===================================================================
RCS file: /cvsrepo/anoncvs/cvs/src/usr.bin/ssh/readconf.c,v
retrieving revision 1.121.2.2
retrieving revision 1.122
diff -u -r1.121.2.2 -r1.122
--- src/usr.bin/ssh/readconf.c	2004/08/19 22:37:31	1.121.2.2
+++ src/usr.bin/ssh/readconf.c	2003/10/08 15:21:24	1.122
@@ -12,7 +12,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: readconf.c,v 1.121.2.2 2004/08/19 22:37:31 brad Exp $");
+RCSID("$OpenBSD: readconf.c,v 1.122 2003/10/08 15:21:24 markus Exp $");
 
 #include "ssh.h"
 #include "xmalloc.h"
@@ -78,7 +78,7 @@
      RSAAuthentication yes
      RhostsRSAAuthentication yes
      StrictHostKeyChecking yes
-     TcpKeepAlive no
+     KeepAlives no
      IdentityFile ~/.ssh/identity
      Port 22
      EscapeChar ~
@@ -89,14 +89,14 @@
 
 typedef enum {
 	oBadOption,
-	oForwardAgent, oForwardX11, oForwardX11Trusted, oGatewayPorts,
+	oForwardAgent, oForwardX11, oGatewayPorts,
 	oPasswordAuthentication, oRSAAuthentication,
 	oChallengeResponseAuthentication, oXAuthLocation,
 	oIdentityFile, oHostName, oPort, oCipher, oRemoteForward, oLocalForward,
 	oUser, oHost, oEscapeChar, oRhostsRSAAuthentication, oProxyCommand,
 	oGlobalKnownHostsFile, oUserKnownHostsFile, oConnectionAttempts,
 	oBatchMode, oCheckHostIP, oStrictHostKeyChecking, oCompression,
-	oCompressionLevel, oTCPKeepAlive, oNumberOfPasswordPrompts,
+	oCompressionLevel, oKeepAlives, oNumberOfPasswordPrompts,
 	oUsePrivilegedPort, oLogLevel, oCiphers, oProtocol, oMacs,
 	oGlobalKnownHostsFile2, oUserKnownHostsFile2, oPubkeyAuthentication,
 	oKbdInteractiveAuthentication, oKbdInteractiveDevices, oHostKeyAlias,
@@ -105,8 +105,6 @@
 	oClearAllForwardings, oNoHostAuthenticationForLocalhost,
 	oEnableSSHKeysign, oRekeyLimit, oVerifyHostKeyDNS, oConnectTimeout,
 	oAddressFamily, oGssAuthentication, oGssDelegateCreds,
-	oServerAliveInterval, oServerAliveCountMax, oIdentitiesOnly,
-	oSendEnv, oControlPath, oControlMaster,
 	oDeprecated, oUnsupported
 } OpCodes;
 
