Displaying 2 results from an estimated 2 matches for "match_host_and_ip_or_netgroup".
2007 Sep 20
0
OpenSSH 4.7p1 - support the use of netgroups in AllowUsers and DenyUsers configuration options
...@netgroup
+ */
+int
+match_user_or_netgroup(const char *user, char *pattern)
+{
+ if(pattern[0] != '@')
+ return match_pattern(user, pattern);
+
+#ifdef HAVE_INNETGR
+ return innetgr(pattern + 1, NULL, user, NULL);
+#else
+ return 0;
+#endif
+}
+
+/*
+ * match host in @netgroup
+ */
+int
+match_host_and_ip_or_netgroup(const char *host, const char * ipaddr, char *pattern)
+{
+ if(pattern[0] != '@')
+ return match_host_and_ip(host, ipaddr, pattern);
+
+#ifdef HAVE_INNETGR
+ return innetgr(pattern + 1, host, NULL, NULL)
+ || innetgr(pattern + 1, ipaddr, NULL, NULL);
+#else
+ return 0;
+#endif
+}
+
+/*
*...
2004 May 07
3
Contribution to 3.8.1pl1
Hello,
I added the support for netgroups to be used in the
AllowUsers and DenyUsers parameters. This has some
advantages:
* hostnames or ip addresses need not to be written or
maintained in the sshd_config file, but can be kept
abstract names what also simplifies a bit largescale
openssh installations
* sshd_config needs not change and sshd be restarted
when changing the list of allowed /