version 1.366, 2020/06/24 15:09:53 |
version 1.367, 2020/07/05 23:59:45 |
|
|
options->challenge_response_authentication = -1; |
options->challenge_response_authentication = -1; |
options->permit_empty_passwd = -1; |
options->permit_empty_passwd = -1; |
options->permit_user_env = -1; |
options->permit_user_env = -1; |
options->permit_user_env_whitelist = NULL; |
options->permit_user_env_allowlist = NULL; |
options->compression = -1; |
options->compression = -1; |
options->rekey_limit = -1; |
options->rekey_limit = -1; |
options->rekey_interval = -1; |
options->rekey_interval = -1; |
|
|
all_key = sshkey_alg_list(0, 0, 1, ','); |
all_key = sshkey_alg_list(0, 0, 1, ','); |
all_sig = sshkey_alg_list(0, 1, 1, ','); |
all_sig = sshkey_alg_list(0, 1, 1, ','); |
/* remove unsupported algos from default lists */ |
/* remove unsupported algos from default lists */ |
def_cipher = match_filter_whitelist(KEX_SERVER_ENCRYPT, all_cipher); |
def_cipher = match_filter_allowlist(KEX_SERVER_ENCRYPT, all_cipher); |
def_mac = match_filter_whitelist(KEX_SERVER_MAC, all_mac); |
def_mac = match_filter_allowlist(KEX_SERVER_MAC, all_mac); |
def_kex = match_filter_whitelist(KEX_SERVER_KEX, all_kex); |
def_kex = match_filter_allowlist(KEX_SERVER_KEX, all_kex); |
def_key = match_filter_whitelist(KEX_DEFAULT_PK_ALG, all_key); |
def_key = match_filter_allowlist(KEX_DEFAULT_PK_ALG, all_key); |
def_sig = match_filter_whitelist(SSH_ALLOWED_CA_SIGALGS, all_sig); |
def_sig = match_filter_allowlist(SSH_ALLOWED_CA_SIGALGS, all_sig); |
#define ASSEMBLE(what, defaults, all) \ |
#define ASSEMBLE(what, defaults, all) \ |
do { \ |
do { \ |
if ((r = kex_assemble_names(&o->what, defaults, all)) != 0) \ |
if ((r = kex_assemble_names(&o->what, defaults, all)) != 0) \ |
|
|
options->permit_empty_passwd = 0; |
options->permit_empty_passwd = 0; |
if (options->permit_user_env == -1) { |
if (options->permit_user_env == -1) { |
options->permit_user_env = 0; |
options->permit_user_env = 0; |
options->permit_user_env_whitelist = NULL; |
options->permit_user_env_allowlist = NULL; |
} |
} |
if (options->compression == -1) |
if (options->compression == -1) |
#ifdef WITH_ZLIB |
#ifdef WITH_ZLIB |
|
|
|
|
case sPermitUserEnvironment: |
case sPermitUserEnvironment: |
intptr = &options->permit_user_env; |
intptr = &options->permit_user_env; |
charptr = &options->permit_user_env_whitelist; |
charptr = &options->permit_user_env_allowlist; |
arg = strdelim(&cp); |
arg = strdelim(&cp); |
if (!arg || *arg == '\0') |
if (!arg || *arg == '\0') |
fatal("%s line %d: missing argument.", |
fatal("%s line %d: missing argument.", |
|
|
} |
} |
printf("\n"); |
printf("\n"); |
|
|
if (o->permit_user_env_whitelist == NULL) { |
if (o->permit_user_env_allowlist == NULL) { |
dump_cfg_fmtint(sPermitUserEnvironment, o->permit_user_env); |
dump_cfg_fmtint(sPermitUserEnvironment, o->permit_user_env); |
} else { |
} else { |
printf("permituserenvironment %s\n", |
printf("permituserenvironment %s\n", |
o->permit_user_env_whitelist); |
o->permit_user_env_allowlist); |
} |
} |
|
|
printf("pubkeyauthoptions"); |
printf("pubkeyauthoptions"); |