NB: big update - may break stuff. Please test!

 - (djm) OpenBSD CVS sync:
   - markus@cvs.openbsd.org  2001/02/03 03:08:38
     [auth-options.c auth-rh-rsa.c auth-rhosts.c auth.c canohost.c]
     [canohost.h servconf.c servconf.h session.c sshconnect1.c sshd.8]
     [sshd_config]
     make ReverseMappingCheck optional in sshd_config; ok djm@,dugsong@
   - markus@cvs.openbsd.org  2001/02/03 03:19:51
     [ssh.1 sshd.8 sshd_config]
     Skey is now called ChallengeResponse
   - markus@cvs.openbsd.org  2001/02/03 03:43:09
     [sshd.8]
     use no-pty option in .ssh/authorized_keys* if you need a 8-bit clean
     channel. note from Erik.Anggard@cygate.se (pr/1659)
   - stevesk@cvs.openbsd.org 2001/02/03 10:03:06
     [ssh.1]
     typos; ok markus@
   - djm@cvs.openbsd.org     2001/02/04 04:11:56
     [scp.1 sftp-server.c ssh.1 sshd.8 sftp-client.c sftp-client.h]
     [sftp-common.c sftp-common.h sftp-int.c sftp-int.h sftp.1 sftp.c]
     Basic interactive sftp client; ok theo@
 - (djm) Update RPM specs for new sftp binary
 - (djm) Update several bits for new optional reverse lookup stuff. I
   think I got them all.

1 files changed, 8 insertions, 5 deletions

diff --git a/auth2.c b/auth2.c
index cff34c60..5f8b4234 100644
--- a/auth2.c
+++ b/auth2.c
@@ -310,7 +310,8 @@ userauth_reply(Authctxt *authctxt, int authenticated)
 #ifdef WITH_AIXAUTHENTICATE
 		/* We don't have a pty yet, so just label the line as "ssh" */
 		if (loginsuccess(authctxt->user?authctxt->user:"NOUSER", 
-			get_canonical_hostname(), "ssh", &aixloginmsg) < 0)
+		    get_canonical_hostname(options.reverse_mapping_check), 
+		    "ssh", &aixloginmsg) < 0)
 			aixloginmsg = NULL;
 #endif /* WITH_AIXAUTHENTICATE */
 		/* turn off userauth */
@@ -354,8 +355,9 @@ userauth_none(Authctxt *authctxt)
 	return auth_pam_password(authctxt->pw, "");
 #elif defined(HAVE_OSF_SIA)
 	return (sia_validate_user(NULL, saved_argc, saved_argv, 
-		get_canonical_hostname(), authctxt->user?authctxt->user:"NOUSER", 
-			NULL, 0, NULL, "") == SIASUCCESS);
+	    get_canonical_hostname(options.reverse_mapping_check), 
+	    authctxt->user?authctxt->user:"NOUSER", NULL, 0, 
+	    NULL, "") == SIASUCCESS);
 #else /* !HAVE_OSF_SIA && !USE_PAM */
 	return auth_password(authctxt->pw, "");
 #endif /* USE_PAM */
@@ -381,8 +383,9 @@ userauth_passwd(Authctxt *authctxt)
 	    auth_pam_password(authctxt->pw, password) == 1)
 #elif defined(HAVE_OSF_SIA)
 	    sia_validate_user(NULL, saved_argc, saved_argv, 
-		 	get_canonical_hostname(), authctxt->user?authctxt->user:"NOUSER", 
-			NULL, 0, NULL, password) == SIASUCCESS)
+	    get_canonical_hostname(options.reverse_mapping_check), 
+	    authctxt->user?authctxt->user:"NOUSER", NULL, 0, NULL, 
+	    password) == SIASUCCESS)
 #else /* !USE_PAM && !HAVE_OSF_SIA */
 	    auth_password(authctxt->pw, password) == 1)
 #endif /* USE_PAM */