===================================================================
RCS file: /cvsrepo/anoncvs/cvs/src/usr.bin/ssh/servconf.c,v
retrieving revision 1.231
retrieving revision 1.232
diff -u -r1.231 -r1.232
--- src/usr.bin/ssh/servconf.c	2012/10/30 21:29:54	1.231
+++ src/usr.bin/ssh/servconf.c	2012/11/04 11:09:15	1.232
@@ -1,5 +1,5 @@
 
-/* $OpenBSD: servconf.c,v 1.231 2012/10/30 21:29:54 djm Exp $ */
+/* $OpenBSD: servconf.c,v 1.232 2012/11/04 11:09:15 djm Exp $ */
 /*
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
  *                    All rights reserved
@@ -46,6 +46,8 @@
 #include "groupaccess.h"
 #include "canohost.h"
 #include "packet.h"
+#include "hostfile.h"
+#include "auth.h"
 
 static void add_listen_addr(ServerOptions *, char *, int);
 static void add_one_listen_addr(ServerOptions *, char *, int);
@@ -305,6 +307,7 @@
 	sRevokedKeys, sTrustedUserCAKeys, sAuthorizedPrincipalsFile,
 	sKexAlgorithms, sIPQoS, sVersionAddendum,
 	sAuthorizedKeysCommand, sAuthorizedKeysCommandUser,
+	sAuthenticationMethods,
 	sDeprecated, sUnsupported
 } ServerOpCodes;
 
@@ -420,6 +423,7 @@
 	{ "authorizedkeyscommand", sAuthorizedKeysCommand, SSHCFG_ALL },
 	{ "authorizedkeyscommanduser", sAuthorizedKeysCommandUser, SSHCFG_ALL },
 	{ "versionaddendum", sVersionAddendum, SSHCFG_GLOBAL },
+	{ "authenticationmethods", sAuthenticationMethods, SSHCFG_ALL },
 	{ NULL, sBadOption, 0 }
 };
 
@@ -1477,6 +1481,24 @@
 			*charptr = xstrdup(arg);
 		break;
 
+	case sAuthenticationMethods:
+		if (*activep && options->num_auth_methods == 0) {
+			while ((arg = strdelim(&cp)) && *arg != '\0') {
+				if (options->num_auth_methods >=
+				    MAX_AUTH_METHODS)
+					fatal("%s line %d: "
+					    "too many authentication methods.",
+					    filename, linenum);
+				if (auth2_methods_valid(arg, 0) != 0)
+					fatal("%s line %d: invalid "
+					    "authentication method list.",
+					    filename, linenum);
+				options->auth_methods[
+				    options->num_auth_methods++] = xstrdup(arg);
+			}
+		}
+		return 0;
+
 	case sDeprecated:
 		logit("%s line %d: Deprecated option %s",
 		    filename, linenum, arg);
@@ -1903,6 +1925,8 @@
 	dump_cfg_strarray(sAllowGroups, o->num_allow_groups, o->allow_groups);
 	dump_cfg_strarray(sDenyGroups, o->num_deny_groups, o->deny_groups);
 	dump_cfg_strarray(sAcceptEnv, o->num_accept_env, o->accept_env);
+	dump_cfg_strarray_oneline(sAuthenticationMethods,
+	    o->num_auth_methods, o->auth_methods);
 
 	/* other arguments */
 	for (i = 0; i < o->num_subsystems; i++)