Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / external / openssh / bfb3a0e973214fabc1be744b8c7e4a89a0c5570c^! / . / servconf.c
commitbfb3a0e973214fabc1be744b8c7e4a89a0c5570c[log] [tgz]
authorBen Lindstrom <mouring@eviladmin.org>Tue Jun 05 20:25:05 2001 +0000
committerBen Lindstrom <mouring@eviladmin.org>Tue Jun 05 20:25:05 2001 +0000
tree8227151356ee10ae6762c42442f272b0db418973
parente2595448766a4149bbd2652830d1b086a066af13 [diff] [blame]
   - markus@cvs.openbsd.org 2001/05/20 17:20:36
     [auth-rsa.c auth.c auth.h auth2.c servconf.c servconf.h sshd.8
      sshd_config]
     configurable authorized_keys{,2} location; originally from peter@;
     ok djm@

diff --git a/servconf.c b/servconf.c
index 2d10963..e357d77 100644
--- a/servconf.c
+++ b/servconf.c

@@ -10,7 +10,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: servconf.c,v 1.81 2001/05/19 19:43:57 stevesk Exp $");
+RCSID("$OpenBSD: servconf.c,v 1.82 2001/05/20 17:20:35 markus Exp $");
 
 #ifdef KRB4
 #include <krb.h>
@@ -101,6 +101,8 @@
 	options->reverse_mapping_check = -1;
 	options->client_alive_interval = -1;
 	options->client_alive_count_max = -1;
+	options->authorized_keys_file = NULL;
+	options->authorized_keys_file2 = NULL;
 	options->pam_authentication_via_kbd_int = -1;
 }
 
@@ -208,6 +210,10 @@
 		options->client_alive_interval = 0;  
 	if (options->client_alive_count_max == -1)
 		options->client_alive_count_max = 3;
+	if (options->authorized_keys_file == NULL)
+	        options->authorized_keys_file = _PATH_SSH_USER_PERMITTED_KEYS;  
+	if (options->authorized_keys_file2 == NULL)
+	        options->authorized_keys_file2 = _PATH_SSH_USER_PERMITTED_KEYS2;
 	if (options->pam_authentication_via_kbd_int == -1)
 		options->pam_authentication_via_kbd_int = 0;
 }
@@ -235,7 +241,8 @@
 	sGatewayPorts, sPubkeyAuthentication, sXAuthLocation, sSubsystem, sMaxStartups,
 	sBanner, sReverseMappingCheck, sHostbasedAuthentication,
 	sHostbasedUsesNameFromPacketOnly, sClientAliveInterval, 
-	sClientAliveCountMax, sPAMAuthenticationViaKbdInt
+	sClientAliveCountMax, sAuthorizedKeysFile, sAuthorizedKeysFile2,
+	sPAMAuthenticationViaKbdInt
 } ServerOpCodes;
 
 /* Textual representation of the tokens. */
@@ -301,6 +308,8 @@
 	{ "reversemappingcheck", sReverseMappingCheck },
 	{ "clientaliveinterval", sClientAliveInterval },
 	{ "clientalivecountmax", sClientAliveCountMax },
+	{ "authorizedkeysfile", sAuthorizedKeysFile },
+	{ "authorizedkeysfile2", sAuthorizedKeysFile2 },
 	{ "PAMAuthenticationViaKbdInt", sPAMAuthenticationViaKbdInt },
 	{ NULL, 0 }
 };
@@ -802,6 +811,18 @@
 		case sBanner:
 			charptr = &options->banner;
 			goto parse_filename;
+		/*
+		 * These options can contain %X options expanded at
+		 * connect time, so that you can specify paths like:
+		 *
+		 * AuthorizedKeysFile	/etc/ssh_keys/%u
+		 */
+		case sAuthorizedKeysFile:
+		case sAuthorizedKeysFile2:
+			charptr = (opcode == sAuthorizedKeysFile ) ?
+			    &options->authorized_keys_file :
+			    &options->authorized_keys_file2;
+			goto parse_filename;
 
 		case sClientAliveInterval:
 			intptr = &options->client_alive_interval;