diff options
Diffstat (limited to 'servconf.c')
| -rw-r--r-- | servconf.c | 26 |
1 files changed, 25 insertions, 1 deletions
diff --git a/servconf.c b/servconf.c index 1e3c213a5..951bbc4bf 100644 --- a/servconf.c +++ b/servconf.c | |||
| @@ -90,7 +90,9 @@ initialize_server_options(ServerOptions *options) | |||
| 90 | options->kerberos_ticket_cleanup = -1; | 90 | options->kerberos_ticket_cleanup = -1; |
| 91 | options->kerberos_get_afs_token = -1; | 91 | options->kerberos_get_afs_token = -1; |
| 92 | options->gss_authentication=-1; | 92 | options->gss_authentication=-1; |
| 93 | options->gss_keyex = -1; | ||
| 93 | options->gss_cleanup_creds = -1; | 94 | options->gss_cleanup_creds = -1; |
| 95 | options->gss_strict_acceptor = -1; | ||
| 94 | options->password_authentication = -1; | 96 | options->password_authentication = -1; |
| 95 | options->kbd_interactive_authentication = -1; | 97 | options->kbd_interactive_authentication = -1; |
| 96 | options->challenge_response_authentication = -1; | 98 | options->challenge_response_authentication = -1; |
| @@ -204,8 +206,12 @@ fill_default_server_options(ServerOptions *options) | |||
| 204 | options->kerberos_get_afs_token = 0; | 206 | options->kerberos_get_afs_token = 0; |
| 205 | if (options->gss_authentication == -1) | 207 | if (options->gss_authentication == -1) |
| 206 | options->gss_authentication = 0; | 208 | options->gss_authentication = 0; |
| 209 | if (options->gss_keyex == -1) | ||
| 210 | options->gss_keyex = 0; | ||
| 207 | if (options->gss_cleanup_creds == -1) | 211 | if (options->gss_cleanup_creds == -1) |
| 208 | options->gss_cleanup_creds = 1; | 212 | options->gss_cleanup_creds = 1; |
| 213 | if (options->gss_strict_acceptor == -1) | ||
| 214 | options->gss_strict_acceptor = 1; | ||
| 209 | if (options->password_authentication == -1) | 215 | if (options->password_authentication == -1) |
| 210 | options->password_authentication = 1; | 216 | options->password_authentication = 1; |
| 211 | if (options->kbd_interactive_authentication == -1) | 217 | if (options->kbd_interactive_authentication == -1) |
| @@ -290,7 +296,9 @@ typedef enum { | |||
| 290 | sBanner, sUseDNS, sHostbasedAuthentication, | 296 | sBanner, sUseDNS, sHostbasedAuthentication, |
| 291 | sHostbasedUsesNameFromPacketOnly, sClientAliveInterval, | 297 | sHostbasedUsesNameFromPacketOnly, sClientAliveInterval, |
| 292 | sClientAliveCountMax, sAuthorizedKeysFile, sAuthorizedKeysFile2, | 298 | sClientAliveCountMax, sAuthorizedKeysFile, sAuthorizedKeysFile2, |
| 293 | sGssAuthentication, sGssCleanupCreds, sAcceptEnv, sPermitTunnel, | 299 | sGssAuthentication, sGssCleanupCreds, sGssStrictAcceptor, |
| 300 | sGssKeyEx, | ||
| 301 | sAcceptEnv, sPermitTunnel, | ||
| 294 | sMatch, sPermitOpen, sForceCommand, | 302 | sMatch, sPermitOpen, sForceCommand, |
| 295 | sUsePrivilegeSeparation, | 303 | sUsePrivilegeSeparation, |
| 296 | sDeprecated, sUnsupported | 304 | sDeprecated, sUnsupported |
| @@ -351,10 +359,18 @@ static struct { | |||
| 351 | #ifdef GSSAPI | 359 | #ifdef GSSAPI |
| 352 | { "gssapiauthentication", sGssAuthentication, SSHCFG_ALL }, | 360 | { "gssapiauthentication", sGssAuthentication, SSHCFG_ALL }, |
| 353 | { "gssapicleanupcredentials", sGssCleanupCreds, SSHCFG_GLOBAL }, | 361 | { "gssapicleanupcredentials", sGssCleanupCreds, SSHCFG_GLOBAL }, |
| 362 | { "gssapicleanupcreds", sGssCleanupCreds, SSHCFG_GLOBAL }, | ||
| 363 | { "gssapistrictacceptorcheck", sGssStrictAcceptor, SSHCFG_GLOBAL }, | ||
| 364 | { "gssapikeyexchange", sGssKeyEx, SSHCFG_GLOBAL }, | ||
| 354 | #else | 365 | #else |
| 355 | { "gssapiauthentication", sUnsupported, SSHCFG_ALL }, | 366 | { "gssapiauthentication", sUnsupported, SSHCFG_ALL }, |
| 356 | { "gssapicleanupcredentials", sUnsupported, SSHCFG_GLOBAL }, | 367 | { "gssapicleanupcredentials", sUnsupported, SSHCFG_GLOBAL }, |
| 368 | { "gssapicleanupcreds", sUnsupported, SSHCFG_GLOBAL }, | ||
| 369 | { "gssapistrictacceptorcheck", sUnsupported, SSHCFG_GLOBAL }, | ||
| 370 | { "gssapikeyexchange", sUnsupported, SSHCFG_GLOBAL }, | ||
| 357 | #endif | 371 | #endif |
| 372 | { "gssusesessionccache", sUnsupported, SSHCFG_GLOBAL }, | ||
| 373 | { "gssapiusesessioncredcache", sUnsupported, SSHCFG_GLOBAL }, | ||
| 358 | { "passwordauthentication", sPasswordAuthentication, SSHCFG_ALL }, | 374 | { "passwordauthentication", sPasswordAuthentication, SSHCFG_ALL }, |
| 359 | { "kbdinteractiveauthentication", sKbdInteractiveAuthentication, SSHCFG_ALL }, | 375 | { "kbdinteractiveauthentication", sKbdInteractiveAuthentication, SSHCFG_ALL }, |
| 360 | { "challengeresponseauthentication", sChallengeResponseAuthentication, SSHCFG_GLOBAL }, | 376 | { "challengeresponseauthentication", sChallengeResponseAuthentication, SSHCFG_GLOBAL }, |
| @@ -872,10 +888,18 @@ parse_flag: | |||
| 872 | intptr = &options->gss_authentication; | 888 | intptr = &options->gss_authentication; |
| 873 | goto parse_flag; | 889 | goto parse_flag; |
| 874 | 890 | ||
| 891 | case sGssKeyEx: | ||
| 892 | intptr = &options->gss_keyex; | ||
| 893 | goto parse_flag; | ||
| 894 | |||
| 875 | case sGssCleanupCreds: | 895 | case sGssCleanupCreds: |
| 876 | intptr = &options->gss_cleanup_creds; | 896 | intptr = &options->gss_cleanup_creds; |
| 877 | goto parse_flag; | 897 | goto parse_flag; |
| 878 | 898 | ||
| 899 | case sGssStrictAcceptor: | ||
| 900 | intptr = &options->gss_strict_acceptor; | ||
| 901 | goto parse_flag; | ||
| 902 | |||
| 879 | case sPasswordAuthentication: | 903 | case sPasswordAuthentication: |
| 880 | intptr = &options->password_authentication; | 904 | intptr = &options->password_authentication; |
| 881 | goto parse_flag; | 905 | goto parse_flag; |