diff options
author | djm@openbsd.org <djm@openbsd.org> | 2017-02-03 23:01:19 +0000 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 2017-02-04 10:08:15 +1100 |
commit | 68bc8cfa7642d3ccbf2cd64281c16b8b9205be59 (patch) | |
tree | 4b2ddc75ee7ac985570c4e85c37abfd8f7be4f47 /readconf.c | |
parent | c924b2ef941028a1f31e6e94f54dfeeeef462a4e (diff) |
upstream commit
support =- for removing methods from algorithms lists,
e.g. Ciphers=-*cbc; suggested by Cristian Ionescu-Idbohrn in bz#2671 "I like
it" markus@
Upstream-ID: c78c38f9f81a963b33d0eade559f6048add24a6d
Diffstat (limited to 'readconf.c')
-rw-r--r-- | readconf.c | 12 |
1 files changed, 7 insertions, 5 deletions
diff --git a/readconf.c b/readconf.c index 6c934406e..e51481b10 100644 --- a/readconf.c +++ b/readconf.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: readconf.c,v 1.267 2017/02/03 05:05:56 djm Exp $ */ | 1 | /* $OpenBSD: readconf.c,v 1.268 2017/02/03 23:01:19 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
@@ -1194,7 +1194,7 @@ parse_int: | |||
1194 | arg = strdelim(&s); | 1194 | arg = strdelim(&s); |
1195 | if (!arg || *arg == '\0') | 1195 | if (!arg || *arg == '\0') |
1196 | fatal("%.200s line %d: Missing argument.", filename, linenum); | 1196 | fatal("%.200s line %d: Missing argument.", filename, linenum); |
1197 | if (!ciphers_valid(*arg == '+' ? arg + 1 : arg)) | 1197 | if (*arg != '-' && !ciphers_valid(*arg == '+' ? arg + 1 : arg)) |
1198 | fatal("%.200s line %d: Bad SSH2 cipher spec '%s'.", | 1198 | fatal("%.200s line %d: Bad SSH2 cipher spec '%s'.", |
1199 | filename, linenum, arg ? arg : "<NONE>"); | 1199 | filename, linenum, arg ? arg : "<NONE>"); |
1200 | if (*activep && options->ciphers == NULL) | 1200 | if (*activep && options->ciphers == NULL) |
@@ -1205,7 +1205,7 @@ parse_int: | |||
1205 | arg = strdelim(&s); | 1205 | arg = strdelim(&s); |
1206 | if (!arg || *arg == '\0') | 1206 | if (!arg || *arg == '\0') |
1207 | fatal("%.200s line %d: Missing argument.", filename, linenum); | 1207 | fatal("%.200s line %d: Missing argument.", filename, linenum); |
1208 | if (!mac_valid(*arg == '+' ? arg + 1 : arg)) | 1208 | if (*arg != '-' && !mac_valid(*arg == '+' ? arg + 1 : arg)) |
1209 | fatal("%.200s line %d: Bad SSH2 Mac spec '%s'.", | 1209 | fatal("%.200s line %d: Bad SSH2 Mac spec '%s'.", |
1210 | filename, linenum, arg ? arg : "<NONE>"); | 1210 | filename, linenum, arg ? arg : "<NONE>"); |
1211 | if (*activep && options->macs == NULL) | 1211 | if (*activep && options->macs == NULL) |
@@ -1217,7 +1217,8 @@ parse_int: | |||
1217 | if (!arg || *arg == '\0') | 1217 | if (!arg || *arg == '\0') |
1218 | fatal("%.200s line %d: Missing argument.", | 1218 | fatal("%.200s line %d: Missing argument.", |
1219 | filename, linenum); | 1219 | filename, linenum); |
1220 | if (!kex_names_valid(*arg == '+' ? arg + 1 : arg)) | 1220 | if (*arg != '-' && |
1221 | !kex_names_valid(*arg == '+' ? arg + 1 : arg)) | ||
1221 | fatal("%.200s line %d: Bad SSH2 KexAlgorithms '%s'.", | 1222 | fatal("%.200s line %d: Bad SSH2 KexAlgorithms '%s'.", |
1222 | filename, linenum, arg ? arg : "<NONE>"); | 1223 | filename, linenum, arg ? arg : "<NONE>"); |
1223 | if (*activep && options->kex_algorithms == NULL) | 1224 | if (*activep && options->kex_algorithms == NULL) |
@@ -1231,7 +1232,8 @@ parse_keytypes: | |||
1231 | if (!arg || *arg == '\0') | 1232 | if (!arg || *arg == '\0') |
1232 | fatal("%.200s line %d: Missing argument.", | 1233 | fatal("%.200s line %d: Missing argument.", |
1233 | filename, linenum); | 1234 | filename, linenum); |
1234 | if (!sshkey_names_valid2(*arg == '+' ? arg + 1 : arg, 1)) | 1235 | if (*arg != '-' && |
1236 | !sshkey_names_valid2(*arg == '+' ? arg + 1 : arg, 1)) | ||
1235 | fatal("%s line %d: Bad key types '%s'.", | 1237 | fatal("%s line %d: Bad key types '%s'.", |
1236 | filename, linenum, arg ? arg : "<NONE>"); | 1238 | filename, linenum, arg ? arg : "<NONE>"); |
1237 | if (*activep && *charptr == NULL) | 1239 | if (*activep && *charptr == NULL) |