HOSTS_EQUIV, hostname, ipaddr, client_user,
                                       pw->pw_name)) {                                        pw->pw_name)) {
                         packet_send_debug("Accepted for %.100s [%.100s] by %.100s.",                          packet_send_debug("Accepted for %.100s [%.100s] by %.100s.",
                                       hostname, ipaddr, SSH_HOSTS_EQUIV);                                        hostname, ipaddr, _PATH_SSH_HOSTS_EQUIV);
                         return 1;                          return 1;
                 }                  }
         }          }
Line 220 
Line 238 
                 return 0;                  return 0;
         }          }
         /* Temporarily use the user's uid. */          /* Temporarily use the user's uid. */
         temporarily_use_uid(pw->pw_uid);          temporarily_use_uid(pw);
   
         /* Check all .rhosts files (currently .shosts and .rhosts). */          /* Check all .rhosts files (currently .shosts and .rhosts). */
         for (rhosts_file_index = 0; rhosts_files[rhosts_file_index];          for (rhosts_file_index = 0; rhosts_files[rhosts_file_index];
Legend:
Removed from v.1.16  
changed lines
  Added in v.1.16.2.4