=================================================================== RCS file: /cvsrepo/anoncvs/cvs/src/usr.bin/ssh/readconf.c,v retrieving revision 1.95 retrieving revision 1.95.2.2 diff -u -r1.95 -r1.95.2.2 --- src/usr.bin/ssh/readconf.c 2002/02/04 12:15:25 1.95 +++ src/usr.bin/ssh/readconf.c 2003/04/03 22:35:17 1.95.2.2 @@ -12,7 +12,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: readconf.c,v 1.95 2002/02/04 12:15:25 markus Exp $"); +RCSID("$OpenBSD: readconf.c,v 1.95.2.2 2003/04/03 22:35:17 miod Exp $"); #include "ssh.h" #include "xmalloc.h" @@ -41,7 +41,7 @@ # that they are given in. Host *.ngs.fi ngs.fi - FallBackToRsh no + User foo Host fake.com HostName another.host.name.real.org @@ -65,7 +65,7 @@ ProxyCommand ssh-proxy %h %p Host *.fr - UseRsh yes + PublicKeyAuthentication no Host *.su Cipher none @@ -79,8 +79,6 @@ PasswordAuthentication yes RSAAuthentication yes RhostsRSAAuthentication yes - FallBackToRsh no - UseRsh no StrictHostKeyChecking yes KeepAlives no IdentityFile ~/.ssh/identity @@ -94,7 +92,7 @@ typedef enum { oBadOption, oForwardAgent, oForwardX11, oGatewayPorts, oRhostsAuthentication, - oPasswordAuthentication, oRSAAuthentication, oFallBackToRsh, oUseRsh, + oPasswordAuthentication, oRSAAuthentication, oChallengeResponseAuthentication, oXAuthLocation, #if defined(KRB4) || defined(KRB5) oKerberosAuthentication, @@ -115,7 +113,9 @@ oKbdInteractiveAuthentication, oKbdInteractiveDevices, oHostKeyAlias, oDynamicForward, oPreferredAuthentications, oHostbasedAuthentication, oHostKeyAlgorithms, oBindAddress, oSmartcardDevice, - oClearAllForwardings, oNoHostAuthenticationForLocalhost + oClearAllForwardings, oNoHostAuthenticationForLocalhost, + oEnableSSHKeysign, + oDeprecated } OpCodes; /* Textual representations of the tokens. */ @@ -150,8 +150,8 @@ #ifdef AFS { "afstokenpassing", oAFSTokenPassing }, #endif - { "fallbacktorsh", oFallBackToRsh }, - { "usersh", oUseRsh }, + { "fallbacktorsh", oDeprecated }, + { "usersh", oDeprecated }, { "identityfile", oIdentityFile }, { "identityfile2", oIdentityFile }, /* alias */ { "hostname", oHostName }, @@ -186,6 +186,7 @@ { "bindaddress", oBindAddress }, { "smartcarddevice", oSmartcardDevice }, { "clearallforwardings", oClearAllForwardings }, + { "enablesshkeysign", oEnableSSHKeysign }, { "nohostauthenticationforlocalhost", oNoHostAuthenticationForLocalhost }, { NULL, oBadOption } }; @@ -265,14 +266,16 @@ * Processes a single option line as used in the configuration files. This * only sets those values that have not already been set. */ +#define WHITESPACE " \t\r\n" int process_config_line(Options *options, const char *host, char *line, const char *filename, int linenum, int *activep) { - char buf[256], *s, *string, **charptr, *endofnumber, *keyword, *arg; + char buf[256], *s, **charptr, *endofnumber, *keyword, *arg; int opcode, *intptr, value; + size_t len; u_short fwd_port, fwd_host_port; char sfwd_host_port[6]; @@ -371,14 +374,6 @@ intptr = &options->afs_token_passing; goto parse_flag; #endif - case oFallBackToRsh: - intptr = &options->fallback_to_rsh; - goto parse_flag; - - case oUseRsh: - intptr = &options->use_rsh; - goto parse_flag; - case oBatchMode: intptr = &options->batch_mode; goto parse_flag; @@ -493,16 +488,9 @@ case oProxyCommand: charptr = &options->proxy_command; - string = xstrdup(""); - while ((arg = strdelim(&s)) != NULL && *arg != '\0') { - string = xrealloc(string, strlen(string) + strlen(arg) + 2); - strcat(string, " "); - strcat(string, arg); - } + len = strspn(s, WHITESPACE "="); if (*activep && *charptr == NULL) - *charptr = string; - else - xfree(string); + *charptr = xstrdup(s + len); return 0; case oPort: @@ -676,6 +664,15 @@ *intptr = value; break; + case oEnableSSHKeysign: + intptr = &options->enable_ssh_keysign; + goto parse_flag; + + case oDeprecated: + debug("%s line %d: Deprecated option \"%s\"", + filename, linenum, keyword); + return 0; + default: fatal("process_config_line: Unimplemented opcode %d", opcode); } @@ -763,8 +760,6 @@ options->kbd_interactive_devices = NULL; options->rhosts_rsa_authentication = -1; options->hostbased_authentication = -1; - options->fallback_to_rsh = -1; - options->use_rsh = -1; options->batch_mode = -1; options->check_host_ip = -1; options->strict_host_key_checking = -1; @@ -796,6 +791,7 @@ options->preferred_authentications = NULL; options->bind_address = NULL; options->smartcard_device = NULL; + options->enable_ssh_keysign = - 1; options->no_host_authentication_for_localhost = - 1; } @@ -820,7 +816,7 @@ if (options->use_privileged_port == -1) options->use_privileged_port = 0; if (options->rhosts_authentication == -1) - options->rhosts_authentication = 1; + options->rhosts_authentication = 0; if (options->rsa_authentication == -1) options->rsa_authentication = 1; if (options->pubkey_authentication == -1) @@ -844,13 +840,9 @@ if (options->kbd_interactive_authentication == -1) options->kbd_interactive_authentication = 1; if (options->rhosts_rsa_authentication == -1) - options->rhosts_rsa_authentication = 1; + options->rhosts_rsa_authentication = 0; if (options->hostbased_authentication == -1) options->hostbased_authentication = 0; - if (options->fallback_to_rsh == -1) - options->fallback_to_rsh = 0; - if (options->use_rsh == -1) - options->use_rsh = 0; if (options->batch_mode == -1) options->batch_mode = 0; if (options->check_host_ip == -1) @@ -915,6 +907,8 @@ clear_forwardings(options); if (options->no_host_authentication_for_localhost == - 1) options->no_host_authentication_for_localhost = 0; + if (options->enable_ssh_keysign == -1) + options->enable_ssh_keysign = 0; /* options->proxy_command should not be set by default */ /* options->user will be set in the main program if appropriate */ /* options->hostname will be set in the main program if appropriate */