src/usr.bin/ssh/servconf.c - diff

Return to servconf.c CVS log

Up to [local] / src / usr.bin / ssh

Diff for /src/usr.bin/ssh/servconf.c between version 1.116 and 1.116.2.2

version 1.116, 2003/02/21 09:05:53

version 1.116.2.2, 2004/03/04 18:18:16

Line 12

#include "includes.h"

RCSID("$OpenBSD$");

#if defined(KRB4) || defined(KRB5)

#include <krb.h>

#endif

#ifdef AFS

#include <kafs.h>

#endif

#include "ssh.h"

#include "log.h"

#include "servconf.h"

Line 63

Line 56

options->x11_use_localhost = -1;

options->xauth_location = NULL;

options->strict_modes = -1;

options->keepalives = -1;

options->tcp_keep_alive = -1;

options->log_facility = SYSLOG_FACILITY_NOT_SET;

options->log_level = SYSLOG_LEVEL_NOT_SET;

options->rhosts_authentication = -1;

options->rhosts_rsa_authentication = -1;

options->hostbased_authentication = -1;

options->hostbased_uses_name_from_packet_only = -1;

options->rsa_authentication = -1;

options->pubkey_authentication = -1;

#if defined(KRB4) || defined(KRB5)

options->kerberos_authentication = -1;

options->kerberos_or_local_passwd = -1;

options->kerberos_ticket_cleanup = -1;

#endif

options->kerberos_get_afs_token = -1;

#if defined(AFS) || defined(KRB5)

options->gss_authentication=-1;

options->kerberos_tgt_passing = -1;

options->gss_cleanup_creds = -1;

#endif

#ifdef AFS

options->afs_token_passing = -1;

#endif

options->password_authentication = -1;

options->kbd_interactive_authentication = -1;

options->challenge_response_authentication = -1;

Line 104

Line 91

options->max_startups_rate = -1;

options->max_startups = -1;

options->banner = NULL;

options->verify_reverse_mapping = -1;

options->use_dns = -1;

options->client_alive_interval = -1;

options->client_alive_count_max = -1;

options->authorized_keys_file = NULL;

Line 163

Line 150

options->xauth_location = _PATH_XAUTH;

if (options->strict_modes == -1)

options->strict_modes = 1;

if (options->keepalives == -1)

if (options->tcp_keep_alive == -1)

options->keepalives = 1;

options->tcp_keep_alive = 1;

if (options->log_facility == SYSLOG_FACILITY_NOT_SET)

options->log_facility = SYSLOG_FACILITY_AUTH;

if (options->log_level == SYSLOG_LEVEL_NOT_SET)

options->log_level = SYSLOG_LEVEL_INFO;

if (options->rhosts_authentication == -1)

options->rhosts_authentication = 0;

if (options->rhosts_rsa_authentication == -1)

options->rhosts_rsa_authentication = 0;

if (options->hostbased_authentication == -1)

Line 181

Line 166

options->rsa_authentication = 1;

if (options->pubkey_authentication == -1)

options->pubkey_authentication = 1;

#if defined(KRB4) || defined(KRB5)

if (options->kerberos_authentication == -1)

options->kerberos_authentication = 0;

if (options->kerberos_or_local_passwd == -1)

options->kerberos_or_local_passwd = 1;

if (options->kerberos_ticket_cleanup == -1)

options->kerberos_ticket_cleanup = 1;

#endif

if (options->kerberos_get_afs_token == -1)

#if defined(AFS) || defined(KRB5)

options->kerberos_get_afs_token = 0;

if (options->kerberos_tgt_passing == -1)

if (options->gss_authentication == -1)

options->kerberos_tgt_passing = 0;

options->gss_authentication = 0;

#endif

if (options->gss_cleanup_creds == -1)

#ifdef AFS

options->gss_cleanup_creds = 1;

if (options->afs_token_passing == -1)

options->afs_token_passing = 0;

#endif

if (options->password_authentication == -1)

options->password_authentication = 1;

if (options->kbd_interactive_authentication == -1)

