version 1.309, 2019/09/06 14:45:34 |
version 1.310, 2019/10/31 21:18:28 |
|
|
oStreamLocalBindMask, oStreamLocalBindUnlink, oRevokedHostKeys, |
oStreamLocalBindMask, oStreamLocalBindUnlink, oRevokedHostKeys, |
oFingerprintHash, oUpdateHostkeys, oHostbasedKeyTypes, |
oFingerprintHash, oUpdateHostkeys, oHostbasedKeyTypes, |
oPubkeyAcceptedKeyTypes, oCASignatureAlgorithms, oProxyJump, |
oPubkeyAcceptedKeyTypes, oCASignatureAlgorithms, oProxyJump, |
|
oSecurityKeyProvider, |
oIgnore, oIgnoredUnknownOption, oDeprecated, oUnsupported |
oIgnore, oIgnoredUnknownOption, oDeprecated, oUnsupported |
} OpCodes; |
} OpCodes; |
|
|
|
|
{ "smartcarddevice", oUnsupported }, |
{ "smartcarddevice", oUnsupported }, |
{ "pkcs11provider", oUnsupported }, |
{ "pkcs11provider", oUnsupported }, |
#endif |
#endif |
|
{ "securitykeyprovider", oSecurityKeyProvider }, |
{ "rsaauthentication", oUnsupported }, |
{ "rsaauthentication", oUnsupported }, |
{ "rhostsrsaauthentication", oUnsupported }, |
{ "rhostsrsaauthentication", oUnsupported }, |
{ "compressionlevel", oUnsupported }, |
{ "compressionlevel", oUnsupported }, |
|
|
charptr = &options->pkcs11_provider; |
charptr = &options->pkcs11_provider; |
goto parse_string; |
goto parse_string; |
|
|
|
case oSecurityKeyProvider: |
|
charptr = &options->sk_provider; |
|
goto parse_string; |
|
|
case oProxyCommand: |
case oProxyCommand: |
charptr = &options->proxy_command; |
charptr = &options->proxy_command; |
/* Ignore ProxyCommand if ProxyJump already specified */ |
/* Ignore ProxyCommand if ProxyJump already specified */ |
|
|
options->bind_address = NULL; |
options->bind_address = NULL; |
options->bind_interface = NULL; |
options->bind_interface = NULL; |
options->pkcs11_provider = NULL; |
options->pkcs11_provider = NULL; |
|
options->sk_provider = NULL; |
options->enable_ssh_keysign = - 1; |
options->enable_ssh_keysign = - 1; |
options->no_host_authentication_for_localhost = - 1; |
options->no_host_authentication_for_localhost = - 1; |
options->identities_only = - 1; |
options->identities_only = - 1; |
|
|
add_identity_file(options, "~/", _PATH_SSH_CLIENT_ID_DSA, 0); |
add_identity_file(options, "~/", _PATH_SSH_CLIENT_ID_DSA, 0); |
add_identity_file(options, "~/", _PATH_SSH_CLIENT_ID_ECDSA, 0); |
add_identity_file(options, "~/", _PATH_SSH_CLIENT_ID_ECDSA, 0); |
add_identity_file(options, "~/", |
add_identity_file(options, "~/", |
|
_PATH_SSH_CLIENT_ID_ECDSA_SK, 0); |
|
add_identity_file(options, "~/", |
_PATH_SSH_CLIENT_ID_ED25519, 0); |
_PATH_SSH_CLIENT_ID_ED25519, 0); |
add_identity_file(options, "~/", _PATH_SSH_CLIENT_ID_XMSS, 0); |
add_identity_file(options, "~/", _PATH_SSH_CLIENT_ID_XMSS, 0); |
} |
} |
|
|
options->fingerprint_hash = SSH_FP_HASH_DEFAULT; |
options->fingerprint_hash = SSH_FP_HASH_DEFAULT; |
if (options->update_hostkeys == -1) |
if (options->update_hostkeys == -1) |
options->update_hostkeys = 0; |
options->update_hostkeys = 0; |
|
if (options->sk_provider == NULL) |
|
options->sk_provider = xstrdup("$SSH_SK_PROVIDER"); |
|
|
/* Expand KEX name lists */ |
/* Expand KEX name lists */ |
all_cipher = cipher_alg_list(',', 0); |
all_cipher = cipher_alg_list(',', 0); |
|
|
ASSEMBLE(macs, KEX_CLIENT_MAC, all_mac); |
ASSEMBLE(macs, KEX_CLIENT_MAC, all_mac); |
ASSEMBLE(kex_algorithms, KEX_CLIENT_KEX, all_kex); |
ASSEMBLE(kex_algorithms, KEX_CLIENT_KEX, all_kex); |
ASSEMBLE(hostbased_key_types, KEX_DEFAULT_PK_ALG, all_key); |
ASSEMBLE(hostbased_key_types, KEX_DEFAULT_PK_ALG, all_key); |
ASSEMBLE(pubkey_key_types, KEX_DEFAULT_PK_ALG, all_key); |
ASSEMBLE(pubkey_key_types, PUBKEY_DEFAULT_PK_ALG, all_key); |
ASSEMBLE(ca_sign_algorithms, SSH_ALLOWED_CA_SIGALGS, all_sig); |
ASSEMBLE(ca_sign_algorithms, SSH_ALLOWED_CA_SIGALGS, all_sig); |
#undef ASSEMBLE |
#undef ASSEMBLE |
free(all_cipher); |
free(all_cipher); |
|
|
CLEAR_ON_NONE(options->control_path); |
CLEAR_ON_NONE(options->control_path); |
CLEAR_ON_NONE(options->revoked_host_keys); |
CLEAR_ON_NONE(options->revoked_host_keys); |
CLEAR_ON_NONE(options->pkcs11_provider); |
CLEAR_ON_NONE(options->pkcs11_provider); |
|
CLEAR_ON_NONE(options->sk_provider); |
if (options->jump_host != NULL && |
if (options->jump_host != NULL && |
strcmp(options->jump_host, "none") == 0 && |
strcmp(options->jump_host, "none") == 0 && |
options->jump_port == 0 && options->jump_user == NULL) { |
options->jump_port == 0 && options->jump_user == NULL) { |
|
|
#ifdef ENABLE_PKCS11 |
#ifdef ENABLE_PKCS11 |
dump_cfg_string(oPKCS11Provider, o->pkcs11_provider); |
dump_cfg_string(oPKCS11Provider, o->pkcs11_provider); |
#endif |
#endif |
|
dump_cfg_string(oSecurityKeyProvider, o->sk_provider); |
dump_cfg_string(oPreferredAuthentications, o->preferred_authentications); |
dump_cfg_string(oPreferredAuthentications, o->preferred_authentications); |
dump_cfg_string(oPubkeyAcceptedKeyTypes, o->pubkey_key_types); |
dump_cfg_string(oPubkeyAcceptedKeyTypes, o->pubkey_key_types); |
dump_cfg_string(oRevokedHostKeys, o->revoked_host_keys); |
dump_cfg_string(oRevokedHostKeys, o->revoked_host_keys); |