diff options
author | djm@openbsd.org <djm@openbsd.org> | 2014-12-23 22:42:48 +0000 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 2015-01-09 00:13:35 +1100 |
commit | 5191df927db282d3123ca2f34a04d8d96153911a (patch) | |
tree | 753b6b2d184072f6db142b9352fc61f879a37bae /auth2-hostbased.c | |
parent | 8abd80315d3419b20e6938f74d37e2e2b547f0b7 (diff) |
upstream commit
KNF and add a little more debug()
Diffstat (limited to 'auth2-hostbased.c')
-rw-r--r-- | auth2-hostbased.c | 18 |
1 files changed, 13 insertions, 5 deletions
diff --git a/auth2-hostbased.c b/auth2-hostbased.c index b7ae3535..eb6bee50 100644 --- a/auth2-hostbased.c +++ b/auth2-hostbased.c @@ -1,4 +1,4 @@ -/* $OpenBSD: auth2-hostbased.c,v 1.19 2014/12/21 22:27:56 djm Exp $ */ +/* $OpenBSD: auth2-hostbased.c,v 1.20 2014/12/23 22:42:48 djm Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. * @@ -163,7 +163,7 @@ hostbased_key_allowed(struct passwd *pw, const char *cuser, char *chost, resolvedname = get_canonical_hostname(options.use_dns); ipaddr = get_remote_ipaddr(); - debug2("userauth_hostbased: chost %s resolvedname %s ipaddr %s", + debug2("%s: chost %s resolvedname %s ipaddr %s", __func__, chost, resolvedname, ipaddr); if (((len = strlen(chost)) > 0) && chost[len - 1] == '.') { @@ -172,19 +172,27 @@ hostbased_key_allowed(struct passwd *pw, const char *cuser, char *chost, } if (options.hostbased_uses_name_from_packet_only) { - if (auth_rhosts2(pw, cuser, chost, chost) == 0) + if (auth_rhosts2(pw, cuser, chost, chost) == 0) { + debug2("%s: auth_rhosts2 refused " + "user \"%.100s\" host \"%.100s\" (from packet)", + __func__, cuser, chost); return 0; + } lookup = chost; } else { if (strcasecmp(resolvedname, chost) != 0) logit("userauth_hostbased mismatch: " "client sends %s, but we resolve %s to %s", chost, ipaddr, resolvedname); - if (auth_rhosts2(pw, cuser, resolvedname, ipaddr) == 0) + if (auth_rhosts2(pw, cuser, resolvedname, ipaddr) == 0) { + debug2("%s: auth_rhosts2 refused " + "user \"%.100s\" host \"%.100s\" addr \"%.100s\"", + __func__, cuser, resolvedname, ipaddr); return 0; + } lookup = resolvedname; } - debug2("userauth_hostbased: access allowed by auth_rhosts2"); + debug2("%s: access allowed by auth_rhosts2", __func__); if (key_is_cert(key) && key_cert_check_authority(key, 1, 0, lookup, &reason)) { |