summaryrefslogtreecommitdiff
path: root/auth-rh-rsa.c
diff options
context:
space:
mode:
authorDamien Miller <djm@mindrot.org>2003-06-03 10:25:48 +1000
committerDamien Miller <djm@mindrot.org>2003-06-03 10:25:48 +1000
commit3a961dc0d36c1f87788b707130f6d07709822d38 (patch)
tree57f3a729408e4cbe08fa7f9699de2e583e0b2ca0 /auth-rh-rsa.c
parent35276253a60a3e57ec21b82b2e3c81e03c0206de (diff)
- (djm) OpenBSD CVS Sync
- markus@cvs.openbsd.org 2003/06/02 09:17:34 [auth2-hostbased.c auth.c auth-options.c auth-rhosts.c auth-rh-rsa.c] [canohost.c monitor.c servconf.c servconf.h session.c sshd_config] [sshd_config.5] deprecate VerifyReverseMapping since it's dangerous if combined with IP based access control as noted by Mike Harding; replace with a UseDNS option, UseDNS is on by default and includes the VerifyReverseMapping check; with itojun@, provos@, jakob@ and deraadt@ ok deraadt@, djm@ - (djm) Fix portable-specific uses of verify_reverse_mapping too
Diffstat (limited to 'auth-rh-rsa.c')
-rw-r--r--auth-rh-rsa.c4
1 files changed, 2 insertions, 2 deletions
diff --git a/auth-rh-rsa.c b/auth-rh-rsa.c
index 4d6f0d23..2eb7e6e2 100644
--- a/auth-rh-rsa.c
+++ b/auth-rh-rsa.c
@@ -13,7 +13,7 @@
*/
#include "includes.h"
-RCSID("$OpenBSD: auth-rh-rsa.c,v 1.35 2003/04/08 20:21:28 itojun Exp $");
+RCSID("$OpenBSD: auth-rh-rsa.c,v 1.36 2003/06/02 09:17:34 markus Exp $");
#include "packet.h"
#include "uidswap.h"
@@ -63,7 +63,7 @@ auth_rhosts_rsa(struct passwd *pw, char *cuser, Key *client_host_key)
client_host_key->rsa == NULL)
return 0;
- chost = (char *)get_canonical_hostname(options.verify_reverse_mapping);
+ chost = (char *)get_canonical_hostname(options.use_dns);
debug("Rhosts RSA authentication: canonical host %.900s", chost);
if (!PRIVSEP(auth_rhosts_rsa_key_allowed(pw, cuser, chost, client_host_key))) {