Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / external / openssh / e275443f66aab6d46356d6940b8a8b291cab4f9e^! / . / servconf.c
commite275443f66aab6d46356d6940b8a8b291cab4f9e[log] [tgz]
authorDamien Miller <djm@mindrot.org>Mon Jul 24 14:06:47 2006 +1000
committerDamien Miller <djm@mindrot.org>Mon Jul 24 14:06:47 2006 +1000
treecd72ec0001cf412475f5348aa83c830252d0e1ce
parentd1de9950e5ae91584aa955a4f85c9c7579aa76af [diff] [blame]
   - dtucker@cvs.openbsd.org 2006/07/19 13:07:10
     [servconf.c servconf.h session.c sshd.8 sshd_config sshd_config.5]
     Add ForceCommand keyword to sshd_config, equivalent to the "command="
     key option, man page entry and example in sshd_config.
     Feedback & ok djm@, man page corrections & ok jmc@

diff --git a/servconf.c b/servconf.c
index bc457ee..e2c1d44 100644
--- a/servconf.c
+++ b/servconf.c

@@ -1,4 +1,4 @@
-/* $OpenBSD: servconf.c,v 1.157 2006/07/19 08:56:41 dtucker Exp $ */
+/* $OpenBSD: servconf.c,v 1.158 2006/07/19 13:07:10 dtucker Exp $ */
 /*
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
  *                    All rights reserved
@@ -113,6 +113,7 @@
 	options->authorized_keys_file2 = NULL;
 	options->num_accept_env = 0;
 	options->permit_tun = -1;
+	options->adm_forced_command = NULL;
 }
 
 void
@@ -282,7 +283,7 @@
 	sHostbasedUsesNameFromPacketOnly, sClientAliveInterval,
 	sClientAliveCountMax, sAuthorizedKeysFile, sAuthorizedKeysFile2,
 	sGssAuthentication, sGssCleanupCreds, sAcceptEnv, sPermitTunnel,
-	sMatch, sPermitOpen,
+	sMatch, sPermitOpen, sForceCommand,
 	sUsePrivilegeSeparation,
 	sDeprecated, sUnsupported
 } ServerOpCodes;
@@ -393,6 +394,7 @@
 	{ "permittunnel", sPermitTunnel, SSHCFG_GLOBAL },
  	{ "match", sMatch, SSHCFG_ALL },
 	{ "permitopen", sPermitOpen, SSHCFG_ALL },
+	{ "forcecommand", sForceCommand, SSHCFG_ALL },
 	{ NULL, sBadOption, 0 }
 };
 
@@ -551,6 +553,8 @@
 	return result;
 }
 
+#define WHITESPACE " \t\r\n"
+
 int
 process_server_config_line(ServerOptions *options, char *line,
     const char *filename, int linenum, int *activep, const char *user,
@@ -1173,6 +1177,15 @@
 			channel_add_adm_permitted_opens(p, port);
 		break;
 
+	case sForceCommand:
+		if (cp == NULL)
+			fatal("%.200s line %d: Missing argument.", filename,
+			    linenum);
+		len = strspn(cp, WHITESPACE);
+		if (*activep && options->adm_forced_command == NULL)
+			options->adm_forced_command = xstrdup(cp + len);
+		return 0;
+
 	case sDeprecated:
 		logit("%s line %d: Deprecated option %s",
 		    filename, linenum, arg);
@@ -1247,6 +1260,11 @@
 		dst->allow_tcp_forwarding = src->allow_tcp_forwarding;
 	if (src->gateway_ports != -1)
 		dst->gateway_ports = src->gateway_ports;
+	if (src->adm_forced_command != NULL) {
+		if (dst->adm_forced_command != NULL)
+			xfree(dst->adm_forced_command);
+		dst->adm_forced_command = src->adm_forced_command;
+	}
 	if (src->x11_display_offset != -1)
 		dst->x11_display_offset = src->x11_display_offset;
 	if (src->x11_forwarding != -1)