diff options
author | djm@openbsd.org <djm@openbsd.org> | 2020-04-17 03:30:05 +0000 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 2020-04-17 14:03:36 +1000 |
commit | c90f72d29e84b4a2709078bf5546a72c29a65177 (patch) | |
tree | 58f38f99566d13f7e142c3181878f54e4cd2af21 /servconf.c | |
parent | 321c7147079270f3a154f91b59e66219aac3d514 (diff) |
upstream: make IgnoreRhosts a tri-state option: "yes" ignore
rhosts/shosts, "no" allow rhosts/shosts or (new) "shosts-only" to allow
.shosts files but not .rhosts. ok dtucker@
OpenBSD-Commit-ID: d08d6930ed06377a80cf53923c1955e9589342e9
Diffstat (limited to 'servconf.c')
-rw-r--r-- | servconf.c | 17 |
1 files changed, 13 insertions, 4 deletions
diff --git a/servconf.c b/servconf.c index ae45099ab..7e422ec8f 100644 --- a/servconf.c +++ b/servconf.c | |||
@@ -1,5 +1,5 @@ | |||
1 | 1 | ||
2 | /* $OpenBSD: servconf.c,v 1.362 2020/04/17 03:23:13 djm Exp $ */ | 2 | /* $OpenBSD: servconf.c,v 1.363 2020/04/17 03:30:05 djm Exp $ */ |
3 | /* | 3 | /* |
4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
5 | * All rights reserved | 5 | * All rights reserved |
@@ -1213,6 +1213,12 @@ static const struct multistate multistate_flag[] = { | |||
1213 | { "no", 0 }, | 1213 | { "no", 0 }, |
1214 | { NULL, -1 } | 1214 | { NULL, -1 } |
1215 | }; | 1215 | }; |
1216 | static const struct multistate multistate_ignore_rhosts[] = { | ||
1217 | { "yes", IGNORE_RHOSTS_YES }, | ||
1218 | { "no", IGNORE_RHOSTS_NO }, | ||
1219 | { "shosts-only", IGNORE_RHOSTS_SHOSTS }, | ||
1220 | { NULL, -1 } | ||
1221 | }; | ||
1216 | static const struct multistate multistate_addressfamily[] = { | 1222 | static const struct multistate multistate_addressfamily[] = { |
1217 | { "inet", AF_INET }, | 1223 | { "inet", AF_INET }, |
1218 | { "inet6", AF_INET6 }, | 1224 | { "inet6", AF_INET6 }, |
@@ -1462,13 +1468,14 @@ process_server_config_line_depth(ServerOptions *options, char *line, | |||
1462 | 1468 | ||
1463 | case sIgnoreRhosts: | 1469 | case sIgnoreRhosts: |
1464 | intptr = &options->ignore_rhosts; | 1470 | intptr = &options->ignore_rhosts; |
1465 | parse_flag: | 1471 | multistate_ptr = multistate_ignore_rhosts; |
1466 | multistate_ptr = multistate_flag; | ||
1467 | goto parse_multistate; | 1472 | goto parse_multistate; |
1468 | 1473 | ||
1469 | case sIgnoreUserKnownHosts: | 1474 | case sIgnoreUserKnownHosts: |
1470 | intptr = &options->ignore_user_known_hosts; | 1475 | intptr = &options->ignore_user_known_hosts; |
1471 | goto parse_flag; | 1476 | parse_flag: |
1477 | multistate_ptr = multistate_flag; | ||
1478 | goto parse_multistate; | ||
1472 | 1479 | ||
1473 | case sHostbasedAuthentication: | 1480 | case sHostbasedAuthentication: |
1474 | intptr = &options->hostbased_authentication; | 1481 | intptr = &options->hostbased_authentication; |
@@ -2628,6 +2635,8 @@ fmt_intarg(ServerOpCodes code, int val) | |||
2628 | return fmt_multistate_int(val, multistate_tcpfwd); | 2635 | return fmt_multistate_int(val, multistate_tcpfwd); |
2629 | case sAllowStreamLocalForwarding: | 2636 | case sAllowStreamLocalForwarding: |
2630 | return fmt_multistate_int(val, multistate_tcpfwd); | 2637 | return fmt_multistate_int(val, multistate_tcpfwd); |
2638 | case sIgnoreRhosts: | ||
2639 | return fmt_multistate_int(val, multistate_ignore_rhosts); | ||
2631 | case sFingerprintHash: | 2640 | case sFingerprintHash: |
2632 | return ssh_digest_alg_name(val); | 2641 | return ssh_digest_alg_name(val); |
2633 | default: | 2642 | default: |