summaryrefslogtreecommitdiff
path: root/auth.c
diff options
context:
space:
mode:
authordtucker@openbsd.org <dtucker@openbsd.org>2021-07-05 00:50:25 +0000
committerDamien Miller <djm@mindrot.org>2021-07-08 14:50:59 +1000
commitb75624f8733b3ed9e240f86cac5d4a39dae11848 (patch)
tree22a89de20e51f801b9d2bb37f96b358283f1c57f /auth.c
parentb67eb12f013c5441bb4f0893a97533582ad4eb13 (diff)
upstream: Remove comment referencing now-removed
RhostsRSAAuthentication. ok djm@ OpenBSD-Commit-ID: 3d864bfbd99a1d4429a58e301688f3be464827a9
Diffstat (limited to 'auth.c')
-rw-r--r--auth.c6
1 files changed, 2 insertions, 4 deletions
diff --git a/auth.c b/auth.c
index c5320232..00b168b4 100644
--- a/auth.c
+++ b/auth.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: auth.c,v 1.152 2021/04/03 06:18:40 djm Exp $ */
+/* $OpenBSD: auth.c,v 1.153 2021/07/05 00:50:25 dtucker Exp $ */
/*
* Copyright (c) 2000 Markus Friedl. All rights reserved.
*
@@ -734,9 +734,7 @@ fakepw(void)
* be freed. NB. this will usually trigger a DNS query the first time it is
* called.
* This function does additional checks on the hostname to mitigate some
- * attacks on legacy rhosts-style authentication.
- * XXX is RhostsRSAAuthentication vulnerable to these?
- * XXX Can we remove these checks? (or if not, remove RhostsRSAAuthentication?)
+ * attacks on based on conflation of hostnames and IP addresses.
*/
static char *