diff options
author | Ben Lindstrom <mouring@eviladmin.org> | 2001-06-05 20:25:05 +0000 |
---|---|---|
committer | Ben Lindstrom <mouring@eviladmin.org> | 2001-06-05 20:25:05 +0000 |
commit | bfb3a0e973214fabc1be744b8c7e4a89a0c5570c (patch) | |
tree | 8227151356ee10ae6762c42442f272b0db418973 /servconf.c | |
parent | e2595448766a4149bbd2652830d1b086a066af13 (diff) |
- markus@cvs.openbsd.org 2001/05/20 17:20:36
[auth-rsa.c auth.c auth.h auth2.c servconf.c servconf.h sshd.8
sshd_config]
configurable authorized_keys{,2} location; originally from peter@;
ok djm@
Diffstat (limited to 'servconf.c')
-rw-r--r-- | servconf.c | 25 |
1 files changed, 23 insertions, 2 deletions
diff --git a/servconf.c b/servconf.c index 2d10963c4..e357d77a4 100644 --- a/servconf.c +++ b/servconf.c | |||
@@ -10,7 +10,7 @@ | |||
10 | */ | 10 | */ |
11 | 11 | ||
12 | #include "includes.h" | 12 | #include "includes.h" |
13 | RCSID("$OpenBSD: servconf.c,v 1.81 2001/05/19 19:43:57 stevesk Exp $"); | 13 | RCSID("$OpenBSD: servconf.c,v 1.82 2001/05/20 17:20:35 markus Exp $"); |
14 | 14 | ||
15 | #ifdef KRB4 | 15 | #ifdef KRB4 |
16 | #include <krb.h> | 16 | #include <krb.h> |
@@ -101,6 +101,8 @@ initialize_server_options(ServerOptions *options) | |||
101 | options->reverse_mapping_check = -1; | 101 | options->reverse_mapping_check = -1; |
102 | options->client_alive_interval = -1; | 102 | options->client_alive_interval = -1; |
103 | options->client_alive_count_max = -1; | 103 | options->client_alive_count_max = -1; |
104 | options->authorized_keys_file = NULL; | ||
105 | options->authorized_keys_file2 = NULL; | ||
104 | options->pam_authentication_via_kbd_int = -1; | 106 | options->pam_authentication_via_kbd_int = -1; |
105 | } | 107 | } |
106 | 108 | ||
@@ -208,6 +210,10 @@ fill_default_server_options(ServerOptions *options) | |||
208 | options->client_alive_interval = 0; | 210 | options->client_alive_interval = 0; |
209 | if (options->client_alive_count_max == -1) | 211 | if (options->client_alive_count_max == -1) |
210 | options->client_alive_count_max = 3; | 212 | options->client_alive_count_max = 3; |
213 | if (options->authorized_keys_file == NULL) | ||
214 | options->authorized_keys_file = _PATH_SSH_USER_PERMITTED_KEYS; | ||
215 | if (options->authorized_keys_file2 == NULL) | ||
216 | options->authorized_keys_file2 = _PATH_SSH_USER_PERMITTED_KEYS2; | ||
211 | if (options->pam_authentication_via_kbd_int == -1) | 217 | if (options->pam_authentication_via_kbd_int == -1) |
212 | options->pam_authentication_via_kbd_int = 0; | 218 | options->pam_authentication_via_kbd_int = 0; |
213 | } | 219 | } |
@@ -235,7 +241,8 @@ typedef enum { | |||
235 | sGatewayPorts, sPubkeyAuthentication, sXAuthLocation, sSubsystem, sMaxStartups, | 241 | sGatewayPorts, sPubkeyAuthentication, sXAuthLocation, sSubsystem, sMaxStartups, |
236 | sBanner, sReverseMappingCheck, sHostbasedAuthentication, | 242 | sBanner, sReverseMappingCheck, sHostbasedAuthentication, |
237 | sHostbasedUsesNameFromPacketOnly, sClientAliveInterval, | 243 | sHostbasedUsesNameFromPacketOnly, sClientAliveInterval, |
238 | sClientAliveCountMax, sPAMAuthenticationViaKbdInt | 244 | sClientAliveCountMax, sAuthorizedKeysFile, sAuthorizedKeysFile2, |
245 | sPAMAuthenticationViaKbdInt | ||
239 | } ServerOpCodes; | 246 | } ServerOpCodes; |
240 | 247 | ||
241 | /* Textual representation of the tokens. */ | 248 | /* Textual representation of the tokens. */ |
@@ -301,6 +308,8 @@ static struct { | |||
301 | { "reversemappingcheck", sReverseMappingCheck }, | 308 | { "reversemappingcheck", sReverseMappingCheck }, |
302 | { "clientaliveinterval", sClientAliveInterval }, | 309 | { "clientaliveinterval", sClientAliveInterval }, |
303 | { "clientalivecountmax", sClientAliveCountMax }, | 310 | { "clientalivecountmax", sClientAliveCountMax }, |
311 | { "authorizedkeysfile", sAuthorizedKeysFile }, | ||
312 | { "authorizedkeysfile2", sAuthorizedKeysFile2 }, | ||
304 | { "PAMAuthenticationViaKbdInt", sPAMAuthenticationViaKbdInt }, | 313 | { "PAMAuthenticationViaKbdInt", sPAMAuthenticationViaKbdInt }, |
305 | { NULL, 0 } | 314 | { NULL, 0 } |
306 | }; | 315 | }; |
@@ -802,6 +811,18 @@ parse_flag: | |||
802 | case sBanner: | 811 | case sBanner: |
803 | charptr = &options->banner; | 812 | charptr = &options->banner; |
804 | goto parse_filename; | 813 | goto parse_filename; |
814 | /* | ||
815 | * These options can contain %X options expanded at | ||
816 | * connect time, so that you can specify paths like: | ||
817 | * | ||
818 | * AuthorizedKeysFile /etc/ssh_keys/%u | ||
819 | */ | ||
820 | case sAuthorizedKeysFile: | ||
821 | case sAuthorizedKeysFile2: | ||
822 | charptr = (opcode == sAuthorizedKeysFile ) ? | ||
823 | &options->authorized_keys_file : | ||
824 | &options->authorized_keys_file2; | ||
825 | goto parse_filename; | ||
805 | 826 | ||
806 | case sClientAliveInterval: | 827 | case sClientAliveInterval: |
807 | intptr = &options->client_alive_interval; | 828 | intptr = &options->client_alive_interval; |