diff options
| author | Darren Tucker <dtucker@zip.com.au> | 2013-05-16 20:30:03 +1000 |
|---|---|---|
| committer | Darren Tucker <dtucker@zip.com.au> | 2013-05-16 20:30:03 +1000 |
| commit | 0763698f71efef8b3f8460c5700758359219eb7c (patch) | |
| tree | b0275009490908efaf218a90b640ae16032c1eed | |
| parent | 5f96f3b4bee11ae2b9b32ff9b881c3693e210f96 (diff) | |
- djm@cvs.openbsd.org 2013/05/16 04:27:50
[ssh_config.5 readconf.h readconf.c]
add the ability to ignore specific unrecognised ssh_config options;
bz#866; ok markus@
| -rw-r--r-- | ChangeLog | 4 | ||||
| -rw-r--r-- | readconf.c | 35 | ||||
| -rw-r--r-- | readconf.h | 4 | ||||
| -rw-r--r-- | ssh_config.5 | 13 |
4 files changed, 45 insertions, 11 deletions
| @@ -33,6 +33,10 @@ | |||
| 33 | sshd.c] Add RekeyLimit to sshd with the same syntax as the client allowing | 33 | sshd.c] Add RekeyLimit to sshd with the same syntax as the client allowing |
| 34 | rekeying based on traffic volume or time. ok djm@, help & ok jmc@ for the man | 34 | rekeying based on traffic volume or time. ok djm@, help & ok jmc@ for the man |
| 35 | page. | 35 | page. |
| 36 | - djm@cvs.openbsd.org 2013/05/16 04:27:50 | ||
| 37 | [ssh_config.5 readconf.h readconf.c] | ||
| 38 | add the ability to ignore specific unrecognised ssh_config options; | ||
| 39 | bz#866; ok markus@ | ||
| 36 | 40 | ||
| 37 | 20130510 | 41 | 20130510 |
| 38 | - (dtucker) [configure.ac] Enable -Wsizeof-pointer-memaccess if the compiler | 42 | - (dtucker) [configure.ac] Enable -Wsizeof-pointer-memaccess if the compiler |
diff --git a/readconf.c b/readconf.c index d8898a029..51b23a3b8 100644 --- a/readconf.c +++ b/readconf.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: readconf.c,v 1.198 2013/05/16 02:00:34 dtucker Exp $ */ | 1 | /* $OpenBSD: readconf.c,v 1.199 2013/05/16 04:27:50 djm Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
| 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
| @@ -134,8 +134,8 @@ typedef enum { | |||
| 134 | oHashKnownHosts, | 134 | oHashKnownHosts, |
| 135 | oTunnel, oTunnelDevice, oLocalCommand, oPermitLocalCommand, | 135 | oTunnel, oTunnelDevice, oLocalCommand, oPermitLocalCommand, |
| 136 | oVisualHostKey, oUseRoaming, oZeroKnowledgePasswordAuthentication, | 136 | oVisualHostKey, oUseRoaming, oZeroKnowledgePasswordAuthentication, |
| 137 | oKexAlgorithms, oIPQoS, oRequestTTY, | 137 | oKexAlgorithms, oIPQoS, oRequestTTY, oIgnoreUnknown, |
| 138 | oDeprecated, oUnsupported | 138 | oIgnoredUnknownOption, oDeprecated, oUnsupported |
| 139 | } OpCodes; | 139 | } OpCodes; |
| 140 | 140 | ||
| 141 | /* Textual representations of the tokens. */ | 141 | /* Textual representations of the tokens. */ |
| @@ -246,6 +246,7 @@ static struct { | |||
| 246 | { "kexalgorithms", oKexAlgorithms }, | 246 | { "kexalgorithms", oKexAlgorithms }, |
| 247 | { "ipqos", oIPQoS }, | 247 | { "ipqos", oIPQoS }, |
| 248 | { "requesttty", oRequestTTY }, | 248 | { "requesttty", oRequestTTY }, |
| 249 | { "ignoreunknown", oIgnoreUnknown }, | ||
| 249 | 250 | ||
| 250 | { NULL, oBadOption } | 251 | { NULL, oBadOption } |
| 251 | }; | 252 | }; |
| @@ -351,14 +352,17 @@ add_identity_file(Options *options, const char *dir, const char *filename, | |||
| 351 | */ | 352 | */ |
| 352 | 353 | ||
