diff options
author | Damien Miller <djm@mindrot.org> | 2005-12-13 19:33:19 +1100 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 2005-12-13 19:33:19 +1100 |
commit | 7b58e800364870d05630514945687d2f26e3c065 (patch) | |
tree | f8b436c13a767fcb014125513fe53b6bc0bde9a2 /servconf.c | |
parent | 957d4e430ed40265cffc483abdc5b0e6a58c69ed (diff) |
- reyk@cvs.openbsd.org 2005/12/08 18:34:11
[auth-options.c includes.h misc.c misc.h readconf.c servconf.c]
[serverloop.c ssh.c ssh_config.5 sshd_config.5 configure.ac]
two changes to the new ssh tunnel support. this breaks compatibility
with the initial commit but is required for a portable approach.
- make the tunnel id u_int and platform friendly, use predefined types.
- support configuration of layer 2 (ethernet) or layer 3
(point-to-point, default) modes. configuration is done using the
Tunnel (yes|point-to-point|ethernet|no) option is ssh_config(5) and
restricted by the PermitTunnel (yes|point-to-point|ethernet|no) option
in sshd_config(5).
ok djm@, man page bits by jmc@
Diffstat (limited to 'servconf.c')
-rw-r--r-- | servconf.c | 24 |
1 files changed, 21 insertions, 3 deletions
diff --git a/servconf.c b/servconf.c index 91a0ced29..81953bb80 100644 --- a/servconf.c +++ b/servconf.c | |||
@@ -10,7 +10,7 @@ | |||
10 | */ | 10 | */ |
11 | 11 | ||
12 | #include "includes.h" | 12 | #include "includes.h" |
13 | RCSID("$OpenBSD: servconf.c,v 1.145 2005/12/06 22:38:27 reyk Exp $"); | 13 | RCSID("$OpenBSD: servconf.c,v 1.146 2005/12/08 18:34:11 reyk Exp $"); |
14 | 14 | ||
15 | #include "ssh.h" | 15 | #include "ssh.h" |
16 | #include "log.h" | 16 | #include "log.h" |
@@ -231,7 +231,7 @@ fill_default_server_options(ServerOptions *options) | |||
231 | if (options->authorized_keys_file == NULL) | 231 | if (options->authorized_keys_file == NULL) |
232 | options->authorized_keys_file = _PATH_SSH_USER_PERMITTED_KEYS; | 232 | options->authorized_keys_file = _PATH_SSH_USER_PERMITTED_KEYS; |
233 | if (options->permit_tun == -1) | 233 | if (options->permit_tun == -1) |
234 | options->permit_tun = 0; | 234 | options->permit_tun = SSH_TUNMODE_NO; |
235 | 235 | ||
236 | /* Turn privilege separation on by default */ | 236 | /* Turn privilege separation on by default */ |
237 | if (use_privsep == -1) | 237 | if (use_privsep == -1) |
@@ -968,7 +968,25 @@ parse_flag: | |||
968 | 968 | ||
969 | case sPermitTunnel: | 969 | case sPermitTunnel: |
970 | intptr = &options->permit_tun; | 970 | intptr = &options->permit_tun; |
971 | goto parse_flag; | 971 | arg = strdelim(&cp); |
972 | if (!arg || *arg == '\0') | ||
973 | fatal("%s line %d: Missing yes/point-to-point/" | ||
974 | "ethernet/no argument.", filename, linenum); | ||
975 | value = 0; /* silence compiler */ | ||
976 | if (strcasecmp(arg, "ethernet") == 0) | ||
977 | value = SSH_TUNMODE_ETHERNET; | ||
978 | else if (strcasecmp(arg, "point-to-point") == 0) | ||
979 | value = SSH_TUNMODE_POINTOPOINT; | ||
980 | else if (strcasecmp(arg, "yes") == 0) | ||
981 | value = SSH_TUNMODE_YES; | ||
982 | else if (strcasecmp(arg, "no") == 0) | ||
983 | value = SSH_TUNMODE_NO; | ||
984 | else | ||
985 | fatal("%s line %d: Bad yes/point-to-point/ethernet/" | ||
986 | "no argument: %s", filename, linenum, arg); | ||
987 | if (*intptr == -1) | ||
988 | *intptr = value; | ||
989 | break; | ||
972 | 990 | ||
973 | case sDeprecated: | 991 | case sDeprecated: |
974 | logit("%s line %d: Deprecated option %s", | 992 | logit("%s line %d: Deprecated option %s", |