- tedu@cvs.openbsd.org 2014/03/26 19:58:37
[sshd.8 sshd.c]
remove libwrap support. ok deraadt djm mfriedl
This commit is contained in:
Damien Miller
parent
4f40209aa4
commit
f2719b7c2b
|
|
@ -58,6 +58,9 @@
|
|||
longform __attribute__(__bounded(...));
|
||||
|
||||
for brevity and a warning free compilation with llvm/clang
|
||||
- tedu@cvs.openbsd.org 2014/03/26 19:58:37
|
||||
[sshd.8 sshd.c]
|
||||
remove libwrap support. ok deraadt djm mfriedl
|
||||
|
||||
20140401
|
||||
- (djm) On platforms that support it, use prctl() to prevent sftp-server
|
||||
|
|
|
|||
11
sshd.8
11
sshd.8
|
|
@ -33,8 +33,8 @@
|
|||
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
|
||||
.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||
.\"
|
||||
.\" $OpenBSD: sshd.8,v 1.273 2013/12/07 11:58:46 naddy Exp $
|
||||
.Dd $Mdocdate: December 7 2013 $
|
||||
.\" $OpenBSD: sshd.8,v 1.274 2014/03/26 19:58:37 tedu Exp $
|
||||
.Dd $Mdocdate: March 26 2014 $
|
||||
.Dt SSHD 8
|
||||
.Os
|
||||
.Sh NAME
|
||||
|
|
@ -851,12 +851,6 @@ the user's home directory becomes accessible.
|
|||
This file should be writable only by the user, and need not be
|
||||
readable by anyone else.
|
||||
.Pp
|
||||
.It Pa /etc/hosts.allow
|
||||
.It Pa /etc/hosts.deny
|
||||
Access controls that should be enforced by tcp-wrappers are defined here.
|
||||
Further details are described in
|
||||
.Xr hosts_access 5 .
|
||||
.Pp
|
||||
.It Pa /etc/hosts.equiv
|
||||
This file is for host-based authentication (see
|
||||
.Xr ssh 1 ) .
|
||||
|
|
@ -960,7 +954,6 @@ The content of this file is not sensitive; it can be world-readable.
|
|||
.Xr ssh-keygen 1 ,
|
||||
.Xr ssh-keyscan 1 ,
|
||||
.Xr chroot 2 ,
|
||||
.Xr hosts_access 5 ,
|
||||
.Xr login.conf 5 ,
|
||||
.Xr moduli 5 ,
|
||||
.Xr sshd_config 5 ,
|
||||
|
|
|
|||
27
sshd.c
27
sshd.c
|
|
@ -1,4 +1,4 @@
|
|||
/* $OpenBSD: sshd.c,v 1.422 2014/03/27 23:01:27 markus Exp $ */
|
||||
/* $OpenBSD: sshd.c,v 1.421 2014/03/26 19:58:37 tedu Exp $ */
|
||||
/*
|
||||
* Author: Tatu Ylonen <ylo@cs.hut.fi>
|
||||
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
|
||||
|
|
@ -122,13 +122,6 @@
|
|||
#include "ssh-sandbox.h"
|
||||
#include "version.h"
|
||||
|
||||
#ifdef LIBWRAP
|
||||
#include <tcpd.h>
|
||||
#include <syslog.h>
|
||||
int allow_severity;
|
||||
int deny_severity;
|
||||
#endif /* LIBWRAP */
|
||||
|
||||
#ifndef O_NOCTTY
|
||||
#define O_NOCTTY 0
|
||||
#endif
|
||||
|
|
@ -2034,24 +2027,6 @@ main(int ac, char **av)
|
|||
#ifdef SSH_AUDIT_EVENTS
|
||||
audit_connection_from(remote_ip, remote_port);
|
||||
#endif
|
||||
#ifdef LIBWRAP
|
||||
allow_severity = options.log_facility|LOG_INFO;
|
||||
deny_severity = options.log_facility|LOG_WARNING;
|
||||
/* Check whether logins are denied from this host. */
|
||||
if (packet_connection_is_on_socket()) {
|
||||
struct request_info req;
|
||||
|
||||
request_init(&req, RQ_DAEMON, __progname, RQ_FILE, sock_in, 0);
|
||||
fromhost(&req);
|
||||
|
||||
if (!hosts_access(&req)) {
|
||||
debug("Connection refused by tcp wrapper");
|
||||
refuse(&req);
|
||||
/* NOTREACHED */
|
||||
fatal("libwrap refuse returns");
|
||||
}
|
||||
}
|
||||
#endif /* LIBWRAP */
|
||||
|
||||
/* Log the connection. */
|
||||
verbose("Connection from %s port %d on %s port %d",
|
||||
|
|
|
|||
Loading…
Reference in New Issue