diff options
| author | Markus Friedl <markus@cvs.openbsd.org> | 2000-11-06 23:13:28 +0000 |
|---|---|---|
| committer | Markus Friedl <markus@cvs.openbsd.org> | 2000-11-06 23:13:28 +0000 |
| commit | 09d143144903a118a9222d875c745ae1f0dc6351 (patch) | |
| tree | b143eb97b028d7c84ac0cff6e311c4f3b5ea8bc4 | |
| parent | fc999bd26244950d23a7403daf9c0488767c5b62 (diff) | |
do not disabled rhosts(rsa) if server port > 1024; from pekkas@netcore.fi
| -rw-r--r-- | usr.bin/ssh/ssh.c | 4 | ||||
| -rw-r--r-- | usr.bin/ssh/sshconnect.c | 4 | ||||
| -rw-r--r-- | usr.bin/ssh/sshd.c | 4 |
3 files changed, 8 insertions, 4 deletions
diff --git a/usr.bin/ssh/ssh.c b/usr.bin/ssh/ssh.c index 179d1bc968e..c5c769629a0 100644 --- a/usr.bin/ssh/ssh.c +++ b/usr.bin/ssh/ssh.c @@ -39,7 +39,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: ssh.c,v 1.70 2000/11/06 23:04:56 markus Exp $"); +RCSID("$OpenBSD: ssh.c,v 1.71 2000/11/06 23:13:26 markus Exp $"); #include <openssl/evp.h> #include <openssl/dsa.h> @@ -562,6 +562,8 @@ main(int ac, char **av) /* Disable rhosts authentication if not running as root. */ if (original_effective_uid != 0 || !options.use_privileged_port) { + debug("Rhosts Authentication methods disabled, " + "originating port will not be trusted."); options.rhosts_authentication = 0; options.rhosts_rsa_authentication = 0; } diff --git a/usr.bin/ssh/sshconnect.c b/usr.bin/ssh/sshconnect.c index f7b62d83b49..a0551f0927c 100644 --- a/usr.bin/ssh/sshconnect.c +++ b/usr.bin/ssh/sshconnect.c @@ -13,7 +13,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: sshconnect.c,v 1.79 2000/09/17 15:52:51 markus Exp $"); +RCSID("$OpenBSD: sshconnect.c,v 1.80 2000/11/06 23:13:26 markus Exp $"); #include <openssl/bn.h> #include <openssl/dsa.h> @@ -244,7 +244,7 @@ ssh_connect(const char *host, struct sockaddr_storage * hostaddr, /* Create a socket for connecting. */ sock = ssh_create_socket(original_real_uid, - !anonymous && geteuid() == 0 && port < IPPORT_RESERVED, + !anonymous && geteuid() == 0, ai->ai_family); if (sock < 0) continue; diff --git a/usr.bin/ssh/sshd.c b/usr.bin/ssh/sshd.c index f0110b2146c..fdee1e4902c 100644 --- a/usr.bin/ssh/sshd.c +++ b/usr.bin/ssh/sshd.c @@ -40,7 +40,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: sshd.c,v 1.132 2000/10/13 18:34:46 markus Exp $"); +RCSID("$OpenBSD: sshd.c,v 1.133 2000/11/06 23:13:27 markus Exp $"); #include "xmalloc.h" #include "rsa.h" @@ -1051,6 +1051,8 @@ main(int ac, char **av) */ if (remote_port >= IPPORT_RESERVED || remote_port < IPPORT_RESERVED / 2) { + debug("Rhosts Authentication methods disabled, " + "originating port not trusted."); options.rhosts_authentication = 0; options.rhosts_rsa_authentication = 0; } |