Mailing List Archive: sshd doesn't set SSH_AUTH_RHOSTS as supported authentication

sshd doesn't set SSH_AUTH_RHOSTS as supported authentication

Jan 13, 2000, 11:22 AM

Post #1 of 3 (872 views)

Okay...I've got it narrowed down, just don't know why this is happening...

In sshd.c, auth_mask is set to "supported authentication methods":

/* Declare supported authentication types. */
auth_mask = 0;
if (options.rhosts_authentication)
auth_mask |= 1 << SSH_AUTH_RHOSTS;
if (options.rhosts_rsa_authentication)
auth_mask |= 1 << SSH_AUTH_RHOSTS_RSA;
if (options.rsa_authentication)
auth_mask |= 1 << SSH_AUTH_RSA;

Now, in servconf.c, options.rhosts_authentication is set to 0 if
IgnoreRhosts is no:

case sIgnoreRhosts:
intptr = &options->ignore_rhosts;
parse_flag:
cp = strtok(NULL, WHITESPACE);
fprintf(stderr, "sIgnoreRhosts triggered as %s\n", cp);
if (!cp) {
fprintf(stderr, "%s line %d: missing yes/no argument.\n",
filename, linenum);
exit(1);
}
if (strcmp(cp, "yes") == 0)
value = 1;
else if (strcmp(cp, "no") == 0)
value = 0;
else {
fprintf(stderr, "%s line %d: Bad yes/no argument: %s\n",
filename, linenum, cp);
exit(1);
}
if (*intptr == -1)
*intptr = value;
break;

================

now, just in case I had my logic backwards here, I wrote a test stub:

#include <stdio.h>

main()
{
if(1) printf("1 - hello\n");
if(0) printf("0 - hello\n");
}

and the results are:

atelier# !./
./t2
1 - hello
atelier#

========================

So, am I going crazy, or is the logic in sshd.c backwards? Should
it not be:

/* Declare supported authentication types. */
auth_mask = 0;
if (!options.rhosts_authentication)
auth_mask |= 1 << SSH_AUTH_RHOSTS;
if (options.rhosts_rsa_authentication)
auth_mask |= 1 << SSH_AUTH_RHOSTS_RSA;
if (options.rsa_authentication)
auth_mask |= 1 << SSH_AUTH_RSA;

Re: sshd doesn't set SSH_AUTH_RHOSTS as supported authentication [ In reply to ]

jmknoble at pobox

Jan 13, 2000, 1:06 PM

Post #2 of 3 (857 views)

Permalink

På 2000-Jan-13 klokka 15:22:33 -0400 skrivet Marc G. Fournier:

: Now, in servconf.c, options.rhosts_authentication is set to 0 if
^^^^^^^^^^^^^^^^^^^^^
: IgnoreRhosts is no:
:
: case sIgnoreRhosts:
: intptr = &options->ignore_rhosts;
^^^^^^^^^^^^^
: parse_flag:
: cp = strtok(NULL, WHITESPACE);
: fprintf(stderr, "sIgnoreRhosts triggered as %s\n", cp);
: if (!cp) {
: fprintf(stderr, "%s line %d: missing yes/no argument.\n",
: filename, linenum);
: exit(1);
: }
: if (strcmp(cp, "yes") == 0)
: value = 1;
: else if (strcmp(cp, "no") == 0)
: value = 0;
: else {
: fprintf(stderr, "%s line %d: Bad yes/no argument: %s\n",
: filename, linenum, cp);
: exit(1);
: }
: if (*intptr == -1)
: *intptr = value;
: break;

I might be wrong, but i don't see options.rhosts_authentication being
set in the code snippet above.

--
jim knoble
jmknoble@pobox.com

Re: sshd doesn't set SSH_AUTH_RHOSTS as supported authentication [ In reply to ]

provos at citi

Jan 13, 2000, 1:23 PM

Post #3 of 3 (855 views)

Permalink

In message <Pine.BSF.4.10.10001131427490.65453-100000@atelier.acadiau.ca>, "Mar
c G. Fournier" writes:
>Now, in servconf.c, options.rhosts_authentication is set to 0 if
>IgnoreRhosts is no:
>
> case sIgnoreRhosts:
> intptr = &options->ignore_rhosts;
>parse_flag:
> cp = strtok(NULL, WHITESPACE);
> fprintf(stderr, "sIgnoreRhosts triggered as %s\n", cp);
Your debug fprintf is rather bogus, many case statements reuse this
code by jumping to parse_flag. That also explains why you got so many
print outs in your log.

Niels.