diff options
| -rw-r--r-- | ChangeLog | 5 | ||||
| -rw-r--r-- | readconf.c | 38 | ||||
| -rw-r--r-- | servconf.c | 26 |
3 files changed, 48 insertions, 21 deletions
| @@ -4,6 +4,9 @@ | |||
| 4 | [ssh.c] | 4 | [ssh.c] |
| 5 | Make "ssh -V" print the OpenSSL version in a human readable form. Patch | 5 | Make "ssh -V" print the OpenSSL version in a human readable form. Patch |
| 6 | from Craig Leres (mindrot at ee.lbl.gov); ok markus@ | 6 | from Craig Leres (mindrot at ee.lbl.gov); ok markus@ |
| 7 | - jakob@cvs.openbsd.org 2003/05/15 14:02:47 | ||
| 8 | [readconf.c servconf.c] | ||
| 9 | warn for unsupported config option. ok markus@ | ||
| 7 | 10 | ||
| 8 | 20030515 | 11 | 20030515 |
| 9 | - (djm) OpenBSD CVS Sync | 12 | - (djm) OpenBSD CVS Sync |
| @@ -1535,4 +1538,4 @@ | |||
| 1535 | save auth method before monitor_reset_key_state(); bugzilla bug #284; | 1538 | save auth method before monitor_reset_key_state(); bugzilla bug #284; |
| 1536 | ok provos@ | 1539 | ok provos@ |
| 1537 | 1540 | ||
| 1538 | $Id: ChangeLog,v 1.2724 2003/05/16 01:38:00 djm Exp $ | 1541 | $Id: ChangeLog,v 1.2725 2003/05/16 01:38:32 djm Exp $ |
diff --git a/readconf.c b/readconf.c index 3f2ac4e3e..fee7a8993 100644 --- a/readconf.c +++ b/readconf.c | |||
| @@ -12,7 +12,7 @@ | |||
| 12 | */ | 12 | */ |
| 13 | 13 | ||
| 14 | #include "includes.h" | 14 | #include "includes.h" |
| 15 | RCSID("$OpenBSD: readconf.c,v 1.109 2003/05/15 04:08:44 jakob Exp $"); | 15 | RCSID("$OpenBSD: readconf.c,v 1.110 2003/05/15 14:02:47 jakob Exp $"); |
| 16 | 16 | ||
| 17 | #include "ssh.h" | 17 | #include "ssh.h" |
| 18 | #include "xmalloc.h" | 18 | #include "xmalloc.h" |
| @@ -107,7 +107,7 @@ typedef enum { | |||
| 107 | oHostKeyAlgorithms, oBindAddress, oSmartcardDevice, | 107 | oHostKeyAlgorithms, oBindAddress, oSmartcardDevice, |
| 108 | oClearAllForwardings, oNoHostAuthenticationForLocalhost, | 108 | oClearAllForwardings, oNoHostAuthenticationForLocalhost, |
| 109 | oEnableSSHKeysign, oRekeyLimit, oVerifyHostKeyDNS, | 109 | oEnableSSHKeysign, oRekeyLimit, oVerifyHostKeyDNS, |
| 110 | oDeprecated | 110 | oDeprecated, oUnsupported |
| 111 | } OpCodes; | 111 | } OpCodes; |
| 112 | 112 | ||
| 113 | /* Textual representations of the tokens. */ | 113 | /* Textual representations of the tokens. */ |
| @@ -133,9 +133,18 @@ static struct { | |||
| 133 | { "challengeresponseauthentication", oChallengeResponseAuthentication }, | 133 | { "challengeresponseauthentication", oChallengeResponseAuthentication }, |
| 134 | { "skeyauthentication", oChallengeResponseAuthentication }, /* alias */ | 134 | { "skeyauthentication", oChallengeResponseAuthentication }, /* alias */ |
| 135 | { "tisauthentication", oChallengeResponseAuthentication }, /* alias */ | 135 | { "tisauthentication", oChallengeResponseAuthentication }, /* alias */ |
| 136 | #if defined(KRB4) || defined(KRB5) | ||
