summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDamien Miller <djm@mindrot.org>2013-12-05 14:07:27 +1100
committerDamien Miller <djm@mindrot.org>2013-12-05 14:07:27 +1100
commit534b2ccadea5e5e9a8b27226e6faac3ed5552e97 (patch)
tree4b54195987d588e0785c5add1b34c72e187ea83f
parent8369c8e61a3408ec6bb75755fad4ffce29b5fdbe (diff)
- djm@cvs.openbsd.org 2013/12/05 01:16:41
[servconf.c servconf.h] bz#2161 - fix AuthorizedKeysCommand inside a Match block and rearrange things so the same error is harder to make next time; with and ok dtucker@
Diffstat
-rw-r--r--ChangeLog5
-rw-r--r--servconf.c41
-rw-r--r--servconf.h5
3 files changed, 29 insertions, 22 deletions
diff --git a/ChangeLog b/ChangeLog
index 9f29954a0..410ae1b9e 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -43,6 +43,11 @@
43 [sftp-client.c] 43 [sftp-client.c]
44 bz#2171: don't leak local_fd on error; from Loganaden Velvindron @ 44 bz#2171: don't leak local_fd on error; from Loganaden Velvindron @
45 AfriNIC 45 AfriNIC
46 - djm@cvs.openbsd.org 2013/12/05 01:16:41
47 [servconf.c servconf.h]
48 bz#2161 - fix AuthorizedKeysCommand inside a Match block and
49 rearrange things so the same error is harder to make next time;
50 with and ok dtucker@
46 - (dtucker) [configure.ac] bz#2173: use pkg-config --libs to include correct 51 - (dtucker) [configure.ac] bz#2173: use pkg-config --libs to include correct
47 -L location for libedit. Patch from Serge van den Boom. 52 -L location for libedit. Patch from Serge van den Boom.
48 53
diff --git a/servconf.c b/servconf.c
index cb21bd229..6db89f7c1 100644
--- a/servconf.c
+++ b/servconf.c
@@ -1,5 +1,5 @@
1 1
2/* $OpenBSD: servconf.c,v 1.246 2013/11/21 00:45:44 djm Exp $ */ 2/* $OpenBSD: servconf.c,v 1.247 2013/12/05 01:16:41 djm Exp $ */
3/* 3/*
4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland 4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
5 * All rights reserved 5 * All rights reserved
@@ -1742,24 +1742,6 @@ int server_match_spec_complete(struct connection_info *ci)
1742 return 0; /* partial */ 1742 return 0; /* partial */
1743} 1743}
1744 1744
1745/* Helper macros */
1746#define M_CP_INTOPT(n) do {\
1747 if (src->n != -1) \
1748 dst->n = src->n; \
1749} while (0)
1750#define M_CP_STROPT(n) do {\
1751 if (src->n != NULL) { \
1752 free(dst->n); \
1753 dst->n = src->n; \
1754 } \
1755} while(0)
1756#define M_CP_STRARRAYOPT(n, num_n) do {\
1757 if (src->num_n != 0) { \
1758 for (dst->num_n = 0; dst->num_n < src->num_n; dst->num_n++) \
1759 dst->n[dst->num_n] = xstrdup(src->n[dst->num_n]); \
1760 } \
1761} while(0)
1762
1763/* 1745/*
1764 * Copy any supported values that are set. 1746 * Copy any supported values that are set.
