summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--ChangeLog4
-rw-r--r--readconf.c35
-rw-r--r--readconf.h4
-rw-r--r--ssh_config.513
4 files changed, 45 insertions, 11 deletions
diff --git a/ChangeLog b/ChangeLog
index 186c4324..ae0f8477 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -33,6 +33,10 @@
sshd.c] Add RekeyLimit to sshd with the same syntax as the client allowing
rekeying based on traffic volume or time. ok djm@, help & ok jmc@ for the man
page.
+ - djm@cvs.openbsd.org 2013/05/16 04:27:50
+ [ssh_config.5 readconf.h readconf.c]
+ add the ability to ignore specific unrecognised ssh_config options;
+ bz#866; ok markus@
20130510
- (dtucker) [configure.ac] Enable -Wsizeof-pointer-memaccess if the compiler
diff --git a/readconf.c b/readconf.c
index d8898a02..51b23a3b 100644
--- a/readconf.c
+++ b/readconf.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: readconf.c,v 1.198 2013/05/16 02:00:34 dtucker Exp $ */
+/* $OpenBSD: readconf.c,v 1.199 2013/05/16 04:27:50 djm Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -134,8 +134,8 @@ typedef enum {
oHashKnownHosts,
oTunnel, oTunnelDevice, oLocalCommand, oPermitLocalCommand,
oVisualHostKey, oUseRoaming, oZeroKnowledgePasswordAuthentication,
- oKexAlgorithms, oIPQoS, oRequestTTY,
- oDeprecated, oUnsupported
+ oKexAlgorithms, oIPQoS, oRequestTTY, oIgnoreUnknown,
+ oIgnoredUnknownOption, oDeprecated, oUnsupported
} OpCodes;
/* Textual representations of the tokens. */
@@ -246,6 +246,7 @@ static struct {
{ "kexalgorithms", oKexAlgorithms },
{ "ipqos", oIPQoS },
{ "requesttty", oRequestTTY },
+ { "ignoreunknown", oIgnoreUnknown },
{ NULL, oBadOption }
};
@@ -351,14 +352,17 @@ add_identity_file(Options *options, const char *dir, const char *filename,
*/
static OpCodes
-parse_token(const char *cp, const char *filename, int linenum)
+parse_token(const char *cp, const char *filename, int linenum,
+ const char *ignored_unknown)
{
- u_int i;
+ int i;
for (i = 0; keywords[i].name; i++)
- if (strcasecmp(cp, keywords[i].name) == 0)
+ if (strcmp(cp, keywords[i].name) == 0)
return keywords[i].opcode;
-
+ if (ignored_unknown != NULL && match_pattern_list(cp, ignored_unknown,
+ strlen(ignored_unknown), 1) == 1)
+ return oIgnoredUnknownOption;
error("%s: line %d: Bad configuration option: %s",
filename, linenum, cp);
return oBadOption;
@@ -377,7 +381,7 @@ process_config_line(Options *options, const char *host,
{
char *s, **charptr, *endofnumber, *keyword, *arg, *arg2;
char **cpptr, fwdarg[256];
- u_int *uintptr, max_entries = 0;
+ u_int i, *uintptr, max_entries = 0;
int negated, opcode, *intptr, value, value2, scale;
LogLevel *log_level_ptr;
long long orig, val64;
@@ -400,14 +404,22 @@ process_config_line(Options *options, const char *host,
keyword = strdelim(&s);
if (keyword == NULL || !*keyword || *keyword == '\n' || *keyword == '#')
return 0;
+ /* Match lowercase keyword */
+ for (i = 0; i < strlen(keyword); i++)
+ keyword[i] = tolower(keyword[i]);
- opcode = parse_token(keyword, filename, linenum);
+ opcode = parse_token(keyword, filename, linenum,
+ options->ignored_unknown);
switch (opcode) {
case oBadOption:
/* don't panic, but count bad options */
return -1;
/* NOTREACHED */
+ case oIgnoredUnknownOption:
+ debug("%s line %d: Ignored unknown option \"%s\"",
+ filename, linenum, keyword);
+ return 0;
case oConnectTimeout:
intptr = &options->connection_timeout;
parse_time:
@@ -1077,6 +1089,10 @@ parse_int:
*intptr = value;
break;
+ case oIgnoreUnknown:
+ charptr = &options->ignored_unknown;
+ goto parse_string;
+
case oDeprecated:
debug("%s line %d: Deprecated option \"%s\"",
filename, linenum, keyword);
@@ -1238,6 +1254,7 @@ initialize_options(Options * options)
options->ip_qos_interactive = -1;
options->ip_qos_bulk = -1;
options->request_tty = -1;
+ options->ignored_unknown = NULL;
}
/*
diff --git a/readconf.h b/readconf.h
index e2057309..23fc500d 100644
--- a/readconf.h
+++ b/readconf.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: readconf.h,v 1.94 2013/05/16 02:00:34 dtucker Exp $ */
+/* $OpenBSD: readconf.h,v 1.95 2013/05/16 04:27:50 djm Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
@@ -137,6 +137,8 @@ typedef struct {
int use_roaming;
int request_tty;
+
+ char *ignored_unknown; /* Pattern list of unknown tokens to ignore */
} Options;
#define SSHCTL_MASTER_NO 0
diff --git a/ssh_config.5 b/ssh_config.5
index 97897e00..955afe35 100644
--- a/ssh_config.5
+++ b/ssh_config.5
@@ -33,7 +33,7 @@
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
-.\" $OpenBSD: ssh_config.5,v 1.162 2013/05/16 02:00:34 dtucker Exp $
+.\" $OpenBSD: ssh_config.5,v 1.163 2013/05/16 04:27:50 djm Exp $
.Dd $Mdocdate: May 16 2013 $
.Dt SSH_CONFIG 5
.Os
@@ -597,6 +597,17 @@ The default is the name given on the command line.
Numeric IP addresses are also permitted (both on the command line and in
.Cm HostName
specifications).
+.It Cm IgnoreUnknown
+Specifies a pattern-list of unknown options to be ignored if they are
+encountered in configuration parsing.
+This may be used to suppress errors if
+.Nm
+contains options that are unrecognised by
+.Xr ssh 1 .
+It is recommended that
+.Cm IgnoreUnknown
+be listed early in the configuration file as it will not be applied
+to unknown options that appear before it.
.It Cm IdentitiesOnly
Specifies that
.Xr ssh 1