summaryrefslogtreecommitdiff
path: root/readconf.c
diff options
context:
space:
mode:
authorDarren Tucker <dtucker@zip.com.au>2003-10-15 15:54:32 +1000
committerDarren Tucker <dtucker@zip.com.au>2003-10-15 15:54:32 +1000
commit0a118da00eff14f018a055b3c187f27aa7d78ecd (patch)
tree6904bb2738a1a8a00c545fac7d4fec7b74bee870 /readconf.c
parenta044f47679c27ca77b3ec19a6e0e148deb50a427 (diff)
- markus@cvs.openbsd.org 2003/10/11 08:24:08
[readconf.c readconf.h ssh.1 ssh.c ssh_config.5] remote x11 clients are now untrusted by default, uses xauth(8) to generate untrusted cookies; ForwardX11Trusted=yes restores old behaviour. ok deraadt; feedback and ok djm/fries
Diffstat (limited to 'readconf.c')
-rw-r--r--readconf.c12
1 files changed, 10 insertions, 2 deletions
diff --git a/readconf.c b/readconf.c
index 5a7084fe..e5f2620a 100644
--- a/readconf.c
+++ b/readconf.c
@@ -12,7 +12,7 @@
*/
#include "includes.h"
-RCSID("$OpenBSD: readconf.c,v 1.122 2003/10/08 15:21:24 markus Exp $");
+RCSID("$OpenBSD: readconf.c,v 1.123 2003/10/11 08:24:07 markus Exp $");
#include "ssh.h"
#include "xmalloc.h"
@@ -89,7 +89,7 @@ RCSID("$OpenBSD: readconf.c,v 1.122 2003/10/08 15:21:24 markus Exp $");
typedef enum {
oBadOption,
- oForwardAgent, oForwardX11, oGatewayPorts,
+ oForwardAgent, oForwardX11, oForwardX11Trusted, oGatewayPorts,
oPasswordAuthentication, oRSAAuthentication,
oChallengeResponseAuthentication, oXAuthLocation,
oIdentityFile, oHostName, oPort, oCipher, oRemoteForward, oLocalForward,
@@ -116,6 +116,7 @@ static struct {
} keywords[] = {
{ "forwardagent", oForwardAgent },
{ "forwardx11", oForwardX11 },
+ { "forwardx11trusted", oForwardX11Trusted },
{ "xauthlocation", oXAuthLocation },
{ "gatewayports", oGatewayPorts },
{ "useprivilegedport", oUsePrivilegedPort },
@@ -342,6 +343,10 @@ parse_flag:
intptr = &options->forward_x11;
goto parse_flag;
+ case oForwardX11Trusted:
+ intptr = &options->forward_x11_trusted;
+ goto parse_flag;
+
case oGatewayPorts:
intptr = &options->gateway_ports;
goto parse_flag;
@@ -806,6 +811,7 @@ initialize_options(Options * options)
memset(options, 'X', sizeof(*options));
options->forward_agent = -1;
options->forward_x11 = -1;
+ options->forward_x11_trusted = -1;
options->xauth_location = NULL;
options->gateway_ports = -1;
options->use_privileged_port = -1;
@@ -872,6 +878,8 @@ fill_default_options(Options * options)
options->forward_agent = 0;
if (options->forward_x11 == -1)
options->forward_x11 = 0;
+ if (options->forward_x11_trusted == -1)
+ options->forward_x11_trusted = 0;
if (options->xauth_location == NULL)
options->xauth_location = _PATH_XAUTH;
if (options->gateway_ports == -1)