]> andersk Git - gssapi-openssh.git/blobdiff - openssh/auth-options.c
andersk / gssapi-openssh.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Import of OpenSSH 3.2.2p1
[gssapi-openssh.git] / openssh / auth-options.c
diff --git a/openssh/auth-options.c b/openssh/auth-options.c
index 8df6a6dfcabbd910313e620f770503c02432b2ed..2787d2948b5062e5c0dac0bf1742d9ca3451a8da 100644 (file)
--- a/openssh/auth-options.c
+++ b/openssh/auth-options.c
@@ -10,7 +10,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: auth-options.c,v 1.21 2002/01/29 14:32:03 markus Exp $");
+RCSID("$OpenBSD: auth-options.c,v 1.24 2002/05/13 20:44:58 markus Exp $");
 
 #include "packet.h"
 #include "xmalloc.h"
@@ -20,7 +20,10 @@ RCSID("$OpenBSD: auth-options.c,v 1.21 2002/01/29 14:32:03 markus Exp $");
 #include "channels.h"
 #include "auth-options.h"
 #include "servconf.h"
+#include "bufaux.h"
 #include "misc.h"
+#include "monitor_wrap.h"
+#include "auth.h"
 
 /* Flags set authorized_keys flags */
 int no_port_forwarding_flag = 0;
@@ -54,6 +57,7 @@ auth_clear_options(void)
                forced_command = NULL;
        }
        channel_clear_permitted_opens();
+       auth_debug_reset();
 }
 
 /*
@@ -75,28 +79,28 @@ auth_parse_options(struct passwd *pw, char *opts, char *file, u_long linenum)
        while (*opts && *opts != ' ' && *opts != '\t') {
                cp = "no-port-forwarding";
                if (strncasecmp(opts, cp, strlen(cp)) == 0) {
-                       packet_send_debug("Port forwarding disabled.");
+                       auth_debug_add("Port forwarding disabled.");
                        no_port_forwarding_flag = 1;
                        opts += strlen(cp);
                        goto next_option;
                }
                cp = "no-agent-forwarding";
                if (strncasecmp(opts, cp, strlen(cp)) == 0) {
-                       packet_send_debug("Agent forwarding disabled.");
+                       auth_debug_add("Agent forwarding disabled.");
                        no_agent_forwarding_flag = 1;
                        opts += strlen(cp);
                        goto next_option;
                }
                cp = "no-X11-forwarding";
                if (strncasecmp(opts, cp, strlen(cp)) == 0) {
-                       packet_send_debug("X11 forwarding disabled.");
+                       auth_debug_add("X11 forwarding disabled.");
                        no_x11_forwarding_flag = 1;
                        opts += strlen(cp);
                        goto next_option;
                }
                cp = "no-pty";
                if (strncasecmp(opts, cp, strlen(cp)) == 0) {
-                       packet_send_debug("Pty allocation disabled.");
+                       auth_debug_add("Pty allocation disabled.");
                        no_pty_flag = 1;
                        opts += strlen(cp);
                        goto next_option;
@@ -119,14 +123,14 @@ auth_parse_options(struct passwd *pw, char *opts, char *file, u_long linenum)
                        if (!*opts) {
                                debug("%.100s, line %lu: missing end quote",
                                    file, linenum);
-                               packet_send_debug("%.100s, line %lu: missing end quote",
+                               auth_debug_add("%.100s, line %lu: missing end quote",
                                    file, linenum);
                                xfree(forced_command);
                                forced_command = NULL;
                                goto bad_option;
                        }
                        forced_command[i] = 0;
-                       packet_send_debug("Forced command: %.900s", forced_command);
+                       auth_debug_add("Forced command: %.900s", forced_command);
                        opts++;
                        goto next_option;
                }
@@ -151,13 +155,13 @@ auth_parse_options(struct passwd *pw, char *opts, char *file, u_long linenum)
                        if (!*opts) {
                                debug("%.100s, line %lu: missing end quote",
                                    file, linenum);
-                               packet_send_debug("%.100s, line %lu: missing end quote",
+                               auth_debug_add("%.100s, line %lu: missing end quote",
                                    file, linenum);
                                xfree(s);
                                goto bad_option;
                        }
                        s[i] = 0;
-                       packet_send_debug("Adding to environment: %.900s", s);
+                       auth_debug_add("Adding to environment: %.900s", s);
                        debug("Adding to environment: %.900s", s);
                        opts++;
                        new_envstring = xmalloc(sizeof(struct envstring));
@@ -188,7 +192,7 @@ auth_parse_options(struct passwd *pw, char *opts, char *file, u_long linenum)
                        if (!*opts) {
                                debug("%.100s, line %lu: missing end quote",
                                    file, linenum);
-                               packet_send_debug("%.100s, line %lu: missing end quote",
+                               auth_debug_add("%.100s, line %lu: missing end quote",
                                    file, linenum);
                                xfree(patterns);
                                goto bad_option;
@@ -202,7 +206,7 @@ auth_parse_options(struct passwd *pw, char *opts, char *file, u_long linenum)
                                    "correct key but not from a permitted "
                                    "host (host=%.200s, ip=%.200s).",
                                    pw->pw_name, remote_host, remote_ip);
-                               packet_send_debug("Your host '%.200s' is not "
+                               auth_debug_add("Your host '%.200s' is not "
                                    "permitted to use this key for login.",
                                    remote_host);
                                /* deny access */
@@ -233,7 +237,7 @@ auth_parse_options(struct passwd *pw, char *opts, char *file, u_long linenum)
                        if (!*opts) {
                                debug("%.100s, line %lu: missing end quote",
                                    file, linenum);
-                               packet_send_debug("%.100s, line %lu: missing end quote",
+                               auth_debug_add("%.100s, line %lu: missing end quote",
                                    file, linenum);
                                xfree(patterns);
                                goto bad_option;
@@ -244,7 +248,7 @@ auth_parse_options(struct passwd *pw, char *opts, char *file, u_long linenum)
                            sscanf(patterns, "%255[^/]/%5[0-9]", host, sport) != 2) {
                                debug("%.100s, line %lu: Bad permitopen specification "
                                    "<%.100s>", file, linenum, patterns);
-                               packet_send_debug("%.100s, line %lu: "
+                               auth_debug_add("%.100s, line %lu: "
                                    "Bad permitopen specification", file, linenum);
                                xfree(patterns);
                                goto bad_option;
@@ -252,7 +256,7 @@ auth_parse_options(struct passwd *pw, char *opts, char *file, u_long linenum)
                        if ((port = a2port(sport)) == 0) {
                                debug("%.100s, line %lu: Bad permitopen port <%.100s>",
                                    file, linenum, sport);
-                               packet_send_debug("%.100s, line %lu: "
+                               auth_debug_add("%.100s, line %lu: "
                                    "Bad permitopen port", file, linenum);
                                xfree(patterns);
                                goto bad_option;
@@ -276,14 +280,22 @@ next_option:
                opts++;
                /* Process the next option. */
        }
+
+       if (!use_privsep)
+               auth_debug_send();
+
        /* grant access */
        return 1;
 
 bad_option:
        log("Bad options in %.100s file, line %lu: %.50s",
            file, linenum, opts);
-       packet_send_debug("Bad options in %.100s file, line %lu: %.50s",
+       auth_debug_add("Bad options in %.100s file, line %lu: %.50s",
            file, linenum, opts);
+
+       if (!use_privsep)
+               auth_debug_send();
+
        /* deny access */
        return 0;
 }
git-cvsimport mirror of GSI OpenSSH
This page took 0.461486 seconds and 4 git commands to generate.