diff options
-rw-r--r-- | ChangeLog | 11 | ||||
-rw-r--r-- | servconf.c | 33 |
2 files changed, 32 insertions, 12 deletions
@@ -60,7 +60,8 @@ | |||
60 | original patch from jlk@kamens.brookline.ma.us via nalin@redhat.com | 60 | original patch from jlk@kamens.brookline.ma.us via nalin@redhat.com |
61 | - markus@cvs.openbsd.org 2001/11/10 13:19:45 | 61 | - markus@cvs.openbsd.org 2001/11/10 13:19:45 |
62 | [sshd.c] | 62 | [sshd.c] |
63 | cleanup libwrap support (remove bogus comment, bogus close(), add debug, etc). | 63 | cleanup libwrap support (remove bogus comment, bogus close(), add |
64 | debug, etc). | ||
64 | - markus@cvs.openbsd.org 2001/11/10 13:22:42 | 65 | - markus@cvs.openbsd.org 2001/11/10 13:22:42 |
65 | [ssh-rsa.c] | 66 | [ssh-rsa.c] |
66 | KNF (unexpand) | 67 | KNF (unexpand) |
@@ -69,7 +70,11 @@ | |||
69 | remove extra debug() | 70 | remove extra debug() |
70 | - markus@cvs.openbsd.org 2001/11/11 13:02:31 | 71 | - markus@cvs.openbsd.org 2001/11/11 13:02:31 |
71 | [servconf.c] | 72 | [servconf.c] |
72 | make AuthorizedKeysFile2 fallback to AuthorizedKeysFile if AuthorizedKeysFile is specified. | 73 | make AuthorizedKeysFile2 fallback to AuthorizedKeysFile if |
74 | AuthorizedKeysFile is specified. | ||
75 | - (djm) Reorder portable-specific server options so that they come first. | ||
76 | This should help reduce diff collisions for new server options (as they | ||
77 | will appear at the end) | ||
73 | 78 | ||
74 | 20011109 | 79 | 20011109 |
75 | - (stevesk) auth-pam.c: use do_pam_authenticate(PAM_DISALLOW_NULL_AUTHTOK) | 80 | - (stevesk) auth-pam.c: use do_pam_authenticate(PAM_DISALLOW_NULL_AUTHTOK) |
@@ -6882,4 +6887,4 @@ | |||
6882 | - Wrote replacements for strlcpy and mkdtemp | 6887 | - Wrote replacements for strlcpy and mkdtemp |
6883 | - Released 1.0pre1 | 6888 | - Released 1.0pre1 |
6884 | 6889 | ||
6885 | $Id: ChangeLog,v 1.1656 2001/11/12 00:14:35 djm Exp $ | 6890 | $Id: ChangeLog,v 1.1657 2001/11/12 00:40:11 djm Exp $ |
diff --git a/servconf.c b/servconf.c index d82e84275..8e362b04d 100644 --- a/servconf.c +++ b/servconf.c | |||
@@ -43,6 +43,11 @@ void | |||
43 | initialize_server_options(ServerOptions *options) | 43 | initialize_server_options(ServerOptions *options) |
44 | { | 44 | { |
45 | memset(options, 0, sizeof(*options)); | 45 | memset(options, 0, sizeof(*options)); |
46 | |||
47 | /* Portable-specific options */ | ||
48 | options->pam_authentication_via_kbd_int = -1; | ||
49 | |||
50 | /* Standard Options */ | ||
46 | options->num_ports = 0; | 51 | options->num_ports = 0; |
47 | options->ports_from_cmdline = 0; | 52 | options->ports_from_cmdline = 0; |
48 | options->listen_addrs = NULL; | 53 | options->listen_addrs = NULL; |
@@ -104,12 +109,16 @@ initialize_server_options(ServerOptions *options) | |||
104 | options->client_alive_count_max = -1; | 109 | options->client_alive_count_max = -1; |
105 | options->authorized_keys_file = NULL; | 110 | options->authorized_keys_file = NULL; |
106 | options->authorized_keys_file2 = NULL; | 111 | options->authorized_keys_file2 = NULL; |
107 | options->pam_authentication_via_kbd_int = -1; | ||
108 | } | 112 | } |
109 | 113 | ||
110 | void | 114 | void |
111 | fill_default_server_options(ServerOptions *options) | 115 | fill_default_server_options(ServerOptions *options) |
112 | { | 116 | { |
117 | /* Portable-specific options */ | ||
118 | if (options->pam_authentication_via_kbd_int == -1) | ||
119 | options->pam_authentication_via_kbd_int = 0; | ||
120 | |||
121 | /* Standard Options */ | ||
113 | if (options->protocol == SSH_PROTO_UNKNOWN) | 122 | if (options->protocol == SSH_PROTO_UNKNOWN) |
114 | options->protocol = SSH_PROTO_1|SSH_PROTO_2; | 123 | options->protocol = SSH_PROTO_1|SSH_PROTO_2; |
115 | if (options->num_host_key_files == 0) { | 124 | if (options->num_host_key_files == 0) { |
@@ -222,13 +231,14 @@ fill_default_server_options(ServerOptions *options) | |||
222 | } | 231 | } |
223 | if (options->authorized_keys_file == NULL) | 232 | if (options->authorized_keys_file == NULL) |
