version 1.5, 1999/10/03 20:09:18 |
version 1.6, 1999/11/11 23:36:52 |
|
|
#include "ssh.h" |
#include "ssh.h" |
#include "xmalloc.h" |
#include "xmalloc.h" |
#include "uidswap.h" |
#include "uidswap.h" |
|
#include "servconf.h" |
|
|
/* This function processes an rhosts-style file (.rhosts, .shosts, or |
/* This function processes an rhosts-style file (.rhosts, .shosts, or |
/etc/hosts.equiv). This returns true if authentication can be granted |
/etc/hosts.equiv). This returns true if authentication can be granted |
|
|
true, only /etc/hosts.equiv will be considered (.rhosts and .shosts |
true, only /etc/hosts.equiv will be considered (.rhosts and .shosts |
are ignored). */ |
are ignored). */ |
|
|
int auth_rhosts(struct passwd *pw, const char *client_user, |
int auth_rhosts(struct passwd *pw, const char *client_user) |
int ignore_rhosts, int strict_modes) |
|
{ |
{ |
|
extern ServerOptions options; |
char buf[1024]; |
char buf[1024]; |
const char *hostname, *ipaddr; |
const char *hostname, *ipaddr; |
int port; |
int port; |
|
|
pw->pw_name, pw->pw_dir); |
pw->pw_name, pw->pw_dir); |
return 0; |
return 0; |
} |
} |
if (strict_modes && |
if (options.strict_modes && |
((st.st_uid != 0 && st.st_uid != pw->pw_uid) || |
((st.st_uid != 0 && st.st_uid != pw->pw_uid) || |
(st.st_mode & 022) != 0)) |
(st.st_mode & 022) != 0)) |
{ |
{ |
|
|
and make sure it is not writable by anyone but the owner. This is |
and make sure it is not writable by anyone but the owner. This is |
to help avoid novices accidentally allowing access to their account |
to help avoid novices accidentally allowing access to their account |
by anyone. */ |
by anyone. */ |
if (strict_modes && |
if (options.strict_modes && |
((st.st_uid != 0 && st.st_uid != pw->pw_uid) || |
((st.st_uid != 0 && st.st_uid != pw->pw_uid) || |
(st.st_mode & 022) != 0)) |
(st.st_mode & 022) != 0)) |
{ |
{ |
|
|
|
|
/* Check if we have been configured to ignore .rhosts and .shosts |
/* Check if we have been configured to ignore .rhosts and .shosts |
files. */ |
files. */ |
if (ignore_rhosts) |
if (options.ignore_rhosts) |
{ |
{ |
packet_send_debug("Server has been configured to ignore %.100s.", |
packet_send_debug("Server has been configured to ignore %.100s.", |
rhosts_files[rhosts_file_index]); |
rhosts_files[rhosts_file_index]); |