diff options
author | Dag-Erling Smørgrav <des@FreeBSD.org> | 2008-07-23 09:33:08 +0000 |
---|---|---|
committer | Dag-Erling Smørgrav <des@FreeBSD.org> | 2008-07-23 09:33:08 +0000 |
commit | 5521539314d87d3432e3c5c0e74954a673a884bd (patch) | |
tree | 8f06d9ad2f958f06e579924065ecbaf74dd734f7 /auth-rhosts.c | |
parent | d4033b6b6f7aa0e69be09f9613e062e0fb7a9f11 (diff) | |
download | src-5521539314d87d3432e3c5c0e74954a673a884bd.tar.gz src-5521539314d87d3432e3c5c0e74954a673a884bd.zip |
Vendor import of OpenSSH 5.1p1
Notes
Notes:
svn path=/vendor-crypto/openssh/dist/; revision=180750
Diffstat (limited to 'auth-rhosts.c')
-rw-r--r-- | auth-rhosts.c | 26 |
1 files changed, 22 insertions, 4 deletions
diff --git a/auth-rhosts.c b/auth-rhosts.c index cd0a7967a244..5c12967016b4 100644 --- a/auth-rhosts.c +++ b/auth-rhosts.c @@ -1,4 +1,4 @@ -/* $OpenBSD: auth-rhosts.c,v 1.41 2006/08/03 03:34:41 deraadt Exp $ */ +/* $OpenBSD: auth-rhosts.c,v 1.43 2008/06/13 14:18:51 dtucker Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland @@ -26,6 +26,8 @@ #include <stdio.h> #include <string.h> #include <stdarg.h> +#include <fcntl.h> +#include <unistd.h> #include "packet.h" #include "buffer.h" @@ -37,6 +39,7 @@ #include "key.h" #include "hostfile.h" #include "auth.h" +#include "misc.h" /* import */ extern ServerOptions options; @@ -55,12 +58,27 @@ check_rhosts_file(const char *filename, const char *hostname, { FILE *f; char buf[1024]; /* Must not be larger than host, user, dummy below. */ + int fd; + struct stat st; /* Open the .rhosts file, deny if unreadable */ - f = fopen(filename, "r"); - if (!f) + if ((fd = open(filename, O_RDONLY|O_NONBLOCK)) == -1) return 0; - + if (fstat(fd, &st) == -1) { + close(fd); + return 0; + } + if (!S_ISREG(st.st_mode)) { + logit("User %s hosts file %s is not a regular file", + server_user, filename); + close(fd); + return 0; + } + unset_nonblock(fd); + if ((f = fdopen(fd, "r")) == NULL) { + close(fd); + return 0; + } while (fgets(buf, sizeof(buf), f)) { /* All three must be at least as big as buf to avoid overflows. */ char hostbuf[1024], userbuf[1024], dummy[1024], *host, *user, *cp; |