src/usr.bin/ssh/servconf.c - diff

Return to servconf.c CVS log

Up to [local] / src / usr.bin / ssh

Diff for /src/usr.bin/ssh/servconf.c between version 1.116.2.2 and 1.117

version 1.116.2.2, 2004/03/04 18:18:16

version 1.117, 2003/04/08 20:21:29

Line 12

#include "includes.h"

RCSID("$OpenBSD$");

#if defined(KRB4) || defined(KRB5)

#include <krb.h>

#endif

#ifdef AFS

#include <kafs.h>

#endif

#include "ssh.h"

#include "log.h"

#include "servconf.h"

Line 56

Line 63

options->x11_use_localhost = -1;

options->xauth_location = NULL;

options->strict_modes = -1;

options->tcp_keep_alive = -1;

options->keepalives = -1;

options->log_facility = SYSLOG_FACILITY_NOT_SET;

options->log_level = SYSLOG_LEVEL_NOT_SET;

options->rhosts_authentication = -1;

options->rhosts_rsa_authentication = -1;

options->hostbased_authentication = -1;

options->hostbased_uses_name_from_packet_only = -1;

options->rsa_authentication = -1;

options->pubkey_authentication = -1;

#if defined(KRB4) || defined(KRB5)

options->kerberos_authentication = -1;

options->kerberos_or_local_passwd = -1;

options->kerberos_ticket_cleanup = -1;

options->kerberos_get_afs_token = -1;

#endif

options->gss_authentication=-1;

#if defined(AFS) || defined(KRB5)

options->gss_cleanup_creds = -1;

options->kerberos_tgt_passing = -1;

#endif

#ifdef AFS

options->afs_token_passing = -1;

#endif

options->password_authentication = -1;

options->kbd_interactive_authentication = -1;

options->challenge_response_authentication = -1;

Line 91

Line 104

options->max_startups_rate = -1;

options->max_startups = -1;

options->banner = NULL;

options->use_dns = -1;

options->verify_reverse_mapping = -1;

options->client_alive_interval = -1;

options->client_alive_count_max = -1;

options->authorized_keys_file = NULL;

Line 150

Line 163

options->xauth_location = _PATH_XAUTH;

if (options->strict_modes == -1)

options->strict_modes = 1;

if (options->tcp_keep_alive == -1)

if (options->keepalives == -1)

options->tcp_keep_alive = 1;

options->keepalives = 1;

if (options->log_facility == SYSLOG_FACILITY_NOT_SET)

options->log_facility = SYSLOG_FACILITY_AUTH;

if (options->log_level == SYSLOG_LEVEL_NOT_SET)

options->log_level = SYSLOG_LEVEL_INFO;

if (options->rhosts_authentication == -1)

options->rhosts_authentication = 0;

if (options->rhosts_rsa_authentication == -1)

options->rhosts_rsa_authentication = 0;

if (options->hostbased_authentication == -1)

Line 166

Line 181

options->rsa_authentication = 1;

if (options->pubkey_authentication == -1)

options->pubkey_authentication = 1;

#if defined(KRB4) || defined(KRB5)

if (options->kerberos_authentication == -1)

options->kerberos_authentication = 0;

if (options->kerberos_or_local_passwd == -1)

options->kerberos_or_local_passwd = 1;

if (options->kerberos_ticket_cleanup == -1)

options->kerberos_ticket_cleanup = 1;

if (options->kerberos_get_afs_token == -1)

#endif

options->kerberos_get_afs_token = 0;

#if defined(AFS) || defined(KRB5)

if (options->gss_authentication == -1)

if (options->kerberos_tgt_passing == -1)

options->gss_authentication = 0;

options->kerberos_tgt_passing = 0;

if (options->gss_cleanup_creds == -1)

#endif

options->gss_cleanup_creds = 1;

#ifdef AFS

if (options->afs_token_passing == -1)

options->afs_token_passing = 0;

#endif

if (options->password_authentication == -1)

options->password_authentication = 1;

if (options->kbd_interactive_authentication == -1)

