- jakob@cvs.openbsd.org 2003/05/15 01:48:10

[readconf.c readconf.h servconf.c servconf.h] always parse kerberos options. ok djm@ markus@ - (djm) Always parse UsePAM
author: Damien Miller <djm@mindrot.org> 2003-05-15 12:05:28 +1000
committer: Damien Miller <djm@mindrot.org> 2003-05-15 12:05:28 +1000
commit: 2aa0ab463f479649760110ca52fa341880c5ae3a (patch)
tree: 4b6a778cc687b5e87e40ae2decba2184b124c09e /servconf.c
parent: f842fcb296b9fbc0de905837c6074c732db550e5 (diff)
1 files changed, 6 insertions, 39 deletions
diff --git a/servconf.c b/servconf.c
index fbdc4d8fa..5076c5df6 100644
--- a/servconf.c
+++ b/servconf.c
@@ -10,7 +10,7 @@
 */
 #include "includes.h"
-RCSID("$OpenBSD: servconf.c,v 1.118 2003/04/09 08:23:52 hin Exp $");
+RCSID("$OpenBSD: servconf.c,v 1.119 2003/05/15 01:48:10 jakob Exp $");
 #if defined(KRB4)
 #include <krb.h>
@@ -59,10 +59,8 @@ initialize_server_options(ServerOptions *options)
 {
        memset(options, 0, sizeof(*options));
-#ifdef USE_PAM
        /* Portable-specific options */
        options->use_pam = -1;
-#endif
        /* Standard Options */
        options->num_ports = 0;
@@ -92,17 +90,11 @@ initialize_server_options(ServerOptions *options)
        options->hostbased_uses_name_from_packet_only = -1;
        options->rsa_authentication = -1;
        options->pubkey_authentication = -1;
-#if defined(KRB4) || defined(KRB5)
        options->kerberos_authentication = -1;
        options->kerberos_or_local_passwd = -1;
        options->kerberos_ticket_cleanup = -1;
-#endif
-#if defined(AFS) || defined(KRB5)
        options->kerberos_tgt_passing = -1;
-#endif
-#ifdef AFS
        options->afs_token_passing = -1;
-#endif
        options->password_authentication = -1;
        options->kbd_interactive_authentication = -1;
        options->challenge_response_authentication = -1;
@@ -138,10 +130,8 @@ void
 fill_default_server_options(ServerOptions *options)
 {
        /* Portable-specific options */
-#ifdef USE_PAM
        if (options->use_pam == -1)
-                options->use_pam = 1;
+                options->use_pam = 0;
-#endif
        /* Standard Options */
        if (options->protocol == SSH_PROTO_UNKNOWN)
@@ -208,22 +198,16 @@ fill_default_server_options(ServerOptions *options)
                options->rsa_authentication = 1;
        if (options->pubkey_authentication == -1)
                options->pubkey_authentication = 1;
-#if defined(KRB4) || defined(KRB5)
        if (options->kerberos_authentication == -1)
                options->kerberos_authentication = 0;
        if (options->kerberos_or_local_passwd == -1)
                options->kerberos_or_local_passwd = 1;
        if (options->kerberos_ticket_cleanup == -1)
                options->kerberos_ticket_cleanup = 1;
-#endif
-#if defined(AFS) || defined(KRB5)
        if (options->kerberos_tgt_passing == -1)
                options->kerberos_tgt_passing = 0;
-#endif
-#ifdef AFS
        if (options->afs_token_passing == -1)
                options->afs_token_passing = 0;
-#endif
        if (options->password_authentication == -1)
                options->password_authentication = 1;
        if (options->kbd_interactive_authentication == -1)
@@ -288,16 +272,8 @@ typedef enum {
        sPort, sHostKeyFile, sServerKeyBits, sLoginGraceTime, sKeyRegenerationTime,
        sPermitRootLogin, sLogFacility, sLogLevel,
        sRhostsAuthentication, sRhostsRSAAuthentication, sRSAAuthentication,
-#if defined(KRB4) || defined(KRB5)
        sKerberosAuthentication, sKerberosOrLocalPasswd, sKerberosTicketCleanup,
-#endif
