diff options
author | Darren Tucker <dtucker@zip.com.au> | 2003-08-26 11:49:55 +1000 |
---|---|---|
committer | Darren Tucker <dtucker@zip.com.au> | 2003-08-26 11:49:55 +1000 |
commit | 0efd155c3c184f0eaa2e1eb244eaaf066e6906e0 (patch) | |
tree | 10f24586373d825d68cefd4a3746fe738cf0614a /readconf.c | |
parent | 30912f7259b771a1cf705c0bc47a6c3f3edffb43 (diff) |
- markus@cvs.openbsd.org 2003/08/22 10:56:09
[auth2.c auth2-gss.c auth.h compat.c compat.h gss-genr.c gss-serv-krb5.c
gss-serv.c monitor.c monitor.h monitor_wrap.c monitor_wrap.h readconf.c
readconf.h servconf.c servconf.h session.c session.h ssh-gss.h
ssh_config.5 sshconnect2.c sshd_config sshd_config.5]
support GSS API user authentication; patches from Simon Wilkinson,
stripped down and tested by Jakob and myself.
Diffstat (limited to 'readconf.c')
-rw-r--r-- | readconf.c | 26 |
1 files changed, 24 insertions, 2 deletions
diff --git a/readconf.c b/readconf.c index 96ad25a51..9447cb55f 100644 --- a/readconf.c +++ b/readconf.c | |||
@@ -12,7 +12,7 @@ | |||
12 | */ | 12 | */ |
13 | 13 | ||
14 | #include "includes.h" | 14 | #include "includes.h" |
15 | RCSID("$OpenBSD: readconf.c,v 1.117 2003/08/13 09:07:09 markus Exp $"); | 15 | RCSID("$OpenBSD: readconf.c,v 1.118 2003/08/22 10:56:09 markus Exp $"); |
16 | 16 | ||
17 | #include "ssh.h" | 17 | #include "ssh.h" |
18 | #include "xmalloc.h" | 18 | #include "xmalloc.h" |
@@ -105,7 +105,7 @@ typedef enum { | |||
105 | oHostKeyAlgorithms, oBindAddress, oSmartcardDevice, | 105 | oHostKeyAlgorithms, oBindAddress, oSmartcardDevice, |
106 | oClearAllForwardings, oNoHostAuthenticationForLocalhost, | 106 | oClearAllForwardings, oNoHostAuthenticationForLocalhost, |
107 | oEnableSSHKeysign, oRekeyLimit, oVerifyHostKeyDNS, oConnectTimeout, | 107 | oEnableSSHKeysign, oRekeyLimit, oVerifyHostKeyDNS, oConnectTimeout, |
108 | oAddressFamily, | 108 | oAddressFamily, oGssAuthentication, oGssDelegateCreds, |
109 | oDeprecated, oUnsupported | 109 | oDeprecated, oUnsupported |
110 | } OpCodes; | 110 | } OpCodes; |
111 | 111 | ||
@@ -140,6 +140,14 @@ static struct { | |||
140 | { "kerberostgtpassing", oUnsupported }, | 140 | { "kerberostgtpassing", oUnsupported }, |
141 | #endif | 141 | #endif |
142 | { "afstokenpassing", oUnsupported }, | 142 | { "afstokenpassing", oUnsupported }, |
143 | #if defined(GSSAPI) | ||
144 | { "gssapiauthentication", oGssAuthentication }, | ||
145 | { "gssapidelegatecreds", oGssDelegateCreds }, | ||
146 | { "gssapidelegatecredentials", oGssDelegateCreds }, | ||
147 | #else | ||
148 | { "gssapiauthentication", oUnsupported }, | ||
149 | { "gssapidelegatecredentials", oUnsupported }, | ||
150 | #endif | ||
143 | { "fallbacktorsh", oDeprecated }, | 151 | { "fallbacktorsh", oDeprecated }, |
144 | { "usersh", oDeprecated }, | 152 | { "usersh", oDeprecated }, |
145 | { "identityfile", oIdentityFile }, | 153 | { "identityfile", oIdentityFile }, |
@@ -389,6 +397,14 @@ parse_flag: | |||
389 | intptr = &options->kerberos_tgt_passing; | 397 | intptr = &options->kerberos_tgt_passing; |
390 | goto parse_flag; | 398 | goto parse_flag; |
391 | 399 | ||
400 | case oGssAuthentication: | ||
401 | intptr = &options->gss_authentication; | ||
402 | goto parse_flag; | ||
403 | |||
404 | case oGssDelegateCreds: | ||
405 | intptr = &options->gss_deleg_creds; | ||
406 | goto parse_flag; | ||
407 | |||
392 | case oBatchMode: | 408 | case oBatchMode: |
393 | intptr = &options->batch_mode; | 409 | intptr = &options->batch_mode; |
394 | goto parse_flag; | 410 | goto parse_flag; |
@@ -813,6 +829,8 @@ initialize_options(Options * options) | |||
813 | options->challenge_response_authentication = -1; | 829 | options->challenge_response_authentication = -1; |
814 | options->kerberos_authentication = -1; | 830 | options->kerberos_authentication = -1; |
815 | options->kerberos_tgt_passing = -1; | 831 | options->kerberos_tgt_passing = -1; |
832 | options->gss_authentication = -1; | ||
833 | options->gss_deleg_creds = -1; | ||
816 | options->password_authentication = -1; | 834 | options->password_authentication = -1; |
817 | options->kbd_interactive_authentication = -1; | 835 | options->kbd_interactive_authentication = -1; |
818 | options->kbd_interactive_devices = NULL; | 836 | options->kbd_interactive_devices = NULL; |
@@ -887,6 +905,10 @@ fill_default_options(Options * options) | |||
887 | options->kerberos_authentication = 1; | 905 | options->kerberos_authentication = 1; |
888 | if (options->kerberos_tgt_passing == -1) | 906 | if (options->kerberos_tgt_passing == -1) |
889 | options->kerberos_tgt_passing = 1; | 907 | options->kerberos_tgt_passing = 1; |
908 | if (options->gss_authentication == -1) | ||
909 | options->gss_authentication = 1; | ||
910 | if (options->gss_deleg_creds == -1) | ||
911 | options->gss_deleg_creds = 0; | ||
890 | if (options->password_authentication == -1) | 912 | if (options->password_authentication == -1) |
891 | options->password_authentication = 1; | 913 | options->password_authentication = 1; |
892 | if (options->kbd_interactive_authentication == -1) | 914 | if (options->kbd_interactive_authentication == -1) |