summaryrefslogtreecommitdiff
path: root/readconf.c
diff options
context:
space:
mode:
authorDamien Miller <djm@mindrot.org>2000-11-13 22:57:25 +1100
committerDamien Miller <djm@mindrot.org>2000-11-13 22:57:25 +1100
commit0bc1bd814e3c2b5e92d6f595930051960d17f47f (patch)
tree176c7dc2844ecc2c1de0f72d221449556ffa5209 /readconf.c
parent559d383037b0872fcde4e6c40188b649c574be74 (diff)
- (djm) Merge OpenBSD changes:
- markus@cvs.openbsd.org 2000/11/06 16:04:56 [channels.c channels.h clientloop.c nchan.c serverloop.c] [session.c ssh.c] agent forwarding and -R for ssh2, based on work from jhuuskon@messi.uku.fi - markus@cvs.openbsd.org 2000/11/06 16:13:27 [ssh.c sshconnect.c sshd.c] do not disabled rhosts(rsa) if server port > 1024; from pekkas@netcore.fi - markus@cvs.openbsd.org 2000/11/06 16:16:35 [sshconnect.c] downgrade client to 1.3 if server is 1.4; help from mdb@juniper.net - markus@cvs.openbsd.org 2000/11/09 18:04:40 [auth1.c] typo; from mouring@pconline.com - markus@cvs.openbsd.org 2000/11/12 12:03:28 [ssh-agent.c] off-by-one when removing a key from the agent - markus@cvs.openbsd.org 2000/11/12 12:50:39 [auth-rh-rsa.c auth2.c authfd.c authfd.h] [authfile.c hostfile.c kex.c kex.h key.c key.h myproposal.h] [readconf.c readconf.h rsa.c rsa.h servconf.c servconf.h ssh-add.c] [ssh-agent.c ssh-keygen.1 ssh-keygen.c ssh.1 ssh.c ssh_config] [sshconnect1.c sshconnect2.c sshd.8 sshd.c sshd_config ssh-dss.c] [ssh-dss.h ssh-rsa.c ssh-rsa.h dsa.c dsa.h] add support for RSA to SSH2. please test. there are now 3 types of keys: RSA1 is used by ssh-1 only, RSA and DSA are used by SSH2. you can use 'ssh-keygen -t rsa -f ssh2_rsa_file' to generate RSA keys for SSH2 and use the RSA keys for hostkeys or for user keys. SSH2 RSA or DSA keys are added to .ssh/authorised_keys2 as before. - (djm) Fix up Makefile and Redhat init script to create RSA host keys - (djm) Change to interim version
Diffstat (limited to 'readconf.c')
-rw-r--r--readconf.c55
1 files changed, 26 insertions, 29 deletions
diff --git a/readconf.c b/readconf.c
index c6fdd5308..c821d8408 100644
--- a/readconf.c
+++ b/readconf.c
@@ -12,7 +12,7 @@
12 */ 12 */
13 13
14#include "includes.h" 14#include "includes.h"
15RCSID("$OpenBSD: readconf.c,v 1.49 2000/10/11 20:27:23 markus Exp $"); 15RCSID("$OpenBSD: readconf.c,v 1.50 2000/11/12 19:50:37 markus Exp $");
16 16
17#include "ssh.h" 17#include "ssh.h"
18#include "readconf.h" 18#include "readconf.h"
@@ -68,7 +68,7 @@ RCSID("$OpenBSD: readconf.c,v 1.49 2000/10/11 20:27:23 markus Exp $");
68 # Defaults for various options 68 # Defaults for various options
69 Host * 69 Host *
70 ForwardAgent no 70 ForwardAgent no
71 ForwardX11 yes 71 ForwardX11 no
72 RhostsAuthentication yes 72 RhostsAuthentication yes
73 PasswordAuthentication yes 73 PasswordAuthentication yes
74 RSAAuthentication yes 74 RSAAuthentication yes
@@ -101,8 +101,8 @@ typedef enum {
101 oGlobalKnownHostsFile, oUserKnownHostsFile, oConnectionAttempts, 101 oGlobalKnownHostsFile, oUserKnownHostsFile, oConnectionAttempts,
102 oBatchMode, oCheckHostIP, oStrictHostKeyChecking, oCompression, 102 oBatchMode, oCheckHostIP, oStrictHostKeyChecking, oCompression,
103 oCompressionLevel, oKeepAlives, oNumberOfPasswordPrompts, oTISAuthentication, 103 oCompressionLevel, oKeepAlives, oNumberOfPasswordPrompts, oTISAuthentication,
