version 1.6, 1999/11/11 23:36:52 |
version 1.7, 1999/11/14 23:20:09 |
|
|
extern ServerOptions options; |
extern ServerOptions options; |
char buf[1024]; |
char buf[1024]; |
const char *hostname, *ipaddr; |
const char *hostname, *ipaddr; |
int port; |
|
struct stat st; |
struct stat st; |
static const char *rhosts_files[] = { ".shosts", ".rhosts", NULL }; |
static const char *rhosts_files[] = { ".shosts", ".rhosts", NULL }; |
unsigned int rhosts_file_index; |
unsigned int rhosts_file_index; |
|
|
/* Get the name, address, and port of the remote host. */ |
/* Get the name, address, and port of the remote host. */ |
hostname = get_canonical_hostname(); |
hostname = get_canonical_hostname(); |
ipaddr = get_remote_ipaddr(); |
ipaddr = get_remote_ipaddr(); |
port = get_remote_port(); |
|
|
|
/* Check that the connection comes from a privileged port. |
|
Rhosts authentication only makes sense for priviledged programs. |
|
Of course, if the intruder has root access on his local machine, |
|
he can connect from any port. So do not use .rhosts |
|
authentication from machines that you do not trust. */ |
|
if (port >= IPPORT_RESERVED || |
|
port < IPPORT_RESERVED / 2) |
|
{ |
|
log("Connection from %.100s from nonpriviledged port %d", |
|
hostname, port); |
|
packet_send_debug("Your ssh client is not running as root."); |
|
return 0; |
|
} |
|
|
|
/* If not logging in as superuser, try /etc/hosts.equiv and shosts.equiv. */ |
/* If not logging in as superuser, try /etc/hosts.equiv and shosts.equiv. */ |
if (pw->pw_uid != 0) |
if (pw->pw_uid != 0) |