Line 221

Line 202

options->max_startups_rate = 100; /* 100% */

if (options->max_startups_begin == -1)

options->max_startups_begin = options->max_startups;

if (options->verify_reverse_mapping == -1)

if (options->use_dns == -1)

options->verify_reverse_mapping = 0;

options->use_dns = 1;

if (options->client_alive_interval == -1)

options->client_alive_interval = 0;

if (options->client_alive_count_max == -1)

Line 247

Line 228

sBadOption, /* == unknown option */

sPort, sHostKeyFile, sServerKeyBits, sLoginGraceTime, sKeyRegenerationTime,

sPermitRootLogin, sLogFacility, sLogLevel,

sRhostsAuthentication, sRhostsRSAAuthentication, sRSAAuthentication,

sRhostsRSAAuthentication, sRSAAuthentication,

#if defined(KRB4) || defined(KRB5)

sKerberosAuthentication, sKerberosOrLocalPasswd, sKerberosTicketCleanup,

#endif

sKerberosGetAFSToken,

#if defined(AFS) || defined(KRB5)

sKerberosTgtPassing, sChallengeResponseAuthentication,

sKerberosTgtPassing,

#endif

#ifdef AFS

sAFSTokenPassing,

#endif

sChallengeResponseAuthentication,

sPasswordAuthentication, sKbdInteractiveAuthentication, sListenAddress,

sPrintMotd, sPrintLastLog, sIgnoreRhosts,

sX11Forwarding, sX11DisplayOffset, sX11UseLocalhost,

sStrictModes, sEmptyPasswd, sKeepAlives,

sStrictModes, sEmptyPasswd, sTCPKeepAlive,

sPermitUserEnvironment, sUseLogin, sAllowTcpForwarding, sCompression,

sAllowUsers, sDenyUsers, sAllowGroups, sDenyGroups,

sIgnoreUserKnownHosts, sCiphers, sMacs, sProtocol, sPidFile,

sGatewayPorts, sPubkeyAuthentication, sXAuthLocation, sSubsystem, sMaxStartups,

sBanner, sVerifyReverseMapping, sHostbasedAuthentication,

sBanner, sUseDNS, sHostbasedAuthentication,

sHostbasedUsesNameFromPacketOnly, sClientAliveInterval,

sClientAliveCountMax, sAuthorizedKeysFile, sAuthorizedKeysFile2,

sGssAuthentication, sGssCleanupCreds,

sUsePrivilegeSeparation,

sDeprecated

sDeprecated, sUnsupported

} ServerOpCodes;

/* Textual representation of the tokens. */

Line 288

Line 263

{ "permitrootlogin", sPermitRootLogin },

{ "syslogfacility", sLogFacility },

{ "loglevel", sLogLevel },

{ "rhostsauthentication", sRhostsAuthentication },

{ "rhostsauthentication", sDeprecated },

{ "rhostsrsaauthentication", sRhostsRSAAuthentication },

{ "hostbasedauthentication", sHostbasedAuthentication },

{ "hostbasedusesnamefrompacketonly", sHostbasedUsesNameFromPacketOnly },

{ "rsaauthentication", sRSAAuthentication },

{ "pubkeyauthentication", sPubkeyAuthentication },

{ "dsaauthentication", sPubkeyAuthentication }, /* alias */

#if defined(KRB4) || defined(KRB5)

#ifdef KRB5

{ "kerberosauthentication", sKerberosAuthentication },

{ "kerberosorlocalpasswd", sKerberosOrLocalPasswd },

{ "kerberosticketcleanup", sKerberosTicketCleanup },

{ "kerberosgetafstoken", sKerberosGetAFSToken },

#else

{ "kerberosauthentication", sUnsupported },

{ "kerberosorlocalpasswd", sUnsupported },

{ "kerberosticketcleanup", sUnsupported },

{ "kerberosgetafstoken", sUnsupported },

#endif

#if defined(AFS) || defined(KRB5)