104 oUsePrivilegedPort, oLogLevel, oCiphers, oProtocol, oIdentityFile2, 104 oUsePrivilegedPort, oLogLevel, oCiphers, oProtocol,
105 oGlobalKnownHostsFile2, oUserKnownHostsFile2, oDSAAuthentication, 105 oGlobalKnownHostsFile2, oUserKnownHostsFile2, oPubkeyAuthentication,
106 oKbdInteractiveAuthentication, oKbdInteractiveDevices 106 oKbdInteractiveAuthentication, oKbdInteractiveDevices
107} OpCodes; 107} OpCodes;
108 108
@@ -122,7 +122,8 @@ static struct {
122 { "kbdinteractiveauthentication", oKbdInteractiveAuthentication }, 122 { "kbdinteractiveauthentication", oKbdInteractiveAuthentication },
123 { "kbdinteractivedevices", oKbdInteractiveDevices }, 123 { "kbdinteractivedevices", oKbdInteractiveDevices },
124 { "rsaauthentication", oRSAAuthentication }, 124 { "rsaauthentication", oRSAAuthentication },
125 { "dsaauthentication", oDSAAuthentication }, 125 { "pubkeyauthentication", oPubkeyAuthentication },
126 { "dsaauthentication", oPubkeyAuthentication }, /* alias */
126 { "skeyauthentication", oSkeyAuthentication }, 127 { "skeyauthentication", oSkeyAuthentication },
127#ifdef KRB4 128#ifdef KRB4
128 { "kerberosauthentication", oKerberosAuthentication }, 129 { "kerberosauthentication", oKerberosAuthentication },
@@ -134,7 +135,7 @@ static struct {
134 { "fallbacktorsh", oFallBackToRsh }, 135 { "fallbacktorsh", oFallBackToRsh },
135 { "usersh", oUseRsh }, 136 { "usersh", oUseRsh },
136 { "identityfile", oIdentityFile }, 137 { "identityfile", oIdentityFile },
137 { "identityfile2", oIdentityFile2 }, 138 { "identityfile2", oIdentityFile }, /* alias */
138 { "hostname", oHostName }, 139 { "hostname", oHostName },
139 { "proxycommand", oProxyCommand }, 140 { "proxycommand", oProxyCommand },
140 { "port", oPort }, 141 { "port", oPort },
@@ -300,8 +301,8 @@ parse_flag:
300 charptr = &options->kbd_interactive_devices; 301 charptr = &options->kbd_interactive_devices;
301 goto parse_string; 302 goto parse_string;
302 303
303 case oDSAAuthentication: 304 case oPubkeyAuthentication:
304 intptr = &options->dsa_authentication; 305 intptr = &options->pubkey_authentication;
305 goto parse_flag; 306 goto parse_flag;
306 307
307 case oRSAAuthentication: 308 case oRSAAuthentication:
@@ -386,20 +387,15 @@ parse_flag:
386 goto parse_int; 387 goto parse_int;
387 388
388 case oIdentityFile: 389 case oIdentityFile:
389 case oIdentityFile2:
390 arg = strdelim(&s); 390 arg = strdelim(&s);
391 if (!arg || *arg == '\0') 391 if (!arg || *arg == '\0')
392 fatal("%.200s line %d: Missing argument.", filename, linenum); 392 fatal("%.200s line %d: Missing argument.", filename, linenum);
393 if (*activep) { 393 if (*activep) {
394 intptr = (opcode == oIdentityFile) ? 394 intptr = &options->num_identity_files;
395 &options->num_identity_files :
396 &options->num_identity_files2;
397 if (*intptr >= SSH_MAX_IDENTITY_FILES) 395 if (*intptr >= SSH_MAX_IDENTITY_FILES)
398 fatal("%.200s line %d: Too many identity files specified (max %d).", 396 fatal("%.200s line %d: Too many identity files specified (max %d).",
399 filename, linenum, SSH_MAX_IDENTITY_FILES); 397 filename, linenum, SSH_MAX_IDENTITY_FILES);
400 charptr = (opcode == oIdentityFile) ? 398 charptr = &options->identity_files[*intptr];
401 &options->identity_files[*intptr] :
402 &options->identity_files2[*intptr];
403 *charptr = xstrdup(arg); 399 *charptr = xstrdup(arg);
