[readconf.c ssh.c readconf.h sshconnect2.c]
     Keep track of which IndentityFile options were manually supplied and which
     were default options, and don't warn if the latter are missing.
     ok markus@
This commit is contained in:
Darren Tucker 2013-04-05 11:13:08 +11:00
parent c9627cdbc6
commit 1910478c2d
5 changed files with 45 additions and 35 deletions

View File

@ -1,3 +1,11 @@
20130404
- (dtucker) OpenBSD CVS Sync
- dtucker@cvs.openbsd.org 2013/02/17 23:16:57
[readconf.c ssh.c readconf.h sshconnect2.c]
Keep track of which IndentityFile options were manually supplied and which
were default options, and don't warn if the latter are missing.
ok markus@
20130401 20130401
- (dtucker) [openbsd-compat/bsd-cygwin_util.{c,h}] Don't include windows.h - (dtucker) [openbsd-compat/bsd-cygwin_util.{c,h}] Don't include windows.h
to avoid conflicting definitions of __int64, adding the required bits. to avoid conflicting definitions of __int64, adding the required bits.

View File

@ -1,4 +1,4 @@
/* $OpenBSD: readconf.c,v 1.194 2011/09/23 07:45:05 markus Exp $ */ /* $OpenBSD: readconf.c,v 1.195 2013/02/17 23:16:57 dtucker Exp $ */
/* /*
* Author: Tatu Ylonen <ylo@cs.hut.fi> * Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@ -326,6 +326,26 @@ clear_forwardings(Options *options)
options->tun_open = SSH_TUNMODE_NO; options->tun_open = SSH_TUNMODE_NO;
} }
void
add_identity_file(Options *options, const char *dir, const char *filename,
int userprovided)
{
char *path;
if (options->num_identity_files >= SSH_MAX_IDENTITY_FILES)
fatal("Too many identity files specified (max %d)",
SSH_MAX_IDENTITY_FILES);
if (dir == NULL) /* no dir, filename is absolute */
path = xstrdup(filename);
else
(void)xasprintf(&path, "%.100s%.100s", dir, filename);
options->identity_file_userprovided[options->num_identity_files] =
userprovided;
options->identity_files[options->num_identity_files++] = path;
}
/* /*
* Returns the number of the token pointed to by cp or oBadOption. * Returns the number of the token pointed to by cp or oBadOption.
*/ */
@ -586,9 +606,7 @@ parse_yesnoask:
if (*intptr >= SSH_MAX_IDENTITY_FILES) if (*intptr >= SSH_MAX_IDENTITY_FILES)
fatal("%.200s line %d: Too many identity files specified (max %d).", fatal("%.200s line %d: Too many identity files specified (max %d).",
filename, linenum, SSH_MAX_IDENTITY_FILES); filename, linenum, SSH_MAX_IDENTITY_FILES);
charptr = &options->identity_files[*intptr]; add_identity_file(options, NULL, arg, 1);
*charptr = xstrdup(arg);
*intptr = *intptr + 1;
} }
break; break;
@ -1280,30 +1298,17 @@ fill_default_options(Options * options)
options->protocol = SSH_PROTO_2; options->protocol = SSH_PROTO_2;
if (options->num_identity_files == 0) { if (options->num_identity_files == 0) {
if (options->protocol & SSH_PROTO_1) { if (options->protocol & SSH_PROTO_1) {
len = 2 + strlen(_PATH_SSH_CLIENT_IDENTITY) + 1; add_identity_file(options, "~/",
options->identity_files[options->num_identity_files] = _PATH_SSH_CLIENT_IDENTITY, 0);
xmalloc(len);
snprintf(options->identity_files[options->num_identity_files++],
len, "~/%.100s", _PATH_SSH_CLIENT_IDENTITY);
} }
if (options->protocol & SSH_PROTO_2) { if (options->protocol & SSH_PROTO_2) {
len = 2 + strlen(_PATH_SSH_CLIENT_ID_RSA) + 1; add_identity_file(options, "~/",
options->identity_files[options->num_identity_files] = _PATH_SSH_CLIENT_ID_RSA, 0);
xmalloc(len); add_identity_file(options, "~/",
snprintf(options->identity_files[options->num_identity_files++], _PATH_SSH_CLIENT_ID_DSA, 0);
len, "~/%.100s", _PATH_SSH_CLIENT_ID_RSA);
len = 2 + strlen(_PATH_SSH_CLIENT_ID_DSA) + 1;
options->identity_files[options->num_identity_files] =
xmalloc(len);
snprintf(options->identity_files[options->num_identity_files++],
len, "~/%.100s", _PATH_SSH_CLIENT_ID_DSA);
#ifdef OPENSSL_HAS_ECC #ifdef OPENSSL_HAS_ECC
len = 2 + strlen(_PATH_SSH_CLIENT_ID_ECDSA) + 1; add_identity_file(options, "~/",
options->identity_files[options->num_identity_files] = _PATH_SSH_CLIENT_ID_ECDSA, 0);
xmalloc(len);
snprintf(options->identity_files[options->num_identity_files++],
len, "~/%.100s", _PATH_SSH_CLIENT_ID_ECDSA);
#endif #endif
} }
} }

