summaryrefslogtreecommitdiff
path: root/readconf.c
diff options
context:
space:
mode:
Diffstat (limited to 'readconf.c')
-rw-r--r--readconf.c72
1 files changed, 46 insertions, 26 deletions
diff --git a/readconf.c b/readconf.c
index 6ac8beae0..5429fc2ad 100644
--- a/readconf.c
+++ b/readconf.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: readconf.c,v 1.215 2013/12/06 13:39:49 markus Exp $ */ 1/* $OpenBSD: readconf.c,v 1.218 2014/02/23 20:11:36 djm Exp $ */
2/* 2/*
3 * Author: Tatu Ylonen <ylo@cs.hut.fi> 3 * Author: Tatu Ylonen <ylo@cs.hut.fi>
4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland 4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -22,6 +22,7 @@
22#include <netinet/in.h> 22#include <netinet/in.h>
23#include <netinet/in_systm.h> 23#include <netinet/in_systm.h>
24#include <netinet/ip.h> 24#include <netinet/ip.h>
25#include <arpa/inet.h>
25 26
26#include <ctype.h> 27#include <ctype.h>
27#include <errno.h> 28#include <errno.h>
@@ -148,7 +149,7 @@ typedef enum {
148 oSendEnv, oControlPath, oControlMaster, oControlPersist, 149 oSendEnv, oControlPath, oControlMaster, oControlPersist,
149 oHashKnownHosts, 150 oHashKnownHosts,
150 oTunnel, oTunnelDevice, oLocalCommand, oPermitLocalCommand, 151 oTunnel, oTunnelDevice, oLocalCommand, oPermitLocalCommand,
151 oVisualHostKey, oUseRoaming, oZeroKnowledgePasswordAuthentication, 152 oVisualHostKey, oUseRoaming,
152 oKexAlgorithms, oIPQoS, oRequestTTY, oIgnoreUnknown, oProxyUseFdpass, 153 oKexAlgorithms, oIPQoS, oRequestTTY, oIgnoreUnknown, oProxyUseFdpass,
153 oCanonicalDomains, oCanonicalizeHostname, oCanonicalizeMaxDots, 154 oCanonicalDomains, oCanonicalizeHostname, oCanonicalizeMaxDots,
154 oCanonicalizeFallbackLocal, oCanonicalizePermittedCNAMEs, 155 oCanonicalizeFallbackLocal, oCanonicalizePermittedCNAMEs,
@@ -266,12 +267,6 @@ static struct {
266 { "permitlocalcommand", oPermitLocalCommand }, 267 { "permitlocalcommand", oPermitLocalCommand },
267 { "visualhostkey", oVisualHostKey }, 268 { "visualhostkey", oVisualHostKey },
268 { "useroaming", oUseRoaming }, 269 { "useroaming", oUseRoaming },
269#ifdef JPAKE
270 { "zeroknowledgepasswordauthentication",
271 oZeroKnowledgePasswordAuthentication },
272#else
273 { "zeroknowledgepasswordauthentication", oUnsupported },
274#endif
275 { "kexalgorithms", oKexAlgorithms }, 270 { "kexalgorithms", oKexAlgorithms },
276 { "ipqos", oIPQoS }, 271 { "ipqos", oIPQoS },
277 { "requesttty", oRequestTTY }, 272 { "requesttty", oRequestTTY },
@@ -559,16 +554,27 @@ match_cfg_line(Options *options, char **condition, struct passwd *pw,
559 "r", ruser, 554 "r", ruser,
560 "u", pw->pw_name, 555 "u", pw->pw_name,
561 (char *)NULL); 556 (char *)NULL);
562 r = execute_in_shell(cmd); 557 if (result != 1) {
563 if (r == -1) { 558 /* skip execution if prior predicate failed */
564 fatal("%.200s line %d: match exec '%.100s' " 559 debug("%.200s line %d: skipped exec \"%.100s\"",
565 "error", filename, linenum, cmd);
566 } else if (r == 0) {
567 debug("%.200s line %d: matched "
568 "'exec \"%.100s\"' ",
569 filename, linenum, cmd); 560 filename, linenum, cmd);
570 } else 561 } else {
571 result = 0; 562 r = execute_in_shell(cmd);
563 if (r == -1) {
564 fatal("%.200s line %d: match exec "
565 "'%.100s' error", filename,
566 linenum, cmd);
567 } else if (r == 0) {
568 debug("%.200s line %d: matched "
569 "'exec \"%.100s\"'", filename,
570 linenum, cmd);
571 } else {
572 debug("%.200s line %d: no match "
573 "'exec \"%.100s\"'", filename,
574 linenum, cmd);
575 result = 0;
576 }
577 }
572 free(cmd); 578 free(cmd);
573 } else { 579 } else {
574 error("Unsupported Match attribute %s", attrib); 580 error("Unsupported Match attribute %s", attrib);
@@ -820,10 +826,6 @@ parse_time:
820 intptr = &options->password_authentication; 826 intptr = &options->password_authentication;
821 goto parse_flag; 827 goto parse_flag;
