diff options
author | Damien Miller <djm@mindrot.org> | 2003-05-16 11:38:32 +1000 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 2003-05-16 11:38:32 +1000 |
commit | f9b3feb847011c56b3e2a26e67b388e9f746ca62 (patch) | |
tree | 5ada815562fa88cc01e6433277110ac4b5b01183 | |
parent | 6e80c36e2a2c733adedc65ae9fe272b74dc9a06c (diff) |
- jakob@cvs.openbsd.org 2003/05/15 14:02:47
[readconf.c servconf.c]
warn for unsupported config option. ok markus@
-rw-r--r-- | ChangeLog | 5 | ||||
-rw-r--r-- | readconf.c | 38 | ||||
-rw-r--r-- | servconf.c | 26 |
3 files changed, 48 insertions, 21 deletions
@@ -4,6 +4,9 @@ | |||
4 | [ssh.c] | 4 | [ssh.c] |
5 | Make "ssh -V" print the OpenSSL version in a human readable form. Patch | 5 | Make "ssh -V" print the OpenSSL version in a human readable form. Patch |
6 | from Craig Leres (mindrot at ee.lbl.gov); ok markus@ | 6 | from Craig Leres (mindrot at ee.lbl.gov); ok markus@ |
7 | - jakob@cvs.openbsd.org 2003/05/15 14:02:47 | ||
8 | [readconf.c servconf.c] | ||
9 | warn for unsupported config option. ok markus@ | ||
7 | 10 | ||
8 | 20030515 | 11 | 20030515 |
9 | - (djm) OpenBSD CVS Sync | 12 | - (djm) OpenBSD CVS Sync |
@@ -1535,4 +1538,4 @@ | |||
1535 | save auth method before monitor_reset_key_state(); bugzilla bug #284; | 1538 | save auth method before monitor_reset_key_state(); bugzilla bug #284; |
1536 | ok provos@ | 1539 | ok provos@ |
1537 | 1540 | ||
1538 | $Id: ChangeLog,v 1.2724 2003/05/16 01:38:00 djm Exp $ | 1541 | $Id: ChangeLog,v 1.2725 2003/05/16 01:38:32 djm Exp $ |
diff --git a/readconf.c b/readconf.c index 3f2ac4e3e..fee7a8993 100644 --- a/readconf.c +++ b/readconf.c | |||
@@ -12,7 +12,7 @@ | |||
12 | */ | 12 | */ |
13 | 13 | ||
14 | #include "includes.h" | 14 | #include "includes.h" |
15 | RCSID("$OpenBSD: readconf.c,v 1.109 2003/05/15 04:08:44 jakob Exp $"); | 15 | RCSID("$OpenBSD: readconf.c,v 1.110 2003/05/15 14:02:47 jakob Exp $"); |
16 | 16 | ||
17 | #include "ssh.h" | 17 | #include "ssh.h" |
18 | #include "xmalloc.h" | 18 | #include "xmalloc.h" |
@@ -107,7 +107,7 @@ typedef enum { | |||
107 | oHostKeyAlgorithms, oBindAddress, oSmartcardDevice, | 107 | oHostKeyAlgorithms, oBindAddress, oSmartcardDevice, |
108 | oClearAllForwardings, oNoHostAuthenticationForLocalhost, | 108 | oClearAllForwardings, oNoHostAuthenticationForLocalhost, |
109 | oEnableSSHKeysign, oRekeyLimit, oVerifyHostKeyDNS, | 109 | oEnableSSHKeysign, oRekeyLimit, oVerifyHostKeyDNS, |
110 | oDeprecated | 110 | oDeprecated, oUnsupported |
111 | } OpCodes; | 111 | } OpCodes; |
112 | 112 | ||
113 | /* Textual representations of the tokens. */ | 113 | /* Textual representations of the tokens. */ |
@@ -133,9 +133,18 @@ static struct { | |||
133 | { "challengeresponseauthentication", oChallengeResponseAuthentication }, | 133 | { "challengeresponseauthentication", oChallengeResponseAuthentication }, |
134 | { "skeyauthentication", oChallengeResponseAuthentication }, /* alias */ | 134 | { "skeyauthentication", oChallengeResponseAuthentication }, /* alias */ |
135 | { "tisauthentication", oChallengeResponseAuthentication }, /* alias */ | 135 | { "tisauthentication", oChallengeResponseAuthentication }, /* alias */ |
136 | #if defined(KRB4) || defined(KRB5) | ||
136 | { "kerberosauthentication", oKerberosAuthentication }, | 137 | { "kerberosauthentication", oKerberosAuthentication }, |
137 | { "kerberostgtpassing", oKerberosTgtPassing }, | 138 | { "kerberostgtpassing", oKerberosTgtPassing }, |
139 | #else | ||
140 | { "kerberosauthentication", oUnsupported }, | ||
141 | { "kerberostgtpassing", oUnsupported }, | ||
142 | #endif | ||
143 | #if defined(AFS) | ||
138 | { "afstokenpassing", oAFSTokenPassing }, | 144 | { "afstokenpassing", oAFSTokenPassing }, |
145 | #else | ||
146 | { "afstokenpassing", oUnsupported }, | ||
147 | #endif | ||
139 | { "fallbacktorsh", oDeprecated }, | 148 | { "fallbacktorsh", oDeprecated }, |
