Changeset View
Changeset View
Standalone View
Standalone View
crypto/openssh/servconf.c
/* $OpenBSD: servconf.c,v 1.350 2019/03/25 22:33:44 djm Exp $ */ | /* $OpenBSD: servconf.c,v 1.350 2019/03/25 22:33:44 djm Exp $ */ | ||||
/* | /* | ||||
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | ||||
* All rights reserved | * All rights reserved | ||||
* | * | ||||
* As far as I am concerned, the code I have written for this software | * As far as I am concerned, the code I have written for this software | ||||
* can be used freely for any purpose. Any derived versions of this | * can be used freely for any purpose. Any derived versions of this | ||||
* software must be clearly marked as such, and if the derived work is | * software must be clearly marked as such, and if the derived work is | ||||
* incompatible with the protocol description in the RFC file, it must be | * incompatible with the protocol description in the RFC file, it must be | ||||
* called by a name other than "ssh" or "Secure Shell". | * called by a name other than "ssh" or "Secure Shell". | ||||
*/ | */ | ||||
#include "includes.h" | #include "includes.h" | ||||
__RCSID("$FreeBSD$"); | |||||
#include <sys/types.h> | #include <sys/types.h> | ||||
#include <sys/socket.h> | #include <sys/socket.h> | ||||
#ifdef HAVE_SYS_SYSCTL_H | #ifdef HAVE_SYS_SYSCTL_H | ||||
#include <sys/sysctl.h> | #include <sys/sysctl.h> | ||||
#endif | #endif | ||||
#include <netinet/in.h> | #include <netinet/in.h> | ||||
Show All 36 Lines | |||||
#include "groupaccess.h" | #include "groupaccess.h" | ||||
#include "canohost.h" | #include "canohost.h" | ||||
#include "packet.h" | #include "packet.h" | ||||
#include "ssherr.h" | #include "ssherr.h" | ||||
#include "hostfile.h" | #include "hostfile.h" | ||||
#include "auth.h" | #include "auth.h" | ||||
#include "myproposal.h" | #include "myproposal.h" | ||||
#include "digest.h" | #include "digest.h" | ||||
#include "version.h" | |||||
static void add_listen_addr(ServerOptions *, const char *, | static void add_listen_addr(ServerOptions *, const char *, | ||||
const char *, int); | const char *, int); | ||||
static void add_one_listen_addr(ServerOptions *, const char *, | static void add_one_listen_addr(ServerOptions *, const char *, | ||||
const char *, int); | const char *, int); | ||||
/* Use of privilege separation or not */ | /* Use of privilege separation or not */ | ||||
extern int use_privsep; | extern int use_privsep; | ||||
▲ Show 20 Lines • Show All 100 Lines • ▼ Show 20 Lines | initialize_server_options(ServerOptions *options) | ||||
options->authorized_principals_command = NULL; | options->authorized_principals_command = NULL; | ||||
options->authorized_principals_command_user = NULL; | options->authorized_principals_command_user = NULL; | ||||
options->ip_qos_interactive = -1; | options->ip_qos_interactive = -1; | ||||
options->ip_qos_bulk = -1; | options->ip_qos_bulk = -1; | ||||
options->version_addendum = NULL; | options->version_addendum = NULL; | ||||
options->fingerprint_hash = -1; | options->fingerprint_hash = -1; | ||||
options->disable_forwarding = -1; | options->disable_forwarding = -1; | ||||
options->expose_userauth_info = -1; | options->expose_userauth_info = -1; | ||||
options->use_blacklist = -1; | |||||
} | } | ||||
/* Returns 1 if a string option is unset or set to "none" or 0 otherwise. */ | /* Returns 1 if a string option is unset or set to "none" or 0 otherwise. */ | ||||
static int | static int | ||||
option_clear_or_none(const char *o) | option_clear_or_none(const char *o) | ||||