@@ -118,7 +116,6 @@
 } keywords[] = {
 	{ "forwardagent", oForwardAgent },
 	{ "forwardx11", oForwardX11 },
-	{ "forwardx11trusted", oForwardX11Trusted },
 	{ "xauthlocation", oXAuthLocation },
 	{ "gatewayports", oGatewayPorts },
 	{ "useprivilegedport", oUsePrivilegedPort },
@@ -148,7 +145,6 @@
 	{ "usersh", oDeprecated },
 	{ "identityfile", oIdentityFile },
 	{ "identityfile2", oIdentityFile },			/* alias */
-	{ "identitiesonly", oIdentitiesOnly },
 	{ "hostname", oHostName },
 	{ "hostkeyalias", oHostKeyAlias },
 	{ "proxycommand", oProxyCommand },
@@ -172,8 +168,7 @@
 	{ "stricthostkeychecking", oStrictHostKeyChecking },
 	{ "compression", oCompression },
 	{ "compressionlevel", oCompressionLevel },
-	{ "tcpkeepalive", oTCPKeepAlive },
-	{ "keepalive", oTCPKeepAlive },				/* obsolete */
+	{ "keepalive", oKeepAlives },
 	{ "numberofpasswordprompts", oNumberOfPasswordPrompts },
 	{ "loglevel", oLogLevel },
 	{ "dynamicforward", oDynamicForward },
@@ -187,16 +182,15 @@
 #endif
 	{ "clearallforwardings", oClearAllForwardings },
 	{ "enablesshkeysign", oEnableSSHKeysign },
+#ifdef DNS
 	{ "verifyhostkeydns", oVerifyHostKeyDNS },
+#else
+	{ "verifyhostkeydns", oUnsupported },
+#endif
 	{ "nohostauthenticationforlocalhost", oNoHostAuthenticationForLocalhost },
 	{ "rekeylimit", oRekeyLimit },
 	{ "connecttimeout", oConnectTimeout },
 	{ "addressfamily", oAddressFamily },
-	{ "serveraliveinterval", oServerAliveInterval },
-	{ "serveralivecountmax", oServerAliveCountMax },
-	{ "sendenv", oSendEnv },
-	{ "controlpath", oControlPath },
-	{ "controlmaster", oControlMaster },
 	{ NULL, oBadOption }
 };
 
@@ -313,7 +307,7 @@
 		/* NOTREACHED */
 	case oConnectTimeout:
 		intptr = &options->connection_timeout;
-parse_time:
+/* parse_time: */
 		arg = strdelim(&s);
 		if (!arg || *arg == '\0')
 			fatal("%s line %d: missing time value.",
@@ -346,10 +340,6 @@
 		intptr = &options->forward_x11;
 		goto parse_flag;
 
-	case oForwardX11Trusted:
-		intptr = &options->forward_x11_trusted;
-		goto parse_flag;
-
 	case oGatewayPorts:
 		intptr = &options->gateway_ports;
 		goto parse_flag;
@@ -408,11 +398,10 @@
 
 	case oVerifyHostKeyDNS:
 		intptr = &options->verify_host_key_dns;
-		goto parse_yesnoask;
+		goto parse_flag;
 
 	case oStrictHostKeyChecking:
 		intptr = &options->strict_host_key_checking;
-parse_yesnoask:
 		arg = strdelim(&s);
 		if (!arg || *arg == '\0')
 			fatal("%.200s line %d: Missing yes/no/ask argument.",
@@ -434,8 +423,8 @@
 		intptr = &options->compression;
 		goto parse_flag;
 
-	case oTCPKeepAlive:
-		intptr = &options->tcp_keep_alive;
+	case oKeepAlives:
+		intptr = &options->keepalives;
 		goto parse_flag;
 
 	case oNoHostAuthenticationForLocalhost:
@@ -739,39 +728,6 @@
 		intptr = &options->enable_ssh_keysign;
 		goto parse_flag;
 
-	case oIdentitiesOnly:
-		intptr = &options->identities_only;
-		goto parse_flag;
-
-	case oServerAliveInterval:
-		intptr = &options->server_alive_interval;
-		goto parse_time;
-
-	case oServerAliveCountMax:
-		intptr = &options->server_alive_count_max;
-		goto parse_int;
-
-	case oSendEnv:
-		while ((arg = strdelim(&s)) != NULL && *arg != '\0') {
-			if (strchr(arg, '=') != NULL)
-				fatal("%s line %d: Invalid environment name.",
-				    filename, linenum);
-			if (options->num_send_env >= MAX_SEND_ENV)
-				fatal("%s line %d: too many send env.",
-				    filename, linenum);
-			options->send_env[options->num_send_env++] =
-			    xstrdup(arg);
-		}
-		break;
-
-	case oControlPath:
-		charptr = &options->control_path;
-		goto parse_string;
-
-	case oControlMaster:
-		intptr = &options->control_master;
-		goto parse_yesnoask;
-
 	case oDeprecated:
 		debug("%s line %d: Deprecated option \"%s\"",
 		    filename, linenum, keyword);
@@ -802,8 +758,7 @@
  */
 
 int
-read_config_file(const char *filename, const char *host, Options *options,
-    int checkperm)
+read_config_file(const char *filename, const char *host, Options *options)
 {
 	FILE *f;
 	char line[1024];
@@ -811,19 +766,10 @@
 	int bad_options = 0;
 