140 | { "usersh", oDeprecated }, | 149 | { "usersh", oDeprecated }, |
141 | { "identityfile", oIdentityFile }, | 150 | { "identityfile", oIdentityFile }, |
@@ -170,10 +179,18 @@ static struct { | |||
170 | { "preferredauthentications", oPreferredAuthentications }, | 179 | { "preferredauthentications", oPreferredAuthentications }, |
171 | { "hostkeyalgorithms", oHostKeyAlgorithms }, | 180 | { "hostkeyalgorithms", oHostKeyAlgorithms }, |
172 | { "bindaddress", oBindAddress }, | 181 | { "bindaddress", oBindAddress }, |
182 | #ifdef SMARTCARD | ||
173 | { "smartcarddevice", oSmartcardDevice }, | 183 | { "smartcarddevice", oSmartcardDevice }, |
184 | #else | ||
185 | { "smartcarddevice", oUnsupported }, | ||
186 | #endif | ||
174 | { "clearallforwardings", oClearAllForwardings }, | 187 | { "clearallforwardings", oClearAllForwardings }, |
175 | { "enablesshkeysign", oEnableSSHKeysign }, | 188 | { "enablesshkeysign", oEnableSSHKeysign }, |
189 | #ifdef DNS | ||
176 | { "verifyhostkeydns", oVerifyHostKeyDNS }, | 190 | { "verifyhostkeydns", oVerifyHostKeyDNS }, |
191 | #else | ||
192 | { "verifyhostkeydns", oUnsupported }, | ||
193 | #endif | ||
177 | { "nohostauthenticationforlocalhost", oNoHostAuthenticationForLocalhost }, | 194 | { "nohostauthenticationforlocalhost", oNoHostAuthenticationForLocalhost }, |
178 | { "rekeylimit", oRekeyLimit }, | 195 | { "rekeylimit", oRekeyLimit }, |
179 | { NULL, oBadOption } | 196 | { NULL, oBadOption } |
@@ -697,6 +714,11 @@ parse_int: | |||
697 | filename, linenum, keyword); | 714 | filename, linenum, keyword); |
698 | return 0; | 715 | return 0; |
699 | 716 | ||
717 | case oUnsupported: | ||
718 | error("%s line %d: Unsupported option \"%s\"", | ||
719 | filename, linenum, keyword); | ||
720 | return 0; | ||
721 | |||
700 | default: | 722 | default: |
701 | fatal("process_config_line: Unimplemented opcode %d", opcode); | 723 | fatal("process_config_line: Unimplemented opcode %d", opcode); |
702 | } | 724 | } |
@@ -844,23 +866,11 @@ fill_default_options(Options * options) | |||
844 | if (options->challenge_response_authentication == -1) | 866 | if (options->challenge_response_authentication == -1) |
845 | options->challenge_response_authentication = 1; | 867 | options->challenge_response_authentication = 1; |
846 | if (options->kerberos_authentication == -1) | 868 | if (options->kerberos_authentication == -1) |
847 | #if defined(KRB4) || defined(KRB5) | ||
848 | options->kerberos_authentication = 1; | 869 | options->kerberos_authentication = 1; |
849 | #else | ||
850 | options->kerberos_authentication = 0; | ||
851 | #endif | ||
852 | if (options->kerberos_tgt_passing == -1) | 870 | if (options->kerberos_tgt_passing == -1) |
853 | #if defined(KRB4) || defined(KRB5) | ||
854 | options->kerberos_tgt_passing = 1; | 871 | options->kerberos_tgt_passing = 1; |
855 | #else | ||
856 | options->kerberos_tgt_passing = 0; | ||
857 | #endif | ||
858 | if (options->afs_token_passing == -1) | 872 | if (options->afs_token_passing == -1) |
859 | #if defined(AFS) | ||
860 | options->afs_token_passing = 1; | 873 | options->afs_token_passing = 1; |
861 | #else | ||
862 | options->afs_token_passing = 0; | ||
863 | #endif | ||
864 | if (options->password_authentication == -1) | 874 | if (options->password_authentication == -1) |
865 | options->password_authentication = 1; | 875 | options->password_authentication = 1; |
866 | if (options->kbd_interactive_authentication == -1) | 876 | if (options->kbd_interactive_authentication == -1) |
diff --git a/servconf.c b/servconf.c index 5840961e3..f37193a8f 100644 --- a/servconf.c +++ b/servconf.c | |||
@@ -10,7 +10,7 @@ | |||
10 | */ | 10 | */ |
11 | 11 | ||
12 | #include "includes.h" | 12 | #include "includes.h" |
13 | RCSID("$OpenBSD: servconf.c,v 1.120 2003/05/15 04:08:44 jakob Exp $"); | 13 | RCSID("$OpenBSD: servconf.c,v 1.121 2003/05/15 14:02:47 jakob Exp $"); |
14 | 14 | ||
15 | #if defined(KRB4) | 15 | #if defined(KRB4) |