{ "kerberostgtpassing", sUnsupported },

{ "kerberostgtpassing", sKerberosTgtPassing },

{ "afstokenpassing", sUnsupported },

#ifdef GSSAPI

{ "gssapiauthentication", sGssAuthentication },

{ "gssapicleanupcredentials", sGssCleanupCreds },

#else

{ "gssapiauthentication", sUnsupported },

{ "gssapicleanupcredentials", sUnsupported },

#endif

#ifdef AFS

{ "afstokenpassing", sAFSTokenPassing },

#endif

{ "passwordauthentication", sPasswordAuthentication },

{ "kbdinteractiveauthentication", sKbdInteractiveAuthentication },

{ "challengeresponseauthentication", sChallengeResponseAuthentication },

Line 325

Line 309

{ "permituserenvironment", sPermitUserEnvironment },

{ "uselogin", sUseLogin },

{ "compression", sCompression },

{ "keepalive", sKeepAlives },

{ "tcpkeepalive", sTCPKeepAlive },

{ "keepalive", sTCPKeepAlive }, /* obsolete alias */

{ "allowtcpforwarding", sAllowTcpForwarding },

{ "allowusers", sAllowUsers },

{ "denyusers", sDenyUsers },

Line 338

Line 323

{ "subsystem", sSubsystem },

{ "maxstartups", sMaxStartups },

{ "banner", sBanner },

{ "verifyreversemapping", sVerifyReverseMapping },

{ "usedns", sUseDNS },

{ "reversemappingcheck", sVerifyReverseMapping },

{ "verifyreversemapping", sDeprecated },

{ "reversemappingcheck", sDeprecated },

{ "clientaliveinterval", sClientAliveInterval },

{ "clientalivecountmax", sClientAliveCountMax },

{ "authorizedkeysfile", sAuthorizedKeysFile },

Line 581

Line 567

intptr = &options->ignore_user_known_hosts;

goto parse_flag;

case sRhostsAuthentication:

intptr = &options->rhosts_authentication;

goto parse_flag;

case sRhostsRSAAuthentication:

intptr = &options->rhosts_rsa_authentication;

goto parse_flag;

Line 604

Line 586

case sPubkeyAuthentication:

intptr = &options->pubkey_authentication;

goto parse_flag;

#if defined(KRB4) || defined(KRB5)

case sKerberosAuthentication:

intptr = &options->kerberos_authentication;

goto parse_flag;

Line 616

Line 598

case sKerberosTicketCleanup:

intptr = &options->kerberos_ticket_cleanup;

goto parse_flag;

#endif

#if defined(AFS) || defined(KRB5)

case sKerberosGetAFSToken:

case sKerberosTgtPassing:

intptr = &options->kerberos_get_afs_token;

intptr = &options->kerberos_tgt_passing;

goto parse_flag;

#endif

#ifdef AFS

case sGssAuthentication:

case sAFSTokenPassing:

intptr = &options->gss_authentication;

intptr = &options->afs_token_passing;

goto parse_flag;

#endif

case sGssCleanupCreds:

intptr = &options->gss_cleanup_creds;

goto parse_flag;

case sPasswordAuthentication:

intptr = &options->password_authentication;

goto parse_flag;

Line 668

Line 651

intptr = &options->strict_modes;

goto parse_flag;

case sKeepAlives:

case sTCPKeepAlive:

intptr = &options->keepalives;

intptr = &options->tcp_keep_alive;

goto parse_flag;

case sEmptyPasswd:

Line 692

Line 675

intptr = &options->gateway_ports;

goto parse_flag;

case sVerifyReverseMapping:

case sUseDNS:

intptr = &options->verify_reverse_mapping;

intptr = &options->use_dns;

goto parse_flag;

case sLogFacility:

Line 869

Line 852

goto parse_int;

case sDeprecated:

log("%s line %d: Deprecated option %s",

logit("%s line %d: Deprecated option %s",

filename, linenum, arg);

while (arg)

arg = strdelim(&cp);

break;

case sUnsupported:

logit("%s line %d: Unsupported option %s",

filename, linenum, arg);

while (arg)

arg = strdelim(&cp);