From 957fbceb0f3166e41b76fdb54075ab3b9cc84cba Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Wed, 8 Oct 2014 22:20:25 +0000 Subject: upstream commit Tweak config reparsing with host canonicalisation Make the second pass through the config files always run when hostname canonicalisation is enabled. Add a "Match canonical" criteria that allows ssh_config Match blocks to trigger only in the second config pass. Add a -G option to ssh that causes it to parse its configuration and dump the result to stdout, similar to "sshd -T" Allow ssh_config Port options set in the second config parse phase to be applied (they were being ignored). bz#2267 bz#2286; ok markus --- ssh-keysign.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'ssh-keysign.c') diff --git a/ssh-keysign.c b/ssh-keysign.c index d95bb7d9d..6b73319e0 100644 --- a/ssh-keysign.c +++ b/ssh-keysign.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-keysign.c,v 1.42 2014/04/29 18:01:49 markus Exp $ */ +/* $OpenBSD: ssh-keysign.c,v 1.43 2014/10/08 22:20:25 djm Exp $ */ /* * Copyright (c) 2002 Markus Friedl. All rights reserved. * @@ -187,7 +187,7 @@ main(int argc, char **argv) /* verify that ssh-keysign is enabled by the admin */ initialize_options(&options); - (void)read_config_file(_PATH_HOST_CONFIG_FILE, pw, "", &options, 0); + (void)read_config_file(_PATH_HOST_CONFIG_FILE, pw, "", "", &options, 0); fill_default_options(&options); if (options.enable_ssh_keysign != 1) fatal("ssh-keysign not enabled in %s", -- cgit v1.2.3