+        sKerberosTgtPassing, sAFSTokenPassing, sChallengeResponseAuthentication,
-#if defined(AFS) || defined(KRB5)
-        sKerberosTgtPassing,
-#endif
-#ifdef AFS
-        sAFSTokenPassing,
-#endif
-        sChallengeResponseAuthentication,
        sPasswordAuthentication, sKbdInteractiveAuthentication, sListenAddress,
        sPrintMotd, sPrintLastLog, sIgnoreRhosts,
        sX11Forwarding, sX11DisplayOffset, sX11UseLocalhost,
@@ -338,17 +314,11 @@ static struct {
        { "rsaauthentication", sRSAAuthentication },
        { "pubkeyauthentication", sPubkeyAuthentication },
        { "dsaauthentication", sPubkeyAuthentication },                 /* alias */
-#if defined(KRB4) || defined(KRB5)
        { "kerberosauthentication", sKerberosAuthentication },
        { "kerberosorlocalpasswd", sKerberosOrLocalPasswd },
        { "kerberosticketcleanup", sKerberosTicketCleanup },
-#endif
-#if defined(AFS) || defined(KRB5)
        { "kerberostgtpassing", sKerberosTgtPassing },
-#endif
-#ifdef AFS
        { "afstokenpassing", sAFSTokenPassing },
-#endif
        { "passwordauthentication", sPasswordAuthentication },
        { "kbdinteractiveauthentication", sKbdInteractiveAuthentication },
        { "challengeresponseauthentication", sChallengeResponseAuthentication },
@@ -653,7 +623,7 @@ parse_flag:
        case sPubkeyAuthentication:
                intptr = &options->pubkey_authentication;
                goto parse_flag;
-#if defined(KRB4) || defined(KRB5)
        case sKerberosAuthentication:
                intptr = &options->kerberos_authentication;
                goto parse_flag;
@@ -665,17 +635,14 @@ parse_flag:
        case sKerberosTicketCleanup:
                intptr = &options->kerberos_ticket_cleanup;
                goto parse_flag;
-#endif
-#if defined(AFS) || defined(KRB5)
        case sKerberosTgtPassing:
                intptr = &options->kerberos_tgt_passing;
                goto parse_flag;
-#endif
-#ifdef AFS
        case sAFSTokenPassing:
                intptr = &options->afs_token_passing;
                goto parse_flag;
-#endif
        case sPasswordAuthentication:
                intptr = &options->password_authentication;
author	Damien Miller <djm@mindrot.org>	2003-05-15 12:05:28 +1000
committer	Damien Miller <djm@mindrot.org>	2003-05-15 12:05:28 +1000
commit	2aa0ab463f479649760110ca52fa341880c5ae3a (patch)
tree	4b6a778cc687b5e87e40ae2decba2184b124c09e /servconf.c
parent	f842fcb296b9fbc0de905837c6074c732db550e5 (diff)

diff --git a/servconf.c b/servconf.c index fbdc4d8fa..5076c5df6 100644 --- a/servconf.c +++ b/servconf.c
@@ -10,7 +10,7 @@
10	*/	10	*/
11		11
12	#include "includes.h"	12	#include "includes.h"
13	RCSID("$OpenBSD: servconf.c,v 1.118 2003/04/09 08:23:52 hin Exp $");	13	RCSID("$OpenBSD: servconf.c,v 1.119 2003/05/15 01:48:10 jakob Exp $");
14		14
15	#if defined(KRB4)	15	#if defined(KRB4)
16	#include <krb.h>	16	#include <krb.h>
@@ -59,10 +59,8 @@ initialize_server_options(ServerOptions *options)
59	{	59	{
60	memset(options, 0, sizeof(*options));	60	memset(options, 0, sizeof(*options));
61		61
62	#ifdef USE_PAM
63	/* Portable-specific options */	62	/* Portable-specific options */
64	options->use_pam = -1;	63	options->use_pam = -1;
65	#endif
66		64
67	/* Standard Options */	65	/* Standard Options */
68	options->num_ports = 0;	66	options->num_ports = 0;
@@ -92,17 +90,11 @@ initialize_server_options(ServerOptions *options)
92	options->hostbased_uses_name_from_packet_only = -1;	90	options->hostbased_uses_name_from_packet_only = -1;
93	options->rsa_authentication = -1;	91	options->rsa_authentication = -1;