View File

@ -1,4 +1,4 @@
/* $OpenBSD: readconf.h,v 1.91 2011/09/23 07:45:05 markus Exp $ */ /* $OpenBSD: readconf.h,v 1.92 2013/02/17 23:16:57 dtucker Exp $ */
/* /*
* Author: Tatu Ylonen <ylo@cs.hut.fi> * Author: Tatu Ylonen <ylo@cs.hut.fi>
@ -96,6 +96,7 @@ typedef struct {
int num_identity_files; /* Number of files for RSA/DSA identities. */ int num_identity_files; /* Number of files for RSA/DSA identities. */
char *identity_files[SSH_MAX_IDENTITY_FILES]; char *identity_files[SSH_MAX_IDENTITY_FILES];
int identity_file_userprovided[SSH_MAX_IDENTITY_FILES];
Key *identity_keys[SSH_MAX_IDENTITY_FILES]; Key *identity_keys[SSH_MAX_IDENTITY_FILES];
/* Local TCP/IP forward requests. */ /* Local TCP/IP forward requests. */
@ -158,5 +159,6 @@ process_config_line(Options *, const char *, char *, const char *, int, int *);
void add_local_forward(Options *, const Forward *); void add_local_forward(Options *, const Forward *);
void add_remote_forward(Options *, const Forward *); void add_remote_forward(Options *, const Forward *);
void add_identity_file(Options *, const char *, const char *, int);
#endif /* READCONF_H */ #endif /* READCONF_H */

9
ssh.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: ssh.c,v 1.370 2012/07/06 01:47:38 djm Exp $ */ /* $OpenBSD: ssh.c,v 1.371 2013/02/17 23:16:57 dtucker Exp $ */
/* /*
* Author: Tatu Ylonen <ylo@cs.hut.fi> * Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@ -405,12 +405,7 @@ main(int ac, char **av)
strerror(errno)); strerror(errno));
break; break;
} }
if (options.num_identity_files >= add_identity_file(&options, NULL, optarg, 1);
SSH_MAX_IDENTITY_FILES)
fatal("Too many identity files specified "
"(max %d)", SSH_MAX_IDENTITY_FILES);
options.identity_files[options.num_identity_files++] =
xstrdup(optarg);
break; break;
case 'I': case 'I':
#ifdef ENABLE_PKCS11 #ifdef ENABLE_PKCS11

View File

@ -1,4 +1,4 @@
/* $OpenBSD: sshconnect2.c,v 1.191 2013/02/15 00:21:01 dtucker Exp $ */ /* $OpenBSD: sshconnect2.c,v 1.192 2013/02/17 23:16:57 dtucker Exp $ */
/* /*
* Copyright (c) 2000 Markus Friedl. All rights reserved. * Copyright (c) 2000 Markus Friedl. All rights reserved.
* Copyright (c) 2008 Damien Miller. All rights reserved. * Copyright (c) 2008 Damien Miller. All rights reserved.
@ -1384,7 +1384,7 @@ pubkey_prepare(Authctxt *authctxt)
id = xcalloc(1, sizeof(*id)); id = xcalloc(1, sizeof(*id));
id->key = key; id->key = key;
id->filename = xstrdup(options.identity_files[i]); id->filename = xstrdup(options.identity_files[i]);
id->userprovided = 1; id->userprovided = options.identity_file_userprovided[i];
TAILQ_INSERT_TAIL(&files, id, next); TAILQ_INSERT_TAIL(&files, id, next);
} }
/* Prefer PKCS11 keys that are explicitly listed */ /* Prefer PKCS11 keys that are explicitly listed */