| 136 | { "kerberosauthentication", oKerberosAuthentication }, | 137 | { "kerberosauthentication", oKerberosAuthentication }, |
| 137 | { "kerberostgtpassing", oKerberosTgtPassing }, | 138 | { "kerberostgtpassing", oKerberosTgtPassing }, |
| 139 | #else | ||
| 140 | { "kerberosauthentication", oUnsupported }, | ||
| 141 | { "kerberostgtpassing", oUnsupported }, | ||
| 142 | #endif | ||
| 143 | #if defined(AFS) | ||
| 138 | { "afstokenpassing", oAFSTokenPassing }, | 144 | { "afstokenpassing", oAFSTokenPassing }, |
| 145 | #else | ||
| 146 | { "afstokenpassing", oUnsupported }, | ||
| 147 | #endif | ||
| 139 | { "fallbacktorsh", oDeprecated }, | 148 | { "fallbacktorsh", oDeprecated }, |
| 140 | { "usersh", oDeprecated }, | 149 | { "usersh", oDeprecated }, |
| 141 | { "identityfile", oIdentityFile }, | 150 | { "identityfile", oIdentityFile }, |
| @@ -170,10 +179,18 @@ static struct { | |||
| 170 | { "preferredauthentications", oPreferredAuthentications }, | 179 | { "preferredauthentications", oPreferredAuthentications }, |
| 171 | { "hostkeyalgorithms", oHostKeyAlgorithms }, | 180 | { "hostkeyalgorithms", oHostKeyAlgorithms }, |
| 172 | { "bindaddress", oBindAddress }, | 181 | { "bindaddress", oBindAddress }, |
| 182 | #ifdef SMARTCARD | ||
| 173 | { "smartcarddevice", oSmartcardDevice }, | 183 | { "smartcarddevice", oSmartcardDevice }, |
| 184 | #else | ||
| 185 | { "smartcarddevice", oUnsupported }, | ||
| 186 | #endif | ||
| 174 | { "clearallforwardings", oClearAllForwardings }, | 187 | { "clearallforwardings", oClearAllForwardings }, |
| 175 | { "enablesshkeysign", oEnableSSHKeysign }, | 188 | { "enablesshkeysign", oEnableSSHKeysign }, |
| 189 | #ifdef DNS | ||
| 176 | { "verifyhostkeydns", oVerifyHostKeyDNS }, | 190 | { "verifyhostkeydns", oVerifyHostKeyDNS }, |
| 191 | #else | ||
| 192 | { "verifyhostkeydns", oUnsupported }, | ||
| 193 | #endif | ||
| 177 | { "nohostauthenticationforlocalhost", oNoHostAuthenticationForLocalhost }, | 194 | { "nohostauthenticationforlocalhost", oNoHostAuthenticationForLocalhost }, |
| 178 | { "rekeylimit", oRekeyLimit }, | 195 | { "rekeylimit", oRekeyLimit }, |
| 179 | { NULL, oBadOption } | 196 | { NULL, oBadOption } |
| @@ -697,6 +714,11 @@ parse_int: | |||
| 697 | filename, linenum, keyword); | 714 | filename, linenum, keyword); |
| 698 | return 0; | 715 | return 0; |
| 699 | 716 | ||
| 717 | case oUnsupported: | ||
| 718 | error("%s line %d: Unsupported option \"%s\"", | ||
| 719 | filename, linenum, keyword); | ||
| 720 | return 0; | ||
| 721 | |||
| 700 | default: | 722 | default: |
| 701 | fatal("process_config_line: Unimplemented opcode %d", opcode); | 723 | fatal("process_config_line: Unimplemented opcode %d", opcode); |
| 702 | } | 724 | } |
| @@ -844,23 +866,11 @@ fill_default_options(Options * options) | |||
| 844 | if (options->challenge_response_authentication == -1) | 866 | if (options->challenge_response_authentication == -1) |
