diff options
| author | Damien Miller <djm@mindrot.org> | 2011-05-29 21:39:36 +1000 |
|---|---|---|
| committer | Damien Miller <djm@mindrot.org> | 2011-05-29 21:39:36 +1000 |
| commit | d8478b6a9b32760d47c2419279c4a73f5f88fdb6 (patch) | |
| tree | b62b256606749fbb784ab7c2c7baa610c2a7dd71 /servconf.h | |
| parent | acacced70b3fd520ee3f12d3f477f9fd7c2f687a (diff) | |
OpenBSD CVS Sync
- djm@cvs.openbsd.org 2011/05/23 03:30:07
[auth-rsa.c auth.c auth.h auth2-pubkey.c monitor.c monitor_wrap.c pathnames.h servconf.c servconf.h sshd.8 sshd_config sshd_config.5]
allow AuthorizedKeysFile to specify multiple files, separated by spaces.
Bring back authorized_keys2 as a default search path (to avoid breaking
existing users of this file), but override this in sshd_config so it will
be no longer used on fresh installs. Maybe in 2015 we can remove it
entierly :)
feedback and ok markus@ dtucker@
Diffstat (limited to 'servconf.h')
| -rw-r--r-- | servconf.h | 8 |
1 files changed, 5 insertions, 3 deletions
diff --git a/servconf.h b/servconf.h index 953ef8650..31e621bde 100644 --- a/servconf.h +++ b/servconf.h | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: servconf.h,v 1.97 2011/05/20 03:25:45 djm Exp $ */ | 1 | /* $OpenBSD: servconf.h,v 1.98 2011/05/23 03:30:07 djm Exp $ */ |
| 2 | 2 | ||
| 3 | /* | 3 | /* |
| 4 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 4 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
| @@ -27,6 +27,7 @@ | |||
| 27 | #define MAX_HOSTCERTS 256 /* Max # host certificates. */ | 27 | #define MAX_HOSTCERTS 256 /* Max # host certificates. */ |
| 28 | #define MAX_ACCEPT_ENV 256 /* Max # of env vars. */ | 28 | #define MAX_ACCEPT_ENV 256 /* Max # of env vars. */ |
| 29 | #define MAX_MATCH_GROUPS 256 /* Max # of groups for Match. */ | 29 | #define MAX_MATCH_GROUPS 256 /* Max # of groups for Match. */ |
| 30 | #define MAX_AUTHKEYS_FILES 256 /* Max # of authorized_keys files. */ | ||
| 30 | 31 | ||
| 31 | /* permit_root_login */ | 32 | /* permit_root_login */ |
| 32 | #define PERMIT_NOT_SET -1 | 33 | #define PERMIT_NOT_SET -1 |
| @@ -145,7 +146,8 @@ typedef struct { | |||
| 145 | * disconnect the session | 146 | * disconnect the session |
| 146 | */ | 147 | */ |
| 147 | 148 | ||
| 148 | char *authorized_keys_file; /* File containing public keys */ | 149 | u_int num_authkeys_files; /* Files containing public keys */ |
| 150 | char *authorized_keys_files[MAX_AUTHKEYS_FILES]; | ||
| 149 | 151 | ||
| 150 | char *adm_forced_command; | 152 | char *adm_forced_command; |
| 151 | 153 | ||
| @@ -171,8 +173,8 @@ typedef struct { | |||
| 171 | M_CP_STROPT(banner); \ | 173 | M_CP_STROPT(banner); \ |
| 172 | M_CP_STROPT(trusted_user_ca_keys); \ | 174 | M_CP_STROPT(trusted_user_ca_keys); \ |
| 173 | M_CP_STROPT(revoked_keys_file); \ | 175 | M_CP_STROPT(revoked_keys_file); \ |
| 174 | M_CP_STROPT(authorized_keys_file); \ | ||
| 175 | M_CP_STROPT(authorized_principals_file); \ | 176 | M_CP_STROPT(authorized_principals_file); \ |
| 177 | M_CP_STRARRAYOPT(authorized_keys_files, num_authkeys_files); \ | ||
| 176 | } while (0) | 178 | } while (0) |
| 177 | 179 | ||
| 178 | void initialize_server_options(ServerOptions *); | 180 | void initialize_server_options(ServerOptions *); |