ViewVC Help

View File | Revision Log | Show Annotations | Download File | View Changeset | Root Listing

root/src/vendor-crypto/openssh/dist/auth.c

Comparing vendor-crypto/openssh/dist/auth.c (file contents):
Revision 12134 by laffer1, Sat Nov 5 20:28:15 2016 UTC vs.
Revision 12135 by laffer1, Fri Jan 18 20:47:32 2019 UTC

#	Line 1 | Line 1
1	<	/* $OpenBSD: auth.c,v 1.115 2016/06/15 00:40:40 dtucker Exp $ */
1	>	/* $OpenBSD: auth.c,v 1.119 2016/12/15 21:29:05 dtucker Exp $ */
2		/*
3		* Copyright (c) 2000 Markus Friedl.  All rights reserved.
4		*
#	Line 103 | Line 103 | allowed_user(struct passwd * pw)
103		struct stat st;
104		const char *hostname = NULL, *ipaddr = NULL, *passwd = NULL;
105		u_int i;
106	+	int r;
107		#ifdef USE_SHADOW
108		struct spwd *spw = NULL;
109		#endif
#	Line 191 | Line 192 | allowed_user(struct passwd * pw)
192
193		/* Return false if user is listed in DenyUsers */
194		if (options.num_deny_users > 0) {
195	<	for (i = 0; i < options.num_deny_users; i++)
196	<	if (match_user(pw->pw_name, hostname, ipaddr,
197	<	options.deny_users[i])) {
195	>	for (i = 0; i < options.num_deny_users; i++) {
196	>	r = match_user(pw->pw_name, hostname, ipaddr,
197	>	options.deny_users[i]);
198	>	if (r < 0) {
199	>	fatal("Invalid DenyUsers pattern \"%.100s\"",
200	>	options.deny_users[i]);
201	>	} else if (r != 0) {
202		logit("User %.100s from %.100s not allowed "
203		"because listed in DenyUsers",
204		pw->pw_name, hostname);
205		return 0;
206		}
207	+	}
208		}
209		/* Return false if AllowUsers isn't empty and user isn't listed there */
210		if (options.num_allow_users > 0) {
211	<	for (i = 0; i < options.num_allow_users; i++)
212	<	if (match_user(pw->pw_name, hostname, ipaddr,
213	<	options.allow_users[i]))
211	>	for (i = 0; i < options.num_allow_users; i++) {
212	>	r = match_user(pw->pw_name, hostname, ipaddr,
213	>	options.allow_users[i]);
214	>	if (r < 0) {
215	>	fatal("Invalid AllowUsers pattern \"%.100s\"",
216	>	options.allow_users[i]);
217	>	} else if (r == 1)
218		break;
219	+	}
220		/* i < options.num_allow_users iff we break for loop */
221		if (i >= options.num_allow_users) {
222		logit("User %.100s from %.100s not allowed because "
#	Line 298 | Line 309 | auth_log(Authctxt *authctxt, int authenticated, int pa
309		else
310		authmsg = authenticated ? "Accepted" : "Failed";
311
312	<	authlog("%s %s%s%s for %s%.100s from %.200s port %d %s%s%s",
312	>	authlog("%s %s%s%s for %s%.100s from %.200s port %d ssh2%s%s",
313		authmsg,
314		method,
315		submethod != NULL ? "/" : "", submethod == NULL ? "" : submethod,
#	Line 306 | Line 317 | auth_log(Authctxt *authctxt, int authenticated, int pa
317		authctxt->user,
318		ssh_remote_ipaddr(ssh),
319		ssh_remote_port(ssh),
309	–	compat20 ? "ssh2" : "ssh1",
320		authctxt->info != NULL ? ": " : "",
321		authctxt->info != NULL ? authctxt->info : "");
322		free(authctxt->info);
#	Line 339 | Line 349 | auth_maxtries_exceeded(Authctxt *authctxt)
349		struct ssh *ssh = active_state; /* XXX */
350
351		error("maximum authentication attempts exceeded for "
352	<	"%s%.100s from %.200s port %d %s",
352	>	"%s%.100s from %.200s port %d ssh2",
353		authctxt->valid ? "" : "invalid user ",
354		authctxt->user,
355		ssh_remote_ipaddr(ssh),
356	<	ssh_remote_port(ssh),
347	<	compat20 ? "ssh2" : "ssh1");
356	>	ssh_remote_port(ssh));
357		packet_disconnect("Too many authentication failures");
358		/* NOTREACHED */
359		}

Diff Legend

–	Removed lines
+	Added lines
<	Changed lines
>	Changed lines