diff options
Diffstat (limited to 'servconf.c')
| -rw-r--r-- | servconf.c | 20 |
1 files changed, 19 insertions, 1 deletions
diff --git a/servconf.c b/servconf.c index 9bff59de3..1911ac540 100644 --- a/servconf.c +++ b/servconf.c | |||
| @@ -104,6 +104,7 @@ initialize_server_options(ServerOptions *options) | |||
| 104 | options->password_authentication = -1; | 104 | options->password_authentication = -1; |
| 105 | options->kbd_interactive_authentication = -1; | 105 | options->kbd_interactive_authentication = -1; |
| 106 | options->challenge_response_authentication = -1; | 106 | options->challenge_response_authentication = -1; |
| 107 | options->permit_blacklisted_keys = -1; | ||
| 107 | options->permit_empty_passwd = -1; | 108 | options->permit_empty_passwd = -1; |
| 108 | options->permit_user_env = -1; | 109 | options->permit_user_env = -1; |
| 109 | options->use_login = -1; | 110 | options->use_login = -1; |
| @@ -141,6 +142,7 @@ initialize_server_options(ServerOptions *options) | |||
| 141 | options->authorized_principals_file = NULL; | 142 | options->authorized_principals_file = NULL; |
| 142 | options->ip_qos_interactive = -1; | 143 | options->ip_qos_interactive = -1; |
| 143 | options->ip_qos_bulk = -1; | 144 | options->ip_qos_bulk = -1; |
| 145 | options->debian_banner = -1; | ||
| 144 | } | 146 | } |
| 145 | 147 | ||
| 146 | void | 148 | void |
| @@ -242,6 +244,8 @@ fill_default_server_options(ServerOptions *options) | |||
| 242 | options->kbd_interactive_authentication = 0; | 244 | options->kbd_interactive_authentication = 0; |
| 243 | if (options->challenge_response_authentication == -1) | 245 | if (options->challenge_response_authentication == -1) |
| 244 | options->challenge_response_authentication = 1; | 246 | options->challenge_response_authentication = 1; |
| 247 | if (options->permit_blacklisted_keys == -1) | ||
| 248 | options->permit_blacklisted_keys = 0; | ||
| 245 | if (options->permit_empty_passwd == -1) | 249 | if (options->permit_empty_passwd == -1) |
| 246 | options->permit_empty_passwd = 0; | 250 | options->permit_empty_passwd = 0; |
| 247 | if (options->permit_user_env == -1) | 251 | if (options->permit_user_env == -1) |
| @@ -286,6 +290,8 @@ fill_default_server_options(ServerOptions *options) | |||
| 286 | options->ip_qos_interactive = IPTOS_LOWDELAY; | 290 | options->ip_qos_interactive = IPTOS_LOWDELAY; |
| 287 | if (options->ip_qos_bulk == -1) | 291 | if (options->ip_qos_bulk == -1) |
| 288 | options->ip_qos_bulk = IPTOS_THROUGHPUT; | 292 | options->ip_qos_bulk = IPTOS_THROUGHPUT; |
| 293 | if (options->debian_banner == -1) | ||
| 294 | options->debian_banner = 1; | ||
| 289 | 295 | ||
| 290 | /* Turn privilege separation on by default */ | 296 | /* Turn privilege separation on by default */ |
| 291 | if (use_privsep == -1) | 297 | if (use_privsep == -1) |
| @@ -318,7 +324,7 @@ typedef enum { | |||
| 318 | sListenAddress, sAddressFamily, | 324 | sListenAddress, sAddressFamily, |
| 319 | sPrintMotd, sPrintLastLog, sIgnoreRhosts, | 325 | sPrintMotd, sPrintLastLog, sIgnoreRhosts, |
| 320 | sX11Forwarding, sX11DisplayOffset, sX11UseLocalhost, | 326 | sX11Forwarding, sX11DisplayOffset, sX11UseLocalhost, |
| 321 | sStrictModes, sEmptyPasswd, sTCPKeepAlive, | 327 | sStrictModes, sPermitBlacklistedKeys, sEmptyPasswd, sTCPKeepAlive, |
| 322 | sPermitUserEnvironment, sUseLogin, sAllowTcpForwarding, sCompression, | 328 | sPermitUserEnvironment, sUseLogin, sAllowTcpForwarding, sCompression, |
| 323 | sAllowUsers, sDenyUsers, sAllowGroups, sDenyGroups, | 329 | sAllowUsers, sDenyUsers, sAllowGroups, sDenyGroups, |
| 324 | sIgnoreUserKnownHosts, sCiphers, sMacs, sProtocol, sPidFile, | 330 | sIgnoreUserKnownHosts, sCiphers, sMacs, sProtocol, sPidFile, |
| @@ -335,6 +341,7 @@ typedef enum { | |||
| 335 | sZeroKnowledgePasswordAuthentication, sHostCertificate, | 341 | sZeroKnowledgePasswordAuthentication, sHostCertificate, |
