tyler.durden/openssh-portable
1
0
Fork 0
mirror of https://github.com/PowerShell/openssh-portable.git synced 2025-07-31 01:35:11 +02:00
Code Issues Packages Projects Releases Wiki Activity

- tedu@cvs.openbsd.org 2014/03/26 19:58:37

Browse Source 
[sshd.8 sshd.c]
     remove libwrap support. ok deraadt djm mfriedl
This commit is contained in:
Damien Miller 2014-04-20 13:22:18 +10:00
parent 4f40209aa4
commit f2719b7c2b
3 changed files with 6 additions and 35 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
ChangeLog
View File

@ -58,6 +58,9 @@
longform __attribute__(__bounded(...)); longform __attribute__(__bounded(...));
for brevity and a warning free compilation with llvm/clang for brevity and a warning free compilation with llvm/clang
- tedu@cvs.openbsd.org 2014/03/26 19:58:37
[sshd.8 sshd.c]
remove libwrap support. ok deraadt djm mfriedl
20140401 20140401
- (djm) On platforms that support it, use prctl() to prevent sftp-server - (djm) On platforms that support it, use prctl() to prevent sftp-server

11
sshd.8
View File

@ -33,8 +33,8 @@
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
.\" .\"
.\" $OpenBSD: sshd.8,v 1.273 2013/12/07 11:58:46 naddy Exp $ .\" $OpenBSD: sshd.8,v 1.274 2014/03/26 19:58:37 tedu Exp $
.Dd $Mdocdate: December 7 2013 $ .Dd $Mdocdate: March 26 2014 $
.Dt SSHD 8 .Dt SSHD 8
.Os .Os
.Sh NAME .Sh NAME
@ -851,12 +851,6 @@ the user's home directory becomes accessible.
This file should be writable only by the user, and need not be This file should be writable only by the user, and need not be
readable by anyone else. readable by anyone else.
.Pp .Pp
.It Pa /etc/hosts.allow
.It Pa /etc/hosts.deny
Access controls that should be enforced by tcp-wrappers are defined here.
Further details are described in
.Xr hosts_access 5 .
.Pp
.It Pa /etc/hosts.equiv .It Pa /etc/hosts.equiv
This file is for host-based authentication (see This file is for host-based authentication (see
.Xr ssh 1 ) . .Xr ssh 1 ) .
@ -960,7 +954,6 @@ The content of this file is not sensitive; it can be world-readable.
.Xr ssh-keygen 1 , .Xr ssh-keygen 1 ,
.Xr ssh-keyscan 1 , .Xr ssh-keyscan 1 ,
.Xr chroot 2 , .Xr chroot 2 ,
.Xr hosts_access 5 ,
.Xr login.conf 5 , .Xr login.conf 5 ,
.Xr moduli 5 , .Xr moduli 5 ,
.Xr sshd_config 5 , .Xr sshd_config 5 ,

27
sshd.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: sshd.c,v 1.422 2014/03/27 23:01:27 markus Exp $ */ /* $OpenBSD: sshd.c,v 1.421 2014/03/26 19:58:37 tedu Exp $ */
/* /*
* Author: Tatu Ylonen <ylo@cs.hut.fi> * Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@ -122,13 +122,6 @@
#include "ssh-sandbox.h" #include "ssh-sandbox.h"
#include "version.h" #include "version.h"
#ifdef LIBWRAP
#include <tcpd.h>
#include <syslog.h>
int allow_severity;
int deny_severity;
#endif /* LIBWRAP */
#ifndef O_NOCTTY #ifndef O_NOCTTY
#define O_NOCTTY 0 #define O_NOCTTY 0
#endif #endif
@ -2034,24 +2027,6 @@ main(int ac, char **av)
#ifdef SSH_AUDIT_EVENTS #ifdef SSH_AUDIT_EVENTS
audit_connection_from(remote_ip, remote_port); audit_connection_from(remote_ip, remote_port);
#endif #endif
#ifdef LIBWRAP
allow_severity = options.log_facility|LOG_INFO;
deny_severity = options.log_facility|LOG_WARNING;
/* Check whether logins are denied from this host. */
if (packet_connection_is_on_socket()) {
struct request_info req;
request_init(&req, RQ_DAEMON, __progname, RQ_FILE, sock_in, 0);
fromhost(&req);
if (!hosts_access(&req)) {
debug("Connection refused by tcp wrapper");
refuse(&req);
/* NOTREACHED */
fatal("libwrap refuse returns");
}
}
#endif /* LIBWRAP */
/* Log the connection. */ /* Log the connection. */
verbose("Connection from %s port %d on %s port %d", verbose("Connection from %s port %d on %s port %d",