| 845 | options->challenge_response_authentication = 1; | 867 | options->challenge_response_authentication = 1; |
| 846 | if (options->kerberos_authentication == -1) | 868 | if (options->kerberos_authentication == -1) |
| 847 | #if defined(KRB4) || defined(KRB5) | ||
| 848 | options->kerberos_authentication = 1; | 869 | options->kerberos_authentication = 1; |
| 849 | #else | ||
| 850 | options->kerberos_authentication = 0; | ||
| 851 | #endif | ||
| 852 | if (options->kerberos_tgt_passing == -1) | 870 | if (options->kerberos_tgt_passing == -1) |
| 853 | #if defined(KRB4) || defined(KRB5) | ||
| 854 | options->kerberos_tgt_passing = 1; | 871 | options->kerberos_tgt_passing = 1; |
| 855 | #else | ||
| 856 | options->kerberos_tgt_passing = 0; | ||
| 857 | #endif | ||
| 858 | if (options->afs_token_passing == -1) | 872 | if (options->afs_token_passing == -1) |
| 859 | #if defined(AFS) | ||
| 860 | options->afs_token_passing = 1; | 873 | options->afs_token_passing = 1; |
| 861 | #else | ||
| 862 | options->afs_token_passing = 0; | ||
| 863 | #endif | ||
| 864 | if (options->password_authentication == -1) | 874 | if (options->password_authentication == -1) |
| 865 | options->password_authentication = 1; | 875 | options->password_authentication = 1; |
| 866 | if (options->kbd_interactive_authentication == -1) | 876 | if (options->kbd_interactive_authentication == -1) |
diff --git a/servconf.c b/servconf.c index 5840961e3..f37193a8f 100644 --- a/servconf.c +++ b/servconf.c | |||
| @@ -10,7 +10,7 @@ | |||
| 10 | */ | 10 | */ |
| 11 | 11 | ||
| 12 | #include "includes.h" | 12 | #include "includes.h" |
| 13 | RCSID("$OpenBSD: servconf.c,v 1.120 2003/05/15 04:08:44 jakob Exp $"); | 13 | RCSID("$OpenBSD: servconf.c,v 1.121 2003/05/15 14:02:47 jakob Exp $"); |
| 14 | 14 | ||
| 15 | #if defined(KRB4) | 15 | #if defined(KRB4) |
| 16 | #include <krb.h> | 16 | #include <krb.h> |
| @@ -207,11 +207,7 @@ fill_default_server_options(ServerOptions *options) | |||
| 207 | if (options->kerberos_or_local_passwd == -1) | 207 | if (options->kerberos_or_local_passwd == -1) |
| 208 | options->kerberos_or_local_passwd = 1; | 208 | options->kerberos_or_local_passwd = 1; |
| 209 | if (options->kerberos_ticket_cleanup == -1) | 209 | if (options->kerberos_ticket_cleanup == -1) |
| 210 | #if defined(KRB4) || defined(KRB5) | ||
| 211 | options->kerberos_ticket_cleanup = 1; | 210 | options->kerberos_ticket_cleanup = 1; |
| 212 | #else | ||
| 213 | options->kerberos_ticket_cleanup = 0; | ||
| 214 | #endif | ||
| 215 | if (options->kerberos_tgt_passing == -1) | 211 | if (options->kerberos_tgt_passing == -1) |
| 216 | options->kerberos_tgt_passing = 0; | 212 | options->kerberos_tgt_passing = 0; |
| 217 | if (options->afs_token_passing == -1) | 213 | if (options->afs_token_passing == -1) |
| @@ -294,7 +290,7 @@ typedef enum { | |||
| 294 | sHostbasedUsesNameFromPacketOnly, sClientAliveInterval, | 290 | sHostbasedUsesNameFromPacketOnly, sClientAliveInterval, |
