version 1.329, 2018/06/06 18:22:41 |
version 1.330, 2018/06/06 18:23:32 |
|
|
options->num_accept_env = 0; |
options->num_accept_env = 0; |
options->permit_tun = -1; |
options->permit_tun = -1; |
options->permitted_opens = NULL; |
options->permitted_opens = NULL; |
options->permitted_remote_opens = NULL; |
options->permitted_listens = NULL; |
options->adm_forced_command = NULL; |
options->adm_forced_command = NULL; |
options->chroot_directory = NULL; |
options->chroot_directory = NULL; |
options->authorized_keys_command = NULL; |
options->authorized_keys_command = NULL; |
|
|
sClientAliveInterval, sClientAliveCountMax, sAuthorizedKeysFile, |
sClientAliveInterval, sClientAliveCountMax, sAuthorizedKeysFile, |
sGssAuthentication, sGssCleanupCreds, sGssStrictAcceptor, |
sGssAuthentication, sGssCleanupCreds, sGssStrictAcceptor, |
sAcceptEnv, sPermitTunnel, |
sAcceptEnv, sPermitTunnel, |
sMatch, sPermitOpen, sPermitRemoteOpen, sForceCommand, sChrootDirectory, |
sMatch, sPermitOpen, sPermitListen, sForceCommand, sChrootDirectory, |
sUsePrivilegeSeparation, sAllowAgentForwarding, |
sUsePrivilegeSeparation, sAllowAgentForwarding, |
sHostCertificate, |
sHostCertificate, |
sRevokedKeys, sTrustedUserCAKeys, sAuthorizedPrincipalsFile, |
sRevokedKeys, sTrustedUserCAKeys, sAuthorizedPrincipalsFile, |
|
|
{ "permituserrc", sPermitUserRC, SSHCFG_ALL }, |
{ "permituserrc", sPermitUserRC, SSHCFG_ALL }, |
{ "match", sMatch, SSHCFG_ALL }, |
{ "match", sMatch, SSHCFG_ALL }, |
{ "permitopen", sPermitOpen, SSHCFG_ALL }, |
{ "permitopen", sPermitOpen, SSHCFG_ALL }, |
{ "permitremoteopen", sPermitRemoteOpen, SSHCFG_ALL }, |
{ "permitlisten", sPermitListen, SSHCFG_ALL }, |
{ "forcecommand", sForceCommand, SSHCFG_ALL }, |
{ "forcecommand", sForceCommand, SSHCFG_ALL }, |
{ "chrootdirectory", sChrootDirectory, SSHCFG_ALL }, |
{ "chrootdirectory", sChrootDirectory, SSHCFG_ALL }, |
{ "hostcertificate", sHostCertificate, SSHCFG_GLOBAL }, |
{ "hostcertificate", sHostCertificate, SSHCFG_GLOBAL }, |
|
|
{ |
{ |
process_permitopen_list(ssh, sPermitOpen, |
process_permitopen_list(ssh, sPermitOpen, |
options->permitted_opens, options->num_permitted_opens); |
options->permitted_opens, options->num_permitted_opens); |
process_permitopen_list(ssh, sPermitRemoteOpen, |
process_permitopen_list(ssh, sPermitListen, |
options->permitted_remote_opens, |
options->permitted_listens, |
options->num_permitted_remote_opens); |
options->num_permitted_listens); |
} |
} |
|
|
struct connection_info * |
struct connection_info * |
|
|
*activep = value; |
*activep = value; |
break; |
break; |
|
|
case sPermitRemoteOpen: |
case sPermitListen: |
case sPermitOpen: |
case sPermitOpen: |
if (opcode == sPermitRemoteOpen) { |
if (opcode == sPermitListen) { |
uintptr = &options->num_permitted_remote_opens; |
uintptr = &options->num_permitted_listens; |
chararrayptr = &options->permitted_remote_opens; |
chararrayptr = &options->permitted_listens; |
} else { |
} else { |
uintptr = &options->num_permitted_opens; |
uintptr = &options->num_permitted_opens; |
chararrayptr = &options->permitted_opens; |
chararrayptr = &options->permitted_opens; |
|
|
for (; arg != NULL && *arg != '\0'; arg = strdelim(&cp)) { |
for (; arg != NULL && *arg != '\0'; arg = strdelim(&cp)) { |
arg2 = xstrdup(arg); |
arg2 = xstrdup(arg); |
p = hpdelim(&arg); |
p = hpdelim(&arg); |
/* XXX support bare port number for PermitRemoteOpen */ |
/* XXX support bare port number for PermitListen */ |
if (p == NULL) { |
if (p == NULL) { |
fatal("%s line %d: missing host in %s", |
fatal("%s line %d: missing host in %s", |
filename, linenum, |
filename, linenum, |
|
|
printf(" %s", o->permitted_opens[i]); |
printf(" %s", o->permitted_opens[i]); |
} |
} |
printf("\n"); |
printf("\n"); |
printf("permitremoteopen"); |
printf("permitlisten"); |
if (o->num_permitted_remote_opens == 0) |
if (o->num_permitted_listens == 0) |
printf(" any"); |
printf(" any"); |
else { |
else { |
for (i = 0; i < o->num_permitted_remote_opens; i++) |
for (i = 0; i < o->num_permitted_listens; i++) |
printf(" %s", o->permitted_remote_opens[i]); |
printf(" %s", o->permitted_listens[i]); |
} |
} |
printf("\n"); |
printf("\n"); |
} |
} |