NB: big update - may break stuff. Please test!
- (djm) OpenBSD CVS sync:
- markus@cvs.openbsd.org 2001/02/03 03:08:38
[auth-options.c auth-rh-rsa.c auth-rhosts.c auth.c canohost.c]
[canohost.h servconf.c servconf.h session.c sshconnect1.c sshd.8]
[sshd_config]
make ReverseMappingCheck optional in sshd_config; ok djm@,dugsong@
- markus@cvs.openbsd.org 2001/02/03 03:19:51
[ssh.1 sshd.8 sshd_config]
Skey is now called ChallengeResponse
- markus@cvs.openbsd.org 2001/02/03 03:43:09
[sshd.8]
use no-pty option in .ssh/authorized_keys* if you need a 8-bit clean
channel. note from Erik.Anggard@cygate.se (pr/1659)
- stevesk@cvs.openbsd.org 2001/02/03 10:03:06
[ssh.1]
typos; ok markus@
- djm@cvs.openbsd.org 2001/02/04 04:11:56
[scp.1 sftp-server.c ssh.1 sshd.8 sftp-client.c sftp-client.h]
[sftp-common.c sftp-common.h sftp-int.c sftp-int.h sftp.1 sftp.c]
Basic interactive sftp client; ok theo@
- (djm) Update RPM specs for new sftp binary
- (djm) Update several bits for new optional reverse lookup stuff. I
think I got them all.
diff --git a/auth-pam.c b/auth-pam.c
index 3d550b4..122896c 100644
--- a/auth-pam.c
+++ b/auth-pam.c
@@ -32,7 +32,7 @@
#include "canohost.h"
#include "readpass.h"
-RCSID("$Id: auth-pam.c,v 1.22 2001/01/22 05:34:40 mouring Exp $");
+RCSID("$Id: auth-pam.c,v 1.23 2001/02/04 12:20:19 djm Exp $");
#define NEW_AUTHTOK_MSG \
"Warning: Your password has expired, please change it now"
@@ -211,10 +211,12 @@
int do_pam_account(char *username, char *remote_user)
{
int pam_retval;
+ extern ServerOptions options;
- debug("PAM setting rhost to \"%.200s\"", get_canonical_hostname());
+ debug("PAM setting rhost to \"%.200s\"",
+ get_canonical_hostname(options.reverse_mapping_check));
pam_retval = pam_set_item(pamh, PAM_RHOST,
- get_canonical_hostname());
+ get_canonical_hostname(options.reverse_mapping_check));
if (pam_retval != PAM_SUCCESS) {
fatal("PAM set rhost failed[%d]: %.200s",
pam_retval, PAM_STRERROR(pamh, pam_retval));