[BACK]Return to auth2.c CVS log [TXT][DIR] Up to [local] / src / usr.bin / ssh

Diff for /src/usr.bin/ssh/auth2.c between version 1.63 and 1.64

version 1.63, 2001/06/22 21:55:49 version 1.64, 2001/06/23 00:20:58
Line 709 
Line 709 
 hostbased_key_allowed(struct passwd *pw, const char *cuser, char *chost,  hostbased_key_allowed(struct passwd *pw, const char *cuser, char *chost,
     Key *key)      Key *key)
 {  {
         Key *found;  
         const char *resolvedname, *ipaddr, *lookup;          const char *resolvedname, *ipaddr, *lookup;
         struct stat st;  
         char *user_hostfile;  
         int host_status, len;          int host_status, len;
   
         resolvedname = get_canonical_hostname(options.reverse_mapping_check);          resolvedname = get_canonical_hostname(options.reverse_mapping_check);
Line 740 
Line 737 
         }          }
         debug2("userauth_hostbased: access allowed by auth_rhosts2");          debug2("userauth_hostbased: access allowed by auth_rhosts2");
   
         /* XXX this is copied from auth-rh-rsa.c and should be shared */          host_status = check_key_in_hostfiles(pw, key, lookup,
         found = key_new(key->type);              _PATH_SSH_SYSTEM_HOSTFILE,
         host_status = check_host_in_hostfile(_PATH_SSH_SYSTEM_HOSTFILE2, lookup,              options.ignore_user_known_hosts ? _PATH_SSH_USER_HOSTFILE : NULL);
             key, found, NULL);  
   
         if (host_status != HOST_OK && !options.ignore_user_known_hosts) {          /* backward compat if no key has been found. */
                 user_hostfile = tilde_expand_filename(_PATH_SSH_USER_HOSTFILE2,          if (host_status == HOST_NEW)
                     pw->pw_uid);                  host_status = check_key_in_hostfiles(pw, key, lookup,
                 if (options.strict_modes &&                      _PATH_SSH_SYSTEM_HOSTFILE2,
                     (stat(user_hostfile, &st) == 0) &&                      options.ignore_user_known_hosts ? _PATH_SSH_USER_HOSTFILE2 :
                     ((st.st_uid != 0 && st.st_uid != pw->pw_uid) ||                      NULL);
                      (st.st_mode & 022) != 0)) {  
                         log("Hostbased authentication refused for %.100s: "  
                             "bad owner or modes for %.200s",  
                             pw->pw_name, user_hostfile);  
                 } else {  
                         temporarily_use_uid(pw);  
                         host_status = check_host_in_hostfile(user_hostfile,  
                             lookup, key, found, NULL);  
                         restore_uid();  
                 }  
                 xfree(user_hostfile);  
         }  
         key_free(found);  
   
         debug2("userauth_hostbased: key %s for %s", host_status == HOST_OK ?  
             "ok" : "not found", lookup);  
         return (host_status == HOST_OK);          return (host_status == HOST_OK);
 }  }
   
Legend:
Removed from v.1.63  
changed lines
  Added in v.1.64