From 5d74e58e62df1e80c23ff8444ff22483cba1995a Mon Sep 17 00:00:00 2001 From: Damien Miller Date: Fri, 20 May 2011 19:03:31 +1000 Subject: - djm@cvs.openbsd.org 2011/05/20 00:55:02 [servconf.c] the options TrustedUserCAKeys, RevokedKeysFile, AuthorizedKeysFile and AuthorizedPrincipalsFile were not being correctly applied in Match blocks, despite being overridable there; ok dtucker@ --- ChangeLog | 5 +++++ servconf.c | 11 ++++++----- 2 files changed, 11 insertions(+), 5 deletions(-) diff --git a/ChangeLog b/ChangeLog index 6a0cf4932..eb5136178 100644 --- a/ChangeLog +++ b/ChangeLog @@ -15,6 +15,11 @@ [key.c] fatal() if asked to generate a legacy ECDSA cert (these don't exist) and fix the regress test that was trying to generate them :) + - djm@cvs.openbsd.org 2011/05/20 00:55:02 + [servconf.c] + the options TrustedUserCAKeys, RevokedKeysFile, AuthorizedKeysFile + and AuthorizedPrincipalsFile were not being correctly applied in + Match blocks, despite being overridable there; ok dtucker@ 20110515 - (djm) OpenBSD CVS Sync diff --git a/servconf.c b/servconf.c index f862fbfd8..ab134ee55 100644 --- a/servconf.c +++ b/servconf.c @@ -1,4 +1,4 @@ -/* $OpenBSD: servconf.c,v 1.215 2011/05/11 04:47:06 djm Exp $ */ +/* $OpenBSD: servconf.c,v 1.216 2011/05/20 00:55:02 djm Exp $ */ /* * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland * All rights reserved @@ -1500,14 +1500,15 @@ copy_set_server_options(ServerOptions *dst, ServerOptions *src, int preauth) M_CP_INTOPT(ip_qos_bulk); M_CP_STROPT(banner); - if (preauth) - return; - M_CP_STROPT(adm_forced_command); - M_CP_STROPT(chroot_directory); M_CP_STROPT(trusted_user_ca_keys); M_CP_STROPT(revoked_keys_file); M_CP_STROPT(authorized_keys_file); M_CP_STROPT(authorized_principals_file); + + if (preauth) + return; + M_CP_STROPT(adm_forced_command); + M_CP_STROPT(chroot_directory); } #undef M_CP_INTOPT -- cgit v1.2.3