diff options
| author | Darren Tucker <dtucker@zip.com.au> | 2007-03-01 21:31:28 +1100 |
|---|---|---|
| committer | Darren Tucker <dtucker@zip.com.au> | 2007-03-01 21:31:28 +1100 |
| commit | 1d75f22c5d99ce1a4c7a87c7ae042a33fbeefefb (patch) | |
| tree | c2ba2b55799904f6954f858b0838d069677bf5af /servconf.c | |
| parent | cf0d2db2fa94c9e496c3fdd6bdf85e12d021cd50 (diff) | |
- dtucker@cvs.openbsd.org 2007/03/01 10:28:02
[auth2.c sshd_config.5 servconf.c]
Remove ChallengeResponseAuthentication support inside a Match
block as its interaction with KbdInteractive makes it difficult to
support. Also, relocate the CR/kbdint option special-case code into
servconf. "please commit" djm@, ok markus@ for the relocation.
Diffstat (limited to 'servconf.c')
| -rw-r--r-- | servconf.c | 9 |
1 files changed, 6 insertions, 3 deletions
diff --git a/servconf.c b/servconf.c index c6a8043de..1e3c213a5 100644 --- a/servconf.c +++ b/servconf.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: servconf.c,v 1.169 2007/02/22 12:58:40 dtucker Exp $ */ | 1 | /* $OpenBSD: servconf.c,v 1.170 2007/03/01 10:28:02 dtucker Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 3 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
| 4 | * All rights reserved | 4 | * All rights reserved |
| @@ -357,7 +357,7 @@ static struct { | |||
| 357 | #endif | 357 | #endif |
| 358 | { "passwordauthentication", sPasswordAuthentication, SSHCFG_ALL }, | 358 | { "passwordauthentication", sPasswordAuthentication, SSHCFG_ALL }, |
| 359 | { "kbdinteractiveauthentication", sKbdInteractiveAuthentication, SSHCFG_ALL }, | 359 | { "kbdinteractiveauthentication", sKbdInteractiveAuthentication, SSHCFG_ALL }, |
| 360 | { "challengeresponseauthentication", sChallengeResponseAuthentication, SSHCFG_ALL }, | 360 | { "challengeresponseauthentication", sChallengeResponseAuthentication, SSHCFG_GLOBAL }, |
| 361 | { "skeyauthentication", sChallengeResponseAuthentication, SSHCFG_GLOBAL }, /* alias */ | 361 | { "skeyauthentication", sChallengeResponseAuthentication, SSHCFG_GLOBAL }, /* alias */ |
| 362 | { "checkmail", sDeprecated, SSHCFG_GLOBAL }, | 362 | { "checkmail", sDeprecated, SSHCFG_GLOBAL }, |
| 363 | { "listenaddress", sListenAddress, SSHCFG_GLOBAL }, | 363 | { "listenaddress", sListenAddress, SSHCFG_GLOBAL }, |
| @@ -1350,7 +1350,6 @@ copy_set_server_options(ServerOptions *dst, ServerOptions *src, int preauth) | |||
| 1350 | M_CP_INTOPT(kerberos_authentication); | 1350 | M_CP_INTOPT(kerberos_authentication); |
| 1351 | M_CP_INTOPT(hostbased_authentication); | 1351 | M_CP_INTOPT(hostbased_authentication); |
| 1352 | M_CP_INTOPT(kbd_interactive_authentication); | 1352 | M_CP_INTOPT(kbd_interactive_authentication); |
| 1353 | M_CP_INTOPT(challenge_response_authentication); | ||
| 1354 | 1353 | ||
| 1355 | M_CP_INTOPT(allow_tcp_forwarding); | 1354 | M_CP_INTOPT(allow_tcp_forwarding); |
| 1356 | M_CP_INTOPT(gateway_ports); | 1355 | M_CP_INTOPT(gateway_ports); |
| @@ -1388,4 +1387,8 @@ parse_server_config(ServerOptions *options, const char *filename, Buffer *conf, | |||
| 1388 | if (bad_options > 0) | 1387 | if (bad_options > 0) |
| 1389 | fatal("%s: terminating, %d bad configuration options", | 1388 | fatal("%s: terminating, %d bad configuration options", |
| 1390 | filename, bad_options); | 1389 | filename, bad_options); |
| 1390 | |||
| 1391 | /* challenge-response is implemented via keyboard interactive */ | ||
| 1392 | if (options->challenge_response_authentication == 1) | ||
| 1393 | options->kbd_interactive_authentication = 1; | ||
| 1391 | } | 1394 | } |