diff options
Diffstat (limited to 'readconf.c')
| -rw-r--r-- | readconf.c | 51 |
1 files changed, 50 insertions, 1 deletions
diff --git a/readconf.c b/readconf.c index 0d551b9ae..091029a19 100644 --- a/readconf.c +++ b/readconf.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: readconf.c,v 1.187 2010/07/19 09:15:12 djm Exp $ */ | 1 | /* $OpenBSD: readconf.c,v 1.190 2010/11/13 23:27:50 djm Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
| 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
| @@ -19,6 +19,8 @@ | |||
| 19 | #include <sys/socket.h> | 19 | #include <sys/socket.h> |
| 20 | 20 | ||
| 21 | #include <netinet/in.h> | 21 | #include <netinet/in.h> |
| 22 | #include <netinet/in_systm.h> | ||
| 23 | #include <netinet/ip.h> | ||
| 22 | 24 | ||
| 23 | #include <ctype.h> | 25 | #include <ctype.h> |
| 24 | #include <errno.h> | 26 | #include <errno.h> |
| @@ -134,6 +136,7 @@ typedef enum { | |||
| 134 | oHashKnownHosts, | 136 | oHashKnownHosts, |
| 135 | oTunnel, oTunnelDevice, oLocalCommand, oPermitLocalCommand, | 137 | oTunnel, oTunnelDevice, oLocalCommand, oPermitLocalCommand, |
| 136 | oVisualHostKey, oUseRoaming, oZeroKnowledgePasswordAuthentication, | 138 | oVisualHostKey, oUseRoaming, oZeroKnowledgePasswordAuthentication, |
| 139 | oKexAlgorithms, oIPQoS, | ||
| 137 | oDeprecated, oUnsupported | 140 | oDeprecated, oUnsupported |
| 138 | } OpCodes; | 141 | } OpCodes; |
| 139 | 142 | ||
| @@ -251,6 +254,8 @@ static struct { | |||
| 251 | #else | 254 | #else |
| 252 | { "zeroknowledgepasswordauthentication", oUnsupported }, | 255 | { "zeroknowledgepasswordauthentication", oUnsupported }, |
| 253 | #endif | 256 | #endif |
| 257 | { "kexalgorithms", oKexAlgorithms }, | ||
| 258 | { "ipqos", oIPQoS }, | ||
| 254 | 259 | ||
| 255 | { NULL, oBadOption } | 260 | { NULL, oBadOption } |
| 256 | }; | 261 | }; |
| @@ -730,6 +735,18 @@ parse_int: | |||
| 730 | options->macs = xstrdup(arg); | 735 | options->macs = xstrdup(arg); |
| 731 | break; | 736 | break; |
| 732 | 737 | ||
| 738 | case oKexAlgorithms: | ||
| 739 | arg = strdelim(&s); | ||
| 740 | if (!arg || *arg == '\0') | ||
| 741 | fatal("%.200s line %d: Missing argument.", | ||
| 742 | filename, linenum); | ||
| 743 | if (!kex_names_valid(arg)) | ||
| 744 | fatal("%.200s line %d: Bad SSH2 KexAlgorithms '%s'.", | ||
| 745 | filename, linenum, arg ? arg : "<NONE>"); | ||
| 746 | if (*activep && options->kex_algorithms == NULL) | ||
| 747 | options->kex_algorithms = xstrdup(arg); | ||
| 748 | break; | ||
| 749 | |||
| 733 | case oHostKeyAlgorithms: | 750 | case oHostKeyAlgorithms: |
| 734 | arg = strdelim(&s); | 751 | arg = strdelim(&s); |
| 735 | if (!arg || *arg == '\0') | 752 | if (!arg || *arg == '\0') |
| @@ -990,6 +1007,23 @@ parse_int: | |||
| 990 | intptr = &options->visual_host_key; | 1007 | intptr = &options->visual_host_key; |
| 991 | goto parse_flag; | 1008 | goto parse_flag; |
| 992 | 1009 | ||
| 1010 | case oIPQoS: | ||
| 1011 | arg = strdelim(&s); | ||
| 1012 | if ((value = parse_ipqos(arg)) == -1) | ||
| 1013 | fatal("%s line %d: Bad IPQoS value: %s", | ||
| 1014 | filename, linenum, arg); | ||
| 1015 | arg = strdelim(&s); | ||
| 1016 | if (arg == NULL) | ||
| 1017 | value2 = value; | ||
| 1018 | else if ((value2 = parse_ipqos(arg)) == -1) | ||
| 1019 | fatal("%s line %d: Bad IPQoS value: %s", | ||
| 1020 | filename, linenum, arg); | ||
| 1021 | if (*activep) { | ||
| 1022 | options->ip_qos_interactive = value; | ||
| 1023 | options->ip_qos_bulk = value2; | ||
| 1024 | } | ||
| 1025 | break; | ||
| 1026 | |||
| 993 | case oUseRoaming: | 1027 | case oUseRoaming: |
| 994 | intptr = &options->use_roaming; | 1028 | intptr = &options->use_roaming; |
| 995 | goto parse_flag; | 1029 | goto parse_flag; |
| @@ -1114,6 +1148,7 @@ initialize_options(Options * options) | |||