1765 * 1747 *
@@ -1770,6 +1752,11 @@ int server_match_spec_complete(struct connection_info *ci)
1770void 1752void
1771copy_set_server_options(ServerOptions *dst, ServerOptions *src, int preauth) 1753copy_set_server_options(ServerOptions *dst, ServerOptions *src, int preauth)
1772{ 1754{
1755#define M_CP_INTOPT(n) do {\
1756 if (src->n != -1) \
1757 dst->n = src->n; \
1758} while (0)
1759
1773 M_CP_INTOPT(password_authentication); 1760 M_CP_INTOPT(password_authentication);
1774 M_CP_INTOPT(gss_authentication); 1761 M_CP_INTOPT(gss_authentication);
1775 M_CP_INTOPT(rsa_authentication); 1762 M_CP_INTOPT(rsa_authentication);
@@ -1779,8 +1766,6 @@ copy_set_server_options(ServerOptions *dst, ServerOptions *src, int preauth)
1779 M_CP_INTOPT(hostbased_uses_name_from_packet_only); 1766 M_CP_INTOPT(hostbased_uses_name_from_packet_only);
1780 M_CP_INTOPT(kbd_interactive_authentication); 1767 M_CP_INTOPT(kbd_interactive_authentication);
1781 M_CP_INTOPT(zero_knowledge_password_authentication); 1768 M_CP_INTOPT(zero_knowledge_password_authentication);
1782 M_CP_STROPT(authorized_keys_command);
1783 M_CP_STROPT(authorized_keys_command_user);
1784 M_CP_INTOPT(permit_root_login); 1769 M_CP_INTOPT(permit_root_login);
1785 M_CP_INTOPT(permit_empty_passwd); 1770 M_CP_INTOPT(permit_empty_passwd);
1786 1771
@@ -1799,6 +1784,20 @@ copy_set_server_options(ServerOptions *dst, ServerOptions *src, int preauth)
1799 M_CP_INTOPT(rekey_limit); 1784 M_CP_INTOPT(rekey_limit);
1800 M_CP_INTOPT(rekey_interval); 1785 M_CP_INTOPT(rekey_interval);
1801 1786
1787 /* M_CP_STROPT and M_CP_STRARRAYOPT should not appear before here */
1788#define M_CP_STROPT(n) do {\
1789 if (src->n != NULL && dst->n != src->n) { \
1790 free(dst->n); \
1791 dst->n = src->n; \
1792 } \
1793} while(0)
1794#define M_CP_STRARRAYOPT(n, num_n) do {\
1795 if (src->num_n != 0) { \
1796 for (dst->num_n = 0; dst->num_n < src->num_n; dst->num_n++) \
1797 dst->n[dst->num_n] = xstrdup(src->n[dst->num_n]); \
1798 } \
1799} while(0)
1800
1802 /* See comment in servconf.h */ 1801 /* See comment in servconf.h */
1803 COPY_MATCH_STRING_OPTS(); 1802 COPY_MATCH_STRING_OPTS();
1804 1803
diff --git a/servconf.h b/servconf.h
index 2d4b6ecb4..8812c5aab 100644
--- a/servconf.h
+++ b/servconf.h
@@ -1,4 +1,4 @@
1/* $OpenBSD: servconf.h,v 1.110 2013/10/29 09:48:02 djm Exp $ */ 1/* $OpenBSD: servconf.h,v 1.111 2013/12/05 01:16:41 djm Exp $ */
2 2
3/* 3/*
4 * Author: Tatu Ylonen <ylo@cs.hut.fi> 4 * Author: Tatu Ylonen <ylo@cs.hut.fi>
@@ -202,6 +202,9 @@ struct connection_info {
202 * Match sub-config and the main config, and must be sent from the 202 * Match sub-config and the main config, and must be sent from the
203 * privsep slave to the privsep master. We use a macro to ensure all 203 * privsep slave to the privsep master. We use a macro to ensure all
204 * the options are copied and the copies are done in the correct order. 204 * the options are copied and the copies are done in the correct order.
205 *
206 * NB. an option must appear in servconf.c:copy_set_server_options() or
207 * COPY_MATCH_STRING_OPTS here but never both.
205 */ 208 */
206#define COPY_MATCH_STRING_OPTS() do { \ 209#define COPY_MATCH_STRING_OPTS() do { \
207 M_CP_STROPT(banner); \ 210 M_CP_STROPT(banner); \
generated by cgit v1.2.3 (git 2.39.1) at 2024-06-29 08:57:45 +0000