diff options
Diffstat (limited to 'servconf.c')
-rw-r--r-- | servconf.c | 40 |
1 files changed, 36 insertions, 4 deletions
diff --git a/servconf.c b/servconf.c index cb5786583..a41fdc26a 100644 --- a/servconf.c +++ b/servconf.c | |||
@@ -1,5 +1,5 @@ | |||
1 | 1 | ||
2 | /* $OpenBSD: servconf.c,v 1.333 2018/06/19 02:59:41 djm Exp $ */ | 2 | /* $OpenBSD: servconf.c,v 1.334 2018/07/03 10:59:35 djm Exp $ */ |
3 | /* | 3 | /* |
4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
5 | * All rights reserved | 5 | * All rights reserved |
@@ -130,6 +130,7 @@ initialize_server_options(ServerOptions *options) | |||
130 | options->challenge_response_authentication = -1; | 130 | options->challenge_response_authentication = -1; |
131 | options->permit_empty_passwd = -1; | 131 | options->permit_empty_passwd = -1; |
132 | options->permit_user_env = -1; | 132 | options->permit_user_env = -1; |
133 | options->permit_user_env_whitelist = NULL; | ||
133 | options->compression = -1; | 134 | options->compression = -1; |
134 | options->rekey_limit = -1; | 135 | options->rekey_limit = -1; |
135 | options->rekey_interval = -1; | 136 | options->rekey_interval = -1; |
@@ -329,8 +330,10 @@ fill_default_server_options(ServerOptions *options) | |||
329 | options->challenge_response_authentication = 1; | 330 | options->challenge_response_authentication = 1; |
330 | if (options->permit_empty_passwd == -1) | 331 | if (options->permit_empty_passwd == -1) |
331 | options->permit_empty_passwd = 0; | 332 | options->permit_empty_passwd = 0; |
332 | if (options->permit_user_env == -1) | 333 | if (options->permit_user_env == -1) { |
333 | options->permit_user_env = 0; | 334 | options->permit_user_env = 0; |
335 | options->permit_user_env_whitelist = NULL; | ||
336 | } | ||
334 | if (options->compression == -1) | 337 | if (options->compression == -1) |
335 | options->compression = COMP_DELAYED; | 338 | options->compression = COMP_DELAYED; |
336 | if (options->rekey_limit == -1) | 339 | if (options->rekey_limit == -1) |
@@ -1514,7 +1517,29 @@ process_server_config_line(ServerOptions *options, char *line, | |||
1514 | 1517 | ||
1515 | case sPermitUserEnvironment: | 1518 | case sPermitUserEnvironment: |
1516 | intptr = &options->permit_user_env; | 1519 | intptr = &options->permit_user_env; |
1517 | goto parse_flag; | 1520 | charptr = &options->permit_user_env_whitelist; |
1521 | arg = strdelim(&cp); | ||
1522 | if (!arg || *arg == '\0') | ||
1523 | fatal("%s line %d: missing argument.", | ||
1524 | filename, linenum); | ||
1525 | value = 0; | ||
1526 | p = NULL; | ||
1527 | if (strcmp(arg, "yes") == 0) | ||
1528 | value = 1; | ||
1529 | else if (strcmp(arg, "no") == 0) | ||
1530 | value = 0; | ||
1531 | else { | ||
1532 | /* Pattern-list specified */ | ||
1533 | value = 1; | ||
1534 | p = xstrdup(arg); | ||
1535 | } | ||
1536 | if (*activep && *intptr == -1) { | ||
1537 | *intptr = value; | ||
1538 | *charptr = p; | ||
1539 | p = NULL; | ||
1540 | } | ||
1541 | free(p); | ||
1542 | break; | ||
1518 | 1543 | ||
1519 | case sCompression: | 1544 | case sCompression: |
1520 | intptr = &options->compression; | 1545 | intptr = &options->compression; |
@@ -2528,7 +2553,6 @@ dump_config(ServerOptions *o) | |||
2528 | dump_cfg_fmtint(sStrictModes, o->strict_modes); | 2553 | dump_cfg_fmtint(sStrictModes, o->strict_modes); |
2529 | dump_cfg_fmtint(sTCPKeepAlive, o->tcp_keep_alive); | 2554 | dump_cfg_fmtint(sTCPKeepAlive, o->tcp_keep_alive); |
2530 | dump_cfg_fmtint(sEmptyPasswd, o->permit_empty_passwd); | 2555 | dump_cfg_fmtint(sEmptyPasswd, o->permit_empty_passwd); |
2531 | dump_cfg_fmtint(sPermitUserEnvironment, o->permit_user_env); | ||
2532 | dump_cfg_fmtint(sCompression, o->compression); | 2556 | dump_cfg_fmtint(sCompression, o->compression); |
2533 | dump_cfg_fmtint(sGatewayPorts, o->fwd_opts.gateway_ports); | 2557 | dump_cfg_fmtint(sGatewayPorts, o->fwd_opts.gateway_ports); |
2534 | dump_cfg_fmtint(sUseDNS, o->use_dns); | 2558 | dump_cfg_fmtint(sUseDNS, o->use_dns); |
@@ -2628,4 +2652,12 @@ dump_config(ServerOptions *o) | |||
2628 | printf(" %s", o->permitted_listens[i]); | 2652 | printf(" %s", o->permitted_listens[i]); |
2629 | } | 2653 | } |
2630 | printf("\n"); | 2654 | printf("\n"); |
2655 | |||
2656 | if (o->permit_user_env_whitelist == NULL) { | ||
2657 | dump_cfg_fmtint(sPermitUserEnvironment, o->permit_user_env); | ||
2658 | } else { | ||
2659 | printf("permituserenvironment %s\n", | ||
2660 | o->permit_user_env_whitelist); | ||
2661 | } | ||
2662 | |||
2631 | } | 2663 | } |