Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / external / openssh / 06b33aa0e83163f3dcd679317afec1ee95910512^! / . / servconf.c
commit06b33aa0e83163f3dcd679317afec1ee95910512[log] [tgz]
authorBen Lindstrom <mouring@eviladmin.org>Thu Feb 15 03:01:59 2001 +0000
committerBen Lindstrom <mouring@eviladmin.org>Thu Feb 15 03:01:59 2001 +0000
treeeae5cbd1cd71619bdd1e5d4a28e6bb96057f4479
parent4272ed803ff309f1fdb9c149b9cf083769f53744 [diff] [blame]
   - markus@cvs.openbsd.org 2001/02/11 12:59:25
     [Makefile.in sshd.8 sshconnect2.c readconf.h readconf.c packet.c
      sshd.c ssh.c ssh.1 servconf.h servconf.c myproposal.h kex.h kex.c]
     1) clean up the MAC support for SSH-2
     2) allow you to specify the MAC with 'ssh -m'
     3) or the 'MACs' keyword in ssh(d)_config
     4) add hmac-{md5,sha1}-96
             ok stevesk@, provos@

diff --git a/servconf.c b/servconf.c
index 59687e1..43a2c11 100644
--- a/servconf.c
+++ b/servconf.c

@@ -10,7 +10,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: servconf.c,v 1.65 2001/02/04 15:32:24 stevesk Exp $");
+RCSID("$OpenBSD: servconf.c,v 1.66 2001/02/11 12:59:25 markus Exp $");
 
 #ifdef KRB4
 #include <krb.h>
@@ -28,6 +28,8 @@
 #include "tildexpand.h"
 #include "misc.h"
 #include "cipher.h"
+#include "kex.h"
+#include "mac.h"
 
 /* add listen address */
 void add_listen_addr(ServerOptions *options, char *addr);
@@ -85,6 +87,7 @@
 	options->num_allow_groups = 0;
 	options->num_deny_groups = 0;
 	options->ciphers = NULL;
+	options->macs = NULL;
 	options->protocol = SSH_PROTO_UNKNOWN;
 	options->gateway_ports = -1;
 	options->num_subsystems = 0;
@@ -209,7 +212,7 @@
 	sStrictModes, sEmptyPasswd, sRandomSeedFile, sKeepAlives, sCheckMail,
 	sUseLogin, sAllowTcpForwarding,
 	sAllowUsers, sDenyUsers, sAllowGroups, sDenyGroups,
-	sIgnoreUserKnownHosts, sCiphers, sProtocol, sPidFile,
+	sIgnoreUserKnownHosts, sCiphers, sMacs, sProtocol, sPidFile,
 	sGatewayPorts, sPubkeyAuthentication, sXAuthLocation, sSubsystem, sMaxStartups,
 	sBanner, sReverseMappingCheck
 } ServerOpCodes;
@@ -266,6 +269,7 @@
 	{ "allowgroups", sAllowGroups },
 	{ "denygroups", sDenyGroups },
 	{ "ciphers", sCiphers },
+	{ "macs", sMacs },
 	{ "protocol", sProtocol },
 	{ "gatewayports", sGatewayPorts },
 	{ "subsystem", sSubsystem },
@@ -658,6 +662,17 @@
 				options->ciphers = xstrdup(arg);
 			break;
 
+		case sMacs:
+			arg = strdelim(&cp);
+			if (!arg || *arg == '\0')
+				fatal("%s line %d: Missing argument.", filename, linenum);
+			if (!mac_valid(arg))
+				fatal("%s line %d: Bad SSH2 mac spec '%s'.",
+				    filename, linenum, arg ? arg : "<NONE>");
+			if (options->macs == NULL)
+				options->macs = xstrdup(arg);
+			break;
+
 		case sProtocol:
 			intptr = &options->protocol;
 			arg = strdelim(&cp);