Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / external / openssh / 85b45e09188e7a7fc8f0a900a4c6a0f04a5720a7^! / . / servconf.c
commit85b45e09188e7a7fc8f0a900a4c6a0f04a5720a7[log] [tgz]
authorDamien Miller <djm@mindrot.org>Sat Jul 20 13:21:52 2013 +1000
committerDamien Miller <djm@mindrot.org>Sat Jul 20 13:21:52 2013 +1000
tree575942d7e7a835c3b89b59eb0e9e0ecf34f1811b
parentd93340cbb6bc0fc0dbd4427e0cec6d994a494dd9 [diff] [blame]
   - markus@cvs.openbsd.org 2013/07/19 07:37:48
     [auth.h kex.h kexdhs.c kexecdhs.c kexgexs.c monitor.c servconf.c]
     [servconf.h session.c sshd.c sshd_config.5]
     add ssh-agent(1) support to sshd(8); allows encrypted hostkeys,
     or hostkeys on smartcards; most of the work by Zev Weiss; bz #1974
     ok djm@

diff --git a/servconf.c b/servconf.c
index 36b8efe..747edde 100644
--- a/servconf.c
+++ b/servconf.c

@@ -1,5 +1,5 @@
 
-/* $OpenBSD: servconf.c,v 1.239 2013/05/17 00:13:14 djm Exp $ */
+/* $OpenBSD: servconf.c,v 1.240 2013/07/19 07:37:48 markus Exp $ */
 /*
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
  *                    All rights reserved
@@ -79,6 +79,7 @@
 	options->address_family = -1;
 	options->num_host_key_files = 0;
 	options->num_host_cert_files = 0;
+	options->host_key_agent = NULL;
 	options->pid_file = NULL;
 	options->server_key_bits = -1;
 	options->login_grace_time = -1;
@@ -344,7 +345,7 @@
 	sRevokedKeys, sTrustedUserCAKeys, sAuthorizedPrincipalsFile,
 	sKexAlgorithms, sIPQoS, sVersionAddendum,
 	sAuthorizedKeysCommand, sAuthorizedKeysCommandUser,
-	sAuthenticationMethods,
+	sAuthenticationMethods, sHostKeyAgent,
 	sDeprecated, sUnsupported
 } ServerOpCodes;
 
@@ -369,6 +370,7 @@
 	{ "port", sPort, SSHCFG_GLOBAL },
 	{ "hostkey", sHostKeyFile, SSHCFG_GLOBAL },
 	{ "hostdsakey", sHostKeyFile, SSHCFG_GLOBAL },		/* alias */
+	{ "hostkeyagent", sHostKeyAgent, SSHCFG_GLOBAL },
 	{ "pidfile", sPidFile, SSHCFG_GLOBAL },
 	{ "serverkeybits", sServerKeyBits, SSHCFG_GLOBAL },
 	{ "logingracetime", sLoginGraceTime, SSHCFG_GLOBAL },
@@ -978,6 +980,17 @@
 		}
 		break;
 
+	case sHostKeyAgent:
+		charptr = &options->host_key_agent;
+		arg = strdelim(&cp);
+		if (!arg || *arg == '\0')
+			fatal("%s line %d: missing socket name.",
+			    filename, linenum);
+		if (*activep && *charptr == NULL)
+			*charptr = !strcmp(arg, SSH_AUTHSOCKET_ENV_NAME) ?
+			    xstrdup(arg) : derelativise_path(arg);
+		break;
+
 	case sHostCertificate:
 		intptr = &options->num_host_cert_files;
 		if (*intptr >= MAX_HOSTKEYS)
@@ -2011,6 +2024,7 @@
 	dump_cfg_string(sVersionAddendum, o->version_addendum);
 	dump_cfg_string(sAuthorizedKeysCommand, o->authorized_keys_command);
 	dump_cfg_string(sAuthorizedKeysCommandUser, o->authorized_keys_command_user);
+	dump_cfg_string(sHostKeyAgent, o->host_key_agent);
 
 	/* string arguments requiring a lookup */
 	dump_cfg_string(sLogLevel, log_level_name(o->log_level));