{ | { | ||||
return o == NULL || strcasecmp(o, "none") == 0; | return o == NULL || strcasecmp(o, "none") == 0; | ||||
} | } | ||||
▲ Show 20 Lines • Show All 50 Lines • ▼ Show 20 Lines | |||||
static void | static void | ||||
array_append(const char *file, const int line, const char *directive, | array_append(const char *file, const int line, const char *directive, | ||||
char ***array, u_int *lp, const char *s) | char ***array, u_int *lp, const char *s) | ||||
{ | { | ||||
array_append2(file, line, directive, array, NULL, lp, s, 0); | array_append2(file, line, directive, array, NULL, lp, s, 0); | ||||
} | } | ||||
static const char *defaultkey = "[default]"; | |||||
void | void | ||||
servconf_add_hostkey(const char *file, const int line, | servconf_add_hostkey(const char *file, const int line, | ||||
ServerOptions *options, const char *path, int userprovided) | ServerOptions *options, const char *path, int userprovided) | ||||
{ | { | ||||
char *apath = derelativise_path(path); | char *apath = derelativise_path(path); | ||||
if (file == defaultkey && access(path, R_OK) != 0) | |||||
return; | |||||
array_append2(file, line, "HostKey", | array_append2(file, line, "HostKey", | ||||
&options->host_key_files, &options->host_key_file_userprovided, | &options->host_key_files, &options->host_key_file_userprovided, | ||||
&options->num_host_key_files, apath, userprovided); | &options->num_host_key_files, apath, userprovided); | ||||
free(apath); | free(apath); | ||||
} | } | ||||
void | void | ||||
servconf_add_hostcert(const char *file, const int line, | servconf_add_hostcert(const char *file, const int line, | ||||
ServerOptions *options, const char *path) | ServerOptions *options, const char *path) | ||||
{ | { | ||||
char *apath = derelativise_path(path); | char *apath = derelativise_path(path); | ||||
array_append(file, line, "HostCertificate", | array_append(file, line, "HostCertificate", | ||||
&options->host_cert_files, &options->num_host_cert_files, apath); | &options->host_cert_files, &options->num_host_cert_files, apath); | ||||
free(apath); | free(apath); | ||||
} | } | ||||
void | void | ||||
fill_default_server_options(ServerOptions *options) | fill_default_server_options(ServerOptions *options) | ||||
{ | { | ||||
u_int i; | u_int i; | ||||
/* Portable-specific options */ | /* Portable-specific options */ | ||||
if (options->use_pam == -1) | if (options->use_pam == -1) | ||||
options->use_pam = 0; | options->use_pam = 1; | ||||
/* Standard Options */ | /* Standard Options */ | ||||
if (options->num_host_key_files == 0) { | if (options->num_host_key_files == 0) { | ||||
/* fill default hostkeys for protocols */ | /* fill default hostkeys for protocols */ | ||||
servconf_add_hostkey("[default]", 0, options, | servconf_add_hostkey(defaultkey, 0, options, | ||||
_PATH_HOST_RSA_KEY_FILE, 0); | _PATH_HOST_RSA_KEY_FILE, 0); | ||||
servconf_add_hostkey(defaultkey, 0, options, | |||||
_PATH_HOST_DSA_KEY_FILE, 0); | |||||
emaste: hmm
| |||||
#ifdef OPENSSL_HAS_ECC | #ifdef OPENSSL_HAS_ECC | ||||
servconf_add_hostkey("[default]", 0, options, | servconf_add_hostkey(defaultkey, 0, options, | ||||
_PATH_HOST_ECDSA_KEY_FILE, 0); | _PATH_HOST_ECDSA_KEY_FILE, 0); | ||||
#endif | #endif | ||||
servconf_add_hostkey("[default]", 0, options, | servconf_add_hostkey(defaultkey, 0, options, | ||||
_PATH_HOST_ED25519_KEY_FILE, 0); | _PATH_HOST_ED25519_KEY_FILE, 0); | ||||
#ifdef WITH_XMSS | #ifdef WITH_XMSS | ||||