822 828
823 case oZeroKnowledgePasswordAuthentication:
824 intptr = &options->zero_knowledge_password_authentication;
825 goto parse_flag;
826
827 case oKbdInteractiveAuthentication: 829 case oKbdInteractiveAuthentication:
828 intptr = &options->kbd_interactive_authentication; 830 intptr = &options->kbd_interactive_authentication;
829 goto parse_flag; 831 goto parse_flag;
@@ -1503,6 +1505,13 @@ read_config_file(const char *filename, struct passwd *pw, const char *host,
1503 return 1; 1505 return 1;
1504} 1506}
1505 1507
1508/* Returns 1 if a string option is unset or set to "none" or 0 otherwise. */
1509int
1510option_clear_or_none(const char *o)
1511{
1512 return o == NULL || strcasecmp(o, "none") == 0;
1513}
1514
1506/* 1515/*
1507 * Initializes options to special values that indicate that they have not yet 1516 * Initializes options to special values that indicate that they have not yet
1508 * been set. Read_config_file will only set options with this value. Options 1517 * been set. Read_config_file will only set options with this value. Options
@@ -1592,7 +1601,6 @@ initialize_options(Options * options)
1592 options->permit_local_command = -1; 1601 options->permit_local_command = -1;
1593 options->use_roaming = -1; 1602 options->use_roaming = -1;
1594 options->visual_host_key = -1; 1603 options->visual_host_key = -1;
1595 options->zero_knowledge_password_authentication = -1;
1596 options->ip_qos_interactive = -1; 1604 options->ip_qos_interactive = -1;
1597 options->ip_qos_bulk = -1; 1605 options->ip_qos_bulk = -1;
1598 options->request_tty = -1; 1606 options->request_tty = -1;
@@ -1606,10 +1614,24 @@ initialize_options(Options * options)
1606} 1614}
1607 1615
1608/* 1616/*
1617 * A petite version of fill_default_options() that just fills the options
1618 * needed for hostname canonicalization to proceed.
1619 */
1620void
1621fill_default_options_for_canonicalization(Options *options)
1622{
1623 if (options->canonicalize_max_dots == -1)
1624 options->canonicalize_max_dots = 1;
1625 if (options->canonicalize_fallback_local == -1)
1626 options->canonicalize_fallback_local = 1;
1627 if (options->canonicalize_hostname == -1)
1628 options->canonicalize_hostname = SSH_CANONICALISE_NO;
1629}
1630
1631/*
1609 * Called after processing other sources of option data, this fills those 1632 * Called after processing other sources of option data, this fills those
1610 * options for which no value has been specified with their default values. 1633 * options for which no value has been specified with their default values.
1611 */ 1634 */
1612
1613void 1635void
1614fill_default_options(Options * options) 1636fill_default_options(Options * options)
1615{ 1637{
@@ -1759,8 +1781,6 @@ fill_default_options(Options * options)
1759 options->use_roaming = 1; 1781 options->use_roaming = 1;
1760 if (options->visual_host_key == -1) 1782 if (options->visual_host_key == -1)
1761 options->visual_host_key = 0; 1783 options->visual_host_key = 0;
1762 if (options->zero_knowledge_password_authentication == -1)
1763 options->zero_knowledge_password_authentication = 0;
1764 if (options->ip_qos_interactive == -1) 1784 if (options->ip_qos_interactive == -1)
1765 options->ip_qos_interactive = IPTOS_LOWDELAY; 1785 options->ip_qos_interactive = IPTOS_LOWDELAY;
1766 if (options->ip_qos_bulk == -1) 1786 if (options->ip_qos_bulk == -1)
@@ -1777,7 +1797,7 @@ fill_default_options(Options * options)
1777 options->canonicalize_hostname = SSH_CANONICALISE_NO; 1797 options->canonicalize_hostname = SSH_CANONICALISE_NO;
1778#define CLEAR_ON_NONE(v) \ 1798#define CLEAR_ON_NONE(v) \
1779 do { \ 1799 do { \
1780 if (v != NULL && strcasecmp(v, "none") == 0) { \ 1800 if (option_clear_or_none(v)) { \
1781 free(v); \ 1801 free(v); \
1782 v = NULL; \ 1802 v = NULL; \
1783 } \ 1803 } \
generated by cgit v1.2.3 (git 2.39.1) at 2024-11-02 15:12:04 +0000