224 | options->authorized_keys_file = _PATH_SSH_USER_PERMITTED_KEYS; | 233 | options->authorized_keys_file = _PATH_SSH_USER_PERMITTED_KEYS; |
225 | if (options->pam_authentication_via_kbd_int == -1) | ||
226 | options->pam_authentication_via_kbd_int = 0; | ||
227 | } | 234 | } |
228 | 235 | ||
229 | /* Keyword tokens. */ | 236 | /* Keyword tokens. */ |
230 | typedef enum { | 237 | typedef enum { |
231 | sBadOption, /* == unknown option */ | 238 | sBadOption, /* == unknown option */ |
239 | /* Portable-specific options */ | ||
240 | sPAMAuthenticationViaKbdInt, | ||
241 | /* Standard Options */ | ||
232 | sPort, sHostKeyFile, sServerKeyBits, sLoginGraceTime, sKeyRegenerationTime, | 242 | sPort, sHostKeyFile, sServerKeyBits, sLoginGraceTime, sKeyRegenerationTime, |
233 | sPermitRootLogin, sLogFacility, sLogLevel, | 243 | sPermitRootLogin, sLogFacility, sLogLevel, |
234 | sRhostsAuthentication, sRhostsRSAAuthentication, sRSAAuthentication, | 244 | sRhostsAuthentication, sRhostsRSAAuthentication, sRSAAuthentication, |
@@ -253,7 +263,7 @@ typedef enum { | |||
253 | sBanner, sReverseMappingCheck, sHostbasedAuthentication, | 263 | sBanner, sReverseMappingCheck, sHostbasedAuthentication, |
254 | sHostbasedUsesNameFromPacketOnly, sClientAliveInterval, | 264 | sHostbasedUsesNameFromPacketOnly, sClientAliveInterval, |
255 | sClientAliveCountMax, sAuthorizedKeysFile, sAuthorizedKeysFile2, | 265 | sClientAliveCountMax, sAuthorizedKeysFile, sAuthorizedKeysFile2, |
256 | sDeprecated, sPAMAuthenticationViaKbdInt | 266 | sDeprecated |
257 | } ServerOpCodes; | 267 | } ServerOpCodes; |
258 | 268 | ||
259 | /* Textual representation of the tokens. */ | 269 | /* Textual representation of the tokens. */ |
@@ -261,6 +271,9 @@ static struct { | |||
261 | const char *name; | 271 | const char *name; |
262 | ServerOpCodes opcode; | 272 | ServerOpCodes opcode; |
263 | } keywords[] = { | 273 | } keywords[] = { |
274 | /* Portable-specific options */ | ||
275 | { "PAMAuthenticationViaKbdInt", sPAMAuthenticationViaKbdInt }, | ||
276 | /* Standard Options */ | ||
264 | { "port", sPort }, | 277 | { "port", sPort }, |
265 | { "hostkey", sHostKeyFile }, | 278 | { "hostkey", sHostKeyFile }, |
266 | { "hostdsakey", sHostKeyFile }, /* alias */ | 279 | { "hostdsakey", sHostKeyFile }, /* alias */ |
@@ -323,7 +336,6 @@ static struct { | |||
323 | { "clientalivecountmax", sClientAliveCountMax }, | 336 | { "clientalivecountmax", sClientAliveCountMax }, |
324 | { "authorizedkeysfile", sAuthorizedKeysFile }, | 337 | { "authorizedkeysfile", sAuthorizedKeysFile }, |
325 | { "authorizedkeysfile2", sAuthorizedKeysFile2 }, | 338 | { "authorizedkeysfile2", sAuthorizedKeysFile2 }, |
326 | { "PAMAuthenticationViaKbdInt", sPAMAuthenticationViaKbdInt }, | ||
327 | { NULL, 0 } | 339 | { NULL, 0 } |
328 | }; | 340 | }; |
329 | 341 | ||
@@ -417,6 +429,13 @@ read_server_config(ServerOptions *options, const char *filename) | |||
417 | case sBadOption: | 429 | case sBadOption: |
418 | bad_options++; | 430 | bad_options++; |
419 | continue; | 431 | continue; |
432 | |||
433 | /* Portable-specific options */ | ||
434 | case sPAMAuthenticationViaKbdInt: | ||
435 | intptr = &options->pam_authentication_via_kbd_int; | ||
436 | goto parse_flag; | ||
437 | |||
438 | /* Standard Options */ | ||
420 | case sPort: | 439 | case sPort: |
421 | /* ignore ports from configfile if cmdline specifies ports */ | 440 | /* ignore ports from configfile if cmdline specifies ports */ |
422 | if (options->ports_from_cmdline) | 441 | if (options->ports_from_cmdline) |
@@ -849,10 +868,6 @@ parse_flag: | |||
849 | arg = strdelim(&cp); | 868 | arg = strdelim(&cp); |
850 | break; | 869 | break; |
851 | 870 | ||
852 | case sPAMAuthenticationViaKbdInt: | ||
853 | intptr = &options->pam_authentication_via_kbd_int; | ||
854 | goto parse_flag; | ||
855 | |||
856 | default: | 871 | default: |
857 | fatal("%s line %d: Missing handler for opcode %s (%d)", | 872 | fatal("%s line %d: Missing handler for opcode %s (%d)", |
858 | filename, linenum, arg, opcode); | 873 | filename, linenum, arg, opcode); |