| 295 | sClientAliveCountMax, sAuthorizedKeysFile, sAuthorizedKeysFile2, | 291 | sClientAliveCountMax, sAuthorizedKeysFile, sAuthorizedKeysFile2, |
| 296 | sUsePrivilegeSeparation, | 292 | sUsePrivilegeSeparation, |
| 297 | sDeprecated | 293 | sDeprecated, sUnsupported |
| 298 | } ServerOpCodes; | 294 | } ServerOpCodes; |
| 299 | 295 | ||
| 300 | /* Textual representation of the tokens. */ | 296 | /* Textual representation of the tokens. */ |
| @@ -322,11 +318,22 @@ static struct { | |||
| 322 | { "rsaauthentication", sRSAAuthentication }, | 318 | { "rsaauthentication", sRSAAuthentication }, |
| 323 | { "pubkeyauthentication", sPubkeyAuthentication }, | 319 | { "pubkeyauthentication", sPubkeyAuthentication }, |
| 324 | { "dsaauthentication", sPubkeyAuthentication }, /* alias */ | 320 | { "dsaauthentication", sPubkeyAuthentication }, /* alias */ |
| 321 | #if defined(KRB4) || defined(KRB5) | ||
| 325 | { "kerberosauthentication", sKerberosAuthentication }, | 322 | { "kerberosauthentication", sKerberosAuthentication }, |
| 326 | { "kerberosorlocalpasswd", sKerberosOrLocalPasswd }, | 323 | { "kerberosorlocalpasswd", sKerberosOrLocalPasswd }, |
| 327 | { "kerberosticketcleanup", sKerberosTicketCleanup }, | 324 | { "kerberosticketcleanup", sKerberosTicketCleanup }, |
| 328 | { "kerberostgtpassing", sKerberosTgtPassing }, | 325 | { "kerberostgtpassing", sKerberosTgtPassing }, |
| 326 | #else | ||
| 327 | { "kerberosauthentication", sUnsupported }, | ||
| 328 | { "kerberosorlocalpasswd", sUnsupported }, | ||
| 329 | { "kerberosticketcleanup", sUnsupported }, | ||
| 330 | { "kerberostgtpassing", sUnsupported }, | ||
| 331 | #endif | ||
| 332 | #if defined(AFS) | ||
| 329 | { "afstokenpassing", sAFSTokenPassing }, | 333 | { "afstokenpassing", sAFSTokenPassing }, |
| 334 | #else | ||
| 335 | { "afstokenpassing", sUnsupported }, | ||
| 336 | #endif | ||
| 330 | { "passwordauthentication", sPasswordAuthentication }, | 337 | { "passwordauthentication", sPasswordAuthentication }, |
| 331 | { "kbdinteractiveauthentication", sKbdInteractiveAuthentication }, | 338 | { "kbdinteractiveauthentication", sKbdInteractiveAuthentication }, |
| 332 | { "challengeresponseauthentication", sChallengeResponseAuthentication }, | 339 | { "challengeresponseauthentication", sChallengeResponseAuthentication }, |
| @@ -899,6 +906,13 @@ parse_flag: | |||
| 899 | arg = strdelim(&cp); | 906 | arg = strdelim(&cp); |
| 900 | break; | 907 | break; |
| 901 | 908 | ||
| 909 | case sUnsupported: | ||
| 910 | logit("%s line %d: Unsupported option %s", | ||
| 911 | filename, linenum, arg); | ||
| 912 | while (arg) | ||
| 913 | arg = strdelim(&cp); | ||
| 914 | break; | ||
| 915 | |||
| 902 | default: | 916 | default: |
| 903 | fatal("%s line %d: Missing handler for opcode %s (%d)", | 917 | fatal("%s line %d: Missing handler for opcode %s (%d)", |
| 904 | filename, linenum, arg, opcode); | 918 | filename, linenum, arg, opcode); |