diff options
| author | djm@openbsd.org <djm@openbsd.org> | 2017-09-12 06:32:07 +0000 |
|---|---|---|
| committer | Damien Miller <djm@mindrot.org> | 2017-09-12 17:37:02 +1000 |
| commit | dbee4119b502e3f8b6cd3282c69c537fd01d8e16 (patch) | |
| tree | b8a3263a79e0920e8d08f188654f1ccb7c254406 /auth-options.c | |
| parent | abd59663df37a42152e37980113ccaa405b9a282 (diff) | |
upstream commit
refactor channels.c
Move static state to a "struct ssh_channels" that is allocated at
runtime and tracked as a member of struct ssh.
Explicitly pass "struct ssh" to all channels functions.
Replace use of the legacy packet APIs in channels.c.
Rework sshd_config PermitOpen handling: previously the configuration
parser would call directly into the channels layer. After the refactor
this is not possible, as the channels structures are allocated at
connection time and aren't available when the configuration is parsed.
The server config parser now tracks PermitOpen itself and explicitly
configures the channels code later.
ok markus@
Upstream-ID: 11828f161656b965cc306576422613614bea2d8f
Diffstat (limited to 'auth-options.c')
| -rw-r--r-- | auth-options.c | 11 |
1 files changed, 8 insertions, 3 deletions
diff --git a/auth-options.c b/auth-options.c index 0a191dbba..bed00eef0 100644 --- a/auth-options.c +++ b/auth-options.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: auth-options.c,v 1.73 2017/05/31 10:54:00 markus Exp $ */ | 1 | /* $OpenBSD: auth-options.c,v 1.74 2017/09/12 06:32:07 djm Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
| 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
| @@ -61,9 +61,13 @@ char *authorized_principals = NULL; | |||
| 61 | 61 | ||
| 62 | extern ServerOptions options; | 62 | extern ServerOptions options; |
| 63 | 63 | ||
| 64 | /* XXX refactor to be stateless */ | ||
| 65 | |||
| 64 | void | 66 | void |
| 65 | auth_clear_options(void) | 67 | auth_clear_options(void) |
| 66 | { | 68 | { |
| 69 | struct ssh *ssh = active_state; /* XXX */ | ||
| 70 | |||
| 67 | no_agent_forwarding_flag = 0; | 71 | no_agent_forwarding_flag = 0; |
| 68 | no_port_forwarding_flag = 0; | 72 | no_port_forwarding_flag = 0; |
| 69 | no_pty_flag = 0; | 73 | no_pty_flag = 0; |
| @@ -81,7 +85,7 @@ auth_clear_options(void) | |||
| 81 | free(authorized_principals); | 85 | free(authorized_principals); |
| 82 | authorized_principals = NULL; | 86 | authorized_principals = NULL; |
| 83 | forced_tun_device = -1; | 87 | forced_tun_device = -1; |
| 84 | channel_clear_permitted_opens(); | 88 | channel_clear_permitted_opens(ssh); |
| 85 | } | 89 | } |
| 86 | 90 | ||
| 87 | /* | 91 | /* |
| @@ -117,6 +121,7 @@ match_flag(const char *opt, int allow_negate, char **optsp, const char *msg) | |||
| 117 | /* | 121 | /* |
| 118 | * return 1 if access is granted, 0 if not. | 122 | * return 1 if access is granted, 0 if not. |
| 119 | * side effect: sets key option flags | 123 | * side effect: sets key option flags |
| 124 | * XXX remove side effects; fill structure instead. | ||
| 120 | */ | 125 | */ |
| 121 | int | 126 | int |
| 122 | auth_parse_options(struct passwd *pw, char *opts, const char *file, | 127 | auth_parse_options(struct passwd *pw, char *opts, const char *file, |
| @@ -380,7 +385,7 @@ auth_parse_options(struct passwd *pw, char *opts, const char *file, | |||
| 380 | goto bad_option; | 385 | goto bad_option; |
| 381 | } | 386 | } |
| 382 | if ((options.allow_tcp_forwarding & FORWARD_LOCAL) != 0) | 387 | if ((options.allow_tcp_forwarding & FORWARD_LOCAL) != 0) |
| 383 | channel_add_permitted_opens(host, port); | 388 | channel_add_permitted_opens(ssh, host, port); |
| 384 | free(patterns); | 389 | free(patterns); |
| 385 | goto next_option; | 390 | goto next_option; |
| 386 | } | 391 | } |