| version 1.357, 2019/12/15 20:59:23 |
version 1.358, 2020/01/23 02:46:49 |
|
|
| assemble_algorithms(ServerOptions *o) |
assemble_algorithms(ServerOptions *o) |
| { |
{ |
| char *all_cipher, *all_mac, *all_kex, *all_key, *all_sig; |
char *all_cipher, *all_mac, *all_kex, *all_key, *all_sig; |
| |
char *def_cipher, *def_mac, *def_kex, *def_key, *def_sig; |
| int r; |
int r; |
| |
|
| all_cipher = cipher_alg_list(',', 0); |
all_cipher = cipher_alg_list(',', 0); |
|
|
| all_kex = kex_alg_list(','); |
all_kex = kex_alg_list(','); |
| all_key = sshkey_alg_list(0, 0, 1, ','); |
all_key = sshkey_alg_list(0, 0, 1, ','); |
| all_sig = sshkey_alg_list(0, 1, 1, ','); |
all_sig = sshkey_alg_list(0, 1, 1, ','); |
| |
/* remove unsupported algos from default lists */ |
| |
def_cipher = match_filter_whitelist(KEX_SERVER_ENCRYPT, all_cipher); |
| |
def_mac = match_filter_whitelist(KEX_SERVER_MAC, all_mac); |
| |
def_kex = match_filter_whitelist(KEX_SERVER_KEX, all_kex); |
| |
def_key = match_filter_whitelist(KEX_DEFAULT_PK_ALG, all_key); |
| |
def_sig = match_filter_whitelist(SSH_ALLOWED_CA_SIGALGS, all_sig); |
| #define ASSEMBLE(what, defaults, all) \ |
#define ASSEMBLE(what, defaults, all) \ |
| do { \ |
do { \ |
| if ((r = kex_assemble_names(&o->what, defaults, all)) != 0) \ |
if ((r = kex_assemble_names(&o->what, defaults, all)) != 0) \ |
| fatal("%s: %s: %s", __func__, #what, ssh_err(r)); \ |
fatal("%s: %s: %s", __func__, #what, ssh_err(r)); \ |
| } while (0) |
} while (0) |
| ASSEMBLE(ciphers, KEX_SERVER_ENCRYPT, all_cipher); |
ASSEMBLE(ciphers, def_cipher, all_cipher); |
| ASSEMBLE(macs, KEX_SERVER_MAC, all_mac); |
ASSEMBLE(macs, def_mac, all_mac); |
| ASSEMBLE(kex_algorithms, KEX_SERVER_KEX, all_kex); |
ASSEMBLE(kex_algorithms, def_kex, all_kex); |
| ASSEMBLE(hostkeyalgorithms, KEX_DEFAULT_PK_ALG, all_key); |
ASSEMBLE(hostkeyalgorithms, def_key, all_key); |
| ASSEMBLE(hostbased_key_types, KEX_DEFAULT_PK_ALG, all_key); |
ASSEMBLE(hostbased_key_types, def_key, all_key); |
| ASSEMBLE(pubkey_key_types, KEX_DEFAULT_PK_ALG, all_key); |
ASSEMBLE(pubkey_key_types, def_key, all_key); |
| ASSEMBLE(ca_sign_algorithms, SSH_ALLOWED_CA_SIGALGS, all_sig); |
ASSEMBLE(ca_sign_algorithms, def_sig, all_sig); |
| #undef ASSEMBLE |
#undef ASSEMBLE |
| free(all_cipher); |
free(all_cipher); |
| free(all_mac); |
free(all_mac); |
| free(all_kex); |
free(all_kex); |
| free(all_key); |
free(all_key); |
| free(all_sig); |
free(all_sig); |
| |
free(def_cipher); |
| |
free(def_mac); |
| |
free(def_kex); |
| |
free(def_key); |
| |
free(def_sig); |
| } |
} |
| |
|
| static void |
static void |
|
|
| /* string arguments */ |
/* string arguments */ |
| dump_cfg_string(sPidFile, o->pid_file); |
dump_cfg_string(sPidFile, o->pid_file); |
| dump_cfg_string(sXAuthLocation, o->xauth_location); |
dump_cfg_string(sXAuthLocation, o->xauth_location); |
| dump_cfg_string(sCiphers, o->ciphers ? o->ciphers : KEX_SERVER_ENCRYPT); |
dump_cfg_string(sCiphers, o->ciphers); |
| dump_cfg_string(sMacs, o->macs ? o->macs : KEX_SERVER_MAC); |
dump_cfg_string(sMacs, o->macs); |
| dump_cfg_string(sBanner, o->banner); |
dump_cfg_string(sBanner, o->banner); |
| dump_cfg_string(sForceCommand, o->adm_forced_command); |
dump_cfg_string(sForceCommand, o->adm_forced_command); |
| dump_cfg_string(sChrootDirectory, o->chroot_directory); |
dump_cfg_string(sChrootDirectory, o->chroot_directory); |
|
|
| dump_cfg_string(sAuthorizedPrincipalsCommand, o->authorized_principals_command); |
dump_cfg_string(sAuthorizedPrincipalsCommand, o->authorized_principals_command); |
| dump_cfg_string(sAuthorizedPrincipalsCommandUser, o->authorized_principals_command_user); |
dump_cfg_string(sAuthorizedPrincipalsCommandUser, o->authorized_principals_command_user); |
| dump_cfg_string(sHostKeyAgent, o->host_key_agent); |
dump_cfg_string(sHostKeyAgent, o->host_key_agent); |
| dump_cfg_string(sKexAlgorithms, |
dump_cfg_string(sKexAlgorithms, o->kex_algorithms); |
| o->kex_algorithms ? o->kex_algorithms : KEX_SERVER_KEX); |
dump_cfg_string(sCASignatureAlgorithms, o->ca_sign_algorithms); |
| dump_cfg_string(sCASignatureAlgorithms, o->ca_sign_algorithms ? |
dump_cfg_string(sHostbasedAcceptedKeyTypes, o->hostbased_key_types); |
| o->ca_sign_algorithms : SSH_ALLOWED_CA_SIGALGS); |
dump_cfg_string(sHostKeyAlgorithms, o->hostkeyalgorithms); |
| dump_cfg_string(sHostbasedAcceptedKeyTypes, o->hostbased_key_types ? |
dump_cfg_string(sPubkeyAcceptedKeyTypes, o->pubkey_key_types); |
| o->hostbased_key_types : KEX_DEFAULT_PK_ALG); |
|
| dump_cfg_string(sHostKeyAlgorithms, o->hostkeyalgorithms ? |
|
| o->hostkeyalgorithms : KEX_DEFAULT_PK_ALG); |
|
| dump_cfg_string(sPubkeyAcceptedKeyTypes, o->pubkey_key_types ? |
|
| o->pubkey_key_types : KEX_DEFAULT_PK_ALG); |
|
| dump_cfg_string(sRDomain, o->routing_domain); |
dump_cfg_string(sRDomain, o->routing_domain); |
| |
|
| /* string arguments requiring a lookup */ |
/* string arguments requiring a lookup */ |
![[BACK]](/icons/back.gif){kind=icon}
Return to servconf.c CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / src / usr.bin / ssh