X-Git-Url: http://andersk.mit.edu/gitweb/openssh.git/blobdiff_plain/1853d1ef0d12e0942aca46cf9e6af2c69804d0a7..e79276c2be3fa96195e8a897e08ff5193fed88dc:/auth-rh-rsa.c diff --git a/auth-rh-rsa.c b/auth-rh-rsa.c index c940ec58..29eb538e 100644 --- a/auth-rh-rsa.c +++ b/auth-rh-rsa.c @@ -13,7 +13,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: auth-rh-rsa.c,v 1.32 2002/03/18 17:50:31 provos Exp $"); +RCSID("$OpenBSD: auth-rh-rsa.c,v 1.37 2003/11/04 08:54:09 djm Exp $"); #include "packet.h" #include "uidswap.h" @@ -30,11 +30,6 @@ RCSID("$OpenBSD: auth-rh-rsa.c,v 1.32 2002/03/18 17:50:31 provos Exp $"); /* import */ extern ServerOptions options; -/* - * Tries to authenticate the user using the .rhosts file and the host using - * its host key. Returns true if authentication succeeds. - */ - int auth_rhosts_rsa_key_allowed(struct passwd *pw, char *cuser, char *chost, Key *client_host_key) @@ -49,7 +44,7 @@ auth_rhosts_rsa_key_allowed(struct passwd *pw, char *cuser, char *chost, chost, _PATH_SSH_SYSTEM_HOSTFILE, options.ignore_user_known_hosts ? NULL : _PATH_SSH_USER_HOSTFILE); - return (host_status == HOST_OK); + return (host_status == HOST_OK); } /* @@ -57,18 +52,19 @@ auth_rhosts_rsa_key_allowed(struct passwd *pw, char *cuser, char *chost, * its host key. Returns true if authentication succeeds. */ int -auth_rhosts_rsa(struct passwd *pw, char *cuser, Key *client_host_key) +auth_rhosts_rsa(Authctxt *authctxt, char *cuser, Key *client_host_key) { char *chost; + struct passwd *pw = authctxt->pw; debug("Trying rhosts with RSA host authentication for client user %.100s", cuser); - if (pw == NULL || client_host_key == NULL || + if (!authctxt->valid || client_host_key == NULL || client_host_key->rsa == NULL) return 0; - chost = (char *)get_canonical_hostname(options.verify_reverse_mapping); + chost = (char *)get_canonical_hostname(options.use_dns); debug("Rhosts RSA authentication: canonical host %.900s", chost); if (!PRIVSEP(auth_rhosts_rsa_key_allowed(pw, cuser, chost, client_host_key))) { @@ -80,7 +76,7 @@ auth_rhosts_rsa(struct passwd *pw, char *cuser, Key *client_host_key) /* Perform the challenge-response dialog with the client for the host key. */ if (!auth_rsa_challenge_dialog(client_host_key)) { - log("Client on %.800s failed to respond correctly to host authentication.", + logit("Client on %.800s failed to respond correctly to host authentication.", chost); return 0; }