summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--ChangeLog11
-rw-r--r--servconf.c33
2 files changed, 32 insertions, 12 deletions
diff --git a/ChangeLog b/ChangeLog
index df1fc9c88..7d59ba377 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -60,7 +60,8 @@
60 original patch from jlk@kamens.brookline.ma.us via nalin@redhat.com 60 original patch from jlk@kamens.brookline.ma.us via nalin@redhat.com
61 - markus@cvs.openbsd.org 2001/11/10 13:19:45 61 - markus@cvs.openbsd.org 2001/11/10 13:19:45
62 [sshd.c] 62 [sshd.c]
63 cleanup libwrap support (remove bogus comment, bogus close(), add debug, etc). 63 cleanup libwrap support (remove bogus comment, bogus close(), add
64 debug, etc).
64 - markus@cvs.openbsd.org 2001/11/10 13:22:42 65 - markus@cvs.openbsd.org 2001/11/10 13:22:42
65 [ssh-rsa.c] 66 [ssh-rsa.c]
66 KNF (unexpand) 67 KNF (unexpand)
@@ -69,7 +70,11 @@
69 remove extra debug() 70 remove extra debug()
70 - markus@cvs.openbsd.org 2001/11/11 13:02:31 71 - markus@cvs.openbsd.org 2001/11/11 13:02:31
71 [servconf.c] 72 [servconf.c]
72 make AuthorizedKeysFile2 fallback to AuthorizedKeysFile if AuthorizedKeysFile is specified. 73 make AuthorizedKeysFile2 fallback to AuthorizedKeysFile if
74 AuthorizedKeysFile is specified.
75 - (djm) Reorder portable-specific server options so that they come first.
76 This should help reduce diff collisions for new server options (as they
77 will appear at the end)
73 78
7420011109 7920011109
75 - (stevesk) auth-pam.c: use do_pam_authenticate(PAM_DISALLOW_NULL_AUTHTOK) 80 - (stevesk) auth-pam.c: use do_pam_authenticate(PAM_DISALLOW_NULL_AUTHTOK)
@@ -6882,4 +6887,4 @@
6882 - Wrote replacements for strlcpy and mkdtemp 6887 - Wrote replacements for strlcpy and mkdtemp
6883 - Released 1.0pre1 6888 - Released 1.0pre1
6884 6889
6885$Id: ChangeLog,v 1.1656 2001/11/12 00:14:35 djm Exp $ 6890$Id: ChangeLog,v 1.1657 2001/11/12 00:40:11 djm Exp $
diff --git a/servconf.c b/servconf.c
index d82e84275..8e362b04d 100644
--- a/servconf.c
+++ b/servconf.c
@@ -43,6 +43,11 @@ void
43initialize_server_options(ServerOptions *options) 43initialize_server_options(ServerOptions *options)
44{ 44{
45 memset(options, 0, sizeof(*options)); 45 memset(options, 0, sizeof(*options));
46
47 /* Portable-specific options */
48 options->pam_authentication_via_kbd_int = -1;
49
50 /* Standard Options */
46 options->num_ports = 0; 51 options->num_ports = 0;
47 options->ports_from_cmdline = 0; 52 options->ports_from_cmdline = 0;
48 options->listen_addrs = NULL; 53 options->listen_addrs = NULL;
@@ -104,12 +109,16 @@ initialize_server_options(ServerOptions *options)
104 options->client_alive_count_max = -1; 109 options->client_alive_count_max = -1;
105 options->authorized_keys_file = NULL; 110 options->authorized_keys_file = NULL;
106 options->authorized_keys_file2 = NULL; 111 options->authorized_keys_file2 = NULL;
107 options->pam_authentication_via_kbd_int = -1;
108} 112}
109 113
110void 114void
111fill_default_server_options(ServerOptions *options) 115fill_default_server_options(ServerOptions *options)
112{ 116{
117 /* Portable-specific options */
118 if (options->pam_authentication_via_kbd_int == -1)
119 options->pam_authentication_via_kbd_int = 0;
120
121 /* Standard Options */
113 if (options->protocol == SSH_PROTO_UNKNOWN) 122 if (options->protocol == SSH_PROTO_UNKNOWN)
114 options->protocol = SSH_PROTO_1|SSH_PROTO_2; 123 options->protocol = SSH_PROTO_1|SSH_PROTO_2;
115 if (options->num_host_key_files == 0) { 124 if (options->num_host_key_files == 0) {
@@ -222,13 +231,14 @@ fill_default_server_options(ServerOptions *options)
222 } 231 }
