diff options
author | des <des@FreeBSD.org> | 2002-10-29 09:43:00 +0000 |
---|---|---|
committer | des <des@FreeBSD.org> | 2002-10-29 09:43:00 +0000 |
commit | 099d1a58f7bc088a9f71af6d32542ca3949468a3 (patch) | |
tree | 49cef8938d7beb10016662d15546fa090865073d /crypto/openssh/auth.c | |
parent | 1ba793a7c09e24d920de3983a3223770cb37ebff (diff) | |
download | FreeBSD-src-099d1a58f7bc088a9f71af6d32542ca3949468a3.zip FreeBSD-src-099d1a58f7bc088a9f71af6d32542ca3949468a3.tar.gz |
Vendor import of OpenSSH-portable 3.5p1.
Diffstat (limited to 'crypto/openssh/auth.c')
-rw-r--r-- | crypto/openssh/auth.c | 19 |
1 files changed, 16 insertions, 3 deletions
diff --git a/crypto/openssh/auth.c b/crypto/openssh/auth.c index 066b50d..48720da 100644 --- a/crypto/openssh/auth.c +++ b/crypto/openssh/auth.c @@ -23,7 +23,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: auth.c,v 1.43 2002/05/17 14:27:55 millert Exp $"); +RCSID("$OpenBSD: auth.c,v 1.45 2002/09/20 18:41:29 stevesk Exp $"); #ifdef HAVE_LOGIN_H #include <login.h> @@ -256,6 +256,14 @@ auth_log(Authctxt *authctxt, int authenticated, char *method, char *info) get_remote_ipaddr(), get_remote_port(), info); + +#ifdef WITH_AIXAUTHENTICATE + if (authenticated == 0 && strcmp(method, "password") == 0) + loginfailed(authctxt->user, + get_canonical_hostname(options.verify_reverse_mapping), + "ssh"); +#endif /* WITH_AIXAUTHENTICATE */ + } /* @@ -392,7 +400,7 @@ check_key_in_hostfiles(struct passwd *pw, Key *key, const char *host, /* * Check a given file for security. This is defined as all components - * of the path to the file must either be owned by either the owner of + * of the path to the file must be owned by either the owner of * of the file or root and no directories must be group or world writable. * * XXX Should any specific check be done for sym links ? @@ -476,7 +484,12 @@ getpwnamallow(const char *user) struct passwd *pw; pw = getpwnam(user); - if (pw == NULL || !allowed_user(pw)) + if (pw == NULL) { + log("Illegal user %.100s from %.100s", + user, get_remote_ipaddr()); + return (NULL); + } + if (!allowed_user(pw)) return (NULL); #ifdef HAVE_LOGIN_CAP if ((lc = login_getclass(pw->pw_class)) == NULL) { |