diff options
author | djm@openbsd.org <djm@openbsd.org> | 2020-04-17 03:30:05 +0000 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 2020-04-17 14:03:36 +1000 |
commit | c90f72d29e84b4a2709078bf5546a72c29a65177 (patch) | |
tree | 58f38f99566d13f7e142c3181878f54e4cd2af21 /auth-rhosts.c | |
parent | 321c7147079270f3a154f91b59e66219aac3d514 (diff) | |
download | openssh-git-c90f72d29e84b4a2709078bf5546a72c29a65177.tar.gz |
upstream: make IgnoreRhosts a tri-state option: "yes" ignore
rhosts/shosts, "no" allow rhosts/shosts or (new) "shosts-only" to allow
.shosts files but not .rhosts. ok dtucker@
OpenBSD-Commit-ID: d08d6930ed06377a80cf53923c1955e9589342e9
Diffstat (limited to 'auth-rhosts.c')
-rw-r--r-- | auth-rhosts.c | 6 |
1 files changed, 4 insertions, 2 deletions
diff --git a/auth-rhosts.c b/auth-rhosts.c index 7a10210b..e81321b4 100644 --- a/auth-rhosts.c +++ b/auth-rhosts.c @@ -1,4 +1,4 @@ -/* $OpenBSD: auth-rhosts.c,v 1.51 2019/10/02 00:42:30 djm Exp $ */ +/* $OpenBSD: auth-rhosts.c,v 1.52 2020/04/17 03:30:05 djm Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland @@ -298,7 +298,9 @@ auth_rhosts2(struct passwd *pw, const char *client_user, const char *hostname, * Check if we have been configured to ignore .rhosts * and .shosts files. */ - if (options.ignore_rhosts) { + if (options.ignore_rhosts == IGNORE_RHOSTS_YES || + (options.ignore_rhosts == IGNORE_RHOSTS_SHOSTS && + strcmp(rhosts_files[rhosts_file_index], ".shosts") != 0)) { auth_debug_add("Server has been configured to " "ignore %.100s.", rhosts_files[rhosts_file_index]); continue; |