summaryrefslogtreecommitdiff
path: root/auth-options.c
diff options
context:
space:
mode:
authordjm@openbsd.org <djm@openbsd.org>2017-09-12 06:32:07 +0000
committerDamien Miller <djm@mindrot.org>2017-09-12 17:37:02 +1000
commitdbee4119b502e3f8b6cd3282c69c537fd01d8e16 (patch)
treeb8a3263a79e0920e8d08f188654f1ccb7c254406 /auth-options.c
parentabd59663df37a42152e37980113ccaa405b9a282 (diff)
upstream commit
refactor channels.c Move static state to a "struct ssh_channels" that is allocated at runtime and tracked as a member of struct ssh. Explicitly pass "struct ssh" to all channels functions. Replace use of the legacy packet APIs in channels.c. Rework sshd_config PermitOpen handling: previously the configuration parser would call directly into the channels layer. After the refactor this is not possible, as the channels structures are allocated at connection time and aren't available when the configuration is parsed. The server config parser now tracks PermitOpen itself and explicitly configures the channels code later. ok markus@ Upstream-ID: 11828f161656b965cc306576422613614bea2d8f
Diffstat (limited to 'auth-options.c')
-rw-r--r--auth-options.c11
1 files changed, 8 insertions, 3 deletions
diff --git a/auth-options.c b/auth-options.c
index 0a191dbba..bed00eef0 100644
--- a/auth-options.c
+++ b/auth-options.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: auth-options.c,v 1.73 2017/05/31 10:54:00 markus Exp $ */ 1/* $OpenBSD: auth-options.c,v 1.74 2017/09/12 06:32:07 djm Exp $ */
2/* 2/*
3 * Author: Tatu Ylonen <ylo@cs.hut.fi> 3 * Author: Tatu Ylonen <ylo@cs.hut.fi>
4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland 4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -61,9 +61,13 @@ char *authorized_principals = NULL;
61 61
62extern ServerOptions options; 62extern ServerOptions options;
63 63
64/* XXX refactor to be stateless */
65
64void 66void
65auth_clear_options(void) 67auth_clear_options(void)
66{ 68{
69 struct ssh *ssh = active_state; /* XXX */
70
67 no_agent_forwarding_flag = 0; 71 no_agent_forwarding_flag = 0;
68 no_port_forwarding_flag = 0; 72 no_port_forwarding_flag = 0;
69 no_pty_flag = 0; 73 no_pty_flag = 0;
@@ -81,7 +85,7 @@ auth_clear_options(void)
81 free(authorized_principals); 85 free(authorized_principals);
82 authorized_principals = NULL; 86 authorized_principals = NULL;
83 forced_tun_device = -1; 87 forced_tun_device = -1;
84 channel_clear_permitted_opens(); 88 channel_clear_permitted_opens(ssh);
85} 89}
86 90
87/* 91/*
@@ -117,6 +121,7 @@ match_flag(const char *opt, int allow_negate, char **optsp, const char *msg)
117/* 121/*
118 * return 1 if access is granted, 0 if not. 122 * return 1 if access is granted, 0 if not.
119 * side effect: sets key option flags 123 * side effect: sets key option flags
124 * XXX remove side effects; fill structure instead.
120 */ 125 */
121int 126int
122auth_parse_options(struct passwd *pw, char *opts, const char *file, 127auth_parse_options(struct passwd *pw, char *opts, const char *file,
@@ -380,7 +385,7 @@ auth_parse_options(struct passwd *pw, char *opts, const char *file,
380 goto bad_option; 385 goto bad_option;
381 } 386 }
382 if ((options.allow_tcp_forwarding & FORWARD_LOCAL) != 0) 387 if ((options.allow_tcp_forwarding & FORWARD_LOCAL) != 0)
383 channel_add_permitted_opens(host, port); 388 channel_add_permitted_opens(ssh, host, port);
384 free(patterns); 389 free(patterns);
385 goto next_option; 390 goto next_option;
386 } 391 }