diff options
Diffstat (limited to 'sshd.c')
-rw-r--r-- | sshd.c | 23 |
1 files changed, 22 insertions, 1 deletions
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: sshd.c,v 1.395 2012/11/04 10:38:43 djm Exp $ */ | 1 | /* $OpenBSD: sshd.c,v 1.396 2012/11/04 11:09:15 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
@@ -1337,6 +1337,7 @@ main(int ac, char **av) | |||
1337 | int remote_port; | 1337 | int remote_port; |
1338 | char *line; | 1338 | char *line; |
1339 | int config_s[2] = { -1 , -1 }; | 1339 | int config_s[2] = { -1 , -1 }; |
1340 | u_int n; | ||
1340 | u_int64_t ibytes, obytes; | 1341 | u_int64_t ibytes, obytes; |
1341 | mode_t new_umask; | 1342 | mode_t new_umask; |
1342 | Key *key; | 1343 | Key *key; |
@@ -1566,6 +1567,26 @@ main(int ac, char **av) | |||
1566 | fatal("AuthorizedKeysCommand set without " | 1567 | fatal("AuthorizedKeysCommand set without " |
1567 | "AuthorizedKeysCommandUser"); | 1568 | "AuthorizedKeysCommandUser"); |
1568 | 1569 | ||
1570 | /* | ||
1571 | * Check whether there is any path through configured auth methods. | ||
1572 | * Unfortunately it is not possible to verify this generally before | ||
1573 | * daemonisation in the presence of Match block, but this catches | ||
1574 | * and warns for trivial misconfigurations that could break login. | ||
1575 | */ | ||
1576 | if (options.num_auth_methods != 0) { | ||
1577 | if ((options.protocol & SSH_PROTO_1)) | ||
1578 | fatal("AuthenticationMethods is not supported with " | ||
1579 | "SSH protocol 1"); | ||
1580 | for (n = 0; n < options.num_auth_methods; n++) { | ||
1581 | if (auth2_methods_valid(options.auth_methods[n], | ||
1582 | 1) == 0) | ||
1583 | break; | ||
1584 | } | ||
1585 | if (n >= options.num_auth_methods) | ||
1586 | fatal("AuthenticationMethods cannot be satisfied by " | ||
1587 | "enabled authentication methods"); | ||
1588 | } | ||
1589 | |||
1569 | /* set default channel AF */ | 1590 | /* set default channel AF */ |
1570 | channel_set_af(options.address_family); | 1591 | channel_set_af(options.address_family); |
1571 | 1592 | ||