diff options
| author | Ben Lindstrom <mouring@eviladmin.org> | 2002-11-09 16:52:31 +0100 |
|---|---|---|
| committer | Ben Lindstrom <mouring@eviladmin.org> | 2002-11-09 16:52:31 +0100 |
| commit | b6df73b06abb12772d816e64f210ad30ebaf54cb (patch) | |
| tree | b3a9026cac5d7f9213ef0685c70ef02b584d4971 /readconf.c | |
| parent | - markus@cvs.openbsd.org 2002/11/07 16:28:47 (diff) | |
| download | openssh-b6df73b06abb12772d816e64f210ad30ebaf54cb.tar.xz openssh-b6df73b06abb12772d816e64f210ad30ebaf54cb.zip | |
- markus@cvs.openbsd.org 2002/11/07 22:08:07
[readconf.c readconf.h ssh-keysign.8 ssh-keysign.c]
we cannot use HostbasedAuthentication for enabling ssh-keysign(8),
because HostbasedAuthentication might be enabled based on the
target host and ssh-keysign(8) does not know the remote hostname
and not trust ssh(1) about the hostname, so we add a new option
EnableSSHKeysign; ok djm@, report from zierke@informatik.uni-hamburg.de
Diffstat (limited to 'readconf.c')
| -rw-r--r-- | readconf.c | 11 |
1 files changed, 10 insertions, 1 deletions
diff --git a/readconf.c b/readconf.c index bae06be12..b9f1b7ddc 100644 --- a/readconf.c +++ b/readconf.c @@ -12,7 +12,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: readconf.c,v 1.100 2002/06/19 00:27:55 deraadt Exp $"); +RCSID("$OpenBSD: readconf.c,v 1.101 2002/11/07 22:08:07 markus Exp $"); #include "ssh.h" #include "xmalloc.h" @@ -114,6 +114,7 @@ typedef enum { oDynamicForward, oPreferredAuthentications, oHostbasedAuthentication, oHostKeyAlgorithms, oBindAddress, oSmartcardDevice, oClearAllForwardings, oNoHostAuthenticationForLocalhost, + oEnableSSHKeysign, oDeprecated } OpCodes; @@ -185,6 +186,7 @@ static struct { { "bindaddress", oBindAddress }, { "smartcarddevice", oSmartcardDevice }, { "clearallforwardings", oClearAllForwardings }, + { "enablesshkeysign", oEnableSSHKeysign }, { "nohostauthenticationforlocalhost", oNoHostAuthenticationForLocalhost }, { NULL, oBadOption } }; @@ -669,6 +671,10 @@ parse_int: *intptr = value; break; + case oEnableSSHKeysign: + intptr = &options->enable_ssh_keysign; + goto parse_flag; + case oDeprecated: debug("%s line %d: Deprecated option \"%s\"", filename, linenum, keyword); @@ -792,6 +798,7 @@ initialize_options(Options * options) options->preferred_authentications = NULL; options->bind_address = NULL; options->smartcard_device = NULL; + options->enable_ssh_keysign = - 1; options->no_host_authentication_for_localhost = - 1; } @@ -907,6 +914,8 @@ fill_default_options(Options * options) clear_forwardings(options); if (options->no_host_authentication_for_localhost == - 1) options->no_host_authentication_for_localhost = 0; + if (options->enable_ssh_keysign == -1) + options->enable_ssh_keysign = 0; /* options->proxy_command should not be set by default */ /* options->user will be set in the main program if appropriate */ /* options->hostname will be set in the main program if appropriate */ |