summaryrefslogtreecommitdiff
path: root/servconf.c
diff options
context:
space:
mode:
Diffstat (limited to 'servconf.c')
-rw-r--r--servconf.c18
1 files changed, 13 insertions, 5 deletions
diff --git a/servconf.c b/servconf.c
index 7d027ddb9..c556986e3 100644
--- a/servconf.c
+++ b/servconf.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: servconf.c,v 1.207 2010/03/25 23:38:28 djm Exp $ */ 1/* $OpenBSD: servconf.c,v 1.208 2010/05/07 11:30:29 djm Exp $ */
2/* 2/*
3 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland 3 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
4 * All rights reserved 4 * All rights reserved
@@ -131,6 +131,7 @@ initialize_server_options(ServerOptions *options)
131 options->zero_knowledge_password_authentication = -1; 131 options->zero_knowledge_password_authentication = -1;
132 options->revoked_keys_file = NULL; 132 options->revoked_keys_file = NULL;
133 options->trusted_user_ca_keys = NULL; 133 options->trusted_user_ca_keys = NULL;
134 options->authorized_principals_file = NULL;
134} 135}
135 136
136void 137void
@@ -310,7 +311,7 @@ typedef enum {
310 sMatch, sPermitOpen, sForceCommand, sChrootDirectory, 311 sMatch, sPermitOpen, sForceCommand, sChrootDirectory,
311 sUsePrivilegeSeparation, sAllowAgentForwarding, 312 sUsePrivilegeSeparation, sAllowAgentForwarding,
312 sZeroKnowledgePasswordAuthentication, sHostCertificate, 313 sZeroKnowledgePasswordAuthentication, sHostCertificate,
313 sRevokedKeys, sTrustedUserCAKeys, 314 sRevokedKeys, sTrustedUserCAKeys, sAuthorizedPrincipalsFile,
314 sDeprecated, sUnsupported 315 sDeprecated, sUnsupported
315} ServerOpCodes; 316} ServerOpCodes;
316 317
@@ -432,6 +433,7 @@ static struct {
432 { "hostcertificate", sHostCertificate, SSHCFG_GLOBAL }, 433 { "hostcertificate", sHostCertificate, SSHCFG_GLOBAL },
433 { "revokedkeys", sRevokedKeys, SSHCFG_ALL }, 434 { "revokedkeys", sRevokedKeys, SSHCFG_ALL },
434 { "trustedusercakeys", sTrustedUserCAKeys, SSHCFG_ALL }, 435 { "trustedusercakeys", sTrustedUserCAKeys, SSHCFG_ALL },
436 { "authorizedprincipalsfile", sAuthorizedPrincipalsFile, SSHCFG_GLOBAL },
435 { NULL, sBadOption, 0 } 437 { NULL, sBadOption, 0 }
436}; 438};
437 439
@@ -1218,10 +1220,14 @@ process_server_config_line(ServerOptions *options, char *line,
1218 * AuthorizedKeysFile /etc/ssh_keys/%u 1220 * AuthorizedKeysFile /etc/ssh_keys/%u
1219 */ 1221 */
1220 case sAuthorizedKeysFile: 1222 case sAuthorizedKeysFile:
1223 charptr = &options->authorized_keys_file;
1224 goto parse_tilde_filename;
1221 case sAuthorizedKeysFile2: 1225 case sAuthorizedKeysFile2:
1222 charptr = (opcode == sAuthorizedKeysFile) ? 1226 charptr = &options->authorized_keys_file2;
1223 &options->authorized_keys_file : 1227 goto parse_tilde_filename;
1224 &options->authorized_keys_file2; 1228 case sAuthorizedPrincipalsFile:
1229 charptr = &options->authorized_principals_file;
1230 parse_tilde_filename:
1225 arg = strdelim(&cp); 1231 arg = strdelim(&cp);
1226 if (!arg || *arg == '\0') 1232 if (!arg || *arg == '\0')
1227 fatal("%s line %d: missing file name.", 1233 fatal("%s line %d: missing file name.",
@@ -1682,6 +1688,8 @@ dump_config(ServerOptions *o)
1682 dump_cfg_string(sChrootDirectory, o->chroot_directory); 1688 dump_cfg_string(sChrootDirectory, o->chroot_directory);
1683 dump_cfg_string(sTrustedUserCAKeys, o->trusted_user_ca_keys); 1689 dump_cfg_string(sTrustedUserCAKeys, o->trusted_user_ca_keys);
1684 dump_cfg_string(sRevokedKeys, o->revoked_keys_file); 1690 dump_cfg_string(sRevokedKeys, o->revoked_keys_file);
1691 dump_cfg_string(sAuthorizedPrincipalsFile,
1692 o->authorized_principals_file);
1685 1693
1686 /* string arguments requiring a lookup */ 1694 /* string arguments requiring a lookup */
1687 dump_cfg_string(sLogLevel, log_level_name(o->log_level)); 1695 dump_cfg_string(sLogLevel, log_level_name(o->log_level));
generated by cgit v1.2.3 (git 2.39.1) at 2024-11-09 22:51:07 +0000