| 353 | static OpCodes | 354 | static OpCodes |
| 354 | parse_token(const char *cp, const char *filename, int linenum) | 355 | parse_token(const char *cp, const char *filename, int linenum, |
| 356 | const char *ignored_unknown) | ||
| 355 | { | 357 | { |
| 356 | u_int i; | 358 | int i; |
| 357 | 359 | ||
| 358 | for (i = 0; keywords[i].name; i++) | 360 | for (i = 0; keywords[i].name; i++) |
| 359 | if (strcasecmp(cp, keywords[i].name) == 0) | 361 | if (strcmp(cp, keywords[i].name) == 0) |
| 360 | return keywords[i].opcode; | 362 | return keywords[i].opcode; |
| 361 | 363 | if (ignored_unknown != NULL && match_pattern_list(cp, ignored_unknown, | |
| 364 | strlen(ignored_unknown), 1) == 1) | ||
| 365 | return oIgnoredUnknownOption; | ||
| 362 | error("%s: line %d: Bad configuration option: %s", | 366 | error("%s: line %d: Bad configuration option: %s", |
| 363 | filename, linenum, cp); | 367 | filename, linenum, cp); |
| 364 | return oBadOption; | 368 | return oBadOption; |
| @@ -377,7 +381,7 @@ process_config_line(Options *options, const char *host, | |||
| 377 | { | 381 | { |
| 378 | char *s, **charptr, *endofnumber, *keyword, *arg, *arg2; | 382 | char *s, **charptr, *endofnumber, *keyword, *arg, *arg2; |
| 379 | char **cpptr, fwdarg[256]; | 383 | char **cpptr, fwdarg[256]; |
| 380 | u_int *uintptr, max_entries = 0; | 384 | u_int i, *uintptr, max_entries = 0; |
| 381 | int negated, opcode, *intptr, value, value2, scale; | 385 | int negated, opcode, *intptr, value, value2, scale; |
| 382 | LogLevel *log_level_ptr; | 386 | LogLevel *log_level_ptr; |
| 383 | long long orig, val64; | 387 | long long orig, val64; |
| @@ -400,14 +404,22 @@ process_config_line(Options *options, const char *host, | |||
| 400 | keyword = strdelim(&s); | 404 | keyword = strdelim(&s); |
| 401 | if (keyword == NULL || !*keyword || *keyword == '\n' || *keyword == '#') | 405 | if (keyword == NULL || !*keyword || *keyword == '\n' || *keyword == '#') |
| 402 | return 0; | 406 | return 0; |
| 407 | /* Match lowercase keyword */ | ||
| 408 | for (i = 0; i < strlen(keyword); i++) | ||
| 409 | keyword[i] = tolower(keyword[i]); | ||
| 403 | 410 | ||
| 404 | opcode = parse_token(keyword, filename, linenum); | 411 | opcode = parse_token(keyword, filename, linenum, |
| 412 | options->ignored_unknown); | ||
| 405 | 413 | ||
| 406 | switch (opcode) { | 414 | switch (opcode) { |
| 407 | case oBadOption: | 415 | case oBadOption: |
| 408 | /* don't panic, but count bad options */ | 416 | /* don't panic, but count bad options */ |
| 409 | return -1; | 417 | return -1; |
| 410 | /* NOTREACHED */ | 418 | /* NOTREACHED */ |
| 419 | case oIgnoredUnknownOption: | ||
| 420 | debug("%s line %d: Ignored unknown option \"%s\"", | ||
| 421 | filename, linenum, keyword); | ||
| 422 | return 0; | ||
| 411 | case oConnectTimeout: | 423 | case oConnectTimeout: |
| 412 | intptr = &options->connection_timeout; | 424 | intptr = &options->connection_timeout; |
| 413 | parse_time: | 425 | parse_time: |
| @@ -1077,6 +1089,10 @@ parse_int: | |||
| 1077 | *intptr = value; | 1089 | *intptr = value; |
| 1078 | break; | 1090 | break; |
| 1079 | 1091 | ||
| 1092 | case oIgnoreUnknown: | ||
| 1093 | charptr = &options->ignored_unknown; | ||
