diff options
Diffstat (limited to 'servconf.c')
| -rw-r--r-- | servconf.c | 12 |
1 files changed, 10 insertions, 2 deletions
diff --git a/servconf.c b/servconf.c index 9e420a527..91a0ced29 100644 --- a/servconf.c +++ b/servconf.c | |||
| @@ -10,7 +10,7 @@ | |||
| 10 | */ | 10 | */ |
| 11 | 11 | ||
| 12 | #include "includes.h" | 12 | #include "includes.h" |
| 13 | RCSID("$OpenBSD: servconf.c,v 1.144 2005/08/06 10:03:12 dtucker Exp $"); | 13 | RCSID("$OpenBSD: servconf.c,v 1.145 2005/12/06 22:38:27 reyk Exp $"); |
| 14 | 14 | ||
| 15 | #include "ssh.h" | 15 | #include "ssh.h" |
| 16 | #include "log.h" | 16 | #include "log.h" |
| @@ -101,6 +101,7 @@ initialize_server_options(ServerOptions *options) | |||
| 101 | options->authorized_keys_file = NULL; | 101 | options->authorized_keys_file = NULL; |
| 102 | options->authorized_keys_file2 = NULL; | 102 | options->authorized_keys_file2 = NULL; |
| 103 | options->num_accept_env = 0; | 103 | options->num_accept_env = 0; |
| 104 | options->permit_tun = -1; | ||
| 104 | 105 | ||
| 105 | /* Needs to be accessable in many places */ | 106 | /* Needs to be accessable in many places */ |
| 106 | use_privsep = -1; | 107 | use_privsep = -1; |
| @@ -229,6 +230,8 @@ fill_default_server_options(ServerOptions *options) | |||
| 229 | } | 230 | } |
| 230 | if (options->authorized_keys_file == NULL) | 231 | if (options->authorized_keys_file == NULL) |
| 231 | options->authorized_keys_file = _PATH_SSH_USER_PERMITTED_KEYS; | 232 | options->authorized_keys_file = _PATH_SSH_USER_PERMITTED_KEYS; |
| 233 | if (options->permit_tun == -1) | ||
| 234 | options->permit_tun = 0; | ||
| 232 | 235 | ||
| 233 | /* Turn privilege separation on by default */ | 236 | /* Turn privilege separation on by default */ |
| 234 | if (use_privsep == -1) | 237 | if (use_privsep == -1) |
| @@ -270,7 +273,7 @@ typedef enum { | |||
| 270 | sBanner, sUseDNS, sHostbasedAuthentication, | 273 | sBanner, sUseDNS, sHostbasedAuthentication, |
| 271 | sHostbasedUsesNameFromPacketOnly, sClientAliveInterval, | 274 | sHostbasedUsesNameFromPacketOnly, sClientAliveInterval, |
| 272 | sClientAliveCountMax, sAuthorizedKeysFile, sAuthorizedKeysFile2, | 275 | sClientAliveCountMax, sAuthorizedKeysFile, sAuthorizedKeysFile2, |
| 273 | sGssAuthentication, sGssCleanupCreds, sAcceptEnv, | 276 | sGssAuthentication, sGssCleanupCreds, sAcceptEnv, sPermitTunnel, |
| 274 | sUsePrivilegeSeparation, | 277 | sUsePrivilegeSeparation, |
| 275 | sDeprecated, sUnsupported | 278 | sDeprecated, sUnsupported |
| 276 | } ServerOpCodes; | 279 | } ServerOpCodes; |
| @@ -373,6 +376,7 @@ static struct { | |||
| 373 | { "authorizedkeysfile2", sAuthorizedKeysFile2 }, | 376 | { "authorizedkeysfile2", sAuthorizedKeysFile2 }, |
| 374 | { "useprivilegeseparation", sUsePrivilegeSeparation}, | 377 | { "useprivilegeseparation", sUsePrivilegeSeparation}, |
| 375 | { "acceptenv", sAcceptEnv }, | 378 | { "acceptenv", sAcceptEnv }, |
| 379 | { "permittunnel", sPermitTunnel }, | ||
| 376 | { NULL, sBadOption } | 380 | { NULL, sBadOption } |
| 377 | }; | 381 | }; |
| 378 | 382 | ||
| @@ -962,6 +966,10 @@ parse_flag: | |||
| 962 | } | 966 | } |
| 963 | break; | 967 | break; |
| 964 | 968 | ||
| 969 | case sPermitTunnel: | ||
| 970 | intptr = &options->permit_tun; | ||
| 971 | goto parse_flag; | ||
| 972 | |||
| 965 | case sDeprecated: | 973 | case sDeprecated: |
| 966 | logit("%s line %d: Deprecated option %s", | 974 | logit("%s line %d: Deprecated option %s", |
| 967 | filename, linenum, arg); | 975 | filename, linenum, arg); |