 	/* Open the file. */
-	if ((f = fopen(filename, "r")) == NULL)
+	f = fopen(filename, "r");
+	if (!f)
 		return 0;
 
-	if (checkperm) {
-		struct stat sb;
-
-		if (fstat(fileno(f), &sb) == -1)
-			fatal("fstat %s: %s", filename, strerror(errno));
-		if (((sb.st_uid != 0 && sb.st_uid != getuid()) ||
-		    (sb.st_mode & 022) != 0))
-			fatal("Bad owner or permissions on %s", filename);
-	}
-
 	debug("Reading configuration data %.200s", filename);
 
 	/*
@@ -858,7 +804,6 @@
 	memset(options, 'X', sizeof(*options));
 	options->forward_agent = -1;
 	options->forward_x11 = -1;
-	options->forward_x11_trusted = -1;
 	options->xauth_location = NULL;
 	options->gateway_ports = -1;
 	options->use_privileged_port = -1;
@@ -876,7 +821,7 @@
 	options->check_host_ip = -1;
 	options->strict_host_key_checking = -1;
 	options->compression = -1;
-	options->tcp_keep_alive = -1;
+	options->keepalives = -1;
 	options->compression_level = -1;
 	options->port = -1;
 	options->address_family = -1;
@@ -907,14 +852,8 @@
 	options->smartcard_device = NULL;
 	options->enable_ssh_keysign = - 1;
 	options->no_host_authentication_for_localhost = - 1;
-	options->identities_only = - 1;
 	options->rekey_limit = - 1;
 	options->verify_host_key_dns = -1;
-	options->server_alive_interval = -1;
-	options->server_alive_count_max = -1;
-	options->num_send_env = 0;
-	options->control_path = NULL;
-	options->control_master = -1;
 }
 
 /*
@@ -931,8 +870,6 @@
 		options->forward_agent = 0;
 	if (options->forward_x11 == -1)
 		options->forward_x11 = 0;
-	if (options->forward_x11_trusted == -1)
-		options->forward_x11_trusted = 0;
 	if (options->xauth_location == NULL)
 		options->xauth_location = _PATH_XAUTH;
 	if (options->gateway_ports == -1)
@@ -965,8 +902,8 @@
 		options->strict_host_key_checking = 2;	/* 2 is default */
 	if (options->compression == -1)
 		options->compression = 0;
-	if (options->tcp_keep_alive == -1)
-		options->tcp_keep_alive = 1;
+	if (options->keepalives == -1)
+		options->keepalives = 1;
 	if (options->compression_level == -1)
 		options->compression_level = 6;
 	if (options->port == -1)
@@ -1023,20 +960,12 @@
 		clear_forwardings(options);
 	if (options->no_host_authentication_for_localhost == - 1)
 		options->no_host_authentication_for_localhost = 0;
-	if (options->identities_only == -1)
-		options->identities_only = 0;
 	if (options->enable_ssh_keysign == -1)
 		options->enable_ssh_keysign = 0;
 	if (options->rekey_limit == -1)
 		options->rekey_limit = 0;
 	if (options->verify_host_key_dns == -1)
 		options->verify_host_key_dns = 0;
-	if (options->server_alive_interval == -1)
-		options->server_alive_interval = 0;
-	if (options->server_alive_count_max == -1)
-		options->server_alive_count_max = 3;
-	if (options->control_master == -1)
-		options->control_master = 0;
 	/* options->proxy_command should not be set by default */
 	/* options->user will be set in the main program if appropriate */
 	/* options->hostname will be set in the main program if appropriate */