diff options
Diffstat (limited to 'servconf.c')
-rw-r--r-- | servconf.c | 17 |
1 files changed, 16 insertions, 1 deletions
diff --git a/servconf.c b/servconf.c index def6b716a..d26a7db05 100644 --- a/servconf.c +++ b/servconf.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: servconf.c,v 1.210 2010/09/01 15:21:35 naddy Exp $ */ | 1 | /* $OpenBSD: servconf.c,v 1.211 2010/09/22 05:01:29 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 3 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
4 | * All rights reserved | 4 | * All rights reserved |
@@ -109,6 +109,7 @@ initialize_server_options(ServerOptions *options) | |||
109 | options->num_deny_groups = 0; | 109 | options->num_deny_groups = 0; |
110 | options->ciphers = NULL; | 110 | options->ciphers = NULL; |
111 | options->macs = NULL; | 111 | options->macs = NULL; |
112 | options->kex_algorithms = NULL; | ||
112 | options->protocol = SSH_PROTO_UNKNOWN; | 113 | options->protocol = SSH_PROTO_UNKNOWN; |
113 | options->gateway_ports = -1; | 114 | options->gateway_ports = -1; |
114 | options->num_subsystems = 0; | 115 | options->num_subsystems = 0; |
@@ -314,6 +315,7 @@ typedef enum { | |||
314 | sUsePrivilegeSeparation, sAllowAgentForwarding, | 315 | sUsePrivilegeSeparation, sAllowAgentForwarding, |
315 | sZeroKnowledgePasswordAuthentication, sHostCertificate, | 316 | sZeroKnowledgePasswordAuthentication, sHostCertificate, |
316 | sRevokedKeys, sTrustedUserCAKeys, sAuthorizedPrincipalsFile, | 317 | sRevokedKeys, sTrustedUserCAKeys, sAuthorizedPrincipalsFile, |
318 | sKexAlgorithms, | ||
317 | sDeprecated, sUnsupported | 319 | sDeprecated, sUnsupported |
318 | } ServerOpCodes; | 320 | } ServerOpCodes; |
319 | 321 | ||
@@ -436,6 +438,7 @@ static struct { | |||
436 | { "revokedkeys", sRevokedKeys, SSHCFG_ALL }, | 438 | { "revokedkeys", sRevokedKeys, SSHCFG_ALL }, |
437 | { "trustedusercakeys", sTrustedUserCAKeys, SSHCFG_ALL }, | 439 | { "trustedusercakeys", sTrustedUserCAKeys, SSHCFG_ALL }, |
438 | { "authorizedprincipalsfile", sAuthorizedPrincipalsFile, SSHCFG_ALL }, | 440 | { "authorizedprincipalsfile", sAuthorizedPrincipalsFile, SSHCFG_ALL }, |
441 | { "kexalgorithms", sKexAlgorithms, SSHCFG_GLOBAL }, | ||
439 | { NULL, sBadOption, 0 } | 442 | { NULL, sBadOption, 0 } |
440 | }; | 443 | }; |
441 | 444 | ||
@@ -1131,6 +1134,18 @@ process_server_config_line(ServerOptions *options, char *line, | |||
1131 | options->macs = xstrdup(arg); | 1134 | options->macs = xstrdup(arg); |
1132 | break; | 1135 | break; |
1133 | 1136 | ||
1137 | case sKexAlgorithms: | ||
1138 | arg = strdelim(&cp); | ||
1139 | if (!arg || *arg == '\0') | ||
1140 | fatal("%s line %d: Missing argument.", | ||
1141 | filename, linenum); | ||
1142 | if (!kex_names_valid(arg)) | ||
1143 | fatal("%s line %d: Bad SSH2 KexAlgorithms '%s'.", | ||
1144 | filename, linenum, arg ? arg : "<NONE>"); | ||
1145 | if (options->kex_algorithms == NULL) | ||
1146 | options->kex_algorithms = xstrdup(arg); | ||
1147 | break; | ||
1148 | |||
1134 | case sProtocol: | 1149 | case sProtocol: |
1135 | intptr = &options->protocol; | 1150 | intptr = &options->protocol; |
1136 | arg = strdelim(&cp); | 1151 | arg = strdelim(&cp); |