From 928f1231f65f88cd4c73e6e0edd63d2cf6295d77 Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Mon, 19 Nov 2018 04:12:32 +0000 Subject: upstream: silence (to log level debug2) failure messages when MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit loading the default hostkeys. Hostkeys explicitly specified in the configuration or on the command-line are still reported as errors, and failure to load at least one host key remains a fatal error. MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Based on patch from Dag-Erling Smørgrav via https://github.com/openssh/openssh-portable/pull/103 ok markus@ OpenBSD-Commit-ID: ffc2e35a75d1008effaf05a5e27425041c27b684 --- servconf.h | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) (limited to 'servconf.h') diff --git a/servconf.h b/servconf.h index 0175e00e8..548ad5a0c 100644 --- a/servconf.h +++ b/servconf.h @@ -1,4 +1,4 @@ -/* $OpenBSD: servconf.h,v 1.137 2018/09/20 03:28:06 djm Exp $ */ +/* $OpenBSD: servconf.h,v 1.138 2018/11/19 04:12:32 djm Exp $ */ /* * Author: Tatu Ylonen @@ -75,6 +75,7 @@ typedef struct { char *routing_domain; /* Bind session to routing domain */ char **host_key_files; /* Files containing host keys. */ + int *host_key_file_userprovided; /* Key was specified by user. */ u_int num_host_key_files; /* Number of files for host keys. */ char **host_cert_files; /* Files containing host certs. */ u_int num_host_cert_files; /* Number of files for host certs. */ @@ -273,7 +274,7 @@ void copy_set_server_options(ServerOptions *, ServerOptions *, int); void dump_config(ServerOptions *); char *derelativise_path(const char *); void servconf_add_hostkey(const char *, const int, - ServerOptions *, const char *path); + ServerOptions *, const char *path, int); void servconf_add_hostcert(const char *, const int, ServerOptions *, const char *path); -- cgit v1.2.3 From 172a592a53ebe8649c4ac0d7946e6c08eb151af6 Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Sat, 19 Jan 2019 21:37:48 +0000 Subject: upstream: convert servconf.c to new packet API with & ok markus@ OpenBSD-Commit-ID: 126553aecca302c9e02fd77e333b9cb217e623b4 --- auth.c | 5 +++-- servconf.c | 10 +++------- servconf.h | 4 ++-- sshd.c | 6 +++--- 4 files changed, 11 insertions(+), 14 deletions(-) (limited to 'servconf.h') diff --git a/auth.c b/auth.c index 94f43a6c2..d82b40683 100644 --- a/auth.c +++ b/auth.c @@ -1,4 +1,4 @@ -/* $OpenBSD: auth.c,v 1.136 2019/01/19 21:31:32 djm Exp $ */ +/* $OpenBSD: auth.c,v 1.137 2019/01/19 21:37:48 djm Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. * @@ -572,8 +572,9 @@ getpwnamallow(const char *user) #endif #endif struct passwd *pw; - struct connection_info *ci = get_connection_info(1, options.use_dns); + struct connection_info *ci; + ci = get_connection_info(ssh, 1, options.use_dns); ci->user = user; parse_server_match_config(&options, ci); log_change_level(options.log_level); diff --git a/servconf.c b/servconf.c index 0ec095bd0..86c631bb0 100644 --- a/servconf.c +++ b/servconf.c @@ -1,5 +1,5 @@ -/* $OpenBSD: servconf.c,v 1.345 2019/01/19 21:31:32 djm Exp $ */ +/* $OpenBSD: servconf.c,v 1.346 2019/01/19 21:37:48 djm Exp $ */ /* * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland * All rights reserved @@ -65,9 +65,6 @@ #include "myproposal.h" #include "digest.h" -#include "opacket.h" /* XXX */ -extern struct ssh *active_state; /* XXX */ - static void add_listen_addr(ServerOptions *, const char *, const char *, int); static void add_one_listen_addr(ServerOptions *, const char *, @@ -926,12 +923,11 @@ process_permitopen(struct ssh *ssh, ServerOptions *options) } struct connection_info * -get_connection_info(int populate, int use_dns) +get_connection_info(struct ssh *ssh, int populate, int use_dns) { - struct ssh *ssh = active_state; /* XXX */ static struct connection_info ci; - if (!populate) + if (ssh == NULL || !populate) return &ci; ci.host = auth_get_canonical_hostname(ssh, use_dns); ci.address = ssh_remote_ipaddr(ssh); diff --git a/servconf.h b/servconf.h index 548ad5a0c..54e0a8d8d 100644 --- a/servconf.h +++ b/servconf.h @@ -1,4 +1,4 @@ -/* $OpenBSD: servconf.h,v 1.138 2018/11/19 04:12:32 djm Exp $ */ +/* $OpenBSD: servconf.h,v 1.139 2019/01/19 21:37:48 djm Exp $ */ /* * Author: Tatu Ylonen @@ -258,7 +258,7 @@ struct connection_info { M_CP_STRARRAYOPT(permitted_listens, num_permitted_listens); \ } while (0) -struct connection_info *get_connection_info(int, int); +struct connection_info *get_connection_info(struct ssh *, int, int); void initialize_server_options(ServerOptions *); void fill_default_server_options(ServerOptions *); int process_server_config_line(ServerOptions *, char *, const char *, int, diff --git a/sshd.c b/sshd.c index ad8c152a5..64f27a7bb 100644 --- a/sshd.c +++ b/sshd.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshd.c,v 1.522 2019/01/19 21:31:32 djm Exp $ */ +/* $OpenBSD: sshd.c,v 1.523 2019/01/19 21:37:48 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -1493,7 +1493,7 @@ main(int ac, char **av) test_flag = 2; break; case 'C': - connection_info = get_connection_info(0, 0); + connection_info = get_connection_info(ssh, 0, 0); if (parse_server_match_testspec(connection_info, optarg) == -1) exit(1); @@ -1776,7 +1776,7 @@ main(int ac, char **av) * use a blank one that will cause no predicate to match. */ if (connection_info == NULL) - connection_info = get_connection_info(0, 0); + connection_info = get_connection_info(ssh, 0, 0); parse_server_match_config(&options, connection_info); dump_config(&options); } -- cgit v1.2.3