diff options
author | Damien Miller <djm@mindrot.org> | 2011-05-20 19:04:14 +1000 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 2011-05-20 19:04:14 +1000 |
commit | f2e407e2dd83addc26b68b4218d8b6ceaceca54b (patch) | |
tree | b059a9e677f7bcb911da414f621a03f672dd1412 | |
parent | c2411909c7ff298744998e00c7a5f1f64fbb0349 (diff) |
- djm@cvs.openbsd.org 2011/05/20 03:25:45
[monitor.c monitor_wrap.c servconf.c servconf.h]
use a macro to define which string options to copy between configs
for Match. This avoids problems caused by forgetting to keep three
code locations in perfect sync and ordering
"this is at once beautiful and horrible" + ok dtucker@
-rw-r--r-- | ChangeLog | 7 | ||||
-rw-r--r-- | monitor.c | 13 | ||||
-rw-r--r-- | monitor_wrap.c | 13 | ||||
-rw-r--r-- | servconf.c | 9 | ||||
-rw-r--r-- | servconf.h | 16 |
5 files changed, 45 insertions, 13 deletions
@@ -23,6 +23,13 @@ | |||
23 | - dtucker@cvs.openbsd.org 2011/05/20 02:00:19 | 23 | - dtucker@cvs.openbsd.org 2011/05/20 02:00:19 |
24 | [servconf.c] | 24 | [servconf.c] |
25 | Add comment documenting what should be after the preauth check. ok djm | 25 | Add comment documenting what should be after the preauth check. ok djm |
26 | - djm@cvs.openbsd.org 2011/05/20 03:25:45 | ||
27 | [monitor.c monitor_wrap.c servconf.c servconf.h] | ||
28 | use a macro to define which string options to copy between configs | ||
29 | for Match. This avoids problems caused by forgetting to keep three | ||
30 | code locations in perfect sync and ordering | ||
31 | |||
32 | "this is at once beautiful and horrible" + ok dtucker@ | ||
26 | 33 | ||
27 | 20110515 | 34 | 20110515 |
28 | - (djm) OpenBSD CVS Sync | 35 | - (djm) OpenBSD CVS Sync |
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: monitor.c,v 1.111 2011/05/15 08:09:01 djm Exp $ */ | 1 | /* $OpenBSD: monitor.c,v 1.112 2011/05/20 03:25:45 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright 2002 Niels Provos <provos@citi.umich.edu> | 3 | * Copyright 2002 Niels Provos <provos@citi.umich.edu> |
4 | * Copyright 2002 Markus Friedl <markus@openbsd.org> | 4 | * Copyright 2002 Markus Friedl <markus@openbsd.org> |
@@ -671,8 +671,15 @@ mm_answer_pwnamallow(int sock, Buffer *m) | |||
671 | 671 | ||
672 | out: | 672 | out: |
673 | buffer_put_string(m, &options, sizeof(options)); | 673 | buffer_put_string(m, &options, sizeof(options)); |
674 | if (options.banner != NULL) | 674 | |
675 | buffer_put_cstring(m, options.banner); | 675 | #define M_CP_STROPT(x) do { \ |
676 | if (options.x != NULL) \ | ||
677 | buffer_put_cstring(m, options.x); \ | ||
678 | } while (0) | ||
679 | /* See comment in servconf.h */ | ||
680 | COPY_MATCH_STRING_OPTS(); | ||
681 | #undef M_CP_STROPT | ||
682 | |||
676 | debug3("%s: sending MONITOR_ANS_PWNAM: %d", __func__, allowed); | 683 | debug3("%s: sending MONITOR_ANS_PWNAM: %d", __func__, allowed); |
677 | mm_request_send(sock, MONITOR_ANS_PWNAM, m); | 684 | mm_request_send(sock, MONITOR_ANS_PWNAM, m); |
678 | 685 | ||
diff --git a/monitor_wrap.c b/monitor_wrap.c index 1a5dda561..d3f274021 100644 --- a/monitor_wrap.c +++ b/monitor_wrap.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: monitor_wrap.c,v 1.70 2010/08/31 11:54:45 djm Exp $ */ | 1 | /* $OpenBSD: monitor_wrap.c,v 1.71 2011/05/20 03:25:45 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright 2002 Niels Provos <provos@citi.umich.edu> | 3 | * Copyright 2002 Niels Provos <provos@citi.umich.edu> |
4 | * Copyright 2002 Markus Friedl <markus@openbsd.org> | 4 | * Copyright 2002 Markus Friedl <markus@openbsd.org> |
@@ -245,8 +245,15 @@ out: | |||
245 | newopts = buffer_get_string(&m, &len); | 245 | newopts = buffer_get_string(&m, &len); |
