diff options
Diffstat (limited to 'servconf.c')
| -rw-r--r-- | servconf.c | 17 |
1 files changed, 16 insertions, 1 deletions
diff --git a/servconf.c b/servconf.c index def6b716a..d26a7db05 100644 --- a/servconf.c +++ b/servconf.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: servconf.c,v 1.210 2010/09/01 15:21:35 naddy Exp $ */ | 1 | /* $OpenBSD: servconf.c,v 1.211 2010/09/22 05:01:29 djm Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 3 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
| 4 | * All rights reserved | 4 | * All rights reserved |
| @@ -109,6 +109,7 @@ initialize_server_options(ServerOptions *options) | |||
| 109 | options->num_deny_groups = 0; | 109 | options->num_deny_groups = 0; |
| 110 | options->ciphers = NULL; | 110 | options->ciphers = NULL; |
| 111 | options->macs = NULL; | 111 | options->macs = NULL; |
| 112 | options->kex_algorithms = NULL; | ||
| 112 | options->protocol = SSH_PROTO_UNKNOWN; | 113 | options->protocol = SSH_PROTO_UNKNOWN; |
| 113 | options->gateway_ports = -1; | 114 | options->gateway_ports = -1; |
| 114 | options->num_subsystems = 0; | 115 | options->num_subsystems = 0; |
| @@ -314,6 +315,7 @@ typedef enum { | |||
| 314 | sUsePrivilegeSeparation, sAllowAgentForwarding, | 315 | sUsePrivilegeSeparation, sAllowAgentForwarding, |
| 315 | sZeroKnowledgePasswordAuthentication, sHostCertificate, | 316 | sZeroKnowledgePasswordAuthentication, sHostCertificate, |
| 316 | sRevokedKeys, sTrustedUserCAKeys, sAuthorizedPrincipalsFile, | 317 | sRevokedKeys, sTrustedUserCAKeys, sAuthorizedPrincipalsFile, |
| 318 | sKexAlgorithms, | ||
| 317 | sDeprecated, sUnsupported | 319 | sDeprecated, sUnsupported |
| 318 | } ServerOpCodes; | 320 | } ServerOpCodes; |
| 319 | 321 | ||
| @@ -436,6 +438,7 @@ static struct { | |||
| 436 | { "revokedkeys", sRevokedKeys, SSHCFG_ALL }, | 438 | { "revokedkeys", sRevokedKeys, SSHCFG_ALL }, |
| 437 | { "trustedusercakeys", sTrustedUserCAKeys, SSHCFG_ALL }, | 439 | { "trustedusercakeys", sTrustedUserCAKeys, SSHCFG_ALL }, |
| 438 | { "authorizedprincipalsfile", sAuthorizedPrincipalsFile, SSHCFG_ALL }, | 440 | { "authorizedprincipalsfile", sAuthorizedPrincipalsFile, SSHCFG_ALL }, |
| 441 | { "kexalgorithms", sKexAlgorithms, SSHCFG_GLOBAL }, | ||
| 439 | { NULL, sBadOption, 0 } | 442 | { NULL, sBadOption, 0 } |
| 440 | }; | 443 | }; |
| 441 | 444 | ||
| @@ -1131,6 +1134,18 @@ process_server_config_line(ServerOptions *options, char *line, | |||
| 1131 | options->macs = xstrdup(arg); | 1134 | options->macs = xstrdup(arg); |
| 1132 | break; | 1135 | break; |
| 1133 | 1136 | ||
| 1137 | case sKexAlgorithms: | ||
| 1138 | arg = strdelim(&cp); | ||
| 1139 | if (!arg || *arg == '\0') | ||
| 1140 | fatal("%s line %d: Missing argument.", | ||
| 1141 | filename, linenum); | ||
| 1142 | if (!kex_names_valid(arg)) | ||
| 1143 | fatal("%s line %d: Bad SSH2 KexAlgorithms '%s'.", | ||
| 1144 | filename, linenum, arg ? arg : "<NONE>"); | ||
| 1145 | if (options->kex_algorithms == NULL) | ||
| 1146 | options->kex_algorithms = xstrdup(arg); | ||
| 1147 | break; | ||
| 1148 | |||
| 1134 | case sProtocol: | 1149 | case sProtocol: |
| 1135 | intptr = &options->protocol; | 1150 | intptr = &options->protocol; |
| 1136 | arg = strdelim(&cp); | 1151 | arg = strdelim(&cp); |