servconf_add_hostkey("[default]", 0, options, | servconf_add_hostkey(defaultkey, 0, options, | ||||
_PATH_HOST_XMSS_KEY_FILE, 0); | _PATH_HOST_XMSS_KEY_FILE, 0); | ||||
#endif /* WITH_XMSS */ | #endif /* WITH_XMSS */ | ||||
} | } | ||||
if (options->num_host_key_files == 0) | |||||
fatal("No host key files found"); | |||||
emasteAuthorUnsubmitted Done Inline Actionsthis seems like a reasonable fix for upstream? emaste: this seems like a reasonable fix for upstream? | |||||
/* No certificates by default */ | /* No certificates by default */ | ||||
if (options->num_ports == 0) | if (options->num_ports == 0) | ||||
options->ports[options->num_ports++] = SSH_DEFAULT_PORT; | options->ports[options->num_ports++] = SSH_DEFAULT_PORT; | ||||
if (options->address_family == -1) | if (options->address_family == -1) | ||||
options->address_family = AF_UNSPEC; | options->address_family = AF_UNSPEC; | ||||
if (options->listen_addrs == NULL) | if (options->listen_addrs == NULL) | ||||
add_listen_addr(options, NULL, NULL, 0); | add_listen_addr(options, NULL, NULL, 0); | ||||
if (options->pid_file == NULL) | if (options->pid_file == NULL) | ||||
options->pid_file = xstrdup(_PATH_SSH_DAEMON_PID_FILE); | options->pid_file = xstrdup(_PATH_SSH_DAEMON_PID_FILE); | ||||
if (options->login_grace_time == -1) | if (options->login_grace_time == -1) | ||||
options->login_grace_time = 120; | options->login_grace_time = 120; | ||||
if (options->permit_root_login == PERMIT_NOT_SET) | if (options->permit_root_login == PERMIT_NOT_SET) | ||||
options->permit_root_login = PERMIT_NO_PASSWD; | options->permit_root_login = PERMIT_NO; | ||||
if (options->ignore_rhosts == -1) | if (options->ignore_rhosts == -1) | ||||
options->ignore_rhosts = 1; | options->ignore_rhosts = 1; | ||||
if (options->ignore_user_known_hosts == -1) | if (options->ignore_user_known_hosts == -1) | ||||
options->ignore_user_known_hosts = 0; | options->ignore_user_known_hosts = 0; | ||||
if (options->print_motd == -1) | if (options->print_motd == -1) | ||||
options->print_motd = 1; | options->print_motd = 1; | ||||
if (options->print_lastlog == -1) | if (options->print_lastlog == -1) | ||||
options->print_lastlog = 1; | options->print_lastlog = 1; | ||||
if (options->x11_forwarding == -1) | if (options->x11_forwarding == -1) | ||||
options->x11_forwarding = 0; | options->x11_forwarding = 1; | ||||
if (options->x11_display_offset == -1) | if (options->x11_display_offset == -1) | ||||
options->x11_display_offset = 10; | options->x11_display_offset = 10; | ||||
if (options->x11_use_localhost == -1) | if (options->x11_use_localhost == -1) | ||||
options->x11_use_localhost = 1; | options->x11_use_localhost = 1; | ||||
if (options->xauth_location == NULL) | if (options->xauth_location == NULL) | ||||
options->xauth_location = xstrdup(_PATH_XAUTH); | options->xauth_location = xstrdup(_PATH_XAUTH); | ||||
if (options->permit_tty == -1) | if (options->permit_tty == -1) | ||||
options->permit_tty = 1; | options->permit_tty = 1; | ||||
Show All 23 Lines | if (options->kerberos_get_afs_token == -1) | ||||
options->kerberos_get_afs_token = 0; | options->kerberos_get_afs_token = 0; | ||||
if (options->gss_authentication == -1) | if (options->gss_authentication == -1) | ||||
options->gss_authentication = 0; | options->gss_authentication = 0; | ||||
if (options->gss_cleanup_creds == -1) | if (options->gss_cleanup_creds == -1) | ||||
options->gss_cleanup_creds = 1; | options->gss_cleanup_creds = 1; | ||||
if (options->gss_strict_acceptor == -1) | if (options->gss_strict_acceptor == -1) | ||||
