version 1.212, 2010/09/30 11:04:51 |
version 1.213, 2010/11/13 23:27:50 |
|
|
#include <sys/socket.h> |
#include <sys/socket.h> |
#include <sys/queue.h> |
#include <sys/queue.h> |
|
|
|
#include <netinet/in.h> |
|
#include <netinet/in_systm.h> |
|
#include <netinet/ip.h> |
|
|
#include <netdb.h> |
#include <netdb.h> |
#include <pwd.h> |
#include <pwd.h> |
#include <stdio.h> |
#include <stdio.h> |
|
|
options->revoked_keys_file = NULL; |
options->revoked_keys_file = NULL; |
options->trusted_user_ca_keys = NULL; |
options->trusted_user_ca_keys = NULL; |
options->authorized_principals_file = NULL; |
options->authorized_principals_file = NULL; |
|
options->ip_qos_interactive = -1; |
|
options->ip_qos_bulk = -1; |
} |
} |
|
|
void |
void |
|
|
options->permit_tun = SSH_TUNMODE_NO; |
options->permit_tun = SSH_TUNMODE_NO; |
if (options->zero_knowledge_password_authentication == -1) |
if (options->zero_knowledge_password_authentication == -1) |
options->zero_knowledge_password_authentication = 0; |
options->zero_knowledge_password_authentication = 0; |
|
if (options->ip_qos_interactive == -1) |
|
options->ip_qos_interactive = IPTOS_LOWDELAY; |
|
if (options->ip_qos_bulk == -1) |
|
options->ip_qos_bulk = IPTOS_THROUGHPUT; |
|
|
/* Turn privilege separation on by default */ |
/* Turn privilege separation on by default */ |
if (use_privsep == -1) |
if (use_privsep == -1) |
|
|
sUsePrivilegeSeparation, sAllowAgentForwarding, |
sUsePrivilegeSeparation, sAllowAgentForwarding, |
sZeroKnowledgePasswordAuthentication, sHostCertificate, |
sZeroKnowledgePasswordAuthentication, sHostCertificate, |
sRevokedKeys, sTrustedUserCAKeys, sAuthorizedPrincipalsFile, |
sRevokedKeys, sTrustedUserCAKeys, sAuthorizedPrincipalsFile, |
sKexAlgorithms, |
sKexAlgorithms, sIPQoS, |
sDeprecated, sUnsupported |
sDeprecated, sUnsupported |
} ServerOpCodes; |
} ServerOpCodes; |
|
|
|
|
{ "trustedusercakeys", sTrustedUserCAKeys, SSHCFG_ALL }, |
{ "trustedusercakeys", sTrustedUserCAKeys, SSHCFG_ALL }, |
{ "authorizedprincipalsfile", sAuthorizedPrincipalsFile, SSHCFG_ALL }, |
{ "authorizedprincipalsfile", sAuthorizedPrincipalsFile, SSHCFG_ALL }, |
{ "kexalgorithms", sKexAlgorithms, SSHCFG_GLOBAL }, |
{ "kexalgorithms", sKexAlgorithms, SSHCFG_GLOBAL }, |
|
{ "ipqos", sIPQoS, SSHCFG_ALL }, |
{ NULL, sBadOption, 0 } |
{ NULL, sBadOption, 0 } |
}; |
}; |
|
|
|
|
const char *host, const char *address) |
const char *host, const char *address) |
{ |
{ |
char *cp, **charptr, *arg, *p; |
char *cp, **charptr, *arg, *p; |
int cmdline = 0, *intptr, value, n; |
int cmdline = 0, *intptr, value, value2, n; |
SyslogFacility *log_facility_ptr; |
SyslogFacility *log_facility_ptr; |
LogLevel *log_level_ptr; |
LogLevel *log_level_ptr; |
ServerOpCodes opcode; |
ServerOpCodes opcode; |
|
|
charptr = &options->revoked_keys_file; |
charptr = &options->revoked_keys_file; |
goto parse_filename; |
goto parse_filename; |
|
|
|
case sIPQoS: |
|
arg = strdelim(&cp); |
|
if ((value = parse_ipqos(arg)) == -1) |
|
fatal("%s line %d: Bad IPQoS value: %s", |
|
filename, linenum, arg); |
|
arg = strdelim(&cp); |
|
if (arg == NULL) |
|
value2 = value; |
|
else if ((value2 = parse_ipqos(arg)) == -1) |
|
fatal("%s line %d: Bad IPQoS value: %s", |
|
filename, linenum, arg); |
|
if (*activep) { |
|
options->ip_qos_interactive = value; |
|
options->ip_qos_bulk = value2; |
|
} |
|
break; |
|
|
case sDeprecated: |
case sDeprecated: |
logit("%s line %d: Deprecated option %s", |
logit("%s line %d: Deprecated option %s", |
filename, linenum, arg); |
filename, linenum, arg); |
|
|
M_CP_INTOPT(x11_use_localhost); |
M_CP_INTOPT(x11_use_localhost); |
M_CP_INTOPT(max_sessions); |
M_CP_INTOPT(max_sessions); |
M_CP_INTOPT(max_authtries); |
M_CP_INTOPT(max_authtries); |
|
M_CP_INTOPT(ip_qos_interactive); |
|
M_CP_INTOPT(ip_qos_bulk); |
|
|
M_CP_STROPT(banner); |
M_CP_STROPT(banner); |
if (preauth) |
if (preauth) |
|
|
break; |
break; |
} |
} |
dump_cfg_string(sPermitTunnel, s); |
dump_cfg_string(sPermitTunnel, s); |
|
|
|
printf("ipqos 0x%02x 0x%02x\n", o->ip_qos_interactive, o->ip_qos_bulk); |
|
|
channel_print_adm_permitted_opens(); |
channel_print_adm_permitted_opens(); |
} |
} |