summaryrefslogtreecommitdiff
path: root/readconf.c
diff options
context:
space:
mode:
authorBen Lindstrom <mouring@eviladmin.org>2002-11-09 15:52:31 +0000
committerBen Lindstrom <mouring@eviladmin.org>2002-11-09 15:52:31 +0000
commitb6df73b06abb12772d816e64f210ad30ebaf54cb (patch)
treeb3a9026cac5d7f9213ef0685c70ef02b584d4971 /readconf.c
parentc2faa4a504188d8fdf27467fca136f69e451fc27 (diff)
- markus@cvs.openbsd.org 2002/11/07 22:08:07
[readconf.c readconf.h ssh-keysign.8 ssh-keysign.c] we cannot use HostbasedAuthentication for enabling ssh-keysign(8), because HostbasedAuthentication might be enabled based on the target host and ssh-keysign(8) does not know the remote hostname and not trust ssh(1) about the hostname, so we add a new option EnableSSHKeysign; ok djm@, report from zierke@informatik.uni-hamburg.de
Diffstat (limited to 'readconf.c')
-rw-r--r--readconf.c11
1 files changed, 10 insertions, 1 deletions
diff --git a/readconf.c b/readconf.c
index bae06be1..b9f1b7dd 100644
--- a/readconf.c
+++ b/readconf.c
@@ -12,7 +12,7 @@
*/
#include "includes.h"
-RCSID("$OpenBSD: readconf.c,v 1.100 2002/06/19 00:27:55 deraadt Exp $");
+RCSID("$OpenBSD: readconf.c,v 1.101 2002/11/07 22:08:07 markus Exp $");
#include "ssh.h"
#include "xmalloc.h"
@@ -114,6 +114,7 @@ typedef enum {
oDynamicForward, oPreferredAuthentications, oHostbasedAuthentication,
oHostKeyAlgorithms, oBindAddress, oSmartcardDevice,
oClearAllForwardings, oNoHostAuthenticationForLocalhost,
+ oEnableSSHKeysign,
oDeprecated
} OpCodes;
@@ -185,6 +186,7 @@ static struct {
{ "bindaddress", oBindAddress },
{ "smartcarddevice", oSmartcardDevice },
{ "clearallforwardings", oClearAllForwardings },
+ { "enablesshkeysign", oEnableSSHKeysign },
{ "nohostauthenticationforlocalhost", oNoHostAuthenticationForLocalhost },
{ NULL, oBadOption }
};
@@ -669,6 +671,10 @@ parse_int:
*intptr = value;
break;
+ case oEnableSSHKeysign:
+ intptr = &options->enable_ssh_keysign;
+ goto parse_flag;
+
case oDeprecated:
debug("%s line %d: Deprecated option \"%s\"",
filename, linenum, keyword);
@@ -792,6 +798,7 @@ initialize_options(Options * options)
options->preferred_authentications = NULL;
options->bind_address = NULL;
options->smartcard_device = NULL;
+ options->enable_ssh_keysign = - 1;
options->no_host_authentication_for_localhost = - 1;
}
@@ -907,6 +914,8 @@ fill_default_options(Options * options)
clear_forwardings(options);
if (options->no_host_authentication_for_localhost == - 1)
options->no_host_authentication_for_localhost = 0;
+ if (options->enable_ssh_keysign == -1)
+ options->enable_ssh_keysign = 0;
/* options->proxy_command should not be set by default */
/* options->user will be set in the main program if appropriate */
/* options->hostname will be set in the main program if appropriate */