[BACK]Return to servconf.c CVS log [TXT][DIR] Up to [local] / src / usr.bin / ssh

Diff for /src/usr.bin/ssh/servconf.c between version 1.250 and 1.251

version 1.250, 2014/07/03 22:40:43 version 1.251, 2014/07/15 15:54:14
Line 35 
Line 35 
 #include "ssh.h"  #include "ssh.h"
 #include "log.h"  #include "log.h"
 #include "buffer.h"  #include "buffer.h"
   #include "misc.h"
 #include "servconf.h"  #include "servconf.h"
 #include "compat.h"  #include "compat.h"
 #include "pathnames.h"  #include "pathnames.h"
 #include "misc.h"  
 #include "cipher.h"  #include "cipher.h"
 #include "key.h"  #include "key.h"
 #include "kex.h"  #include "kex.h"
Line 111 
Line 111 
         options->rekey_limit = -1;          options->rekey_limit = -1;
         options->rekey_interval = -1;          options->rekey_interval = -1;
         options->allow_tcp_forwarding = -1;          options->allow_tcp_forwarding = -1;
           options->allow_streamlocal_forwarding = -1;
         options->allow_agent_forwarding = -1;          options->allow_agent_forwarding = -1;
         options->num_allow_users = 0;          options->num_allow_users = 0;
         options->num_deny_users = 0;          options->num_deny_users = 0;
Line 120 
Line 121 
         options->macs = NULL;          options->macs = NULL;
         options->kex_algorithms = NULL;          options->kex_algorithms = NULL;
         options->protocol = SSH_PROTO_UNKNOWN;          options->protocol = SSH_PROTO_UNKNOWN;
         options->gateway_ports = -1;          options->fwd_opts.gateway_ports = -1;
           options->fwd_opts.streamlocal_bind_mask = (mode_t)-1;
           options->fwd_opts.streamlocal_bind_unlink = -1;
         options->num_subsystems = 0;          options->num_subsystems = 0;
         options->max_startups_begin = -1;          options->max_startups_begin = -1;
         options->max_startups_rate = -1;          options->max_startups_rate = -1;
Line 253 
Line 256 
                 options->rekey_interval = 0;                  options->rekey_interval = 0;
         if (options->allow_tcp_forwarding == -1)          if (options->allow_tcp_forwarding == -1)
                 options->allow_tcp_forwarding = FORWARD_ALLOW;                  options->allow_tcp_forwarding = FORWARD_ALLOW;
           if (options->allow_streamlocal_forwarding == -1)
                   options->allow_streamlocal_forwarding = FORWARD_ALLOW;
         if (options->allow_agent_forwarding == -1)          if (options->allow_agent_forwarding == -1)
                 options->allow_agent_forwarding = 1;                  options->allow_agent_forwarding = 1;
         if (options->gateway_ports == -1)          if (options->fwd_opts.gateway_ports == -1)
                 options->gateway_ports = 0;                  options->fwd_opts.gateway_ports = 0;
         if (options->max_startups == -1)          if (options->max_startups == -1)
                 options->max_startups = 100;                  options->max_startups = 100;
         if (options->max_startups_rate == -1)          if (options->max_startups_rate == -1)
Line 287 
Line 292 
                 options->ip_qos_bulk = IPTOS_THROUGHPUT;                  options->ip_qos_bulk = IPTOS_THROUGHPUT;
         if (options->version_addendum == NULL)          if (options->version_addendum == NULL)
                 options->version_addendum = xstrdup("");                  options->version_addendum = xstrdup("");
           if (options->fwd_opts.streamlocal_bind_mask == (mode_t)-1)
                   options->fwd_opts.streamlocal_bind_mask = 0177;
           if (options->fwd_opts.streamlocal_bind_unlink == -1)
                   options->fwd_opts.streamlocal_bind_unlink = 0;
         /* Turn privilege separation on by default */          /* Turn privilege separation on by default */
         if (use_privsep == -1)          if (use_privsep == -1)
                 use_privsep = PRIVSEP_NOSANDBOX;                  use_privsep = PRIVSEP_NOSANDBOX;
Line 322 
Line 331 
         sKexAlgorithms, sIPQoS, sVersionAddendum,          sKexAlgorithms, sIPQoS, sVersionAddendum,
         sAuthorizedKeysCommand, sAuthorizedKeysCommandUser,          sAuthorizedKeysCommand, sAuthorizedKeysCommandUser,
         sAuthenticationMethods, sHostKeyAgent, sPermitUserRC,          sAuthenticationMethods, sHostKeyAgent, sPermitUserRC,
           sStreamLocalBindMask, sStreamLocalBindUnlink,
           sAllowStreamLocalForwarding,
         sDeprecated, sUnsupported          sDeprecated, sUnsupported
 } ServerOpCodes;  } ServerOpCodes;
   
Line 437 
Line 448 
         { "authorizedkeyscommanduser", sAuthorizedKeysCommandUser, SSHCFG_ALL },          { "authorizedkeyscommanduser", sAuthorizedKeysCommandUser, SSHCFG_ALL },
         { "versionaddendum", sVersionAddendum, SSHCFG_GLOBAL },          { "versionaddendum", sVersionAddendum, SSHCFG_GLOBAL },
         { "authenticationmethods", sAuthenticationMethods, SSHCFG_ALL },          { "authenticationmethods", sAuthenticationMethods, SSHCFG_ALL },
           { "streamlocalbindmask", sStreamLocalBindMask, SSHCFG_ALL },
           { "streamlocalbindunlink", sStreamLocalBindUnlink, SSHCFG_ALL },
           { "allowstreamlocalforwarding", sAllowStreamLocalForwarding, SSHCFG_ALL },
         { NULL, sBadOption, 0 }          { NULL, sBadOption, 0 }
 };  };
   
