| version 1.319, 2019/12/21 02:19:13 |
version 1.320, 2020/01/23 02:46:49 |
|
|
| { NULL, oBadOption } |
{ NULL, oBadOption } |
| }; |
}; |
| |
|
| |
static char *kex_default_pk_alg_filtered; |
| |
|
| |
const char * |
| |
kex_default_pk_alg(void) |
| |
{ |
| |
if (kex_default_pk_alg_filtered == NULL) |
| |
fatal("kex_default_pk_alg not initialized."); |
| |
return kex_default_pk_alg_filtered; |
| |
} |
| |
|
| /* |
/* |
| * Adds a local TCP/IP port forward to options. Never returns if there is an |
* Adds a local TCP/IP port forward to options. Never returns if there is an |
| * error. |
* error. |
|
|
| fill_default_options(Options * options) |
fill_default_options(Options * options) |
| { |
{ |
| char *all_cipher, *all_mac, *all_kex, *all_key, *all_sig; |
char *all_cipher, *all_mac, *all_kex, *all_key, *all_sig; |
| |
char *def_cipher, *def_mac, *def_kex, *def_key, *def_sig; |
| int r; |
int r; |
| |
|
| if (options->forward_agent == -1) |
if (options->forward_agent == -1) |
|
|
| all_kex = kex_alg_list(','); |
all_kex = kex_alg_list(','); |
| all_key = sshkey_alg_list(0, 0, 1, ','); |
all_key = sshkey_alg_list(0, 0, 1, ','); |
| all_sig = sshkey_alg_list(0, 1, 1, ','); |
all_sig = sshkey_alg_list(0, 1, 1, ','); |
| |
/* remove unsupported algos from default lists */ |
| |
def_cipher = match_filter_whitelist(KEX_CLIENT_ENCRYPT, all_cipher); |
| |
def_mac = match_filter_whitelist(KEX_CLIENT_MAC, all_mac); |
| |
def_kex = match_filter_whitelist(KEX_CLIENT_KEX, all_kex); |
| |
def_key = match_filter_whitelist(KEX_DEFAULT_PK_ALG, all_key); |
| |
def_sig = match_filter_whitelist(SSH_ALLOWED_CA_SIGALGS, all_sig); |
| #define ASSEMBLE(what, defaults, all) \ |
#define ASSEMBLE(what, defaults, all) \ |
| do { \ |
do { \ |
| if ((r = kex_assemble_names(&options->what, \ |
if ((r = kex_assemble_names(&options->what, \ |
| defaults, all)) != 0) \ |
defaults, all)) != 0) \ |
| fatal("%s: %s: %s", __func__, #what, ssh_err(r)); \ |
fatal("%s: %s: %s", __func__, #what, ssh_err(r)); \ |
| } while (0) |
} while (0) |
| ASSEMBLE(ciphers, KEX_CLIENT_ENCRYPT, all_cipher); |
ASSEMBLE(ciphers, def_cipher, all_cipher); |
| ASSEMBLE(macs, KEX_CLIENT_MAC, all_mac); |
ASSEMBLE(macs, def_mac, all_mac); |
| ASSEMBLE(kex_algorithms, KEX_CLIENT_KEX, all_kex); |
ASSEMBLE(kex_algorithms, def_kex, all_kex); |
| ASSEMBLE(hostbased_key_types, KEX_DEFAULT_PK_ALG, all_key); |
ASSEMBLE(hostbased_key_types, def_key, all_key); |
| ASSEMBLE(pubkey_key_types, KEX_DEFAULT_PK_ALG, all_key); |
ASSEMBLE(pubkey_key_types, def_key, all_key); |
| ASSEMBLE(ca_sign_algorithms, SSH_ALLOWED_CA_SIGALGS, all_sig); |
ASSEMBLE(ca_sign_algorithms, def_sig, all_sig); |
| #undef ASSEMBLE |
#undef ASSEMBLE |
| free(all_cipher); |
free(all_cipher); |
| free(all_mac); |
free(all_mac); |
| free(all_kex); |
free(all_kex); |
| free(all_key); |
free(all_key); |
| free(all_sig); |
free(all_sig); |
| |
free(def_cipher); |
| |
free(def_mac); |
| |
free(def_kex); |
| |
kex_default_pk_alg_filtered = def_key; /* save for later use */ |