94	options->pubkey_authentication = -1;	92	options->pubkey_authentication = -1;
95	#if defined(KRB4) \|\| defined(KRB5)
96	options->kerberos_authentication = -1;	93	options->kerberos_authentication = -1;
97	options->kerberos_or_local_passwd = -1;	94	options->kerberos_or_local_passwd = -1;
98	options->kerberos_ticket_cleanup = -1;	95	options->kerberos_ticket_cleanup = -1;
99	#endif
100	#if defined(AFS) \|\| defined(KRB5)
101	options->kerberos_tgt_passing = -1;	96	options->kerberos_tgt_passing = -1;
102	#endif
103	#ifdef AFS
104	options->afs_token_passing = -1;	97	options->afs_token_passing = -1;
105	#endif
106	options->password_authentication = -1;	98	options->password_authentication = -1;
107	options->kbd_interactive_authentication = -1;	99	options->kbd_interactive_authentication = -1;
108	options->challenge_response_authentication = -1;	100	options->challenge_response_authentication = -1;
@@ -138,10 +130,8 @@ void
138	fill_default_server_options(ServerOptions *options)	130	fill_default_server_options(ServerOptions *options)
139	{	131	{
140	/* Portable-specific options */	132	/* Portable-specific options */
141	#ifdef USE_PAM
142	if (options->use_pam == -1)	133	if (options->use_pam == -1)
143	options->use_pam = 1;	134	options->use_pam = 0;
144	#endif
145		135
146	/* Standard Options */	136	/* Standard Options */
147	if (options->protocol == SSH_PROTO_UNKNOWN)	137	if (options->protocol == SSH_PROTO_UNKNOWN)
@@ -208,22 +198,16 @@ fill_default_server_options(ServerOptions *options)
208	options->rsa_authentication = 1;	198	options->rsa_authentication = 1;
209	if (options->pubkey_authentication == -1)	199	if (options->pubkey_authentication == -1)
210	options->pubkey_authentication = 1;	200	options->pubkey_authentication = 1;
211	#if defined(KRB4) \|\| defined(KRB5)
212	if (options->kerberos_authentication == -1)	201	if (options->kerberos_authentication == -1)
213	options->kerberos_authentication = 0;	202	options->kerberos_authentication = 0;
214	if (options->kerberos_or_local_passwd == -1)	203	if (options->kerberos_or_local_passwd == -1)
215	options->kerberos_or_local_passwd = 1;	204	options->kerberos_or_local_passwd = 1;
216	if (options->kerberos_ticket_cleanup == -1)	205	if (options->kerberos_ticket_cleanup == -1)
217	options->kerberos_ticket_cleanup = 1;	206	options->kerberos_ticket_cleanup = 1;
218	#endif
219	#if defined(AFS) \|\| defined(KRB5)
220	if (options->kerberos_tgt_passing == -1)	207	if (options->kerberos_tgt_passing == -1)
221	options->kerberos_tgt_passing = 0;	208	options->kerberos_tgt_passing = 0;
222	#endif
223	#ifdef AFS
224	if (options->afs_token_passing == -1)	209	if (options->afs_token_passing == -1)
225	options->afs_token_passing = 0;	210	options->afs_token_passing = 0;
226	#endif
227	if (options->password_authentication == -1)	211	if (options->password_authentication == -1)
228	options->password_authentication = 1;	212	options->password_authentication = 1;
229	if (options->kbd_interactive_authentication == -1)	213	if (options->kbd_interactive_authentication == -1)
@@ -288,16 +272,8 @@ typedef enum {
288	sPort, sHostKeyFile, sServerKeyBits, sLoginGraceTime, sKeyRegenerationTime,	272	sPort, sHostKeyFile, sServerKeyBits, sLoginGraceTime, sKeyRegenerationTime,
289	sPermitRootLogin, sLogFacility, sLogLevel,	273	sPermitRootLogin, sLogFacility, sLogLevel,
290	sRhostsAuthentication, sRhostsRSAAuthentication, sRSAAuthentication,	274	sRhostsAuthentication, sRhostsRSAAuthentication, sRSAAuthentication,
291	#if defined(KRB4) \|\| defined(KRB5)