| 1114 | options->cipher = -1; | 1148 | options->cipher = -1; |
| 1115 | options->ciphers = NULL; | 1149 | options->ciphers = NULL; |
| 1116 | options->macs = NULL; | 1150 | options->macs = NULL; |
| 1151 | options->kex_algorithms = NULL; | ||
| 1117 | options->hostkeyalgorithms = NULL; | 1152 | options->hostkeyalgorithms = NULL; |
| 1118 | options->protocol = SSH_PROTO_UNKNOWN; | 1153 | options->protocol = SSH_PROTO_UNKNOWN; |
| 1119 | options->num_identity_files = 0; | 1154 | options->num_identity_files = 0; |
| @@ -1156,6 +1191,8 @@ initialize_options(Options * options) | |||
| 1156 | options->use_roaming = -1; | 1191 | options->use_roaming = -1; |
| 1157 | options->visual_host_key = -1; | 1192 | options->visual_host_key = -1; |
| 1158 | options->zero_knowledge_password_authentication = -1; | 1193 | options->zero_knowledge_password_authentication = -1; |
| 1194 | options->ip_qos_interactive = -1; | ||
| 1195 | options->ip_qos_bulk = -1; | ||
| 1159 | } | 1196 | } |
| 1160 | 1197 | ||
| 1161 | /* | 1198 | /* |
| @@ -1233,6 +1270,7 @@ fill_default_options(Options * options) | |||
| 1233 | options->cipher = SSH_CIPHER_NOT_SET; | 1270 | options->cipher = SSH_CIPHER_NOT_SET; |
| 1234 | /* options->ciphers, default set in myproposals.h */ | 1271 | /* options->ciphers, default set in myproposals.h */ |
| 1235 | /* options->macs, default set in myproposals.h */ | 1272 | /* options->macs, default set in myproposals.h */ |
| 1273 | /* options->kex_algorithms, default set in myproposals.h */ | ||
| 1236 | /* options->hostkeyalgorithms, default set in myproposals.h */ | 1274 | /* options->hostkeyalgorithms, default set in myproposals.h */ |
| 1237 | if (options->protocol == SSH_PROTO_UNKNOWN) | 1275 | if (options->protocol == SSH_PROTO_UNKNOWN) |
| 1238 | options->protocol = SSH_PROTO_2; | 1276 | options->protocol = SSH_PROTO_2; |
| @@ -1256,6 +1294,13 @@ fill_default_options(Options * options) | |||
| 1256 | xmalloc(len); | 1294 | xmalloc(len); |
| 1257 | snprintf(options->identity_files[options->num_identity_files++], | 1295 | snprintf(options->identity_files[options->num_identity_files++], |
| 1258 | len, "~/%.100s", _PATH_SSH_CLIENT_ID_DSA); | 1296 | len, "~/%.100s", _PATH_SSH_CLIENT_ID_DSA); |
| 1297 | #ifdef OPENSSL_HAS_ECC | ||
| 1298 | len = 2 + strlen(_PATH_SSH_CLIENT_ID_ECDSA) + 1; | ||
| 1299 | options->identity_files[options->num_identity_files] = | ||
| 1300 | xmalloc(len); | ||
| 1301 | snprintf(options->identity_files[options->num_identity_files++], | ||
| 1302 | len, "~/%.100s", _PATH_SSH_CLIENT_ID_ECDSA); | ||
| 1303 | #endif | ||
| 1259 | } | 1304 | } |
| 1260 | } | 1305 | } |
| 1261 | if (options->escape_char == -1) | 1306 | if (options->escape_char == -1) |
| @@ -1308,6 +1353,10 @@ fill_default_options(Options * options) | |||
| 1308 | options->visual_host_key = 0; | 1353 | options->visual_host_key = 0; |
| 1309 | if (options->zero_knowledge_password_authentication == -1) | 1354 | if (options->zero_knowledge_password_authentication == -1) |
| 1310 | options->zero_knowledge_password_authentication = 0; | 1355 | options->zero_knowledge_password_authentication = 0; |
| 1356 | if (options->ip_qos_interactive == -1) | ||
| 1357 | options->ip_qos_interactive = IPTOS_LOWDELAY; | ||
| 1358 | if (options->ip_qos_bulk == -1) | ||
| 1359 | options->ip_qos_bulk = IPTOS_THROUGHPUT; | ||
| 1311 | /* options->local_command should not be set by default */ | 1360 | /* options->local_command should not be set by default */ |
| 1312 | /* options->proxy_command should not be set by default */ | 1361 | /* options->proxy_command should not be set by default */ |
| 1313 | /* options->user will be set in the main program if appropriate */ | 1362 | /* options->user will be set in the main program if appropriate */ |