diff options
Diffstat (limited to 'servconf.c')
| -rw-r--r-- | servconf.c | 20 |
1 files changed, 19 insertions, 1 deletions
diff --git a/servconf.c b/servconf.c index c938ae399..a2928ff57 100644 --- a/servconf.c +++ b/servconf.c | |||
| @@ -114,6 +114,7 @@ initialize_server_options(ServerOptions *options) | |||
| 114 | options->password_authentication = -1; | 114 | options->password_authentication = -1; |
| 115 | options->kbd_interactive_authentication = -1; | 115 | options->kbd_interactive_authentication = -1; |
| 116 | options->challenge_response_authentication = -1; | 116 | options->challenge_response_authentication = -1; |
| 117 | options->permit_blacklisted_keys = -1; | ||
| 117 | options->permit_empty_passwd = -1; | 118 | options->permit_empty_passwd = -1; |
| 118 | options->permit_user_env = -1; | 119 | options->permit_user_env = -1; |
| 119 | options->use_login = -1; | 120 | options->use_login = -1; |
| @@ -156,6 +157,7 @@ initialize_server_options(ServerOptions *options) | |||
| 156 | options->ip_qos_interactive = -1; | 157 | options->ip_qos_interactive = -1; |
| 157 | options->ip_qos_bulk = -1; | 158 | options->ip_qos_bulk = -1; |
| 158 | options->version_addendum = NULL; | 159 | options->version_addendum = NULL; |
| 160 | options->debian_banner = -1; | ||
| 159 | } | 161 | } |
| 160 | 162 | ||
| 161 | void | 163 | void |
| @@ -257,6 +259,8 @@ fill_default_server_options(ServerOptions *options) | |||
| 257 | options->kbd_interactive_authentication = 0; | 259 | options->kbd_interactive_authentication = 0; |
| 258 | if (options->challenge_response_authentication == -1) | 260 | if (options->challenge_response_authentication == -1) |
| 259 | options->challenge_response_authentication = 1; | 261 | options->challenge_response_authentication = 1; |
| 262 | if (options->permit_blacklisted_keys == -1) | ||
| 263 | options->permit_blacklisted_keys = 0; | ||
| 260 | if (options->permit_empty_passwd == -1) | 264 | if (options->permit_empty_passwd == -1) |
| 261 | options->permit_empty_passwd = 0; | 265 | options->permit_empty_passwd = 0; |
| 262 | if (options->permit_user_env == -1) | 266 | if (options->permit_user_env == -1) |
| @@ -307,6 +311,8 @@ fill_default_server_options(ServerOptions *options) | |||
| 307 | options->ip_qos_bulk = IPTOS_THROUGHPUT; | 311 | options->ip_qos_bulk = IPTOS_THROUGHPUT; |
| 308 | if (options->version_addendum == NULL) | 312 | if (options->version_addendum == NULL) |
| 309 | options->version_addendum = xstrdup(""); | 313 | options->version_addendum = xstrdup(""); |
| 314 | if (options->debian_banner == -1) | ||
| 315 | options->debian_banner = 1; | ||
| 310 | /* Turn privilege separation on by default */ | 316 | /* Turn privilege separation on by default */ |
| 311 | if (use_privsep == -1) | 317 | if (use_privsep == -1) |
| 312 | use_privsep = PRIVSEP_NOSANDBOX; | 318 | use_privsep = PRIVSEP_NOSANDBOX; |
| @@ -338,7 +344,7 @@ typedef enum { | |||
| 338 | sListenAddress, sAddressFamily, | 344 | sListenAddress, sAddressFamily, |
| 339 | sPrintMotd, sPrintLastLog, sIgnoreRhosts, | 345 | sPrintMotd, sPrintLastLog, sIgnoreRhosts, |
| 340 | sX11Forwarding, sX11DisplayOffset, sX11UseLocalhost, | 346 | sX11Forwarding, sX11DisplayOffset, sX11UseLocalhost, |
| 341 | sStrictModes, sEmptyPasswd, sTCPKeepAlive, | 347 | sStrictModes, sPermitBlacklistedKeys, sEmptyPasswd, sTCPKeepAlive, |
| 342 | sPermitUserEnvironment, sUseLogin, sAllowTcpForwarding, sCompression, | 348 | sPermitUserEnvironment, sUseLogin, sAllowTcpForwarding, sCompression, |
| 343 | sRekeyLimit, sAllowUsers, sDenyUsers, sAllowGroups, sDenyGroups, | 349 | sRekeyLimit, sAllowUsers, sDenyUsers, sAllowGroups, sDenyGroups, |
| 344 | sIgnoreUserKnownHosts, sCiphers, sMacs, sProtocol, sPidFile, | 350 | sIgnoreUserKnownHosts, sCiphers, sMacs, sProtocol, sPidFile, |
| @@ -357,6 +363,7 @@ typedef enum { | |||
| 357 | sKexAlgorithms, sIPQoS, sVersionAddendum, | 363 | sKexAlgorithms, sIPQoS, sVersionAddendum, |
