version 1.122, 2003/06/02 09:17:34 |
version 1.123, 2003/07/22 13:35:22 |
|
|
#include "includes.h" |
#include "includes.h" |
RCSID("$OpenBSD$"); |
RCSID("$OpenBSD$"); |
|
|
#if defined(KRB4) |
|
#include <krb.h> |
|
#endif |
|
#ifdef AFS |
|
#include <kafs.h> |
|
#endif |
|
|
|
#include "ssh.h" |
#include "ssh.h" |
#include "log.h" |
#include "log.h" |
#include "servconf.h" |
#include "servconf.h" |
|
|
options->kerberos_or_local_passwd = -1; |
options->kerberos_or_local_passwd = -1; |
options->kerberos_ticket_cleanup = -1; |
options->kerberos_ticket_cleanup = -1; |
options->kerberos_tgt_passing = -1; |
options->kerberos_tgt_passing = -1; |
options->afs_token_passing = -1; |
|
options->password_authentication = -1; |
options->password_authentication = -1; |
options->kbd_interactive_authentication = -1; |
options->kbd_interactive_authentication = -1; |
options->challenge_response_authentication = -1; |
options->challenge_response_authentication = -1; |
|
|
options->kerberos_ticket_cleanup = 1; |
options->kerberos_ticket_cleanup = 1; |
if (options->kerberos_tgt_passing == -1) |
if (options->kerberos_tgt_passing == -1) |
options->kerberos_tgt_passing = 0; |
options->kerberos_tgt_passing = 0; |
if (options->afs_token_passing == -1) |
|
options->afs_token_passing = 0; |
|
if (options->password_authentication == -1) |
if (options->password_authentication == -1) |
options->password_authentication = 1; |
options->password_authentication = 1; |
if (options->kbd_interactive_authentication == -1) |
if (options->kbd_interactive_authentication == -1) |
|
|
sPermitRootLogin, sLogFacility, sLogLevel, |
sPermitRootLogin, sLogFacility, sLogLevel, |
sRhostsAuthentication, sRhostsRSAAuthentication, sRSAAuthentication, |
sRhostsAuthentication, sRhostsRSAAuthentication, sRSAAuthentication, |
sKerberosAuthentication, sKerberosOrLocalPasswd, sKerberosTicketCleanup, |
sKerberosAuthentication, sKerberosOrLocalPasswd, sKerberosTicketCleanup, |
sKerberosTgtPassing, sAFSTokenPassing, sChallengeResponseAuthentication, |
sKerberosTgtPassing, sChallengeResponseAuthentication, |
sPasswordAuthentication, sKbdInteractiveAuthentication, sListenAddress, |
sPasswordAuthentication, sKbdInteractiveAuthentication, sListenAddress, |
sPrintMotd, sPrintLastLog, sIgnoreRhosts, |
sPrintMotd, sPrintLastLog, sIgnoreRhosts, |
sX11Forwarding, sX11DisplayOffset, sX11UseLocalhost, |
sX11Forwarding, sX11DisplayOffset, sX11UseLocalhost, |
|
|
{ "rsaauthentication", sRSAAuthentication }, |
{ "rsaauthentication", sRSAAuthentication }, |
{ "pubkeyauthentication", sPubkeyAuthentication }, |
{ "pubkeyauthentication", sPubkeyAuthentication }, |
{ "dsaauthentication", sPubkeyAuthentication }, /* alias */ |
{ "dsaauthentication", sPubkeyAuthentication }, /* alias */ |
#if defined(KRB4) || defined(KRB5) |
#ifdef KRB5 |
{ "kerberosauthentication", sKerberosAuthentication }, |
{ "kerberosauthentication", sKerberosAuthentication }, |
{ "kerberosorlocalpasswd", sKerberosOrLocalPasswd }, |
{ "kerberosorlocalpasswd", sKerberosOrLocalPasswd }, |
{ "kerberosticketcleanup", sKerberosTicketCleanup }, |
{ "kerberosticketcleanup", sKerberosTicketCleanup }, |
|
|
{ "kerberosticketcleanup", sUnsupported }, |
{ "kerberosticketcleanup", sUnsupported }, |
{ "kerberostgtpassing", sUnsupported }, |
{ "kerberostgtpassing", sUnsupported }, |
#endif |
#endif |
#if defined(AFS) |
|
{ "afstokenpassing", sAFSTokenPassing }, |
|
#else |
|
{ "afstokenpassing", sUnsupported }, |
{ "afstokenpassing", sUnsupported }, |
#endif |
|
{ "passwordauthentication", sPasswordAuthentication }, |
{ "passwordauthentication", sPasswordAuthentication }, |
{ "kbdinteractiveauthentication", sKbdInteractiveAuthentication }, |
{ "kbdinteractiveauthentication", sKbdInteractiveAuthentication }, |
{ "challengeresponseauthentication", sChallengeResponseAuthentication }, |
{ "challengeresponseauthentication", sChallengeResponseAuthentication }, |
|
|
|
|
case sKerberosTgtPassing: |
case sKerberosTgtPassing: |
intptr = &options->kerberos_tgt_passing; |
intptr = &options->kerberos_tgt_passing; |
goto parse_flag; |
|
|
|
case sAFSTokenPassing: |
|
intptr = &options->afs_token_passing; |
|
goto parse_flag; |
goto parse_flag; |
|
|
case sPasswordAuthentication: |
case sPasswordAuthentication: |