292	sKerberosAuthentication, sKerberosOrLocalPasswd, sKerberosTicketCleanup,	275	sKerberosAuthentication, sKerberosOrLocalPasswd, sKerberosTicketCleanup,
293	#endif	276	sKerberosTgtPassing, sAFSTokenPassing, sChallengeResponseAuthentication,
294	#if defined(AFS) \|\| defined(KRB5)
295	sKerberosTgtPassing,
296	#endif
297	#ifdef AFS
298	sAFSTokenPassing,
299	#endif
300	sChallengeResponseAuthentication,
301	sPasswordAuthentication, sKbdInteractiveAuthentication, sListenAddress,	277	sPasswordAuthentication, sKbdInteractiveAuthentication, sListenAddress,
302	sPrintMotd, sPrintLastLog, sIgnoreRhosts,	278	sPrintMotd, sPrintLastLog, sIgnoreRhosts,
303	sX11Forwarding, sX11DisplayOffset, sX11UseLocalhost,	279	sX11Forwarding, sX11DisplayOffset, sX11UseLocalhost,
@@ -338,17 +314,11 @@ static struct {
338	{ "rsaauthentication", sRSAAuthentication },	314	{ "rsaauthentication", sRSAAuthentication },
339	{ "pubkeyauthentication", sPubkeyAuthentication },	315	{ "pubkeyauthentication", sPubkeyAuthentication },
340	{ "dsaauthentication", sPubkeyAuthentication }, /* alias */	316	{ "dsaauthentication", sPubkeyAuthentication }, /* alias */
341	#if defined(KRB4) \|\| defined(KRB5)
342	{ "kerberosauthentication", sKerberosAuthentication },	317	{ "kerberosauthentication", sKerberosAuthentication },
343	{ "kerberosorlocalpasswd", sKerberosOrLocalPasswd },	318	{ "kerberosorlocalpasswd", sKerberosOrLocalPasswd },
344	{ "kerberosticketcleanup", sKerberosTicketCleanup },	319	{ "kerberosticketcleanup", sKerberosTicketCleanup },
345	#endif
346	#if defined(AFS) \|\| defined(KRB5)
347	{ "kerberostgtpassing", sKerberosTgtPassing },	320	{ "kerberostgtpassing", sKerberosTgtPassing },
348	#endif
349	#ifdef AFS
350	{ "afstokenpassing", sAFSTokenPassing },	321	{ "afstokenpassing", sAFSTokenPassing },
351	#endif
352	{ "passwordauthentication", sPasswordAuthentication },	322	{ "passwordauthentication", sPasswordAuthentication },
353	{ "kbdinteractiveauthentication", sKbdInteractiveAuthentication },	323	{ "kbdinteractiveauthentication", sKbdInteractiveAuthentication },
354	{ "challengeresponseauthentication", sChallengeResponseAuthentication },	324	{ "challengeresponseauthentication", sChallengeResponseAuthentication },
@@ -653,7 +623,7 @@ parse_flag:
653	case sPubkeyAuthentication:	623	case sPubkeyAuthentication:
654	intptr = &options->pubkey_authentication;	624	intptr = &options->pubkey_authentication;
655	goto parse_flag;	625	goto parse_flag;
656	#if defined(KRB4) \|\| defined(KRB5)	626
657	case sKerberosAuthentication:	627	case sKerberosAuthentication:
658	intptr = &options->kerberos_authentication;	628	intptr = &options->kerberos_authentication;
659	goto parse_flag;	629	goto parse_flag;
@@ -665,17 +635,14 @@ parse_flag:
665	case sKerberosTicketCleanup:	635	case sKerberosTicketCleanup:
666	intptr = &options->kerberos_ticket_cleanup;	636	intptr = &options->kerberos_ticket_cleanup;
667	goto parse_flag;	637	goto parse_flag;
668	#endif	638
669	#if defined(AFS) \|\| defined(KRB5)
670	case sKerberosTgtPassing:	639	case sKerberosTgtPassing:
671	intptr = &options->kerberos_tgt_passing;	640	intptr = &options->kerberos_tgt_passing;
672	goto parse_flag;	641	goto parse_flag;
673	#endif	642
674	#ifdef AFS
675	case sAFSTokenPassing:	643	case sAFSTokenPassing:
676	intptr = &options->afs_token_passing;	644	intptr = &options->afs_token_passing;
677	goto parse_flag;	645	goto parse_flag;
678	#endif
679		646
680	case sPasswordAuthentication:	647	case sPasswordAuthentication:
681	intptr = &options->password_authentication;	648	intptr = &options->password_authentication;