diff options
| author | Ben Lindstrom <mouring@eviladmin.org> | 2001-02-15 03:01:59 +0000 |
|---|---|---|
| committer | Ben Lindstrom <mouring@eviladmin.org> | 2001-02-15 03:01:59 +0000 |
| commit | 06b33aa0e83163f3dcd679317afec1ee95910512 (patch) | |
| tree | eae5cbd1cd71619bdd1e5d4a28e6bb96057f4479 /readconf.c | |
| parent | 4272ed803ff309f1fdb9c149b9cf083769f53744 (diff) | |
- markus@cvs.openbsd.org 2001/02/11 12:59:25
[Makefile.in sshd.8 sshconnect2.c readconf.h readconf.c packet.c
sshd.c ssh.c ssh.1 servconf.h servconf.c myproposal.h kex.h kex.c]
1) clean up the MAC support for SSH-2
2) allow you to specify the MAC with 'ssh -m'
3) or the 'MACs' keyword in ssh(d)_config
4) add hmac-{md5,sha1}-96
ok stevesk@, provos@
Diffstat (limited to 'readconf.c')
| -rw-r--r-- | readconf.c | 20 |
1 files changed, 18 insertions, 2 deletions
diff --git a/readconf.c b/readconf.c index f62905c29..3ac86ea06 100644 --- a/readconf.c +++ b/readconf.c | |||
| @@ -12,7 +12,7 @@ | |||
| 12 | */ | 12 | */ |
| 13 | 13 | ||
| 14 | #include "includes.h" | 14 | #include "includes.h" |
| 15 | RCSID("$OpenBSD: readconf.c,v 1.61 2001/02/08 14:39:36 deraadt Exp $"); | 15 | RCSID("$OpenBSD: readconf.c,v 1.62 2001/02/11 12:59:25 markus Exp $"); |
| 16 | 16 | ||
| 17 | #include "ssh.h" | 17 | #include "ssh.h" |
| 18 | #include "xmalloc.h" | 18 | #include "xmalloc.h" |
| @@ -23,6 +23,8 @@ RCSID("$OpenBSD: readconf.c,v 1.61 2001/02/08 14:39:36 deraadt Exp $"); | |||
| 23 | #include "readconf.h" | 23 | #include "readconf.h" |
| 24 | #include "match.h" | 24 | #include "match.h" |
| 25 | #include "misc.h" | 25 | #include "misc.h" |
| 26 | #include "kex.h" | ||
| 27 | #include "mac.h" | ||
| 26 | 28 | ||
| 27 | /* Format of the configuration file: | 29 | /* Format of the configuration file: |
| 28 | 30 | ||
| @@ -105,7 +107,7 @@ typedef enum { | |||
| 105 | oGlobalKnownHostsFile, oUserKnownHostsFile, oConnectionAttempts, | 107 | oGlobalKnownHostsFile, oUserKnownHostsFile, oConnectionAttempts, |
| 106 | oBatchMode, oCheckHostIP, oStrictHostKeyChecking, oCompression, | 108 | oBatchMode, oCheckHostIP, oStrictHostKeyChecking, oCompression, |
| 107 | oCompressionLevel, oKeepAlives, oNumberOfPasswordPrompts, | 109 | oCompressionLevel, oKeepAlives, oNumberOfPasswordPrompts, |
| 108 | oUsePrivilegedPort, oLogLevel, oCiphers, oProtocol, | 110 | oUsePrivilegedPort, oLogLevel, oCiphers, oProtocol, oMacs, |
| 109 | oGlobalKnownHostsFile2, oUserKnownHostsFile2, oPubkeyAuthentication, | 111 | oGlobalKnownHostsFile2, oUserKnownHostsFile2, oPubkeyAuthentication, |
| 110 | oKbdInteractiveAuthentication, oKbdInteractiveDevices, oHostKeyAlias | 112 | oKbdInteractiveAuthentication, oKbdInteractiveDevices, oHostKeyAlias |
| 111 | } OpCodes; | 113 | } OpCodes; |
| @@ -148,6 +150,7 @@ static struct { | |||
| 148 | { "port", oPort }, | 150 | { "port", oPort }, |
| 149 | { "cipher", oCipher }, | 151 | { "cipher", oCipher }, |
| 150 | { "ciphers", oCiphers }, | 152 | { "ciphers", oCiphers }, |
| 153 | { "macs", oMacs }, | ||
| 151 | { "protocol", oProtocol }, | 154 | { "protocol", oProtocol }, |
| 152 | { "remoteforward", oRemoteForward }, | 155 | { "remoteforward", oRemoteForward }, |
| 153 | { "localforward", oLocalForward }, | 156 | { "localforward", oLocalForward }, |
| @@ -502,6 +505,17 @@ parse_int: | |||
| 502 | options->ciphers = xstrdup(arg); | 505 | options->ciphers = xstrdup(arg); |
| 503 | break; | 506 | break; |
| 504 | 507 | ||
| 508 | case oMacs: | ||
| 509 | arg = strdelim(&s); | ||
| 510 | if (!arg || *arg == '\0') | ||
| 511 | fatal("%.200s line %d: Missing argument.", filename, linenum); | ||
| 512 | if (!mac_valid(arg)) | ||
| 513 | fatal("%.200s line %d: Bad SSH2 Mac spec '%s'.", | ||
| 514 | filename, linenum, arg ? arg : "<NONE>"); | ||
| 515 | if (*activep && options->macs == NULL) | ||
| 516 | options->macs = xstrdup(arg); | ||
| 517 | break; | ||
| 518 | |||
| 505 | case oProtocol: | 519 | case oProtocol: |
| 506 | intptr = &options->protocol; | 520 | intptr = &options->protocol; |
| 507 | arg = strdelim(&s); | 521 | arg = strdelim(&s); |
| @@ -693,6 +707,7 @@ initialize_options(Options * options) | |||
| 693 | options->number_of_password_prompts = -1; | 707 | options->number_of_password_prompts = -1; |
| 694 | options->cipher = -1; | 708 | options->cipher = -1; |
| 695 | options->ciphers = NULL; | 709 | options->ciphers = NULL; |
| 710 | options->macs = NULL; | ||
| 696 | options->protocol = SSH_PROTO_UNKNOWN; | 711 | options->protocol = SSH_PROTO_UNKNOWN; |
| 697 | options->num_identity_files = 0; | 712 | options->num_identity_files = 0; |
| 698 | options->hostname = NULL; | 713 | options->hostname = NULL; |
| @@ -781,6 +796,7 @@ fill_default_options(Options * options) | |||
| 781 | if (options->cipher == -1) | 796 | if (options->cipher == -1) |
| 782 | options->cipher = SSH_CIPHER_NOT_SET; | 797 | options->cipher = SSH_CIPHER_NOT_SET; |
| 783 | /* options->ciphers, default set in myproposals.h */ | 798 | /* options->ciphers, default set in myproposals.h */ |
| 799 | /* options->macs, default set in myproposals.h */ | ||
| 784 | if (options->protocol == SSH_PROTO_UNKNOWN) | 800 | if (options->protocol == SSH_PROTO_UNKNOWN) |
| 785 | options->protocol = SSH_PROTO_1|SSH_PROTO_2|SSH_PROTO_1_PREFERRED; | 801 | options->protocol = SSH_PROTO_1|SSH_PROTO_2|SSH_PROTO_1_PREFERRED; |
| 786 | if (options->num_identity_files == 0) { | 802 | if (options->num_identity_files == 0) { |