diff options
| author | Damien Miller <djm@cvs.openbsd.org> | 2008-06-10 23:06:20 +0000 |
|---|---|---|
| committer | Damien Miller <djm@cvs.openbsd.org> | 2008-06-10 23:06:20 +0000 |
| commit | 00999f3dca30c91ccbd4f51b23ead58bf9b61b92 (patch) | |
| tree | 3c3c9c42e56b5118e3b2de35acf3885c04d8e0f9 /usr.bin/ssh/match.c | |
| parent | 548bf8f79057a402e214a7c5893fcfa396632fa4 (diff) | |
support CIDR address matching in .ssh/authorized_keys from="..." stanzas
ok and extensive testing dtucker@
Diffstat (limited to 'usr.bin/ssh/match.c')
| -rw-r--r-- | usr.bin/ssh/match.c | 12 |
1 files changed, 8 insertions, 4 deletions
diff --git a/usr.bin/ssh/match.c b/usr.bin/ssh/match.c index e8fcdc3f17c..499f7475790 100644 --- a/usr.bin/ssh/match.c +++ b/usr.bin/ssh/match.c @@ -1,4 +1,4 @@ -/* $OpenBSD: match.c,v 1.26 2006/08/03 03:34:42 deraadt Exp $ */ +/* $OpenBSD: match.c,v 1.27 2008/06/10 23:06:19 djm Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland @@ -181,7 +181,8 @@ match_hostname(const char *host, const char *pattern, u_int len) /* * returns 0 if we get a negative match for the hostname or the ip - * or if we get no match at all. returns 1 otherwise. + * or if we get no match at all. returns -1 on error, or 1 on + * successful match. */ int match_host_and_ip(const char *host, const char *ipaddr, @@ -189,9 +190,12 @@ match_host_and_ip(const char *host, const char *ipaddr, { int mhost, mip; - /* negative ipaddr match */ - if ((mip = match_hostname(ipaddr, patterns, strlen(patterns))) == -1) + /* error in ipaddr match */ + if ((mip = addr_match_list(ipaddr, patterns)) == -2) + return -1; + else if (mip == -1) /* negative ip address match */ return 0; + /* negative hostname match */ if ((mhost = match_hostname(host, patterns, strlen(patterns))) == -1) return 0; |