Line 1148 
Line 1162 
                 break;                  break;
   
         case sGatewayPorts:          case sGatewayPorts:
                 intptr = &options->gateway_ports;                  intptr = &options->fwd_opts.gateway_ports;
                 multistate_ptr = multistate_gatewayports;                  multistate_ptr = multistate_gatewayports;
                 goto parse_multistate;                  goto parse_multistate;
   
Line 1183 
Line 1197 
                 multistate_ptr = multistate_tcpfwd;                  multistate_ptr = multistate_tcpfwd;
                 goto parse_multistate;                  goto parse_multistate;
   
           case sAllowStreamLocalForwarding:
                   intptr = &options->allow_streamlocal_forwarding;
                   multistate_ptr = multistate_tcpfwd;
                   goto parse_multistate;
   
         case sAllowAgentForwarding:          case sAllowAgentForwarding:
                 intptr = &options->allow_agent_forwarding;                  intptr = &options->allow_agent_forwarding;
                 goto parse_flag;                  goto parse_flag;
Line 1581 
Line 1600 
                 }                  }
                 return 0;                  return 0;
   
           case sStreamLocalBindMask:
                   arg = strdelim(&cp);
                   if (!arg || *arg == '\0')
                           fatal("%s line %d: missing StreamLocalBindMask argument.",
                               filename, linenum);
                   /* Parse mode in octal format */
                   value = strtol(arg, &p, 8);
                   if (arg == p || value < 0 || value > 0777)
                           fatal("%s line %d: Bad mask.", filename, linenum);
                   options->fwd_opts.streamlocal_bind_mask = (mode_t)value;
                   break;
   
           case sStreamLocalBindUnlink:
                   intptr = &options->fwd_opts.streamlocal_bind_unlink;
                   goto parse_flag;
   
         case sDeprecated:          case sDeprecated:
                 logit("%s line %d: Deprecated option %s",                  logit("%s line %d: Deprecated option %s",
                     filename, linenum, arg);                      filename, linenum, arg);
Line 1720 
Line 1755 
         M_CP_INTOPT(permit_empty_passwd);          M_CP_INTOPT(permit_empty_passwd);
   
         M_CP_INTOPT(allow_tcp_forwarding);          M_CP_INTOPT(allow_tcp_forwarding);
           M_CP_INTOPT(allow_streamlocal_forwarding);
         M_CP_INTOPT(allow_agent_forwarding);          M_CP_INTOPT(allow_agent_forwarding);
         M_CP_INTOPT(permit_tun);          M_CP_INTOPT(permit_tun);
         M_CP_INTOPT(gateway_ports);          M_CP_INTOPT(fwd_opts.gateway_ports);
         M_CP_INTOPT(x11_display_offset);          M_CP_INTOPT(x11_display_offset);
         M_CP_INTOPT(x11_forwarding);          M_CP_INTOPT(x11_forwarding);
         M_CP_INTOPT(x11_use_localhost);          M_CP_INTOPT(x11_use_localhost);
Line 1820 
Line 1856 
                 return fmt_multistate_int(val, multistate_privsep);                  return fmt_multistate_int(val, multistate_privsep);
         case sAllowTcpForwarding:          case sAllowTcpForwarding:
                 return fmt_multistate_int(val, multistate_tcpfwd);                  return fmt_multistate_int(val, multistate_tcpfwd);
           case sAllowStreamLocalForwarding:
                   return fmt_multistate_int(val, multistate_tcpfwd);
         case sProtocol:          case sProtocol:
                 switch (val) {                  switch (val) {
                 case SSH_PROTO_1:                  case SSH_PROTO_1:
Line 1971 
Line 2009 
         dump_cfg_fmtint(sPermitUserEnvironment, o->permit_user_env);          dump_cfg_fmtint(sPermitUserEnvironment, o->permit_user_env);
         dump_cfg_fmtint(sUseLogin, o->use_login);          dump_cfg_fmtint(sUseLogin, o->use_login);
         dump_cfg_fmtint(sCompression, o->compression);          dump_cfg_fmtint(sCompression, o->compression);
         dump_cfg_fmtint(sGatewayPorts, o->gateway_ports);          dump_cfg_fmtint(sGatewayPorts, o->fwd_opts.gateway_ports);
         dump_cfg_fmtint(sUseDNS, o->use_dns);          dump_cfg_fmtint(sUseDNS, o->use_dns);
         dump_cfg_fmtint(sAllowTcpForwarding, o->allow_tcp_forwarding);          dump_cfg_fmtint(sAllowTcpForwarding, o->allow_tcp_forwarding);
           dump_cfg_fmtint(sAllowStreamLocalForwarding, o->allow_streamlocal_forwarding);
         dump_cfg_fmtint(sUsePrivilegeSeparation, use_privsep);          dump_cfg_fmtint(sUsePrivilegeSeparation, use_privsep);
   
         /* string arguments */          /* string arguments */
Legend:
Removed from v.1.250  
changed lines
  Added in v.1.251