Line 202

Line 221

options->max_startups_rate = 100; /* 100% */

if (options->max_startups_begin == -1)

options->max_startups_begin = options->max_startups;

if (options->use_dns == -1)

if (options->verify_reverse_mapping == -1)

options->use_dns = 1;

options->verify_reverse_mapping = 0;

if (options->client_alive_interval == -1)

options->client_alive_interval = 0;

if (options->client_alive_count_max == -1)

Line 228

Line 247

sBadOption, /* == unknown option */

sPort, sHostKeyFile, sServerKeyBits, sLoginGraceTime, sKeyRegenerationTime,

sPermitRootLogin, sLogFacility, sLogLevel,

sRhostsRSAAuthentication, sRSAAuthentication,

sRhostsAuthentication, sRhostsRSAAuthentication, sRSAAuthentication,

#if defined(KRB4) || defined(KRB5)

sKerberosAuthentication, sKerberosOrLocalPasswd, sKerberosTicketCleanup,

sKerberosGetAFSToken,

#endif

sKerberosTgtPassing, sChallengeResponseAuthentication,

#if defined(AFS) || defined(KRB5)

sKerberosTgtPassing,

#endif

#ifdef AFS

sAFSTokenPassing,

#endif

sChallengeResponseAuthentication,

sPasswordAuthentication, sKbdInteractiveAuthentication, sListenAddress,

sPrintMotd, sPrintLastLog, sIgnoreRhosts,

sX11Forwarding, sX11DisplayOffset, sX11UseLocalhost,

sStrictModes, sEmptyPasswd, sTCPKeepAlive,

sStrictModes, sEmptyPasswd, sKeepAlives,

sPermitUserEnvironment, sUseLogin, sAllowTcpForwarding, sCompression,

sAllowUsers, sDenyUsers, sAllowGroups, sDenyGroups,

sIgnoreUserKnownHosts, sCiphers, sMacs, sProtocol, sPidFile,

sGatewayPorts, sPubkeyAuthentication, sXAuthLocation, sSubsystem, sMaxStartups,

sBanner, sUseDNS, sHostbasedAuthentication,

sBanner, sVerifyReverseMapping, sHostbasedAuthentication,

sHostbasedUsesNameFromPacketOnly, sClientAliveInterval,

sClientAliveCountMax, sAuthorizedKeysFile, sAuthorizedKeysFile2,

sGssAuthentication, sGssCleanupCreds,

sUsePrivilegeSeparation,

sDeprecated, sUnsupported

sDeprecated

} ServerOpCodes;

/* Textual representation of the tokens. */

Line 263

Line 288

{ "permitrootlogin", sPermitRootLogin },

{ "syslogfacility", sLogFacility },

{ "loglevel", sLogLevel },

{ "rhostsauthentication", sDeprecated },

{ "rhostsauthentication", sRhostsAuthentication },

{ "rhostsrsaauthentication", sRhostsRSAAuthentication },

{ "hostbasedauthentication", sHostbasedAuthentication },

{ "hostbasedusesnamefrompacketonly", sHostbasedUsesNameFromPacketOnly },

{ "rsaauthentication", sRSAAuthentication },

{ "pubkeyauthentication", sPubkeyAuthentication },

{ "dsaauthentication", sPubkeyAuthentication }, /* alias */

#ifdef KRB5

#if defined(KRB4) || defined(KRB5)

{ "kerberosauthentication", sKerberosAuthentication },

{ "kerberosorlocalpasswd", sKerberosOrLocalPasswd },

{ "kerberosticketcleanup", sKerberosTicketCleanup },

{ "kerberosgetafstoken", sKerberosGetAFSToken },

#else

{ "kerberosauthentication", sUnsupported },

{ "kerberosorlocalpasswd", sUnsupported },

{ "kerberosticketcleanup", sUnsupported },

{ "kerberosgetafstoken", sUnsupported },

#endif

{ "kerberostgtpassing", sUnsupported },

#if defined(AFS) || defined(KRB5)

