CVSROOT: /cvs Module name: src Changes by: [email protected] 2016/11/05 23:46:37
Modified files:
usr.bin/ssh : auth.c match.c servconf.c
Log message:
Validate address ranges for AllowUser/DenyUsers at configuration load
time and refuse to accept bad ones. It was previously possible to
specify invalid CIDR address ranges (e.g. [email protected]/55) and these
would always match.
Thanks to Laurence Parry for a detailed bug report. ok markus (for
a previous diff version)
