From 794325ac7a490d02c9ce5c0ad3093e1874df59a0 Mon Sep 17 00:00:00 2001 From: Ben Lindstrom Date: Mon, 6 Aug 2001 21:09:07 +0000 Subject: - stevesk@cvs.openbsd.org 2001/07/26 17:18:22 [sshd.8 sshd.c] add -t option to test configuration file and keys; pekkas@netcore.fi ok markus@ --- ChangeLog | 6 +++++- sshd.8 | 8 +++++++- sshd.c | 15 +++++++++++++-- 3 files changed, 25 insertions(+), 4 deletions(-) diff --git a/ChangeLog b/ChangeLog index d5f7f6694..7008ff9d3 100644 --- a/ChangeLog +++ b/ChangeLog @@ -36,6 +36,10 @@ [readconf.c ssh.1 ssh.c sshconnect.c] cleanup connect(); connection_attempts 4 -> 1; from eivind@freebsd.org + - stevesk@cvs.openbsd.org 2001/07/26 17:18:22 + [sshd.8 sshd.c] + add -t option to test configuration file and keys; pekkas@netcore.fi + ok markus@ 20010803 - (djm) Fix interrupted read in entropy gatherer. Spotted by markus@ on @@ -6146,4 +6150,4 @@ - Wrote replacements for strlcpy and mkdtemp - Released 1.0pre1 -$Id: ChangeLog,v 1.1436 2001/08/06 21:07:11 mouring Exp $ +$Id: ChangeLog,v 1.1437 2001/08/06 21:09:07 mouring Exp $ diff --git a/sshd.8 b/sshd.8 index 01fd21421..94bd62738 100644 --- a/sshd.8 +++ b/sshd.8 @@ -34,7 +34,7 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $OpenBSD: sshd.8,v 1.136 2001/07/22 22:24:16 markus Exp $ +.\" $OpenBSD: sshd.8,v 1.137 2001/07/26 17:18:22 stevesk Exp $ .Dd September 25, 1999 .Dt SSHD 8 .Os @@ -247,6 +247,12 @@ Quiet mode. Nothing is sent to the system log. Normally the beginning, authentication, and termination of each connection is logged. +.It Fl t +Test mode. +Only check the validity of the configuration file and sanity of the keys. +This is useful for updating +.Nm +reliably as configuration options may change. .It Fl u Ar len This option is used to specify the size of the field in the diff --git a/sshd.c b/sshd.c index dd5d7ab2c..d1c68445d 100644 --- a/sshd.c +++ b/sshd.c @@ -40,7 +40,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: sshd.c,v 1.202 2001/06/26 16:15:25 dugsong Exp $"); +RCSID("$OpenBSD: sshd.c,v 1.203 2001/07/26 17:18:22 stevesk Exp $"); #include #include @@ -113,6 +113,9 @@ int IPv4or6 = AF_UNSPEC; */ int debug_flag = 0; +/* Flag indicating that the daemon should only test the configuration and keys. */ +int test_flag = 0; + /* Flag indicating that the daemon is being started from inetd. */ int inetd_flag = 0; @@ -560,7 +563,7 @@ main(int ac, char **av) initialize_server_options(&options); /* Parse command-line arguments. */ - while ((opt = getopt(ac, av, "f:p:b:k:h:g:V:u:dDeiqQ46")) != -1) { + while ((opt = getopt(ac, av, "f:p:b:k:h:g:V:u:dDeiqtQ46")) != -1) { switch (opt) { case '4': IPv4or6 = AF_INET; @@ -636,6 +639,9 @@ main(int ac, char **av) /* only makes sense with inetd_flag, i.e. no listen() */ inetd_flag = 1; break; + case 't': + test_flag = 1; + break; case 'u': utmp_len = atoi(optarg); break; @@ -648,6 +654,7 @@ main(int ac, char **av) fprintf(stderr, " -d Debugging mode (multiple -d means more debugging)\n"); fprintf(stderr, " -i Started from inetd\n"); fprintf(stderr, " -D Do not fork into daemon mode\n"); + fprintf(stderr, " -t Only test configuration file and keys\n"); fprintf(stderr, " -q Quiet (no logging)\n"); fprintf(stderr, " -p port Listen on the specified port (default: 22)\n"); fprintf(stderr, " -k seconds Regenerate server key every this many seconds (default: 3600)\n"); @@ -755,6 +762,10 @@ main(int ac, char **av) } } + /* Configuration looks good, so exit if in test mode. */ + if (test_flag) + exit(0); + #ifdef HAVE_SCO_PROTECTED_PW (void) set_auth_parameters(ac, av); #endif -- cgit v1.2.3