diff options
Diffstat (limited to 'servconf.c')
| -rw-r--r-- | servconf.c | 17 |
1 files changed, 16 insertions, 1 deletions
diff --git a/servconf.c b/servconf.c index 68c44fc81..c1f2bc2af 100644 --- a/servconf.c +++ b/servconf.c | |||
| @@ -99,6 +99,7 @@ initialize_server_options(ServerOptions *options) | |||
| 99 | options->password_authentication = -1; | 99 | options->password_authentication = -1; |
| 100 | options->kbd_interactive_authentication = -1; | 100 | options->kbd_interactive_authentication = -1; |
| 101 | options->challenge_response_authentication = -1; | 101 | options->challenge_response_authentication = -1; |
| 102 | options->permit_blacklisted_keys = -1; | ||
| 102 | options->permit_empty_passwd = -1; | 103 | options->permit_empty_passwd = -1; |
| 103 | options->permit_user_env = -1; | 104 | options->permit_user_env = -1; |
| 104 | options->use_login = -1; | 105 | options->use_login = -1; |
| @@ -227,6 +228,8 @@ fill_default_server_options(ServerOptions *options) | |||
| 227 | options->kbd_interactive_authentication = 0; | 228 | options->kbd_interactive_authentication = 0; |
| 228 | if (options->challenge_response_authentication == -1) | 229 | if (options->challenge_response_authentication == -1) |
| 229 | options->challenge_response_authentication = 1; | 230 | options->challenge_response_authentication = 1; |
| 231 | if (options->permit_blacklisted_keys == -1) | ||
| 232 | options->permit_blacklisted_keys = 0; | ||
| 230 | if (options->permit_empty_passwd == -1) | 233 | if (options->permit_empty_passwd == -1) |
| 231 | options->permit_empty_passwd = 0; | 234 | options->permit_empty_passwd = 0; |
| 232 | if (options->permit_user_env == -1) | 235 | if (options->permit_user_env == -1) |
| @@ -302,7 +305,7 @@ typedef enum { | |||
| 302 | sListenAddress, sAddressFamily, | 305 | sListenAddress, sAddressFamily, |
| 303 | sPrintMotd, sPrintLastLog, sIgnoreRhosts, | 306 | sPrintMotd, sPrintLastLog, sIgnoreRhosts, |
| 304 | sX11Forwarding, sX11DisplayOffset, sX11UseLocalhost, | 307 | sX11Forwarding, sX11DisplayOffset, sX11UseLocalhost, |
| 305 | sStrictModes, sEmptyPasswd, sTCPKeepAlive, | 308 | sStrictModes, sPermitBlacklistedKeys, sEmptyPasswd, sTCPKeepAlive, |
| 306 | sPermitUserEnvironment, sUseLogin, sAllowTcpForwarding, sCompression, | 309 | sPermitUserEnvironment, sUseLogin, sAllowTcpForwarding, sCompression, |
| 307 | sAllowUsers, sDenyUsers, sAllowGroups, sDenyGroups, | 310 | sAllowUsers, sDenyUsers, sAllowGroups, sDenyGroups, |
| 308 | sIgnoreUserKnownHosts, sCiphers, sMacs, sProtocol, sPidFile, | 311 | sIgnoreUserKnownHosts, sCiphers, sMacs, sProtocol, sPidFile, |
| @@ -375,16 +378,20 @@ static struct { | |||
| 375 | #ifdef GSSAPI | 378 | #ifdef GSSAPI |
| 376 | { "gssapiauthentication", sGssAuthentication, SSHCFG_ALL }, | 379 | { "gssapiauthentication", sGssAuthentication, SSHCFG_ALL }, |
| 377 | { "gssapicleanupcredentials", sGssCleanupCreds, SSHCFG_GLOBAL }, | 380 | { "gssapicleanupcredentials", sGssCleanupCreds, SSHCFG_GLOBAL }, |
| 381 | { "gssapicleanupcreds", sGssCleanupCreds, SSHCFG_GLOBAL }, | ||
| 378 | { "gssapistrictacceptorcheck", sGssStrictAcceptor, SSHCFG_GLOBAL }, | 382 | { "gssapistrictacceptorcheck", sGssStrictAcceptor, SSHCFG_GLOBAL }, |
| 379 | { "gssapikeyexchange", sGssKeyEx, SSHCFG_GLOBAL }, | 383 | { "gssapikeyexchange", sGssKeyEx, SSHCFG_GLOBAL }, |
| 380 | { "gssapistorecredentialsonrekey", sGssStoreRekey, SSHCFG_GLOBAL }, | 384 | { "gssapistorecredentialsonrekey", sGssStoreRekey, SSHCFG_GLOBAL }, |
| 381 | #else | 385 | #else |
| 382 | { "gssapiauthentication", sUnsupported, SSHCFG_ALL }, | 386 | { "gssapiauthentication", sUnsupported, SSHCFG_ALL }, |
| 383 | { "gssapicleanupcredentials", sUnsupported, SSHCFG_GLOBAL }, | 387 | { "gssapicleanupcredentials", sUnsupported, SSHCFG_GLOBAL }, |
| 388 | { "gssapicleanupcreds", sUnsupported, SSHCFG_GLOBAL }, | ||
| 384 | { "gssapistrictacceptorcheck", sUnsupported, SSHCFG_GLOBAL }, | 389 | { "gssapistrictacceptorcheck", sUnsupported, SSHCFG_GLOBAL }, |