options->gss_strict_acceptor = 1; | options->gss_strict_acceptor = 1; | ||||
if (options->password_authentication == -1) | if (options->password_authentication == -1) | ||||
options->password_authentication = 1; | options->password_authentication = 0; | ||||
if (options->kbd_interactive_authentication == -1) | if (options->kbd_interactive_authentication == -1) | ||||
options->kbd_interactive_authentication = 0; | options->kbd_interactive_authentication = 0; | ||||
if (options->challenge_response_authentication == -1) | if (options->challenge_response_authentication == -1) | ||||
options->challenge_response_authentication = 1; | options->challenge_response_authentication = 1; | ||||
if (options->permit_empty_passwd == -1) | if (options->permit_empty_passwd == -1) | ||||
options->permit_empty_passwd = 0; | options->permit_empty_passwd = 0; | ||||
if (options->permit_user_env == -1) { | if (options->permit_user_env == -1) { | ||||
options->permit_user_env = 0; | options->permit_user_env = 0; | ||||
Show All 19 Lines | if (options->max_startups_rate == -1) | ||||
options->max_startups_rate = 30; /* 30% */ | options->max_startups_rate = 30; /* 30% */ | ||||
if (options->max_startups_begin == -1) | if (options->max_startups_begin == -1) | ||||
options->max_startups_begin = 10; | options->max_startups_begin = 10; | ||||
if (options->max_authtries == -1) | if (options->max_authtries == -1) | ||||
options->max_authtries = DEFAULT_AUTH_FAIL_MAX; | options->max_authtries = DEFAULT_AUTH_FAIL_MAX; | ||||
if (options->max_sessions == -1) | if (options->max_sessions == -1) | ||||
options->max_sessions = DEFAULT_SESSIONS_MAX; | options->max_sessions = DEFAULT_SESSIONS_MAX; | ||||
if (options->use_dns == -1) | if (options->use_dns == -1) | ||||
options->use_dns = 0; | options->use_dns = 1; | ||||
if (options->client_alive_interval == -1) | if (options->client_alive_interval == -1) | ||||
options->client_alive_interval = 0; | options->client_alive_interval = 0; | ||||
if (options->client_alive_count_max == -1) | if (options->client_alive_count_max == -1) | ||||
options->client_alive_count_max = 3; | options->client_alive_count_max = 3; | ||||
if (options->num_authkeys_files == 0) { | if (options->num_authkeys_files == 0) { | ||||
array_append("[default]", 0, "AuthorizedKeysFiles", | array_append(defaultkey, 0, "AuthorizedKeysFiles", | ||||
&options->authorized_keys_files, | &options->authorized_keys_files, | ||||
&options->num_authkeys_files, | &options->num_authkeys_files, | ||||
_PATH_SSH_USER_PERMITTED_KEYS); | _PATH_SSH_USER_PERMITTED_KEYS); | ||||
array_append("[default]", 0, "AuthorizedKeysFiles", | array_append(defaultkey, 0, "AuthorizedKeysFiles", | ||||
&options->authorized_keys_files, | &options->authorized_keys_files, | ||||
&options->num_authkeys_files, | &options->num_authkeys_files, | ||||
_PATH_SSH_USER_PERMITTED_KEYS2); | _PATH_SSH_USER_PERMITTED_KEYS2); | ||||
} | } | ||||
if (options->permit_tun == -1) | if (options->permit_tun == -1) | ||||
options->permit_tun = SSH_TUNMODE_NO; | options->permit_tun = SSH_TUNMODE_NO; | ||||
if (options->ip_qos_interactive == -1) | if (options->ip_qos_interactive == -1) | ||||
options->ip_qos_interactive = IPTOS_DSCP_AF21; | options->ip_qos_interactive = IPTOS_DSCP_AF21; | ||||
if (options->ip_qos_bulk == -1) | if (options->ip_qos_bulk == -1) | ||||
options->ip_qos_bulk = IPTOS_DSCP_CS1; | options->ip_qos_bulk = IPTOS_DSCP_CS1; | ||||
if (options->version_addendum == NULL) | if (options->version_addendum == NULL) | ||||
