Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / external / openssh / b6df73b06abb12772d816e64f210ad30ebaf54cb^! / . / readconf.c
commitb6df73b06abb12772d816e64f210ad30ebaf54cb[log] [tgz]
authorBen Lindstrom <mouring@eviladmin.org>Sat Nov 09 15:52:31 2002 +0000
committerBen Lindstrom <mouring@eviladmin.org>Sat Nov 09 15:52:31 2002 +0000
treeb3a9026cac5d7f9213ef0685c70ef02b584d4971
parentc2faa4a504188d8fdf27467fca136f69e451fc27 [diff] [blame]
   - markus@cvs.openbsd.org 2002/11/07 22:08:07
     [readconf.c readconf.h ssh-keysign.8 ssh-keysign.c]
     we cannot use HostbasedAuthentication for enabling ssh-keysign(8),
     because HostbasedAuthentication might be enabled based on the
     target host and ssh-keysign(8) does not know the remote hostname
     and not trust ssh(1) about the hostname, so we add a new option
     EnableSSHKeysign; ok djm@, report from zierke@informatik.uni-hamburg.de

diff --git a/readconf.c b/readconf.c
index bae06be..b9f1b7d 100644
--- a/readconf.c
+++ b/readconf.c

@@ -12,7 +12,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: readconf.c,v 1.100 2002/06/19 00:27:55 deraadt Exp $");
+RCSID("$OpenBSD: readconf.c,v 1.101 2002/11/07 22:08:07 markus Exp $");
 
 #include "ssh.h"
 #include "xmalloc.h"
@@ -114,6 +114,7 @@
 	oDynamicForward, oPreferredAuthentications, oHostbasedAuthentication,
 	oHostKeyAlgorithms, oBindAddress, oSmartcardDevice,
 	oClearAllForwardings, oNoHostAuthenticationForLocalhost,
+	oEnableSSHKeysign,
 	oDeprecated
 } OpCodes;
 
@@ -185,6 +186,7 @@
 	{ "bindaddress", oBindAddress },
 	{ "smartcarddevice", oSmartcardDevice },
 	{ "clearallforwardings", oClearAllForwardings },
+	{ "enablesshkeysign", oEnableSSHKeysign },
 	{ "nohostauthenticationforlocalhost", oNoHostAuthenticationForLocalhost },
 	{ NULL, oBadOption }
 };
@@ -669,6 +671,10 @@
 			*intptr = value;
 		break;
 
+	case oEnableSSHKeysign:
+		intptr = &options->enable_ssh_keysign;
+		goto parse_flag;
+
 	case oDeprecated:
 		debug("%s line %d: Deprecated option \"%s\"",
 		    filename, linenum, keyword);
@@ -792,6 +798,7 @@
 	options->preferred_authentications = NULL;
 	options->bind_address = NULL;
 	options->smartcard_device = NULL;
+	options->enable_ssh_keysign = - 1;
 	options->no_host_authentication_for_localhost = - 1;
 }
 
@@ -907,6 +914,8 @@
 		clear_forwardings(options);
 	if (options->no_host_authentication_for_localhost == - 1)
 		options->no_host_authentication_for_localhost = 0;
+	if (options->enable_ssh_keysign == -1)
+		options->enable_ssh_keysign = 0;
 	/* options->proxy_command should not be set by default */
 	/* options->user will be set in the main program if appropriate */
 	/* options->hostname will be set in the main program if appropriate */