246 | if (len != sizeof(*newopts)) | 246 | if (len != sizeof(*newopts)) |
247 | fatal("%s: option block size mismatch", __func__); | 247 | fatal("%s: option block size mismatch", __func__); |
248 | if (newopts->banner != NULL) | 248 | |
249 | newopts->banner = buffer_get_string(&m, NULL); | 249 | #define M_CP_STROPT(x) do { \ |
250 | if (newopts->x != NULL) \ | ||
251 | newopts->x = buffer_get_string(&m, NULL); \ | ||
252 | } while (0) | ||
253 | /* See comment in servconf.h */ | ||
254 | COPY_MATCH_STRING_OPTS(); | ||
255 | #undef M_CP_STROPT | ||
256 | |||
250 | copy_set_server_options(&options, newopts, 1); | 257 | copy_set_server_options(&options, newopts, 1); |
251 | xfree(newopts); | 258 | xfree(newopts); |
252 | 259 | ||
diff --git a/servconf.c b/servconf.c index 04a32973e..daed26a66 100644 --- a/servconf.c +++ b/servconf.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: servconf.c,v 1.217 2011/05/20 02:00:19 dtucker Exp $ */ | 1 | /* $OpenBSD: servconf.c,v 1.218 2011/05/20 03:25:45 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 3 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
4 | * All rights reserved | 4 | * All rights reserved |
@@ -1499,11 +1499,8 @@ copy_set_server_options(ServerOptions *dst, ServerOptions *src, int preauth) | |||
1499 | M_CP_INTOPT(ip_qos_interactive); | 1499 | M_CP_INTOPT(ip_qos_interactive); |
1500 | M_CP_INTOPT(ip_qos_bulk); | 1500 | M_CP_INTOPT(ip_qos_bulk); |
1501 | 1501 | ||
1502 | M_CP_STROPT(banner); | 1502 | /* See comment in servconf.h */ |
1503 | M_CP_STROPT(trusted_user_ca_keys); | 1503 | COPY_MATCH_STRING_OPTS(); |
1504 | M_CP_STROPT(revoked_keys_file); | ||
1505 | M_CP_STROPT(authorized_keys_file); | ||
1506 | M_CP_STROPT(authorized_principals_file); | ||
1507 | 1504 | ||
1508 | /* | 1505 | /* |
1509 | * The only things that should be below this point are string options | 1506 | * The only things that should be below this point are string options |
diff --git a/servconf.h b/servconf.h index 3f04b8501..953ef8650 100644 --- a/servconf.h +++ b/servconf.h | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: servconf.h,v 1.96 2011/05/11 04:47:06 djm Exp $ */ | 1 | /* $OpenBSD: servconf.h,v 1.97 2011/05/20 03:25:45 djm Exp $ */ |
2 | 2 | ||
3 | /* | 3 | /* |
4 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 4 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
@@ -161,6 +161,20 @@ typedef struct { | |||
161 | char *authorized_principals_file; | 161 | char *authorized_principals_file; |
162 | } ServerOptions; | 162 | } ServerOptions; |
163 | 163 | ||
164 | /* | ||
165 | * These are string config options that must be copied between the | ||
166 | * Match sub-config and the main config, and must be sent from the | ||
167 | * privsep slave to the privsep master. We use a macro to ensure all | ||
168 | * the options are copied and the copies are done in the correct order. | ||
169 | */ | ||
170 | #define COPY_MATCH_STRING_OPTS() do { \ | ||
171 | M_CP_STROPT(banner); \ | ||
172 | M_CP_STROPT(trusted_user_ca_keys); \ | ||
173 | M_CP_STROPT(revoked_keys_file); \ | ||
174 | M_CP_STROPT(authorized_keys_file); \ | ||
175 | M_CP_STROPT(authorized_principals_file); \ | ||
176 | } while (0) | ||
177 | |||
164 | void initialize_server_options(ServerOptions *); | 178 | void initialize_server_options(ServerOptions *); |
165 | void fill_default_server_options(ServerOptions *); | 179 | void fill_default_server_options(ServerOptions *); |
166 | int process_server_config_line(ServerOptions *, char *, const char *, int, | 180 | int process_server_config_line(ServerOptions *, char *, const char *, int, |