tyler.durden/openssh-portable
1
0
Fork 0
mirror of https://github.com/PowerShell/openssh-portable.git synced 2025-07-31 01:35:11 +02:00
Code Issues Packages Projects Releases Wiki Activity

- djm@cvs.openbsd.org 2010/06/22 04:22:59

Browse Source 
[servconf.c sshd_config.5]
     expose some more sshd_config options inside Match blocks:
       AuthorizedKeysFile AuthorizedPrincipalsFile
       HostbasedUsesNameFromPacketOnly PermitTunnel
     bz#1764; feedback from imorgan AT nas.nasa.gov; ok dtucker@
This commit is contained in:
Damien Miller 2010-06-26 09:38:45 +10:00
parent 495663165f
commit ab6de35140
3 changed files with 23 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
ChangeLog
View File

@ -25,6 +25,12 @@
[sftp-client.c] [sftp-client.c]
fix memory leak in do_realpath() error path; bz#1771, patch from fix memory leak in do_realpath() error path; bz#1771, patch from
anicka AT suse.cz anicka AT suse.cz
- djm@cvs.openbsd.org 2010/06/22 04:22:59
[servconf.c sshd_config.5]
expose some more sshd_config options inside Match blocks:
AuthorizedKeysFile AuthorizedPrincipalsFile
HostbasedUsesNameFromPacketOnly PermitTunnel
bz#1764; feedback from imorgan AT nas.nasa.gov; ok dtucker@
20100622 20100622
- (djm) [loginrec.c] crank LINFO_NAMESIZE (username length) to 512 - (djm) [loginrec.c] crank LINFO_NAMESIZE (username length) to 512

17
servconf.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: servconf.c,v 1.208 2010/05/07 11:30:29 djm Exp $ */ /* $OpenBSD: servconf.c,v 1.209 2010/06/22 04:22:59 djm Exp $ */
/* /*
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
* All rights reserved * All rights reserved
@ -346,7 +346,7 @@ static struct {
{ "rhostsauthentication", sDeprecated, SSHCFG_GLOBAL }, { "rhostsauthentication", sDeprecated, SSHCFG_GLOBAL },
{ "rhostsrsaauthentication", sRhostsRSAAuthentication, SSHCFG_ALL }, { "rhostsrsaauthentication", sRhostsRSAAuthentication, SSHCFG_ALL },
{ "hostbasedauthentication", sHostbasedAuthentication, SSHCFG_ALL }, { "hostbasedauthentication", sHostbasedAuthentication, SSHCFG_ALL },
{ "hostbasedusesnamefrompacketonly", sHostbasedUsesNameFromPacketOnly, SSHCFG_GLOBAL }, { "hostbasedusesnamefrompacketonly", sHostbasedUsesNameFromPacketOnly, SSHCFG_ALL },
{ "rsaauthentication", sRSAAuthentication, SSHCFG_ALL }, { "rsaauthentication", sRSAAuthentication, SSHCFG_ALL },
{ "pubkeyauthentication", sPubkeyAuthentication, SSHCFG_ALL }, { "pubkeyauthentication", sPubkeyAuthentication, SSHCFG_ALL },
{ "dsaauthentication", sPubkeyAuthentication, SSHCFG_GLOBAL }, /* alias */ { "dsaauthentication", sPubkeyAuthentication, SSHCFG_GLOBAL }, /* alias */
@ -421,11 +421,11 @@ static struct {
{ "reversemappingcheck", sDeprecated, SSHCFG_GLOBAL }, { "reversemappingcheck", sDeprecated, SSHCFG_GLOBAL },
{ "clientaliveinterval", sClientAliveInterval, SSHCFG_GLOBAL }, { "clientaliveinterval", sClientAliveInterval, SSHCFG_GLOBAL },
{ "clientalivecountmax", sClientAliveCountMax, SSHCFG_GLOBAL }, { "clientalivecountmax", sClientAliveCountMax, SSHCFG_GLOBAL },
{ "authorizedkeysfile", sAuthorizedKeysFile, SSHCFG_GLOBAL }, { "authorizedkeysfile", sAuthorizedKeysFile, SSHCFG_ALL },
{ "authorizedkeysfile2", sAuthorizedKeysFile2, SSHCFG_GLOBAL }, { "authorizedkeysfile2", sAuthorizedKeysFile2, SSHCFG_ALL },
{ "useprivilegeseparation", sUsePrivilegeSeparation, SSHCFG_GLOBAL}, { "useprivilegeseparation", sUsePrivilegeSeparation, SSHCFG_GLOBAL},
{ "acceptenv", sAcceptEnv, SSHCFG_GLOBAL }, { "acceptenv", sAcceptEnv, SSHCFG_GLOBAL },
{ "permittunnel", sPermitTunnel, SSHCFG_GLOBAL }, { "permittunnel", sPermitTunnel, SSHCFG_ALL },
{ "match", sMatch, SSHCFG_ALL }, { "match", sMatch, SSHCFG_ALL },
{ "permitopen", sPermitOpen, SSHCFG_ALL }, { "permitopen", sPermitOpen, SSHCFG_ALL },
{ "forcecommand", sForceCommand, SSHCFG_ALL }, { "forcecommand", sForceCommand, SSHCFG_ALL },
@ -433,7 +433,7 @@ static struct {
{ "hostcertificate", sHostCertificate, SSHCFG_GLOBAL }, { "hostcertificate", sHostCertificate, SSHCFG_GLOBAL },
{ "revokedkeys", sRevokedKeys, SSHCFG_ALL }, { "revokedkeys", sRevokedKeys, SSHCFG_ALL },
{ "trustedusercakeys", sTrustedUserCAKeys, SSHCFG_ALL }, { "trustedusercakeys", sTrustedUserCAKeys, SSHCFG_ALL },
{ "authorizedprincipalsfile", sAuthorizedPrincipalsFile, SSHCFG_GLOBAL }, { "authorizedprincipalsfile", sAuthorizedPrincipalsFile, SSHCFG_ALL },
{ NULL, sBadOption, 0 } { NULL, sBadOption, 0 }
}; };
@ -1446,6 +1446,7 @@ copy_set_server_options(ServerOptions *dst, ServerOptions *src, int preauth)
M_CP_INTOPT(pubkey_authentication); M_CP_INTOPT(pubkey_authentication);
M_CP_INTOPT(kerberos_authentication); M_CP_INTOPT(kerberos_authentication);
M_CP_INTOPT(hostbased_authentication); M_CP_INTOPT(hostbased_authentication);
M_CP_INTOPT(hostbased_uses_name_from_packet_only);
M_CP_INTOPT(kbd_interactive_authentication); M_CP_INTOPT(kbd_interactive_authentication);
M_CP_INTOPT(zero_knowledge_password_authentication); M_CP_INTOPT(zero_knowledge_password_authentication);
M_CP_INTOPT(permit_root_login); M_CP_INTOPT(permit_root_login);
@ -1453,6 +1454,7 @@ copy_set_server_options(ServerOptions *dst, ServerOptions *src, int preauth)
M_CP_INTOPT(allow_tcp_forwarding); M_CP_INTOPT(allow_tcp_forwarding);
M_CP_INTOPT(allow_agent_forwarding); M_CP_INTOPT(allow_agent_forwarding);
M_CP_INTOPT(permit_tun);
M_CP_INTOPT(gateway_ports); M_CP_INTOPT(gateway_ports);
M_CP_INTOPT(x11_display_offset); M_CP_INTOPT(x11_display_offset);
M_CP_INTOPT(x11_forwarding); M_CP_INTOPT(x11_forwarding);
@ -1467,6 +1469,9 @@ copy_set_server_options(ServerOptions *dst, ServerOptions *src, int preauth)
M_CP_STROPT(chroot_directory); M_CP_STROPT(chroot_directory);
M_CP_STROPT(trusted_user_ca_keys); M_CP_STROPT(trusted_user_ca_keys);
M_CP_STROPT(revoked_keys_file); M_CP_STROPT(revoked_keys_file);
M_CP_STROPT(authorized_keys_file);
M_CP_STROPT(authorized_keys_file2);
M_CP_STROPT(authorized_principals_file);
} }
#undef M_CP_INTOPT #undef M_CP_INTOPT