223 if (options->authorized_keys_file == NULL) 232 if (options->authorized_keys_file == NULL)
224 options->authorized_keys_file = _PATH_SSH_USER_PERMITTED_KEYS; 233 options->authorized_keys_file = _PATH_SSH_USER_PERMITTED_KEYS;
225 if (options->pam_authentication_via_kbd_int == -1)
226 options->pam_authentication_via_kbd_int = 0;
227} 234}
228 235
229/* Keyword tokens. */ 236/* Keyword tokens. */
230typedef enum { 237typedef enum {
231 sBadOption, /* == unknown option */ 238 sBadOption, /* == unknown option */
239 /* Portable-specific options */
240 sPAMAuthenticationViaKbdInt,
241 /* Standard Options */
232 sPort, sHostKeyFile, sServerKeyBits, sLoginGraceTime, sKeyRegenerationTime, 242 sPort, sHostKeyFile, sServerKeyBits, sLoginGraceTime, sKeyRegenerationTime,
233 sPermitRootLogin, sLogFacility, sLogLevel, 243 sPermitRootLogin, sLogFacility, sLogLevel,
234 sRhostsAuthentication, sRhostsRSAAuthentication, sRSAAuthentication, 244 sRhostsAuthentication, sRhostsRSAAuthentication, sRSAAuthentication,
@@ -253,7 +263,7 @@ typedef enum {
253 sBanner, sReverseMappingCheck, sHostbasedAuthentication, 263 sBanner, sReverseMappingCheck, sHostbasedAuthentication,
254 sHostbasedUsesNameFromPacketOnly, sClientAliveInterval, 264 sHostbasedUsesNameFromPacketOnly, sClientAliveInterval,
255 sClientAliveCountMax, sAuthorizedKeysFile, sAuthorizedKeysFile2, 265 sClientAliveCountMax, sAuthorizedKeysFile, sAuthorizedKeysFile2,
256 sDeprecated, sPAMAuthenticationViaKbdInt 266 sDeprecated
257} ServerOpCodes; 267} ServerOpCodes;
258 268
259/* Textual representation of the tokens. */ 269/* Textual representation of the tokens. */
@@ -261,6 +271,9 @@ static struct {
261 const char *name; 271 const char *name;
262 ServerOpCodes opcode; 272 ServerOpCodes opcode;
263} keywords[] = { 273} keywords[] = {
274 /* Portable-specific options */
275 { "PAMAuthenticationViaKbdInt", sPAMAuthenticationViaKbdInt },
276 /* Standard Options */
264 { "port", sPort }, 277 { "port", sPort },
265 { "hostkey", sHostKeyFile }, 278 { "hostkey", sHostKeyFile },
266 { "hostdsakey", sHostKeyFile }, /* alias */ 279 { "hostdsakey", sHostKeyFile }, /* alias */
@@ -323,7 +336,6 @@ static struct {
323 { "clientalivecountmax", sClientAliveCountMax }, 336 { "clientalivecountmax", sClientAliveCountMax },
324 { "authorizedkeysfile", sAuthorizedKeysFile }, 337 { "authorizedkeysfile", sAuthorizedKeysFile },
325 { "authorizedkeysfile2", sAuthorizedKeysFile2 }, 338 { "authorizedkeysfile2", sAuthorizedKeysFile2 },
326 { "PAMAuthenticationViaKbdInt", sPAMAuthenticationViaKbdInt },
327 { NULL, 0 } 339 { NULL, 0 }
328}; 340};
329 341
@@ -417,6 +429,13 @@ read_server_config(ServerOptions *options, const char *filename)
417 case sBadOption: 429 case sBadOption:
418 bad_options++; 430 bad_options++;
419 continue; 431 continue;
432
433 /* Portable-specific options */
434 case sPAMAuthenticationViaKbdInt:
435 intptr = &options->pam_authentication_via_kbd_int;
436 goto parse_flag;
437
438 /* Standard Options */
420 case sPort: 439 case sPort:
421 /* ignore ports from configfile if cmdline specifies ports */ 440 /* ignore ports from configfile if cmdline specifies ports */
422 if (options->ports_from_cmdline) 441 if (options->ports_from_cmdline)
@@ -849,10 +868,6 @@ parse_flag:
849 arg = strdelim(&cp); 868 arg = strdelim(&cp);
850 break; 869 break;
851 870
852 case sPAMAuthenticationViaKbdInt:
853 intptr = &options->pam_authentication_via_kbd_int;
854 goto parse_flag;
855
856 default: 871 default:
857 fatal("%s line %d: Missing handler for opcode %s (%d)", 872 fatal("%s line %d: Missing handler for opcode %s (%d)",
858 filename, linenum, arg, opcode); 873 filename, linenum, arg, opcode);