| 1094 | goto parse_string; | ||
| 1095 | |||
| 1080 | case oDeprecated: | 1096 | case oDeprecated: |
| 1081 | debug("%s line %d: Deprecated option \"%s\"", | 1097 | debug("%s line %d: Deprecated option \"%s\"", |
| 1082 | filename, linenum, keyword); | 1098 | filename, linenum, keyword); |
| @@ -1238,6 +1254,7 @@ initialize_options(Options * options) | |||
| 1238 | options->ip_qos_interactive = -1; | 1254 | options->ip_qos_interactive = -1; |
| 1239 | options->ip_qos_bulk = -1; | 1255 | options->ip_qos_bulk = -1; |
| 1240 | options->request_tty = -1; | 1256 | options->request_tty = -1; |
| 1257 | options->ignored_unknown = NULL; | ||
| 1241 | } | 1258 | } |
| 1242 | 1259 | ||
| 1243 | /* | 1260 | /* |
diff --git a/readconf.h b/readconf.h index e20573090..23fc500da 100644 --- a/readconf.h +++ b/readconf.h | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: readconf.h,v 1.94 2013/05/16 02:00:34 dtucker Exp $ */ | 1 | /* $OpenBSD: readconf.h,v 1.95 2013/05/16 04:27:50 djm Exp $ */ |
| 2 | 2 | ||
| 3 | /* | 3 | /* |
| 4 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 4 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
| @@ -137,6 +137,8 @@ typedef struct { | |||
| 137 | int use_roaming; | 137 | int use_roaming; |
| 138 | 138 | ||
| 139 | int request_tty; | 139 | int request_tty; |
| 140 | |||
| 141 | char *ignored_unknown; /* Pattern list of unknown tokens to ignore */ | ||
| 140 | } Options; | 142 | } Options; |
| 141 | 143 | ||
| 142 | #define SSHCTL_MASTER_NO 0 | 144 | #define SSHCTL_MASTER_NO 0 |
diff --git a/ssh_config.5 b/ssh_config.5 index 97897e00e..955afe351 100644 --- a/ssh_config.5 +++ b/ssh_config.5 | |||
| @@ -33,7 +33,7 @@ | |||
| 33 | .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF | 33 | .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF |
| 34 | .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | 34 | .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
| 35 | .\" | 35 | .\" |
| 36 | .\" $OpenBSD: ssh_config.5,v 1.162 2013/05/16 02:00:34 dtucker Exp $ | 36 | .\" $OpenBSD: ssh_config.5,v 1.163 2013/05/16 04:27:50 djm Exp $ |
| 37 | .Dd $Mdocdate: May 16 2013 $ | 37 | .Dd $Mdocdate: May 16 2013 $ |
| 38 | .Dt SSH_CONFIG 5 | 38 | .Dt SSH_CONFIG 5 |
| 39 | .Os | 39 | .Os |
| @@ -597,6 +597,17 @@ The default is the name given on the command line. | |||
| 597 | Numeric IP addresses are also permitted (both on the command line and in | 597 | Numeric IP addresses are also permitted (both on the command line and in |
| 598 | .Cm HostName | 598 | .Cm HostName |
| 599 | specifications). | 599 | specifications). |
| 600 | .It Cm IgnoreUnknown | ||
| 601 | Specifies a pattern-list of unknown options to be ignored if they are | ||
| 602 | encountered in configuration parsing. | ||
| 603 | This may be used to suppress errors if | ||
| 604 | .Nm | ||
| 605 | contains options that are unrecognised by | ||
| 606 | .Xr ssh 1 . | ||
| 607 | It is recommended that | ||
| 608 | .Cm IgnoreUnknown | ||
| 609 | be listed early in the configuration file as it will not be applied | ||
| 610 | to unknown options that appear before it. | ||
| 600 | .It Cm IdentitiesOnly | 611 | .It Cm IdentitiesOnly |
| 601 | Specifies that | 612 | Specifies that |
| 602 | .Xr ssh 1 | 613 | .Xr ssh 1 |