8
sshd_config.5
View File

@ -34,8 +34,8 @@
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
.\" .\"
.\" $OpenBSD: sshd_config.5,v 1.122 2010/05/07 12:49:17 jmc Exp $ .\" $OpenBSD: sshd_config.5,v 1.123 2010/06/22 04:22:59 djm Exp $
.Dd $Mdocdate: May 7 2010 $ .Dd $Mdocdate: June 22 2010 $
.Dt SSHD_CONFIG 5 .Dt SSHD_CONFIG 5
.Os .Os
.Sh NAME .Sh NAME
@ -644,12 +644,15 @@ keyword.
Available keywords are Available keywords are
.Cm AllowAgentForwarding , .Cm AllowAgentForwarding ,
.Cm AllowTcpForwarding , .Cm AllowTcpForwarding ,
.Cm AuthorizedKeysFile ,
.Cm AuthorizedPrincipalsFile ,
.Cm Banner , .Cm Banner ,
.Cm ChrootDirectory , .Cm ChrootDirectory ,
.Cm ForceCommand , .Cm ForceCommand ,
.Cm GatewayPorts , .Cm GatewayPorts ,
.Cm GSSAPIAuthentication , .Cm GSSAPIAuthentication ,
.Cm HostbasedAuthentication , .Cm HostbasedAuthentication ,
.Cm HostbasedUsesNameFromPacketOnly ,
.Cm KbdInteractiveAuthentication , .Cm KbdInteractiveAuthentication ,
.Cm KerberosAuthentication , .Cm KerberosAuthentication ,
.Cm MaxAuthTries , .Cm MaxAuthTries ,
@ -658,6 +661,7 @@ Available keywords are
.Cm PermitEmptyPasswords , .Cm PermitEmptyPasswords ,
.Cm PermitOpen , .Cm PermitOpen ,
.Cm PermitRootLogin , .Cm PermitRootLogin ,
.Cm PermitTunnel ,
.Cm PubkeyAuthentication , .Cm PubkeyAuthentication ,
.Cm RhostsRSAAuthentication , .Cm RhostsRSAAuthentication ,
.Cm RSAAuthentication , .Cm RSAAuthentication ,