| auth-rhosts.c (181110) | auth-rhosts.c (181111) |
|---|---|
| 1/* $OpenBSD: auth-rhosts.c,v 1.41 2006/08/03 03:34:41 deraadt Exp $ */ | 1/* $OpenBSD: auth-rhosts.c,v 1.43 2008/06/13 14:18:51 dtucker Exp $ */ |
| 2/* 3 * Author: Tatu Ylonen <ylo@cs.hut.fi> 4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland 5 * All rights reserved 6 * Rhosts authentication. This file contains code to check whether to admit 7 * the login based on rhosts authentication. This file also processes 8 * /etc/hosts.equiv. 9 * --- 11 unchanged lines hidden (view full) --- 21 22#ifdef HAVE_NETGROUP_H 23# include <netgroup.h> 24#endif 25#include <pwd.h> 26#include <stdio.h> 27#include <string.h> 28#include <stdarg.h> | 2/* 3 * Author: Tatu Ylonen <ylo@cs.hut.fi> 4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland 5 * All rights reserved 6 * Rhosts authentication. This file contains code to check whether to admit 7 * the login based on rhosts authentication. This file also processes 8 * /etc/hosts.equiv. 9 * --- 11 unchanged lines hidden (view full) --- 21 22#ifdef HAVE_NETGROUP_H 23# include <netgroup.h> 24#endif 25#include <pwd.h> 26#include <stdio.h> 27#include <string.h> 28#include <stdarg.h> |
| 29#include <fcntl.h> 30#include <unistd.h> |
|
| 29 30#include "packet.h" 31#include "buffer.h" 32#include "uidswap.h" 33#include "pathnames.h" 34#include "log.h" 35#include "servconf.h" 36#include "canohost.h" 37#include "key.h" 38#include "hostfile.h" 39#include "auth.h" | 31 32#include "packet.h" 33#include "buffer.h" 34#include "uidswap.h" 35#include "pathnames.h" 36#include "log.h" 37#include "servconf.h" 38#include "canohost.h" 39#include "key.h" 40#include "hostfile.h" 41#include "auth.h" |
| 42#include "misc.h" |
|
| 40 41/* import */ 42extern ServerOptions options; 43extern int use_privsep; 44 45/* 46 * This function processes an rhosts-style file (.rhosts, .shosts, or 47 * /etc/hosts.equiv). This returns true if authentication can be granted 48 * based on the file, and returns zero otherwise. 49 */ 50 51static int 52check_rhosts_file(const char *filename, const char *hostname, 53 const char *ipaddr, const char *client_user, 54 const char *server_user) 55{ 56 FILE *f; 57 char buf[1024]; /* Must not be larger than host, user, dummy below. */ | 43 44/* import */ 45extern ServerOptions options; 46extern int use_privsep; 47 48/* 49 * This function processes an rhosts-style file (.rhosts, .shosts, or 50 * /etc/hosts.equiv). This returns true if authentication can be granted 51 * based on the file, and returns zero otherwise. 52 */ 53 54static int 55check_rhosts_file(const char *filename, const char *hostname, 56 const char *ipaddr, const char *client_user, 57 const char *server_user) 58{ 59 FILE *f; 60 char buf[1024]; /* Must not be larger than host, user, dummy below. */ |
| 61 int fd; 62 struct stat st; |
|
| 58 59 /* Open the .rhosts file, deny if unreadable */ | 63 64 /* Open the .rhosts file, deny if unreadable */ |
| 60 f = fopen(filename, "r"); 61 if (!f) | 65 if ((fd = open(filename, O_RDONLY|O_NONBLOCK)) == -1) |
| 62 return 0; | 66 return 0; |
| 63 | 67 if (fstat(fd, &st) == -1) { 68 close(fd); 69 return 0; 70 } 71 if (!S_ISREG(st.st_mode)) { 72 logit("User %s hosts file %s is not a regular file", 73 server_user, filename); 74 close(fd); 75 return 0; 76 } 77 unset_nonblock(fd); 78 if ((f = fdopen(fd, "r")) == NULL) { 79 close(fd); 80 return 0; 81 } |
| 64 while (fgets(buf, sizeof(buf), f)) { 65 /* All three must be at least as big as buf to avoid overflows. */ 66 char hostbuf[1024], userbuf[1024], dummy[1024], *host, *user, *cp; 67 int negated; 68 69 for (cp = buf; *cp == ' ' || *cp == '\t'; cp++) 70 ; 71 if (*cp == '#' || *cp == '\n' || !*cp) --- 238 unchanged lines hidden --- | 82 while (fgets(buf, sizeof(buf), f)) { 83 /* All three must be at least as big as buf to avoid overflows. */ 84 char hostbuf[1024], userbuf[1024], dummy[1024], *host, *user, *cp; 85 int negated; 86 87 for (cp = buf; *cp == ' ' || *cp == '\t'; cp++) 88 ; 89 if (*cp == '#' || *cp == '\n' || !*cp) --- 238 unchanged lines hidden --- |