| 336 | sRevokedKeys, sTrustedUserCAKeys, sAuthorizedPrincipalsFile, | 342 | sRevokedKeys, sTrustedUserCAKeys, sAuthorizedPrincipalsFile, |
| 337 | sKexAlgorithms, sIPQoS, | 343 | sKexAlgorithms, sIPQoS, |
| 344 | sDebianBanner, | ||
| 338 | sDeprecated, sUnsupported | 345 | sDeprecated, sUnsupported |
| 339 | } ServerOpCodes; | 346 | } ServerOpCodes; |
| 340 | 347 | ||
| @@ -428,6 +435,7 @@ static struct { | |||
| 428 | { "x11uselocalhost", sX11UseLocalhost, SSHCFG_ALL }, | 435 | { "x11uselocalhost", sX11UseLocalhost, SSHCFG_ALL }, |
| 429 | { "xauthlocation", sXAuthLocation, SSHCFG_GLOBAL }, | 436 | { "xauthlocation", sXAuthLocation, SSHCFG_GLOBAL }, |
| 430 | { "strictmodes", sStrictModes, SSHCFG_GLOBAL }, | 437 | { "strictmodes", sStrictModes, SSHCFG_GLOBAL }, |
| 438 | { "permitblacklistedkeys", sPermitBlacklistedKeys, SSHCFG_GLOBAL }, | ||
| 431 | { "permitemptypasswords", sEmptyPasswd, SSHCFG_ALL }, | 439 | { "permitemptypasswords", sEmptyPasswd, SSHCFG_ALL }, |
| 432 | { "permituserenvironment", sPermitUserEnvironment, SSHCFG_GLOBAL }, | 440 | { "permituserenvironment", sPermitUserEnvironment, SSHCFG_GLOBAL }, |
| 433 | { "uselogin", sUseLogin, SSHCFG_GLOBAL }, | 441 | { "uselogin", sUseLogin, SSHCFG_GLOBAL }, |
| @@ -469,6 +477,7 @@ static struct { | |||
| 469 | { "authorizedprincipalsfile", sAuthorizedPrincipalsFile, SSHCFG_ALL }, | 477 | { "authorizedprincipalsfile", sAuthorizedPrincipalsFile, SSHCFG_ALL }, |
| 470 | { "kexalgorithms", sKexAlgorithms, SSHCFG_GLOBAL }, | 478 | { "kexalgorithms", sKexAlgorithms, SSHCFG_GLOBAL }, |
| 471 | { "ipqos", sIPQoS, SSHCFG_ALL }, | 479 | { "ipqos", sIPQoS, SSHCFG_ALL }, |
| 480 | { "debianbanner", sDebianBanner, SSHCFG_GLOBAL }, | ||
| 472 | { NULL, sBadOption, 0 } | 481 | { NULL, sBadOption, 0 } |
| 473 | }; | 482 | }; |
| 474 | 483 | ||
| @@ -1047,6 +1056,10 @@ process_server_config_line(ServerOptions *options, char *line, | |||
| 1047 | intptr = &options->tcp_keep_alive; | 1056 | intptr = &options->tcp_keep_alive; |
| 1048 | goto parse_flag; | 1057 | goto parse_flag; |
| 1049 | 1058 | ||
| 1059 | case sPermitBlacklistedKeys: | ||
| 1060 | intptr = &options->permit_blacklisted_keys; | ||
| 1061 | goto parse_flag; | ||
| 1062 | |||
| 1050 | case sEmptyPasswd: | 1063 | case sEmptyPasswd: |
| 1051 | intptr = &options->permit_empty_passwd; | 1064 | intptr = &options->permit_empty_passwd; |
| 1052 | goto parse_flag; | 1065 | goto parse_flag; |
| @@ -1428,6 +1441,10 @@ process_server_config_line(ServerOptions *options, char *line, | |||
| 1428 | } | 1441 | } |
| 1429 | break; | 1442 | break; |
| 1430 | 1443 | ||
| 1444 | case sDebianBanner: | ||
| 1445 | intptr = &options->debian_banner; | ||
| 1446 | goto parse_int; | ||
| 1447 | |||
| 1431 | case sDeprecated: | 1448 | case sDeprecated: |
| 1432 | logit("%s line %d: Deprecated option %s", | 1449 | logit("%s line %d: Deprecated option %s", |
| 1433 | filename, linenum, arg); | 1450 | filename, linenum, arg); |
| @@ -1773,6 +1790,7 @@ dump_config(ServerOptions *o) | |||
| 1773 | dump_cfg_fmtint(sX11UseLocalhost, o->x11_use_localhost); | 1790 | dump_cfg_fmtint(sX11UseLocalhost, o->x11_use_localhost); |
| 1774 | dump_cfg_fmtint(sStrictModes, o->strict_modes); | 1791 | dump_cfg_fmtint(sStrictModes, o->strict_modes); |
| 1775 | dump_cfg_fmtint(sTCPKeepAlive, o->tcp_keep_alive); | 1792 | dump_cfg_fmtint(sTCPKeepAlive, o->tcp_keep_alive); |
| 1793 | dump_cfg_fmtint(sPermitBlacklistedKeys, o->permit_blacklisted_keys); | ||
| 1776 | dump_cfg_fmtint(sEmptyPasswd, o->permit_empty_passwd); | 1794 | dump_cfg_fmtint(sEmptyPasswd, o->permit_empty_passwd); |
| 1777 | dump_cfg_fmtint(sPermitUserEnvironment, o->permit_user_env); | 1795 | dump_cfg_fmtint(sPermitUserEnvironment, o->permit_user_env); |
| 1778 | dump_cfg_fmtint(sUseLogin, o->use_login); | 1796 | dump_cfg_fmtint(sUseLogin, o->use_login); |