Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / external / openssh / 0efd155c3c184f0eaa2e1eb244eaaf066e6906e0^! / . / servconf.c
commit0efd155c3c184f0eaa2e1eb244eaaf066e6906e0[log] [tgz]
authorDarren Tucker <dtucker@zip.com.au>Tue Aug 26 11:49:55 2003 +1000
committerDarren Tucker <dtucker@zip.com.au>Tue Aug 26 11:49:55 2003 +1000
tree10f24586373d825d68cefd4a3746fe738cf0614a
parent30912f7259b771a1cf705c0bc47a6c3f3edffb43 [diff] [blame]
   - markus@cvs.openbsd.org 2003/08/22 10:56:09
     [auth2.c auth2-gss.c auth.h compat.c compat.h gss-genr.c gss-serv-krb5.c
     gss-serv.c monitor.c monitor.h monitor_wrap.c monitor_wrap.h readconf.c
     readconf.h servconf.c servconf.h session.c session.h ssh-gss.h
     ssh_config.5 sshconnect2.c sshd_config sshd_config.5]
     support GSS API user authentication; patches from Simon Wilkinson,
     stripped down and tested by Jakob and myself.

diff --git a/servconf.c b/servconf.c
index 09fdbf4..e133093 100644
--- a/servconf.c
+++ b/servconf.c

@@ -10,7 +10,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: servconf.c,v 1.124 2003/08/13 08:46:30 markus Exp $");
+RCSID("$OpenBSD: servconf.c,v 1.125 2003/08/22 10:56:09 markus Exp $");
 
 #include "ssh.h"
 #include "log.h"
@@ -73,6 +73,8 @@
 	options->kerberos_or_local_passwd = -1;
 	options->kerberos_ticket_cleanup = -1;
 	options->kerberos_tgt_passing = -1;
+	options->gss_authentication=-1;
+	options->gss_cleanup_creds = -1;
 	options->password_authentication = -1;
 	options->kbd_interactive_authentication = -1;
 	options->challenge_response_authentication = -1;
@@ -182,6 +184,10 @@
 		options->kerberos_ticket_cleanup = 1;
 	if (options->kerberos_tgt_passing == -1)
 		options->kerberos_tgt_passing = 0;
+	if (options->gss_authentication == -1)
+		options->gss_authentication = 0;
+	if (options->gss_cleanup_creds == -1)
+		options->gss_cleanup_creds = 1;
 	if (options->password_authentication == -1)
 		options->password_authentication = 1;
 	if (options->kbd_interactive_authentication == -1)
@@ -259,6 +265,7 @@
 	sBanner, sUseDNS, sHostbasedAuthentication,
 	sHostbasedUsesNameFromPacketOnly, sClientAliveInterval,
 	sClientAliveCountMax, sAuthorizedKeysFile, sAuthorizedKeysFile2,
+	sGssAuthentication, sGssCleanupCreds,
 	sUsePrivilegeSeparation,
 	sDeprecated, sUnsupported
 } ServerOpCodes;
@@ -305,6 +312,13 @@
 	{ "kerberostgtpassing", sUnsupported },
 #endif
 	{ "afstokenpassing", sUnsupported },
+#ifdef GSSAPI
+	{ "gssapiauthentication", sGssAuthentication },
+	{ "gssapicleanupcreds", sGssCleanupCreds },
+#else
+	{ "gssapiauthentication", sUnsupported },
+	{ "gssapicleanupcreds", sUnsupported },
+#endif
 	{ "passwordauthentication", sPasswordAuthentication },
 	{ "kbdinteractiveauthentication", sKbdInteractiveAuthentication },
 	{ "challengeresponseauthentication", sChallengeResponseAuthentication },
@@ -623,6 +637,14 @@
 		intptr = &options->kerberos_tgt_passing;
 		goto parse_flag;
 
+	case sGssAuthentication:
+		intptr = &options->gss_authentication;
+		goto parse_flag;
+
+	case sGssCleanupCreds:
+		intptr = &options->gss_cleanup_creds;
+		goto parse_flag;
+
 	case sPasswordAuthentication:
 		intptr = &options->password_authentication;
 		goto parse_flag;