options->version_addendum = xstrdup(""); | options->version_addendum = xstrdup(SSH_VERSION_FREEBSD); | ||||
if (options->fwd_opts.streamlocal_bind_mask == (mode_t)-1) | if (options->fwd_opts.streamlocal_bind_mask == (mode_t)-1) | ||||
options->fwd_opts.streamlocal_bind_mask = 0177; | options->fwd_opts.streamlocal_bind_mask = 0177; | ||||
if (options->fwd_opts.streamlocal_bind_unlink == -1) | if (options->fwd_opts.streamlocal_bind_unlink == -1) | ||||
options->fwd_opts.streamlocal_bind_unlink = 0; | options->fwd_opts.streamlocal_bind_unlink = 0; | ||||
if (options->fingerprint_hash == -1) | if (options->fingerprint_hash == -1) | ||||
options->fingerprint_hash = SSH_FP_HASH_DEFAULT; | options->fingerprint_hash = SSH_FP_HASH_DEFAULT; | ||||
if (options->disable_forwarding == -1) | if (options->disable_forwarding == -1) | ||||
options->disable_forwarding = 0; | options->disable_forwarding = 0; | ||||
if (options->expose_userauth_info == -1) | if (options->expose_userauth_info == -1) | ||||
options->expose_userauth_info = 0; | options->expose_userauth_info = 0; | ||||
if (options->use_blacklist == -1) | |||||
options->use_blacklist = 0; | |||||
assemble_algorithms(options); | assemble_algorithms(options); | ||||
/* Turn privilege separation and sandboxing on by default */ | /* Turn privilege separation and sandboxing on by default */ | ||||
if (use_privsep == -1) | if (use_privsep == -1) | ||||
use_privsep = PRIVSEP_ON; | use_privsep = PRIVSEP_ON; | ||||
#define CLEAR_ON_NONE(v) \ | #define CLEAR_ON_NONE(v) \ | ||||
▲ Show 20 Lines • Show All 69 Lines • ▼ Show 20 Lines | typedef enum { | ||||
sRevokedKeys, sTrustedUserCAKeys, sAuthorizedPrincipalsFile, | sRevokedKeys, sTrustedUserCAKeys, sAuthorizedPrincipalsFile, | ||||
sAuthorizedPrincipalsCommand, sAuthorizedPrincipalsCommandUser, | sAuthorizedPrincipalsCommand, sAuthorizedPrincipalsCommandUser, | ||||
sKexAlgorithms, sCASignatureAlgorithms, sIPQoS, sVersionAddendum, | sKexAlgorithms, sCASignatureAlgorithms, sIPQoS, sVersionAddendum, | ||||
sAuthorizedKeysCommand, sAuthorizedKeysCommandUser, | sAuthorizedKeysCommand, sAuthorizedKeysCommandUser, | ||||
sAuthenticationMethods, sHostKeyAgent, sPermitUserRC, | sAuthenticationMethods, sHostKeyAgent, sPermitUserRC, | ||||
sStreamLocalBindMask, sStreamLocalBindUnlink, | sStreamLocalBindMask, sStreamLocalBindUnlink, | ||||
sAllowStreamLocalForwarding, sFingerprintHash, sDisableForwarding, | sAllowStreamLocalForwarding, sFingerprintHash, sDisableForwarding, | ||||
sExposeAuthInfo, sRDomain, | sExposeAuthInfo, sRDomain, | ||||
sUseBlacklist, | |||||
sDeprecated, sIgnore, sUnsupported | sDeprecated, sIgnore, sUnsupported | ||||
} ServerOpCodes; | } ServerOpCodes; | ||||
#define SSHCFG_GLOBAL 0x01 /* allowed in main section of sshd_config */ | #define SSHCFG_GLOBAL 0x01 /* allowed in main section of sshd_config */ | ||||
#define SSHCFG_MATCH 0x02 /* allowed inside a Match section */ | #define SSHCFG_MATCH 0x02 /* allowed inside a Match section */ | ||||
#define SSHCFG_ALL (SSHCFG_GLOBAL|SSHCFG_MATCH) | #define SSHCFG_ALL (SSHCFG_GLOBAL|SSHCFG_MATCH) | ||||
/* Textual representation of the tokens. */ | /* Textual representation of the tokens. */ | ||||
▲ Show 20 Lines • Show All 132 Lines • ▼ Show 20 Lines | #endif | ||||
{ "streamlocalbindmask", sStreamLocalBindMask, SSHCFG_ALL }, | { "streamlocalbindmask", sStreamLocalBindMask, SSHCFG_ALL }, | ||||
{ "streamlocalbindunlink", sStreamLocalBindUnlink, SSHCFG_ALL }, | { "streamlocalbindunlink", sStreamLocalBindUnlink, SSHCFG_ALL }, | ||||
