X-Git-Url: http://andersk.mit.edu/gitweb/gssapi-openssh.git/blobdiff_plain/58b60d163a3c1a5735240ec1697d437b7aaf524a..737cfc81cdff227e301e5415be53a22426f1bf31:/openssh/auth2-hostbased.c diff --git a/openssh/auth2-hostbased.c b/openssh/auth2-hostbased.c index 505d3ef..041051c 100644 --- a/openssh/auth2-hostbased.c +++ b/openssh/auth2-hostbased.c @@ -1,3 +1,4 @@ +/* $OpenBSD: auth2-hostbased.c,v 1.12 2008/07/17 08:51:07 djm Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. * @@ -23,19 +24,27 @@ */ #include "includes.h" -RCSID("$OpenBSD: auth2-hostbased.c,v 1.5 2003/06/24 08:23:46 markus Exp $"); -#include "ssh2.h" +#include + +#include +#include +#include + #include "xmalloc.h" +#include "ssh2.h" #include "packet.h" #include "buffer.h" #include "log.h" #include "servconf.h" #include "compat.h" -#include "bufaux.h" -#include "auth.h" #include "key.h" +#include "hostfile.h" +#include "auth.h" #include "canohost.h" +#ifdef GSSAPI +#include "ssh-gss.h" +#endif #include "monitor_wrap.h" #include "pathnames.h" @@ -114,7 +123,7 @@ userauth_hostbased(Authctxt *authctxt) buffer_len(&b))) == 1) authenticated = 1; - buffer_clear(&b); + buffer_free(&b); done: debug2("userauth_hostbased: authenticated %d", authenticated); if (key != NULL) @@ -142,15 +151,16 @@ hostbased_key_allowed(struct passwd *pw, const char *cuser, char *chost, debug2("userauth_hostbased: chost %s resolvedname %s ipaddr %s", chost, resolvedname, ipaddr); + if (((len = strlen(chost)) > 0) && chost[len - 1] == '.') { + debug2("stripping trailing dot from chost %s", chost); + chost[len - 1] = '\0'; + } + if (options.hostbased_uses_name_from_packet_only) { if (auth_rhosts2(pw, cuser, chost, chost) == 0) return 0; lookup = chost; } else { - if (((len = strlen(chost)) > 0) && chost[len - 1] == '.') { - debug2("stripping trailing dot from chost %s", chost); - chost[len - 1] = '\0'; - } if (strcasecmp(resolvedname, chost) != 0) logit("userauth_hostbased mismatch: " "client sends %s, but we resolve %s to %s",