| 385 | { "gssapikeyexchange", sUnsupported, SSHCFG_GLOBAL }, | 390 | { "gssapikeyexchange", sUnsupported, SSHCFG_GLOBAL }, |
| 386 | { "gssapistorecredentialsonrekey", sUnsupported, SSHCFG_GLOBAL }, | 391 | { "gssapistorecredentialsonrekey", sUnsupported, SSHCFG_GLOBAL }, |
| 387 | #endif | 392 | #endif |
| 393 | { "gssusesessionccache", sUnsupported, SSHCFG_GLOBAL }, | ||
| 394 | { "gssapiusesessioncredcache", sUnsupported, SSHCFG_GLOBAL }, | ||
| 388 | { "passwordauthentication", sPasswordAuthentication, SSHCFG_ALL }, | 395 | { "passwordauthentication", sPasswordAuthentication, SSHCFG_ALL }, |
| 389 | { "kbdinteractiveauthentication", sKbdInteractiveAuthentication, SSHCFG_ALL }, | 396 | { "kbdinteractiveauthentication", sKbdInteractiveAuthentication, SSHCFG_ALL }, |
| 390 | { "challengeresponseauthentication", sChallengeResponseAuthentication, SSHCFG_GLOBAL }, | 397 | { "challengeresponseauthentication", sChallengeResponseAuthentication, SSHCFG_GLOBAL }, |
| @@ -406,6 +413,7 @@ static struct { | |||
| 406 | { "x11uselocalhost", sX11UseLocalhost, SSHCFG_ALL }, | 413 | { "x11uselocalhost", sX11UseLocalhost, SSHCFG_ALL }, |
| 407 | { "xauthlocation", sXAuthLocation, SSHCFG_GLOBAL }, | 414 | { "xauthlocation", sXAuthLocation, SSHCFG_GLOBAL }, |
| 408 | { "strictmodes", sStrictModes, SSHCFG_GLOBAL }, | 415 | { "strictmodes", sStrictModes, SSHCFG_GLOBAL }, |
| 416 | { "permitblacklistedkeys", sPermitBlacklistedKeys, SSHCFG_GLOBAL }, | ||
| 409 | { "permitemptypasswords", sEmptyPasswd, SSHCFG_ALL }, | 417 | { "permitemptypasswords", sEmptyPasswd, SSHCFG_ALL }, |
| 410 | { "permituserenvironment", sPermitUserEnvironment, SSHCFG_GLOBAL }, | 418 | { "permituserenvironment", sPermitUserEnvironment, SSHCFG_GLOBAL }, |
| 411 | { "uselogin", sUseLogin, SSHCFG_GLOBAL }, | 419 | { "uselogin", sUseLogin, SSHCFG_GLOBAL }, |
| @@ -972,6 +980,10 @@ process_server_config_line(ServerOptions *options, char *line, | |||
| 972 | intptr = &options->tcp_keep_alive; | 980 | intptr = &options->tcp_keep_alive; |
| 973 | goto parse_flag; | 981 | goto parse_flag; |
| 974 | 982 | ||
| 983 | case sPermitBlacklistedKeys: | ||
| 984 | intptr = &options->permit_blacklisted_keys; | ||
| 985 | goto parse_flag; | ||
| 986 | |||
| 975 | case sEmptyPasswd: | 987 | case sEmptyPasswd: |
| 976 | intptr = &options->permit_empty_passwd; | 988 | intptr = &options->permit_empty_passwd; |
| 977 | goto parse_flag; | 989 | goto parse_flag; |
| @@ -1620,7 +1632,9 @@ dump_config(ServerOptions *o) | |||
| 1620 | #endif | 1632 | #endif |
| 1621 | #ifdef GSSAPI | 1633 | #ifdef GSSAPI |
| 1622 | dump_cfg_fmtint(sGssAuthentication, o->gss_authentication); | 1634 | dump_cfg_fmtint(sGssAuthentication, o->gss_authentication); |
| 1635 | dump_cfg_fmtint(sGssKeyEx, o->gss_keyex); | ||
| 1623 | dump_cfg_fmtint(sGssCleanupCreds, o->gss_cleanup_creds); | 1636 | dump_cfg_fmtint(sGssCleanupCreds, o->gss_cleanup_creds); |
| 1637 | dump_cfg_fmtint(sGssStrictAcceptor, o->gss_strict_acceptor); | ||
| 1624 | #endif | 1638 | #endif |
| 1625 | #ifdef JPAKE | 1639 | #ifdef JPAKE |
| 1626 | dump_cfg_fmtint(sZeroKnowledgePasswordAuthentication, | 1640 | dump_cfg_fmtint(sZeroKnowledgePasswordAuthentication, |
| @@ -1637,6 +1651,7 @@ dump_config(ServerOptions *o) | |||
| 1637 | dump_cfg_fmtint(sX11UseLocalhost, o->x11_use_localhost); | 1651 | dump_cfg_fmtint(sX11UseLocalhost, o->x11_use_localhost); |
| 1638 | dump_cfg_fmtint(sStrictModes, o->strict_modes); | 1652 | dump_cfg_fmtint(sStrictModes, o->strict_modes); |
| 1639 | dump_cfg_fmtint(sTCPKeepAlive, o->tcp_keep_alive); | 1653 | dump_cfg_fmtint(sTCPKeepAlive, o->tcp_keep_alive); |
| 1654 | dump_cfg_fmtint(sPermitBlacklistedKeys, o->permit_blacklisted_keys); | ||
| 1640 | dump_cfg_fmtint(sEmptyPasswd, o->permit_empty_passwd); | 1655 | dump_cfg_fmtint(sEmptyPasswd, o->permit_empty_passwd); |
| 1641 | dump_cfg_fmtint(sPermitUserEnvironment, o->permit_user_env); | 1656 | dump_cfg_fmtint(sPermitUserEnvironment, o->permit_user_env); |
| 1642 | dump_cfg_fmtint(sUseLogin, o->use_login); | 1657 | dump_cfg_fmtint(sUseLogin, o->use_login); |