{ "afstokenpassing", sUnsupported },

{ "kerberostgtpassing", sKerberosTgtPassing },

#ifdef GSSAPI

{ "gssapiauthentication", sGssAuthentication },

{ "gssapicleanupcredentials", sGssCleanupCreds },

#else

{ "gssapiauthentication", sUnsupported },

{ "gssapicleanupcredentials", sUnsupported },

#endif

#ifdef AFS

{ "afstokenpassing", sAFSTokenPassing },

#endif

{ "passwordauthentication", sPasswordAuthentication },

{ "kbdinteractiveauthentication", sKbdInteractiveAuthentication },

{ "challengeresponseauthentication", sChallengeResponseAuthentication },

Line 309

Line 325

{ "permituserenvironment", sPermitUserEnvironment },

{ "uselogin", sUseLogin },

{ "compression", sCompression },

{ "tcpkeepalive", sTCPKeepAlive },

{ "keepalive", sKeepAlives },

{ "keepalive", sTCPKeepAlive }, /* obsolete alias */

{ "allowtcpforwarding", sAllowTcpForwarding },

{ "allowusers", sAllowUsers },

{ "denyusers", sDenyUsers },

Line 323

Line 338

{ "subsystem", sSubsystem },

{ "maxstartups", sMaxStartups },

{ "banner", sBanner },

{ "usedns", sUseDNS },

{ "verifyreversemapping", sVerifyReverseMapping },

{ "verifyreversemapping", sDeprecated },

{ "reversemappingcheck", sVerifyReverseMapping },

{ "reversemappingcheck", sDeprecated },

{ "clientaliveinterval", sClientAliveInterval },

{ "clientalivecountmax", sClientAliveCountMax },

{ "authorizedkeysfile", sAuthorizedKeysFile },

Line 567

Line 581

intptr = &options->ignore_user_known_hosts;

goto parse_flag;

case sRhostsAuthentication:

intptr = &options->rhosts_authentication;

goto parse_flag;

case sRhostsRSAAuthentication:

intptr = &options->rhosts_rsa_authentication;

goto parse_flag;

Line 586

Line 604

case sPubkeyAuthentication:

intptr = &options->pubkey_authentication;

goto parse_flag;

#if defined(KRB4) || defined(KRB5)

case sKerberosAuthentication:

intptr = &options->kerberos_authentication;

goto parse_flag;

Line 598

Line 616

case sKerberosTicketCleanup:

intptr = &options->kerberos_ticket_cleanup;

goto parse_flag;

#endif

case sKerberosGetAFSToken:

#if defined(AFS) || defined(KRB5)

intptr = &options->kerberos_get_afs_token;

case sKerberosTgtPassing:

intptr = &options->kerberos_tgt_passing;

goto parse_flag;

#endif

case sGssAuthentication:

#ifdef AFS

intptr = &options->gss_authentication;

case sAFSTokenPassing:

intptr = &options->afs_token_passing;

goto parse_flag;

#endif

case sGssCleanupCreds:

intptr = &options->gss_cleanup_creds;

goto parse_flag;

case sPasswordAuthentication:

intptr = &options->password_authentication;

goto parse_flag;

Line 651

Line 668

intptr = &options->strict_modes;

goto parse_flag;

case sTCPKeepAlive:

case sKeepAlives:

intptr = &options->tcp_keep_alive;

intptr = &options->keepalives;

goto parse_flag;

case sEmptyPasswd:

Line 675

Line 692

intptr = &options->gateway_ports;

goto parse_flag;

case sUseDNS:

case sVerifyReverseMapping:

intptr = &options->use_dns;

intptr = &options->verify_reverse_mapping;

goto parse_flag;

case sLogFacility:

Line 853

Line 870

case sDeprecated:

logit("%s line %d: Deprecated option %s",

filename, linenum, arg);

while (arg)

arg = strdelim(&cp);

break;

case sUnsupported:

logit("%s line %d: Unsupported option %s",

filename, linenum, arg);

while (arg)

arg = strdelim(&cp);