| |
free(def_sig); |
| |
|
| #define CLEAR_ON_NONE(v) \ |
#define CLEAR_ON_NONE(v) \ |
| do { \ |
do { \ |
|
|
| dump_client_config(Options *o, const char *host) |
dump_client_config(Options *o, const char *host) |
| { |
{ |
| int i; |
int i; |
| char buf[8], *all_key; |
char buf[8]; |
| |
|
| /* This is normally prepared in ssh_kex2 */ |
|
| all_key = sshkey_alg_list(0, 0, 1, ','); |
|
| if (kex_assemble_names( &o->hostkeyalgorithms, |
|
| KEX_DEFAULT_PK_ALG, all_key) != 0) |
|
| fatal("%s: kex_assemble_names failed", __func__); |
|
| free(all_key); |
|
| |
|
| /* Most interesting options first: user, host, port */ |
/* Most interesting options first: user, host, port */ |
| dump_cfg_string(oUser, o->user); |
dump_cfg_string(oUser, o->user); |
| dump_cfg_string(oHostname, host); |
dump_cfg_string(oHostname, host); |
|
|
| /* String options */ |
/* String options */ |
| dump_cfg_string(oBindAddress, o->bind_address); |
dump_cfg_string(oBindAddress, o->bind_address); |
| dump_cfg_string(oBindInterface, o->bind_interface); |
dump_cfg_string(oBindInterface, o->bind_interface); |
| dump_cfg_string(oCiphers, o->ciphers ? o->ciphers : KEX_CLIENT_ENCRYPT); |
dump_cfg_string(oCiphers, o->ciphers); |
| dump_cfg_string(oControlPath, o->control_path); |
dump_cfg_string(oControlPath, o->control_path); |
| dump_cfg_string(oHostKeyAlgorithms, o->hostkeyalgorithms); |
dump_cfg_string(oHostKeyAlgorithms, o->hostkeyalgorithms); |
| dump_cfg_string(oHostKeyAlias, o->host_key_alias); |
dump_cfg_string(oHostKeyAlias, o->host_key_alias); |
|
|
| dump_cfg_string(oIdentityAgent, o->identity_agent); |
dump_cfg_string(oIdentityAgent, o->identity_agent); |
| dump_cfg_string(oIgnoreUnknown, o->ignored_unknown); |
dump_cfg_string(oIgnoreUnknown, o->ignored_unknown); |
| dump_cfg_string(oKbdInteractiveDevices, o->kbd_interactive_devices); |
dump_cfg_string(oKbdInteractiveDevices, o->kbd_interactive_devices); |
| dump_cfg_string(oKexAlgorithms, o->kex_algorithms ? o->kex_algorithms : KEX_CLIENT_KEX); |
dump_cfg_string(oKexAlgorithms, o->kex_algorithms); |
| dump_cfg_string(oCASignatureAlgorithms, o->ca_sign_algorithms ? o->ca_sign_algorithms : SSH_ALLOWED_CA_SIGALGS); |
dump_cfg_string(oCASignatureAlgorithms, o->ca_sign_algorithms); |
| dump_cfg_string(oLocalCommand, o->local_command); |
dump_cfg_string(oLocalCommand, o->local_command); |
| dump_cfg_string(oRemoteCommand, o->remote_command); |
dump_cfg_string(oRemoteCommand, o->remote_command); |
| dump_cfg_string(oLogLevel, log_level_name(o->log_level)); |
dump_cfg_string(oLogLevel, log_level_name(o->log_level)); |
| dump_cfg_string(oMacs, o->macs ? o->macs : KEX_CLIENT_MAC); |
dump_cfg_string(oMacs, o->macs); |
| #ifdef ENABLE_PKCS11 |
#ifdef ENABLE_PKCS11 |
| dump_cfg_string(oPKCS11Provider, o->pkcs11_provider); |
dump_cfg_string(oPKCS11Provider, o->pkcs11_provider); |
| #endif |
#endif |
![[BACK]](/icons/back.gif){kind=icon}
Return to readconf.c CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / src / usr.bin / ssh