diff options
-rw-r--r-- | ChangeLog | 5 | ||||
-rw-r--r-- | readconf.c | 38 | ||||
-rw-r--r-- | servconf.c | 26 |
3 files changed, 48 insertions, 21 deletions
@@ -4,6 +4,9 @@ [ssh.c] Make "ssh -V" print the OpenSSL version in a human readable form. Patch from Craig Leres (mindrot at ee.lbl.gov); ok markus@ + - jakob@cvs.openbsd.org 2003/05/15 14:02:47 + [readconf.c servconf.c] + warn for unsupported config option. ok markus@ 20030515 - (djm) OpenBSD CVS Sync @@ -1535,4 +1538,4 @@ save auth method before monitor_reset_key_state(); bugzilla bug #284; ok provos@ -$Id: ChangeLog,v 1.2724 2003/05/16 01:38:00 djm Exp $ +$Id: ChangeLog,v 1.2725 2003/05/16 01:38:32 djm Exp $ @@ -12,7 +12,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: readconf.c,v 1.109 2003/05/15 04:08:44 jakob Exp $"); +RCSID("$OpenBSD: readconf.c,v 1.110 2003/05/15 14:02:47 jakob Exp $"); #include "ssh.h" #include "xmalloc.h" @@ -107,7 +107,7 @@ typedef enum { oHostKeyAlgorithms, oBindAddress, oSmartcardDevice, oClearAllForwardings, oNoHostAuthenticationForLocalhost, oEnableSSHKeysign, oRekeyLimit, oVerifyHostKeyDNS, - oDeprecated + oDeprecated, oUnsupported } OpCodes; /* Textual representations of the tokens. */ @@ -133,9 +133,18 @@ static struct { { "challengeresponseauthentication", oChallengeResponseAuthentication }, { "skeyauthentication", oChallengeResponseAuthentication }, /* alias */ { "tisauthentication", oChallengeResponseAuthentication }, /* alias */ +#if defined(KRB4) || defined(KRB5) { "kerberosauthentication", oKerberosAuthentication }, { "kerberostgtpassing", oKerberosTgtPassing }, +#else + { "kerberosauthentication", oUnsupported }, + { "kerberostgtpassing", oUnsupported }, +#endif +#if defined(AFS) { "afstokenpassing", oAFSTokenPassing }, +#else + { "afstokenpassing", oUnsupported }, +#endif { "fallbacktorsh", oDeprecated }, { "usersh", oDeprecated }, { "identityfile", oIdentityFile }, @@ -170,10 +179,18 @@ static struct { { "preferredauthentications", oPreferredAuthentications }, { "hostkeyalgorithms", oHostKeyAlgorithms }, { "bindaddress", oBindAddress }, +#ifdef SMARTCARD { "smartcarddevice", oSmartcardDevice }, +#else + { "smartcarddevice", oUnsupported }, +#endif { "clearallforwardings", oClearAllForwardings }, { "enablesshkeysign", oEnableSSHKeysign }, +#ifdef DNS { "verifyhostkeydns", oVerifyHostKeyDNS }, +#else + { "verifyhostkeydns", oUnsupported }, +#endif { "nohostauthenticationforlocalhost", oNoHostAuthenticationForLocalhost }, { "rekeylimit", oRekeyLimit }, { NULL, oBadOption } @@ -697,6 +714,11 @@ parse_int: filename, linenum, keyword); return 0; + case oUnsupported: + error("%s line %d: Unsupported option \"%s\"", + filename, linenum, keyword); + return 0; + default: fatal("process_config_line: Unimplemented opcode %d", opcode); } @@ -844,23 +866,11 @@ fill_default_options(Options * options) if (options->challenge_response_authentication == -1) options->challenge_response_authentication = 1; if (options->kerberos_authentication == -1) -#if defined(KRB4) || defined(KRB5) options->kerberos_authentication = 1; -#else - options->kerberos_authentication = 0; -#endif if (options->kerberos_tgt_passing == -1) -#if defined(KRB4) || defined(KRB5) options->kerberos_tgt_passing = 1; -#else - options->kerberos_tgt_passing = 0; -#endif if (options->afs_token_passing == -1) -#if defined(AFS) options->afs_token_passing = 1; -#else - options->afs_token_passing = 0; -#endif if (options->password_authentication == -1) options->password_authentication = 1; if (options->kbd_interactive_authentication == -1) @@ -10,7 +10,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: servconf.c,v 1.120 2003/05/15 04:08:44 jakob Exp $"); +RCSID("$OpenBSD: servconf.c,v 1.121 2003/05/15 14:02:47 jakob Exp $"); #if defined(KRB4) #include <krb.h> @@ -207,11 +207,7 @@ fill_default_server_options(ServerOptions *options) if (options->kerberos_or_local_passwd == -1) options->kerberos_or_local_passwd = 1; if (options->kerberos_ticket_cleanup == -1) -#if defined(KRB4) || defined(KRB5) options->kerberos_ticket_cleanup = 1; -#else - options->kerberos_ticket_cleanup = 0; -#endif if (options->kerberos_tgt_passing == -1) options->kerberos_tgt_passing = 0; if (options->afs_token_passing == -1) @@ -294,7 +290,7 @@ typedef enum { sHostbasedUsesNameFromPacketOnly, sClientAliveInterval, sClientAliveCountMax, sAuthorizedKeysFile, sAuthorizedKeysFile2, sUsePrivilegeSeparation, - sDeprecated + sDeprecated, sUnsupported } ServerOpCodes; /* Textual representation of the tokens. */ @@ -322,11 +318,22 @@ static struct { { "rsaauthentication", sRSAAuthentication }, { "pubkeyauthentication", sPubkeyAuthentication }, { "dsaauthentication", sPubkeyAuthentication }, /* alias */ +#if defined(KRB4) || defined(KRB5) { "kerberosauthentication", sKerberosAuthentication }, { "kerberosorlocalpasswd", sKerberosOrLocalPasswd }, { "kerberosticketcleanup", sKerberosTicketCleanup }, { "kerberostgtpassing", sKerberosTgtPassing }, +#else + { "kerberosauthentication", sUnsupported }, + { "kerberosorlocalpasswd", sUnsupported }, + { "kerberosticketcleanup", sUnsupported }, + { "kerberostgtpassing", sUnsupported }, +#endif +#if defined(AFS) { "afstokenpassing", sAFSTokenPassing }, +#else + { "afstokenpassing", sUnsupported }, +#endif { "passwordauthentication", sPasswordAuthentication }, { "kbdinteractiveauthentication", sKbdInteractiveAuthentication }, { "challengeresponseauthentication", sChallengeResponseAuthentication }, @@ -899,6 +906,13 @@ parse_flag: arg = strdelim(&cp); break; + case sUnsupported: + logit("%s line %d: Unsupported option %s", + filename, linenum, arg); + while (arg) + arg = strdelim(&cp); + break; + default: fatal("%s line %d: Missing handler for opcode %s (%d)", filename, linenum, arg, opcode); |