- (djm) OpenBSD CVS Sync

   - markus@cvs.openbsd.org 2003/06/02 09:17:34
     [auth2-hostbased.c auth.c auth-options.c auth-rhosts.c auth-rh-rsa.c]
     [canohost.c monitor.c servconf.c servconf.h session.c sshd_config]
     [sshd_config.5]
     deprecate VerifyReverseMapping since it's dangerous if combined
     with IP based access control as noted by Mike Harding; replace with
     a UseDNS option, UseDNS is on by default and includes the
     VerifyReverseMapping check; with itojun@, provos@, jakob@ and deraadt@
     ok deraadt@, djm@
 - (djm) Fix portable-specific uses of verify_reverse_mapping too

1 files changed, 2 insertions, 2 deletions

diff --git a/auth-options.c b/auth-options.c
index d8976b17..0e146ab1 100644
--- a/auth-options.c
+++ b/auth-options.c
@@ -10,7 +10,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: auth-options.c,v 1.27 2003/04/08 20:21:28 itojun Exp $");
+RCSID("$OpenBSD: auth-options.c,v 1.28 2003/06/02 09:17:34 markus Exp $");
 
 #include "xmalloc.h"
 #include "match.h"
@@ -173,7 +173,7 @@ auth_parse_options(struct passwd *pw, char *opts, char *file, u_long linenum)
 		if (strncasecmp(opts, cp, strlen(cp)) == 0) {
 			const char *remote_ip = get_remote_ipaddr();
 			const char *remote_host = get_canonical_hostname(
-			    options.verify_reverse_mapping);
+			    options.use_dns);
 			char *patterns = xmalloc(strlen(opts) + 1);
 
 			opts += strlen(cp);