diff options
| author | Markus Friedl <markus@cvs.openbsd.org> | 2001-06-27 04:48:54 +0000 |
|---|---|---|
| committer | Markus Friedl <markus@cvs.openbsd.org> | 2001-06-27 04:48:54 +0000 |
| commit | edcf27d64733b7c58c5e752241e2f00119bdc747 (patch) | |
| tree | aab7b419531d217a96628f6707888deb99a919a7 /usr.bin/ssh/auth.c | |
| parent | 33c5053a3b68247342e963b6b0bf7e5a02533658 (diff) | |
tridge@samba.org
Diffstat (limited to 'usr.bin/ssh/auth.c')
| -rw-r--r-- | usr.bin/ssh/auth.c | 14 |
1 files changed, 11 insertions, 3 deletions
diff --git a/usr.bin/ssh/auth.c b/usr.bin/ssh/auth.c index d8dc7ed2974..7856591d115 100644 --- a/usr.bin/ssh/auth.c +++ b/usr.bin/ssh/auth.c @@ -23,7 +23,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: auth.c,v 1.25 2001/06/25 17:54:48 provos Exp $"); +RCSID("$OpenBSD: auth.c,v 1.26 2001/06/27 04:48:52 markus Exp $"); #include <libgen.h> @@ -56,6 +56,7 @@ int allowed_user(struct passwd * pw) { struct stat st; + const char *hostname = NULL, *ipaddr = NULL; char *shell; int i; @@ -75,16 +76,23 @@ allowed_user(struct passwd * pw) if (!((st.st_mode & S_IFREG) && (st.st_mode & (S_IXOTH|S_IXUSR|S_IXGRP)))) return 0; + if (options.num_deny_users > 0 || options.num_allow_users > 0) { + hostname = get_canonical_hostname(options.reverse_mapping_check); + ipaddr = get_remote_ipaddr(); + } + /* Return false if user is listed in DenyUsers */ if (options.num_deny_users > 0) { for (i = 0; i < options.num_deny_users; i++) - if (match_pattern(pw->pw_name, options.deny_users[i])) + if (match_user(pw->pw_name, hostname, ipaddr, + options.deny_users[i])) return 0; } /* Return false if AllowUsers isn't empty and user isn't listed there */ if (options.num_allow_users > 0) { for (i = 0; i < options.num_allow_users; i++) - if (match_pattern(pw->pw_name, options.allow_users[i])) + if (match_user(pw->pw_name, hostname, ipaddr, + options.allow_users[i])) break; /* i < options.num_allow_users iff we break for loop */ if (i >= options.num_allow_users) |