diff options
Diffstat (limited to 'crypto')
-rw-r--r-- | crypto/openssh/auth1.c | 11 | ||||
-rw-r--r-- | crypto/openssh/auth2.c | 12 |
2 files changed, 4 insertions, 19 deletions
diff --git a/crypto/openssh/auth1.c b/crypto/openssh/auth1.c index 54a23d5..9611c6d 100644 --- a/crypto/openssh/auth1.c +++ b/crypto/openssh/auth1.c @@ -88,12 +88,12 @@ do_authloop(Authctxt *authctxt) #ifdef USE_PAM struct inverted_pam_cookie *pam_cookie; #endif /* USE_PAM */ -#if defined(HAVE_LOGIN_CAP) || defined(LOGIN_ACCESS) +#if defined(HAVE_LOGIN_CAP) const char *from_host, *from_ip; from_host = get_canonical_hostname(options.verify_reverse_mapping); from_ip = get_remote_ipaddr(); -#endif /* HAVE_LOGIN_CAP || LOGIN_ACCESS */ +#endif /* HAVE_LOGIN_CAP */ debug("Attempting authentication for %s%.100s.", authctxt->valid ? "" : "illegal user ", authctxt->user); @@ -369,13 +369,6 @@ do_authloop(Authctxt *authctxt) lc = NULL; } #endif /* HAVE_LOGIN_CAP */ -#ifdef LOGIN_ACCESS - if (pw != NULL && !login_access(pw->pw_name, from_host)) { - log("Denied connection for %.200s from %.200s [%.200s].", - pw->pw_name, from_host, from_ip); - packet_disconnect("Sorry, you are not allowed to connect."); - } -#endif /* LOGIN_ACCESS */ #ifdef BSD_AUTH if (authctxt->as) { auth_close(authctxt->as); diff --git a/crypto/openssh/auth2.c b/crypto/openssh/auth2.c index 1592da2..117415d 100644 --- a/crypto/openssh/auth2.c +++ b/crypto/openssh/auth2.c @@ -174,12 +174,12 @@ input_userauth_request(int type, u_int32_t seq, void *ctxt) #ifdef HAVE_LOGIN_CAP login_cap_t *lc; #endif /* HAVE_LOGIN_CAP */ -#if defined(HAVE_LOGIN_CAP) || defined(LOGIN_ACCESS) +#if defined(HAVE_LOGIN_CAP) const char *from_host, *from_ip; from_host = get_canonical_hostname(options.verify_reverse_mapping); from_ip = get_remote_ipaddr(); -#endif /* HAVE_LOGIN_CAP || LOGIN_ACCESS */ +#endif /* HAVE_LOGIN_CAP */ if (authctxt == NULL) fatal("input_userauth_request: no authctxt"); @@ -238,14 +238,6 @@ input_userauth_request(int type, u_int32_t seq, void *ctxt) lc = NULL; } #endif /* HAVE_LOGIN_CAP */ -#ifdef LOGIN_ACCESS - if (authctxt->pw != NULL && - !login_access(authctxt->pw->pw_name, from_host)) { - log("Denied connection for %.200s from %.200s [%.200s].", - authctxt->pw->pw_name, from_host, from_ip); - packet_disconnect("Sorry, you are not allowed to connect."); - } -#endif /* LOGIN_ACCESS */ /* reset state */ auth2_challenge_stop(authctxt); authctxt->postponed = 0; |