- djm@cvs.openbsd.org 2005/03/01 10:40:27
[hostfile.c hostfile.h readconf.c readconf.h ssh.1 ssh_config.5]
[sshconnect.c sshd.8]
add support for hashing host names and addresses added to known_hosts
files, to improve privacy of which hosts user have been visiting; ok
markus@ deraadt@
diff --git a/readconf.c b/readconf.c
index c3dc71e..e50a422 100644
--- a/readconf.c
+++ b/readconf.c
@@ -12,7 +12,7 @@
*/
#include "includes.h"
-RCSID("$OpenBSD: readconf.c,v 1.135 2005/03/01 10:09:52 djm Exp $");
+RCSID("$OpenBSD: readconf.c,v 1.136 2005/03/01 10:40:26 djm Exp $");
#include "ssh.h"
#include "xmalloc.h"
@@ -106,7 +106,7 @@
oEnableSSHKeysign, oRekeyLimit, oVerifyHostKeyDNS, oConnectTimeout,
oAddressFamily, oGssAuthentication, oGssDelegateCreds,
oServerAliveInterval, oServerAliveCountMax, oIdentitiesOnly,
- oSendEnv, oControlPath, oControlMaster,
+ oSendEnv, oControlPath, oControlMaster, oHashKnownHosts,
oDeprecated, oUnsupported
} OpCodes;
@@ -197,6 +197,7 @@
{ "sendenv", oSendEnv },
{ "controlpath", oControlPath },
{ "controlmaster", oControlMaster },
+ { "hashknownhosts", oHashKnownHosts },
{ NULL, oBadOption }
};
@@ -790,6 +791,10 @@
intptr = &options->control_master;
goto parse_yesnoask;
+ case oHashKnownHosts:
+ intptr = &options->hash_known_hosts;
+ goto parse_flag;
+
case oDeprecated:
debug("%s line %d: Deprecated option \"%s\"",
filename, linenum, keyword);
@@ -933,6 +938,7 @@
options->num_send_env = 0;
options->control_path = NULL;
options->control_master = -1;
+ options->hash_known_hosts = -1;
}
/*
@@ -1055,6 +1061,8 @@
options->server_alive_count_max = 3;
if (options->control_master == -1)
options->control_master = 0;
+ if (options->hash_known_hosts == -1)
+ options->hash_known_hosts = 0;
/* options->proxy_command should not be set by default */
/* options->user will be set in the main program if appropriate */
/* options->hostname will be set in the main program if appropriate */