16 | #include <krb.h> | 16 | #include <krb.h> |
@@ -207,11 +207,7 @@ fill_default_server_options(ServerOptions *options) | |||
207 | if (options->kerberos_or_local_passwd == -1) | 207 | if (options->kerberos_or_local_passwd == -1) |
208 | options->kerberos_or_local_passwd = 1; | 208 | options->kerberos_or_local_passwd = 1; |
209 | if (options->kerberos_ticket_cleanup == -1) | 209 | if (options->kerberos_ticket_cleanup == -1) |
210 | #if defined(KRB4) || defined(KRB5) | ||
211 | options->kerberos_ticket_cleanup = 1; | 210 | options->kerberos_ticket_cleanup = 1; |
212 | #else | ||
213 | options->kerberos_ticket_cleanup = 0; | ||
214 | #endif | ||
215 | if (options->kerberos_tgt_passing == -1) | 211 | if (options->kerberos_tgt_passing == -1) |
216 | options->kerberos_tgt_passing = 0; | 212 | options->kerberos_tgt_passing = 0; |
217 | if (options->afs_token_passing == -1) | 213 | if (options->afs_token_passing == -1) |
@@ -294,7 +290,7 @@ typedef enum { | |||
294 | sHostbasedUsesNameFromPacketOnly, sClientAliveInterval, | 290 | sHostbasedUsesNameFromPacketOnly, sClientAliveInterval, |
295 | sClientAliveCountMax, sAuthorizedKeysFile, sAuthorizedKeysFile2, | 291 | sClientAliveCountMax, sAuthorizedKeysFile, sAuthorizedKeysFile2, |
296 | sUsePrivilegeSeparation, | 292 | sUsePrivilegeSeparation, |
297 | sDeprecated | 293 | sDeprecated, sUnsupported |
298 | } ServerOpCodes; | 294 | } ServerOpCodes; |
299 | 295 | ||
300 | /* Textual representation of the tokens. */ | 296 | /* Textual representation of the tokens. */ |
@@ -322,11 +318,22 @@ static struct { | |||
322 | { "rsaauthentication", sRSAAuthentication }, | 318 | { "rsaauthentication", sRSAAuthentication }, |
323 | { "pubkeyauthentication", sPubkeyAuthentication }, | 319 | { "pubkeyauthentication", sPubkeyAuthentication }, |
324 | { "dsaauthentication", sPubkeyAuthentication }, /* alias */ | 320 | { "dsaauthentication", sPubkeyAuthentication }, /* alias */ |
321 | #if defined(KRB4) || defined(KRB5) | ||
325 | { "kerberosauthentication", sKerberosAuthentication }, | 322 | { "kerberosauthentication", sKerberosAuthentication }, |
326 | { "kerberosorlocalpasswd", sKerberosOrLocalPasswd }, | 323 | { "kerberosorlocalpasswd", sKerberosOrLocalPasswd }, |
327 | { "kerberosticketcleanup", sKerberosTicketCleanup }, | 324 | { "kerberosticketcleanup", sKerberosTicketCleanup }, |
328 | { "kerberostgtpassing", sKerberosTgtPassing }, | 325 | { "kerberostgtpassing", sKerberosTgtPassing }, |
326 | #else | ||
327 | { "kerberosauthentication", sUnsupported }, | ||
328 | { "kerberosorlocalpasswd", sUnsupported }, | ||
329 | { "kerberosticketcleanup", sUnsupported }, | ||
330 | { "kerberostgtpassing", sUnsupported }, | ||
331 | #endif | ||
332 | #if defined(AFS) | ||
329 | { "afstokenpassing", sAFSTokenPassing }, | 333 | { "afstokenpassing", sAFSTokenPassing }, |
334 | #else | ||
335 | { "afstokenpassing", sUnsupported }, | ||
336 | #endif | ||
330 | { "passwordauthentication", sPasswordAuthentication }, | 337 | { "passwordauthentication", sPasswordAuthentication }, |
331 | { "kbdinteractiveauthentication", sKbdInteractiveAuthentication }, | 338 | { "kbdinteractiveauthentication", sKbdInteractiveAuthentication }, |
332 | { "challengeresponseauthentication", sChallengeResponseAuthentication }, | 339 | { "challengeresponseauthentication", sChallengeResponseAuthentication }, |
@@ -899,6 +906,13 @@ parse_flag: | |||
899 | arg = strdelim(&cp); | 906 | arg = strdelim(&cp); |
900 | break; | 907 | break; |
901 | 908 | ||
909 | case sUnsupported: | ||
910 | logit("%s line %d: Unsupported option %s", | ||
911 | filename, linenum, arg); | ||
912 | while (arg) | ||
913 | arg = strdelim(&cp); | ||
914 | break; | ||
915 | |||
902 | default: | 916 | default: |
903 | fatal("%s line %d: Missing handler for opcode %s (%d)", | 917 | fatal("%s line %d: Missing handler for opcode %s (%d)", |
904 | filename, linenum, arg, opcode); | 918 | filename, linenum, arg, opcode); |