diff options
| author | djm@openbsd.org <djm@openbsd.org> | 2020-04-17 03:30:05 +0000 |
|---|---|---|
| committer | Damien Miller <djm@mindrot.org> | 2020-04-17 14:03:36 +1000 |
| commit | c90f72d29e84b4a2709078bf5546a72c29a65177 (patch) | |
| tree | 58f38f99566d13f7e142c3181878f54e4cd2af21 /servconf.c | |
| parent | 321c7147079270f3a154f91b59e66219aac3d514 (diff) | |
upstream: make IgnoreRhosts a tri-state option: "yes" ignore
rhosts/shosts, "no" allow rhosts/shosts or (new) "shosts-only" to allow
.shosts files but not .rhosts. ok dtucker@
OpenBSD-Commit-ID: d08d6930ed06377a80cf53923c1955e9589342e9
Diffstat (limited to 'servconf.c')
| -rw-r--r-- | servconf.c | 17 |
1 files changed, 13 insertions, 4 deletions
diff --git a/servconf.c b/servconf.c index ae45099ab..7e422ec8f 100644 --- a/servconf.c +++ b/servconf.c | |||
| @@ -1,5 +1,5 @@ | |||
| 1 | 1 | ||
| 2 | /* $OpenBSD: servconf.c,v 1.362 2020/04/17 03:23:13 djm Exp $ */ | 2 | /* $OpenBSD: servconf.c,v 1.363 2020/04/17 03:30:05 djm Exp $ */ |
| 3 | /* | 3 | /* |
| 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
| 5 | * All rights reserved | 5 | * All rights reserved |
| @@ -1213,6 +1213,12 @@ static const struct multistate multistate_flag[] = { | |||
| 1213 | { "no", 0 }, | 1213 | { "no", 0 }, |
| 1214 | { NULL, -1 } | 1214 | { NULL, -1 } |
| 1215 | }; | 1215 | }; |
| 1216 | static const struct multistate multistate_ignore_rhosts[] = { | ||
| 1217 | { "yes", IGNORE_RHOSTS_YES }, | ||
| 1218 | { "no", IGNORE_RHOSTS_NO }, | ||
| 1219 | { "shosts-only", IGNORE_RHOSTS_SHOSTS }, | ||
| 1220 | { NULL, -1 } | ||
| 1221 | }; | ||
| 1216 | static const struct multistate multistate_addressfamily[] = { | 1222 | static const struct multistate multistate_addressfamily[] = { |
| 1217 | { "inet", AF_INET }, | 1223 | { "inet", AF_INET }, |
| 1218 | { "inet6", AF_INET6 }, | 1224 | { "inet6", AF_INET6 }, |
| @@ -1462,13 +1468,14 @@ process_server_config_line_depth(ServerOptions *options, char *line, | |||
| 1462 | 1468 | ||
| 1463 | case sIgnoreRhosts: | 1469 | case sIgnoreRhosts: |
| 1464 | intptr = &options->ignore_rhosts; | 1470 | intptr = &options->ignore_rhosts; |
| 1465 | parse_flag: | 1471 | multistate_ptr = multistate_ignore_rhosts; |
| 1466 | multistate_ptr = multistate_flag; | ||
| 1467 | goto parse_multistate; | 1472 | goto parse_multistate; |
| 1468 | 1473 | ||
| 1469 | case sIgnoreUserKnownHosts: | 1474 | case sIgnoreUserKnownHosts: |
| 1470 | intptr = &options->ignore_user_known_hosts; | 1475 | intptr = &options->ignore_user_known_hosts; |
| 1471 | goto parse_flag; | 1476 | parse_flag: |
| 1477 | multistate_ptr = multistate_flag; | ||
| 1478 | goto parse_multistate; | ||
| 1472 | 1479 | ||
| 1473 | case sHostbasedAuthentication: | 1480 | case sHostbasedAuthentication: |
| 1474 | intptr = &options->hostbased_authentication; | 1481 | intptr = &options->hostbased_authentication; |
| @@ -2628,6 +2635,8 @@ fmt_intarg(ServerOpCodes code, int val) | |||
| 2628 | return fmt_multistate_int(val, multistate_tcpfwd); | 2635 | return fmt_multistate_int(val, multistate_tcpfwd); |
| 2629 | case sAllowStreamLocalForwarding: | 2636 | case sAllowStreamLocalForwarding: |
| 2630 | return fmt_multistate_int(val, multistate_tcpfwd); | 2637 | return fmt_multistate_int(val, multistate_tcpfwd); |
| 2638 | case sIgnoreRhosts: | ||
| 2639 | return fmt_multistate_int(val, multistate_ignore_rhosts); | ||
| 2631 | case sFingerprintHash: | 2640 | case sFingerprintHash: |
| 2632 | return ssh_digest_alg_name(val); | 2641 | return ssh_digest_alg_name(val); |
| 2633 | default: | 2642 | default: |