version 1.223, 2014/12/04 02:24:32 |
version 1.224, 2014/12/21 22:27:56 |
|
|
#include "mac.h" |
#include "mac.h" |
#include "uidswap.h" |
#include "uidswap.h" |
#include "myproposal.h" |
#include "myproposal.h" |
|
#include "digest.h" |
|
|
/* Format of the configuration file: |
/* Format of the configuration file: |
|
|
|
|
oCanonicalDomains, oCanonicalizeHostname, oCanonicalizeMaxDots, |
oCanonicalDomains, oCanonicalizeHostname, oCanonicalizeMaxDots, |
oCanonicalizeFallbackLocal, oCanonicalizePermittedCNAMEs, |
oCanonicalizeFallbackLocal, oCanonicalizePermittedCNAMEs, |
oStreamLocalBindMask, oStreamLocalBindUnlink, oRevokedHostKeys, |
oStreamLocalBindMask, oStreamLocalBindUnlink, oRevokedHostKeys, |
|
oFingerprintHash, |
oIgnoredUnknownOption, oDeprecated, oUnsupported |
oIgnoredUnknownOption, oDeprecated, oUnsupported |
} OpCodes; |
} OpCodes; |
|
|
|
|
{ "streamlocalbindmask", oStreamLocalBindMask }, |
{ "streamlocalbindmask", oStreamLocalBindMask }, |
{ "streamlocalbindunlink", oStreamLocalBindUnlink }, |
{ "streamlocalbindunlink", oStreamLocalBindUnlink }, |
{ "revokedhostkeys", oRevokedHostKeys }, |
{ "revokedhostkeys", oRevokedHostKeys }, |
|
{ "fingerprinthash", oFingerprintHash }, |
{ "ignoreunknown", oIgnoreUnknown }, |
{ "ignoreunknown", oIgnoreUnknown }, |
|
|
{ NULL, oBadOption } |
{ NULL, oBadOption } |
|
|
charptr = &options->revoked_host_keys; |
charptr = &options->revoked_host_keys; |
goto parse_string; |
goto parse_string; |
|
|
|
case oFingerprintHash: |
|
arg = strdelim(&s); |
|
if (!arg || *arg == '\0') |
|
fatal("%.200s line %d: Missing argument.", |
|
filename, linenum); |
|
if ((value = ssh_digest_alg_by_name(arg)) == -1) |
|
fatal("%.200s line %d: Invalid hash algorithm \"%s\".", |
|
filename, linenum, arg); |
|
if (*activep) |
|
options->fingerprint_hash = value; |
|
break; |
|
|
case oDeprecated: |
case oDeprecated: |
debug("%s line %d: Deprecated option \"%s\"", |
debug("%s line %d: Deprecated option \"%s\"", |
filename, linenum, keyword); |
filename, linenum, keyword); |
|
|
options->canonicalize_fallback_local = -1; |
options->canonicalize_fallback_local = -1; |
options->canonicalize_hostname = -1; |
options->canonicalize_hostname = -1; |
options->revoked_host_keys = NULL; |
options->revoked_host_keys = NULL; |
|
options->fingerprint_hash = -1; |
} |
} |
|
|
/* |
/* |
|
|
options->canonicalize_fallback_local = 1; |
options->canonicalize_fallback_local = 1; |
if (options->canonicalize_hostname == -1) |
if (options->canonicalize_hostname == -1) |
options->canonicalize_hostname = SSH_CANONICALISE_NO; |
options->canonicalize_hostname = SSH_CANONICALISE_NO; |
|
if (options->fingerprint_hash == -1) |
|
options->fingerprint_hash = SSH_FP_HASH_DEFAULT; |
|
|
#define CLEAR_ON_NONE(v) \ |
#define CLEAR_ON_NONE(v) \ |
do { \ |
do { \ |
if (option_clear_or_none(v)) { \ |
if (option_clear_or_none(v)) { \ |
|
|
return fmt_multistate_int(val, multistate_requesttty); |
return fmt_multistate_int(val, multistate_requesttty); |
case oCanonicalizeHostname: |
case oCanonicalizeHostname: |
return fmt_multistate_int(val, multistate_canonicalizehostname); |
return fmt_multistate_int(val, multistate_canonicalizehostname); |
|
case oFingerprintHash: |
|
return ssh_digest_alg_name(val); |
case oProtocol: |
case oProtocol: |
switch (val) { |
switch (val) { |
case SSH_PROTO_1: |
case SSH_PROTO_1: |
|
|
dump_cfg_fmtint(oControlMaster, o->control_master); |
dump_cfg_fmtint(oControlMaster, o->control_master); |
dump_cfg_fmtint(oEnableSSHKeysign, o->enable_ssh_keysign); |
dump_cfg_fmtint(oEnableSSHKeysign, o->enable_ssh_keysign); |
dump_cfg_fmtint(oExitOnForwardFailure, o->exit_on_forward_failure); |
dump_cfg_fmtint(oExitOnForwardFailure, o->exit_on_forward_failure); |
|
dump_cfg_fmtint(oFingerprintHash, o->fingerprint_hash); |
dump_cfg_fmtint(oForwardAgent, o->forward_agent); |
dump_cfg_fmtint(oForwardAgent, o->forward_agent); |
dump_cfg_fmtint(oForwardX11, o->forward_x11); |
dump_cfg_fmtint(oForwardX11, o->forward_x11); |
dump_cfg_fmtint(oForwardX11Trusted, o->forward_x11_trusted); |
dump_cfg_fmtint(oForwardX11Trusted, o->forward_x11_trusted); |