diff options
author | Damien Miller <djm@mindrot.org> | 2013-10-17 11:47:23 +1100 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 2013-10-17 11:47:23 +1100 |
commit | 0faf747e2f77f0f7083bcd59cbed30c4b5448444 (patch) | |
tree | 1f1b80f60be01d61f284070affc314d1b97b6b69 /readconf.h | |
parent | d77b81f856e078714ec6b0f86f61c20249b7ead4 (diff) |
- djm@cvs.openbsd.org 2013/10/16 02:31:47
[readconf.c readconf.h roaming_client.c ssh.1 ssh.c ssh_config.5]
[sshconnect.c sshconnect.h]
Implement client-side hostname canonicalisation to allow an explicit
search path of domain suffixes to use to convert unqualified host names
to fully-qualified ones for host key matching.
This is particularly useful for host certificates, which would otherwise
need to list unqualified names alongside fully-qualified ones (and this
causes a number of problems).
"looks fine" markus@
Diffstat (limited to 'readconf.h')
-rw-r--r-- | readconf.h | 22 |
1 files changed, 20 insertions, 2 deletions
diff --git a/readconf.h b/readconf.h index cde8b5242..4a210897e 100644 --- a/readconf.h +++ b/readconf.h | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: readconf.h,v 1.97 2013/10/14 22:22:03 djm Exp $ */ | 1 | /* $OpenBSD: readconf.h,v 1.98 2013/10/16 02:31:46 djm Exp $ */ |
2 | 2 | ||
3 | /* | 3 | /* |
4 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 4 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
@@ -29,7 +29,13 @@ typedef struct { | |||
29 | /* Data structure for representing option data. */ | 29 | /* Data structure for representing option data. */ |
30 | 30 | ||
31 | #define MAX_SEND_ENV 256 | 31 | #define MAX_SEND_ENV 256 |
32 | #define SSH_MAX_HOSTS_FILES 256 | 32 | #define SSH_MAX_HOSTS_FILES 32 |
33 | #define MAX_CANON_DOMAINS 32 | ||
34 | |||
35 | struct allowed_cname { | ||
36 | char *source_list; | ||
37 | char *target_list; | ||
38 | }; | ||
33 | 39 | ||
34 | typedef struct { | 40 | typedef struct { |
35 | int forward_agent; /* Forward authentication agent. */ | 41 | int forward_agent; /* Forward authentication agent. */ |
@@ -140,9 +146,21 @@ typedef struct { | |||
140 | 146 | ||
141 | int proxy_use_fdpass; | 147 | int proxy_use_fdpass; |
142 | 148 | ||
149 | int num_canonical_domains; | ||
150 | char *canonical_domains[MAX_CANON_DOMAINS]; | ||
151 | int canonicalise_hostname; | ||
152 | int canonicalise_max_dots; | ||
153 | int canonicalise_fallback_local; | ||
154 | int num_permitted_cnames; | ||
155 | struct allowed_cname permitted_cnames[MAX_CANON_DOMAINS]; | ||
156 | |||
143 | char *ignored_unknown; /* Pattern list of unknown tokens to ignore */ | 157 | char *ignored_unknown; /* Pattern list of unknown tokens to ignore */ |
144 | } Options; | 158 | } Options; |
145 | 159 | ||
160 | #define SSH_CANONICALISE_NO 0 | ||
161 | #define SSH_CANONICALISE_YES 1 | ||
162 | #define SSH_CANONICALISE_ALWAYS 2 | ||
163 | |||
146 | #define SSHCTL_MASTER_NO 0 | 164 | #define SSHCTL_MASTER_NO 0 |
147 | #define SSHCTL_MASTER_YES 1 | 165 | #define SSHCTL_MASTER_YES 1 |
148 | #define SSHCTL_MASTER_AUTO 2 | 166 | #define SSHCTL_MASTER_AUTO 2 |