404 *intptr = *intptr + 1; 400 *intptr = *intptr + 1;
405 } 401 }
@@ -664,7 +660,7 @@ initialize_options(Options * options)
664 options->use_privileged_port = -1; 660 options->use_privileged_port = -1;
665 options->rhosts_authentication = -1; 661 options->rhosts_authentication = -1;
666 options->rsa_authentication = -1; 662 options->rsa_authentication = -1;
667 options->dsa_authentication = -1; 663 options->pubkey_authentication = -1;
668 options->skey_authentication = -1; 664 options->skey_authentication = -1;
669#ifdef KRB4 665#ifdef KRB4
670 options->kerberos_authentication = -1; 666 options->kerberos_authentication = -1;
@@ -692,7 +688,6 @@ initialize_options(Options * options)
692 options->ciphers = NULL; 688 options->ciphers = NULL;
693 options->protocol = SSH_PROTO_UNKNOWN; 689 options->protocol = SSH_PROTO_UNKNOWN;
694 options->num_identity_files = 0; 690 options->num_identity_files = 0;
695 options->num_identity_files2 = 0;
696 options->hostname = NULL; 691 options->hostname = NULL;
697 options->proxy_command = NULL; 692 options->proxy_command = NULL;
698 options->user = NULL; 693 options->user = NULL;
@@ -730,8 +725,8 @@ fill_default_options(Options * options)
730 options->rhosts_authentication = 1; 725 options->rhosts_authentication = 1;
731 if (options->rsa_authentication == -1) 726 if (options->rsa_authentication == -1)
732 options->rsa_authentication = 1; 727 options->rsa_authentication = 1;
733 if (options->dsa_authentication == -1) 728 if (options->pubkey_authentication == -1)
734 options->dsa_authentication = 1; 729 options->pubkey_authentication = 1;
735 if (options->skey_authentication == -1) 730 if (options->skey_authentication == -1)
736 options->skey_authentication = 0; 731 options->skey_authentication = 0;
737#ifdef KRB4 732#ifdef KRB4
@@ -779,16 +774,18 @@ fill_default_options(Options * options)
779 if (options->protocol == SSH_PROTO_UNKNOWN) 774 if (options->protocol == SSH_PROTO_UNKNOWN)
780 options->protocol = SSH_PROTO_1|SSH_PROTO_2|SSH_PROTO_1_PREFERRED; 775 options->protocol = SSH_PROTO_1|SSH_PROTO_2|SSH_PROTO_1_PREFERRED;
781 if (options->num_identity_files == 0) { 776 if (options->num_identity_files == 0) {
782 options->identity_files[0] = 777 if (options->protocol & SSH_PROTO_1) {
783 xmalloc(2 + strlen(SSH_CLIENT_IDENTITY) + 1); 778 options->identity_files[options->num_identity_files] =
784 sprintf(options->identity_files[0], "~/%.100s", SSH_CLIENT_IDENTITY); 779 xmalloc(2 + strlen(SSH_CLIENT_IDENTITY) + 1);
785 options->num_identity_files = 1; 780 sprintf(options->identity_files[options->num_identity_files++],
786 } 781 "~/%.100s", SSH_CLIENT_IDENTITY);
787 if (options->num_identity_files2 == 0) { 782 }
788 options->identity_files2[0] = 783 if (options->protocol & SSH_PROTO_2) {
789 xmalloc(2 + strlen(SSH_CLIENT_ID_DSA) + 1); 784 options->identity_files[options->num_identity_files] =
790 sprintf(options->identity_files2[0], "~/%.100s", SSH_CLIENT_ID_DSA); 785 xmalloc(2 + strlen(SSH_CLIENT_ID_DSA) + 1);
791 options->num_identity_files2 = 1; 786 sprintf(options->identity_files[options->num_identity_files++],
787 "~/%.100s", SSH_CLIENT_ID_DSA);
788 }
792 } 789 }
793 if (options->escape_char == -1) 790 if (options->escape_char == -1)
794 options->escape_char = '~'; 791 options->escape_char = '~';
generated by cgit v1.2.3 (git 2.39.1) at 2024-06-29 12:35:43 +0000