+/* $OpenBSD: auth-rhosts.c,v 1.43 2008/06/13 14:18:51 dtucker Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
*/
#include "includes.h"
-RCSID("$OpenBSD: auth-rhosts.c,v 1.35 2006/02/20 17:19:53 stevesk Exp $");
#include <sys/types.h>
#include <sys/stat.h>
#ifdef HAVE_NETGROUP_H
# include <netgroup.h>
#endif
+#include <pwd.h>
+#include <stdio.h>
+#include <string.h>
+#include <stdarg.h>
+#include <fcntl.h>
+#include <unistd.h>
#include "packet.h"
+#include "buffer.h"
#include "uidswap.h"
#include "pathnames.h"
#include "log.h"
#include "servconf.h"
#include "canohost.h"
+#include "key.h"
+#include "hostfile.h"
#include "auth.h"
+#include "misc.h"
/* import */
extern ServerOptions options;
{
FILE *f;
char buf[1024]; /* Must not be larger than host, user, dummy below. */
+ int fd;
+ struct stat st;
/* Open the .rhosts file, deny if unreadable */
- f = fopen(filename, "r");
- if (!f)
+ if ((fd = open(filename, O_RDONLY|O_NONBLOCK)) == -1)
return 0;
-
+ if (fstat(fd, &st) == -1) {
+ close(fd);
+ return 0;
+ }
+ if (!S_ISREG(st.st_mode)) {
+ logit("User %s hosts file %s is not a regular file",
+ server_user, filename);
+ close(fd);
+ return 0;
+ }
+ unset_nonblock(fd);
+ if ((f = fdopen(fd, "r")) == NULL) {
+ close(fd);
+ return 0;
+ }
while (fgets(buf, sizeof(buf), f)) {
/* All three must be at least as big as buf to avoid overflows. */
char hostbuf[1024], userbuf[1024], dummy[1024], *host, *user, *cp;