upstream commit

support =- for removing methods from algorithms lists, e.g. Ciphers=-*cbc; suggested by Cristian Ionescu-Idbohrn in bz#2671 "I like it" markus@ Upstream-ID: c78c38f9f81a963b33d0eade559f6048add24a6d
author: djm@openbsd.org <djm@openbsd.org> 2017-02-03 23:01:19 +0000
committer: Damien Miller <djm@mindrot.org> 2017-02-04 10:08:15 +1100
commit: 68bc8cfa7642d3ccbf2cd64281c16b8b9205be59 (patch)
tree: 4b2ddc75ee7ac985570c4e85c37abfd8f7be4f47 /readconf.c
parent: c924b2ef941028a1f31e6e94f54dfeeeef462a4e (diff)
1 files changed, 7 insertions, 5 deletions
diff --git a/readconf.c b/readconf.c
index 6c934406e..e51481b10 100644
--- a/readconf.c
+++ b/readconf.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: readconf.c,v 1.267 2017/02/03 05:05:56 djm Exp $ */
+/* $OpenBSD: readconf.c,v 1.268 2017/02/03 23:01:19 djm Exp $ */
 /*
 * Author: Tatu Ylonen <ylo@cs.hut.fi>
 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -1194,7 +1194,7 @@ parse_int:
                arg = strdelim(&s);
                if (!arg || *arg == '\0')
                        fatal("%.200s line %d: Missing argument.", filename, linenum);
-                if (!ciphers_valid(*arg == '+' ? arg + 1 : arg))
+                if (*arg != '-' && !ciphers_valid(*arg == '+' ? arg + 1 : arg))
                        fatal("%.200s line %d: Bad SSH2 cipher spec '%s'.",
                            filename, linenum, arg ? arg : "<NONE>");
                if (*activep && options->ciphers == NULL)
@@ -1205,7 +1205,7 @@ parse_int:
                arg = strdelim(&s);
                if (!arg || *arg == '\0')
                        fatal("%.200s line %d: Missing argument.", filename, linenum);
-                if (!mac_valid(*arg == '+' ? arg + 1 : arg))
+                if (*arg != '-' && !mac_valid(*arg == '+' ? arg + 1 : arg))
                        fatal("%.200s line %d: Bad SSH2 Mac spec '%s'.",
                            filename, linenum, arg ? arg : "<NONE>");
                if (*activep && options->macs == NULL)
@@ -1217,7 +1217,8 @@ parse_int:
                if (!arg || *arg == '\0')
                        fatal("%.200s line %d: Missing argument.",
                            filename, linenum);
-                if (!kex_names_valid(*arg == '+' ? arg + 1 : arg))
+                if (*arg != '-' &&
+                    !kex_names_valid(*arg == '+' ? arg + 1 : arg))
                        fatal("%.200s line %d: Bad SSH2 KexAlgorithms '%s'.",
                            filename, linenum, arg ? arg : "<NONE>");
                if (*activep && options->kex_algorithms == NULL)
@@ -1231,7 +1232,8 @@ parse_keytypes:
                if (!arg || *arg == '\0')
                        fatal("%.200s line %d: Missing argument.",
                            filename, linenum);
-                if (!sshkey_names_valid2(*arg == '+' ? arg + 1 : arg, 1))
+                if (*arg != '-' &&
+                    !sshkey_names_valid2(*arg == '+' ? arg + 1 : arg, 1))
                        fatal("%s line %d: Bad key types '%s'.",
                                filename, linenum, arg ? arg : "<NONE>");
                if (*activep && *charptr == NULL)
author	djm@openbsd.org <djm@openbsd.org>	2017-02-03 23:01:19 +0000
committer	Damien Miller <djm@mindrot.org>	2017-02-04 10:08:15 +1100
commit	68bc8cfa7642d3ccbf2cd64281c16b8b9205be59 (patch)
tree	4b2ddc75ee7ac985570c4e85c37abfd8f7be4f47 /readconf.c
parent	c924b2ef941028a1f31e6e94f54dfeeeef462a4e (diff)