| 358 | sAuthorizedKeysCommand, sAuthorizedKeysCommandUser, | 364 | sAuthorizedKeysCommand, sAuthorizedKeysCommandUser, |
| 359 | sAuthenticationMethods, sHostKeyAgent, | 365 | sAuthenticationMethods, sHostKeyAgent, |
| 366 | sDebianBanner, | ||
| 360 | sDeprecated, sUnsupported | 367 | sDeprecated, sUnsupported |
| 361 | } ServerOpCodes; | 368 | } ServerOpCodes; |
| 362 | 369 | ||
| @@ -451,6 +458,7 @@ static struct { | |||
| 451 | { "x11uselocalhost", sX11UseLocalhost, SSHCFG_ALL }, | 458 | { "x11uselocalhost", sX11UseLocalhost, SSHCFG_ALL }, |
| 452 | { "xauthlocation", sXAuthLocation, SSHCFG_GLOBAL }, | 459 | { "xauthlocation", sXAuthLocation, SSHCFG_GLOBAL }, |
| 453 | { "strictmodes", sStrictModes, SSHCFG_GLOBAL }, | 460 | { "strictmodes", sStrictModes, SSHCFG_GLOBAL }, |
| 461 | { "permitblacklistedkeys", sPermitBlacklistedKeys, SSHCFG_GLOBAL }, | ||
| 454 | { "permitemptypasswords", sEmptyPasswd, SSHCFG_ALL }, | 462 | { "permitemptypasswords", sEmptyPasswd, SSHCFG_ALL }, |
| 455 | { "permituserenvironment", sPermitUserEnvironment, SSHCFG_GLOBAL }, | 463 | { "permituserenvironment", sPermitUserEnvironment, SSHCFG_GLOBAL }, |
| 456 | { "uselogin", sUseLogin, SSHCFG_GLOBAL }, | 464 | { "uselogin", sUseLogin, SSHCFG_GLOBAL }, |
| @@ -497,6 +505,7 @@ static struct { | |||
| 497 | { "authorizedkeyscommanduser", sAuthorizedKeysCommandUser, SSHCFG_ALL }, | 505 | { "authorizedkeyscommanduser", sAuthorizedKeysCommandUser, SSHCFG_ALL }, |
| 498 | { "versionaddendum", sVersionAddendum, SSHCFG_GLOBAL }, | 506 | { "versionaddendum", sVersionAddendum, SSHCFG_GLOBAL }, |
| 499 | { "authenticationmethods", sAuthenticationMethods, SSHCFG_ALL }, | 507 | { "authenticationmethods", sAuthenticationMethods, SSHCFG_ALL }, |
| 508 | { "debianbanner", sDebianBanner, SSHCFG_GLOBAL }, | ||
| 500 | { NULL, sBadOption, 0 } | 509 | { NULL, sBadOption, 0 } |
| 501 | }; | 510 | }; |
| 502 | 511 | ||
| @@ -1158,6 +1167,10 @@ process_server_config_line(ServerOptions *options, char *line, | |||
| 1158 | intptr = &options->tcp_keep_alive; | 1167 | intptr = &options->tcp_keep_alive; |
| 1159 | goto parse_flag; | 1168 | goto parse_flag; |
| 1160 | 1169 | ||
| 1170 | case sPermitBlacklistedKeys: | ||
| 1171 | intptr = &options->permit_blacklisted_keys; | ||
| 1172 | goto parse_flag; | ||
| 1173 | |||
| 1161 | case sEmptyPasswd: | 1174 | case sEmptyPasswd: |
| 1162 | intptr = &options->permit_empty_passwd; | 1175 | intptr = &options->permit_empty_passwd; |
| 1163 | goto parse_flag; | 1176 | goto parse_flag; |
| @@ -1640,6 +1653,10 @@ process_server_config_line(ServerOptions *options, char *line, | |||
| 1640 | } | 1653 | } |
| 1641 | return 0; | 1654 | return 0; |
| 1642 | 1655 | ||
| 1656 | case sDebianBanner: | ||
| 1657 | intptr = &options->debian_banner; | ||
| 1658 | goto parse_int; | ||
| 1659 | |||
| 1643 | case sDeprecated: | 1660 | case sDeprecated: |
| 1644 | logit("%s line %d: Deprecated option %s", | 1661 | logit("%s line %d: Deprecated option %s", |
| 1645 | filename, linenum, arg); | 1662 | filename, linenum, arg); |
| @@ -2036,6 +2053,7 @@ dump_config(ServerOptions *o) | |||
| 2036 | dump_cfg_fmtint(sX11UseLocalhost, o->x11_use_localhost); | 2053 | dump_cfg_fmtint(sX11UseLocalhost, o->x11_use_localhost); |
| 2037 | dump_cfg_fmtint(sStrictModes, o->strict_modes); | 2054 | dump_cfg_fmtint(sStrictModes, o->strict_modes); |
| 2038 | dump_cfg_fmtint(sTCPKeepAlive, o->tcp_keep_alive); | 2055 | dump_cfg_fmtint(sTCPKeepAlive, o->tcp_keep_alive); |
| 2056 | dump_cfg_fmtint(sPermitBlacklistedKeys, o->permit_blacklisted_keys); | ||
| 2039 | dump_cfg_fmtint(sEmptyPasswd, o->permit_empty_passwd); | 2057 | dump_cfg_fmtint(sEmptyPasswd, o->permit_empty_passwd); |
| 2040 | dump_cfg_fmtint(sPermitUserEnvironment, o->permit_user_env); | 2058 | dump_cfg_fmtint(sPermitUserEnvironment, o->permit_user_env); |
| 2041 | dump_cfg_fmtint(sUseLogin, o->use_login); | 2059 | dump_cfg_fmtint(sUseLogin, o->use_login); |