summaryrefslogtreecommitdiff
path: root/servconf.c
diff options
context:
space:
mode:
Diffstat (limited to 'servconf.c')
-rw-r--r--servconf.c30
1 files changed, 28 insertions, 2 deletions
diff --git a/servconf.c b/servconf.c
index 9e420a527..81953bb80 100644
--- a/servconf.c
+++ b/servconf.c
@@ -10,7 +10,7 @@
10 */ 10 */
11 11
12#include "includes.h" 12#include "includes.h"
13RCSID("$OpenBSD: servconf.c,v 1.144 2005/08/06 10:03:12 dtucker Exp $"); 13RCSID("$OpenBSD: servconf.c,v 1.146 2005/12/08 18:34:11 reyk Exp $");
14 14
15#include "ssh.h" 15#include "ssh.h"
16#include "log.h" 16#include "log.h"
@@ -101,6 +101,7 @@ initialize_server_options(ServerOptions *options)
101 options->authorized_keys_file = NULL; 101 options->authorized_keys_file = NULL;
102 options->authorized_keys_file2 = NULL; 102 options->authorized_keys_file2 = NULL;
103 options->num_accept_env = 0; 103 options->num_accept_env = 0;
104 options->permit_tun = -1;
104 105
105 /* Needs to be accessable in many places */ 106 /* Needs to be accessable in many places */
106 use_privsep = -1; 107 use_privsep = -1;
@@ -229,6 +230,8 @@ fill_default_server_options(ServerOptions *options)
229 } 230 }
230 if (options->authorized_keys_file == NULL) 231 if (options->authorized_keys_file == NULL)
231 options->authorized_keys_file = _PATH_SSH_USER_PERMITTED_KEYS; 232 options->authorized_keys_file = _PATH_SSH_USER_PERMITTED_KEYS;
233 if (options->permit_tun == -1)
234 options->permit_tun = SSH_TUNMODE_NO;
232 235
233 /* Turn privilege separation on by default */ 236 /* Turn privilege separation on by default */
234 if (use_privsep == -1) 237 if (use_privsep == -1)
@@ -270,7 +273,7 @@ typedef enum {
270 sBanner, sUseDNS, sHostbasedAuthentication, 273 sBanner, sUseDNS, sHostbasedAuthentication,
271 sHostbasedUsesNameFromPacketOnly, sClientAliveInterval, 274 sHostbasedUsesNameFromPacketOnly, sClientAliveInterval,
272 sClientAliveCountMax, sAuthorizedKeysFile, sAuthorizedKeysFile2, 275 sClientAliveCountMax, sAuthorizedKeysFile, sAuthorizedKeysFile2,
273 sGssAuthentication, sGssCleanupCreds, sAcceptEnv, 276 sGssAuthentication, sGssCleanupCreds, sAcceptEnv, sPermitTunnel,
274 sUsePrivilegeSeparation, 277 sUsePrivilegeSeparation,
275 sDeprecated, sUnsupported 278 sDeprecated, sUnsupported
276} ServerOpCodes; 279} ServerOpCodes;
@@ -373,6 +376,7 @@ static struct {
373 { "authorizedkeysfile2", sAuthorizedKeysFile2 }, 376 { "authorizedkeysfile2", sAuthorizedKeysFile2 },
374 { "useprivilegeseparation", sUsePrivilegeSeparation}, 377 { "useprivilegeseparation", sUsePrivilegeSeparation},
375 { "acceptenv", sAcceptEnv }, 378 { "acceptenv", sAcceptEnv },
379 { "permittunnel", sPermitTunnel },
376 { NULL, sBadOption } 380 { NULL, sBadOption }
377}; 381};
378 382
@@ -962,6 +966,28 @@ parse_flag:
962 } 966 }
963 break; 967 break;
964 968
969 case sPermitTunnel:
970 intptr = &options->permit_tun;
971 arg = strdelim(&cp);
972 if (!arg || *arg == '\0')
973 fatal("%s line %d: Missing yes/point-to-point/"
974 "ethernet/no argument.", filename, linenum);
975 value = 0; /* silence compiler */
976 if (strcasecmp(arg, "ethernet") == 0)
977 value = SSH_TUNMODE_ETHERNET;
978 else if (strcasecmp(arg, "point-to-point") == 0)
979 value = SSH_TUNMODE_POINTOPOINT;
980 else if (strcasecmp(arg, "yes") == 0)
981 value = SSH_TUNMODE_YES;
982 else if (strcasecmp(arg, "no") == 0)
983 value = SSH_TUNMODE_NO;
984 else
985 fatal("%s line %d: Bad yes/point-to-point/ethernet/"
986 "no argument: %s", filename, linenum, arg);
987 if (*intptr == -1)
988 *intptr = value;
989 break;
990
965 case sDeprecated: 991 case sDeprecated:
966 logit("%s line %d: Deprecated option %s", 992 logit("%s line %d: Deprecated option %s",
967 filename, linenum, arg); 993 filename, linenum, arg);
generated by cgit v1.2.3 (git 2.39.1) at 2024-11-11 00:36:26 +0000