summaryrefslogtreecommitdiff
path: root/servconf.c
diff options
context:
space:
mode:
authorDarren Tucker <dtucker@zip.com.au>2010-01-10 10:31:12 +1100
committerDarren Tucker <dtucker@zip.com.au>2010-01-10 10:31:12 +1100
commit7bd98e7f74ebd8bd32157b607acedcb68201b7de (patch)
treeb62a62fcc4def0b22e48f6dde5e414a77e4d2244 /servconf.c
parent8c65f646a93ed2f61da65ba0ecf65a99bd585b79 (diff)
- dtucker@cvs.openbsd.org 2010/01/09 23:04:13
[channels.c ssh.1 servconf.c sshd_config.5 sshd.c channels.h servconf.h ssh-keyscan.1 ssh-keyscan.c readconf.c sshconnect.c misc.c ssh.c readconf.h scp.1 sftp.1 ssh_config.5 misc.h] Remove RoutingDomain from ssh since it's now not needed. It can be replaced with "route exec" or "nc -V" as a proxycommand. "route exec" also ensures that trafic such as DNS lookups stays withing the specified routingdomain. For example (from reyk): # route -T 2 exec /usr/sbin/sshd or inherited from the parent process $ route -T 2 exec sh $ ssh 10.1.2.3 ok deraadt@ markus@ stevesk@ reyk@
Diffstat (limited to 'servconf.c')
-rw-r--r--servconf.c20
1 files changed, 2 insertions, 18 deletions
diff --git a/servconf.c b/servconf.c
index 2cdc480e6..fc3e479bd 100644
--- a/servconf.c
+++ b/servconf.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: servconf.c,v 1.199 2009/12/29 16:38:41 stevesk Exp $ */ 1/* $OpenBSD: servconf.c,v 1.200 2010/01/09 23:04:13 dtucker Exp $ */
2/* 2/*
3 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland 3 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
4 * All rights reserved 4 * All rights reserved
@@ -128,7 +128,6 @@ initialize_server_options(ServerOptions *options)
128 options->adm_forced_command = NULL; 128 options->adm_forced_command = NULL;
129 options->chroot_directory = NULL; 129 options->chroot_directory = NULL;
130 options->zero_knowledge_password_authentication = -1; 130 options->zero_knowledge_password_authentication = -1;
131 options->rdomain = -1;
132} 131}
133 132
134void 133void
@@ -305,7 +304,7 @@ typedef enum {
305 sClientAliveCountMax, sAuthorizedKeysFile, sAuthorizedKeysFile2, 304 sClientAliveCountMax, sAuthorizedKeysFile, sAuthorizedKeysFile2,
306 sGssAuthentication, sGssCleanupCreds, sAcceptEnv, sPermitTunnel, 305 sGssAuthentication, sGssCleanupCreds, sAcceptEnv, sPermitTunnel,
307 sMatch, sPermitOpen, sForceCommand, sChrootDirectory, 306 sMatch, sPermitOpen, sForceCommand, sChrootDirectory,
308 sUsePrivilegeSeparation, sAllowAgentForwarding, sRDomain, 307 sUsePrivilegeSeparation, sAllowAgentForwarding,
309 sZeroKnowledgePasswordAuthentication, 308 sZeroKnowledgePasswordAuthentication,
310 sDeprecated, sUnsupported 309 sDeprecated, sUnsupported
311} ServerOpCodes; 310} ServerOpCodes;
@@ -424,7 +423,6 @@ static struct {
424 { "match", sMatch, SSHCFG_ALL }, 423 { "match", sMatch, SSHCFG_ALL },
425 { "permitopen", sPermitOpen, SSHCFG_ALL }, 424 { "permitopen", sPermitOpen, SSHCFG_ALL },
426 { "forcecommand", sForceCommand, SSHCFG_ALL }, 425 { "forcecommand", sForceCommand, SSHCFG_ALL },
427 { "routingdomain", sRDomain, SSHCFG_GLOBAL },
428 { "chrootdirectory", sChrootDirectory, SSHCFG_ALL }, 426 { "chrootdirectory", sChrootDirectory, SSHCFG_ALL },
429 { NULL, sBadOption, 0 } 427 { NULL, sBadOption, 0 }
430}; 428};
@@ -1296,19 +1294,6 @@ process_server_config_line(ServerOptions *options, char *line,
1296 *charptr = xstrdup(arg); 1294 *charptr = xstrdup(arg);
1297 break; 1295 break;
1298 1296
1299 case sRDomain:
1300 intptr = &options->rdomain;
1301 arg = strdelim(&cp);
1302 if (!arg || *arg == '\0')
1303 fatal("%s line %d: missing rdomain value.",
1304 filename, linenum);
1305 if ((value = a2rdomain(arg)) == -1)
1306 fatal("%s line %d: invalid rdomain value.",
1307 filename, linenum);
1308 if (*intptr == -1)
1309 *intptr = value;
1310 break;
1311
1312 case sDeprecated: 1297 case sDeprecated:
1313 logit("%s line %d: Deprecated option %s", 1298 logit("%s line %d: Deprecated option %s",
1314 filename, linenum, arg); 1299 filename, linenum, arg);
@@ -1585,7 +1570,6 @@ dump_config(ServerOptions *o)
1585 dump_cfg_int(sMaxSessions, o->max_sessions); 1570 dump_cfg_int(sMaxSessions, o->max_sessions);
1586 dump_cfg_int(sClientAliveInterval, o->client_alive_interval); 1571 dump_cfg_int(sClientAliveInterval, o->client_alive_interval);
1587 dump_cfg_int(sClientAliveCountMax, o->client_alive_count_max); 1572 dump_cfg_int(sClientAliveCountMax, o->client_alive_count_max);
1588 dump_cfg_int(sRDomain, o->rdomain);
1589 1573
1590 /* formatted integer arguments */ 1574 /* formatted integer arguments */
1591 dump_cfg_fmtint(sPermitRootLogin, o->permit_root_login); 1575 dump_cfg_fmtint(sPermitRootLogin, o->permit_root_login);