summaryrefslogtreecommitdiff
path: root/servconf.c
diff options
context:
space:
mode:
Diffstat (limited to 'servconf.c')
-rw-r--r--servconf.c31
1 files changed, 29 insertions, 2 deletions
diff --git a/servconf.c b/servconf.c
index becd5b7c5..219a0300f 100644
--- a/servconf.c
+++ b/servconf.c
@@ -10,7 +10,7 @@
10 */ 10 */
11 11
12#include "includes.h" 12#include "includes.h"
13RCSID("$OpenBSD: servconf.c,v 1.144 2005/08/06 10:03:12 dtucker Exp $"); 13RCSID("$OpenBSD: servconf.c,v 1.146 2005/12/08 18:34:11 reyk Exp $");
14 14
15#include "ssh.h" 15#include "ssh.h"
16#include "log.h" 16#include "log.h"
@@ -102,6 +102,7 @@ initialize_server_options(ServerOptions *options)
102 options->authorized_keys_file = NULL; 102 options->authorized_keys_file = NULL;
103 options->authorized_keys_file2 = NULL; 103 options->authorized_keys_file2 = NULL;
104 options->num_accept_env = 0; 104 options->num_accept_env = 0;
105 options->permit_tun = -1;
105 106
106 /* Needs to be accessable in many places */ 107 /* Needs to be accessable in many places */
107 use_privsep = -1; 108 use_privsep = -1;
@@ -232,6 +233,8 @@ fill_default_server_options(ServerOptions *options)
232 } 233 }
233 if (options->authorized_keys_file == NULL) 234 if (options->authorized_keys_file == NULL)
234 options->authorized_keys_file = _PATH_SSH_USER_PERMITTED_KEYS; 235 options->authorized_keys_file = _PATH_SSH_USER_PERMITTED_KEYS;
236 if (options->permit_tun == -1)
237 options->permit_tun = SSH_TUNMODE_NO;
235 238
236 /* Turn privilege separation on by default */ 239 /* Turn privilege separation on by default */
237 if (use_privsep == -1) 240 if (use_privsep == -1)
@@ -273,7 +276,8 @@ typedef enum {
273 sBanner, sUseDNS, sHostbasedAuthentication, 276 sBanner, sUseDNS, sHostbasedAuthentication,
274 sHostbasedUsesNameFromPacketOnly, sClientAliveInterval, 277 sHostbasedUsesNameFromPacketOnly, sClientAliveInterval,
275 sClientAliveCountMax, sAuthorizedKeysFile, sAuthorizedKeysFile2, 278 sClientAliveCountMax, sAuthorizedKeysFile, sAuthorizedKeysFile2,
276 sGssAuthentication, sGssKeyEx, sGssCleanupCreds, sAcceptEnv, 279 sGssAuthentication, sGssKeyEx, sGssCleanupCreds,
280 sAcceptEnv, sPermitTunnel,
277 sUsePrivilegeSeparation, 281 sUsePrivilegeSeparation,
278 sDeprecated, sUnsupported 282 sDeprecated, sUnsupported
279} ServerOpCodes; 283} ServerOpCodes;
@@ -378,6 +382,7 @@ static struct {
378 { "authorizedkeysfile2", sAuthorizedKeysFile2 }, 382 { "authorizedkeysfile2", sAuthorizedKeysFile2 },
379 { "useprivilegeseparation", sUsePrivilegeSeparation}, 383 { "useprivilegeseparation", sUsePrivilegeSeparation},
380 { "acceptenv", sAcceptEnv }, 384 { "acceptenv", sAcceptEnv },
385 { "permittunnel", sPermitTunnel },
381 { NULL, sBadOption } 386 { NULL, sBadOption }
382}; 387};
383 388
@@ -971,6 +976,28 @@ parse_flag:
971 } 976 }
972 break; 977 break;
973 978
979 case sPermitTunnel:
980 intptr = &options->permit_tun;
981 arg = strdelim(&cp);
982 if (!arg || *arg == '\0')
983 fatal("%s line %d: Missing yes/point-to-point/"
984 "ethernet/no argument.", filename, linenum);
985 value = 0; /* silence compiler */
986 if (strcasecmp(arg, "ethernet") == 0)
987 value = SSH_TUNMODE_ETHERNET;
988 else if (strcasecmp(arg, "point-to-point") == 0)
989 value = SSH_TUNMODE_POINTOPOINT;
990 else if (strcasecmp(arg, "yes") == 0)
991 value = SSH_TUNMODE_YES;
992 else if (strcasecmp(arg, "no") == 0)
993 value = SSH_TUNMODE_NO;
994 else
995 fatal("%s line %d: Bad yes/point-to-point/ethernet/"
996 "no argument: %s", filename, linenum, arg);
997 if (*intptr == -1)
998 *intptr = value;
999 break;
1000
974 case sDeprecated: 1001 case sDeprecated:
975 logit("%s line %d: Deprecated option %s", 1002 logit("%s line %d: Deprecated option %s",
976 filename, linenum, arg); 1003 filename, linenum, arg);
generated by cgit v1.2.3 (git 2.39.1) at 2024-11-02 17:13:50 +0000