{ "allowstreamlocalforwarding", sAllowStreamLocalForwarding, SSHCFG_ALL }, | { "allowstreamlocalforwarding", sAllowStreamLocalForwarding, SSHCFG_ALL }, | ||||
{ "fingerprinthash", sFingerprintHash, SSHCFG_GLOBAL }, | { "fingerprinthash", sFingerprintHash, SSHCFG_GLOBAL }, | ||||
{ "disableforwarding", sDisableForwarding, SSHCFG_ALL }, | { "disableforwarding", sDisableForwarding, SSHCFG_ALL }, | ||||
{ "exposeauthinfo", sExposeAuthInfo, SSHCFG_ALL }, | { "exposeauthinfo", sExposeAuthInfo, SSHCFG_ALL }, | ||||
{ "rdomain", sRDomain, SSHCFG_ALL }, | { "rdomain", sRDomain, SSHCFG_ALL }, | ||||
{ "casignaturealgorithms", sCASignatureAlgorithms, SSHCFG_ALL }, | { "casignaturealgorithms", sCASignatureAlgorithms, SSHCFG_ALL }, | ||||
{ "useblacklist", sUseBlacklist, SSHCFG_GLOBAL }, | |||||
{ "noneenabled", sUnsupported, SSHCFG_ALL }, | |||||
{ "hpndisabled", sDeprecated, SSHCFG_ALL }, | |||||
{ "hpnbuffersize", sDeprecated, SSHCFG_ALL }, | |||||
{ "tcprcvbufpoll", sDeprecated, SSHCFG_ALL }, | |||||
{ NULL, sBadOption, 0 } | { NULL, sBadOption, 0 } | ||||
}; | }; | ||||
static struct { | static struct { | ||||
int val; | int val; | ||||
char *text; | char *text; | ||||
} tunmode_desc[] = { | } tunmode_desc[] = { | ||||
{ SSH_TUNMODE_NO, "no" }, | { SSH_TUNMODE_NO, "no" }, | ||||
▲ Show 20 Lines • Show All 1,493 Lines • ▼ Show 20 Lines | case sRDomain: | ||||
if (strcasecmp(arg, "none") != 0 && strcmp(arg, "%D") != 0 && | if (strcasecmp(arg, "none") != 0 && strcmp(arg, "%D") != 0 && | ||||
!valid_rdomain(arg)) | !valid_rdomain(arg)) | ||||
fatal("%s line %d: bad routing domain", | fatal("%s line %d: bad routing domain", | ||||
filename, linenum); | filename, linenum); | ||||
if (*activep && *charptr == NULL) | if (*activep && *charptr == NULL) | ||||
*charptr = xstrdup(arg); | *charptr = xstrdup(arg); | ||||
break; | break; | ||||
case sUseBlacklist: | |||||
intptr = &options->use_blacklist; | |||||
goto parse_flag; | |||||
case sDeprecated: | case sDeprecated: | ||||
case sIgnore: | case sIgnore: | ||||
case sUnsupported: | case sUnsupported: | ||||
do_log2(opcode == sIgnore ? | do_log2(opcode == sIgnore ? | ||||
SYSLOG_LEVEL_DEBUG2 : SYSLOG_LEVEL_INFO, | SYSLOG_LEVEL_DEBUG2 : SYSLOG_LEVEL_INFO, | ||||
"%s line %d: %s option %s", filename, linenum, | "%s line %d: %s option %s", filename, linenum, | ||||
opcode == sUnsupported ? "Unsupported" : "Deprecated", arg); | opcode == sUnsupported ? "Unsupported" : "Deprecated", arg); | ||||
while (arg) | while (arg) | ||||
▲ Show 20 Lines • Show All 423 Lines • ▼ Show 20 Lines | #endif | ||||
dump_cfg_fmtint(sUseDNS, o->use_dns); | dump_cfg_fmtint(sUseDNS, o->use_dns); | ||||
dump_cfg_fmtint(sAllowTcpForwarding, o->allow_tcp_forwarding); | dump_cfg_fmtint(sAllowTcpForwarding, o->allow_tcp_forwarding); | ||||
dump_cfg_fmtint(sAllowAgentForwarding, o->allow_agent_forwarding); | dump_cfg_fmtint(sAllowAgentForwarding, o->allow_agent_forwarding); | ||||
dump_cfg_fmtint(sDisableForwarding, o->disable_forwarding); | dump_cfg_fmtint(sDisableForwarding, o->disable_forwarding); | ||||
dump_cfg_fmtint(sAllowStreamLocalForwarding, o->allow_streamlocal_forwarding); | dump_cfg_fmtint(sAllowStreamLocalForwarding, o->allow_streamlocal_forwarding); | ||||
dump_cfg_fmtint(sStreamLocalBindUnlink, o->fwd_opts.streamlocal_bind_unlink); | dump_cfg_fmtint(sStreamLocalBindUnlink, o->fwd_opts.streamlocal_bind_unlink); | ||||
dump_cfg_fmtint(sFingerprintHash, o->fingerprint_hash); | dump_cfg_fmtint(sFingerprintHash, o->fingerprint_hash); | ||||
dump_cfg_fmtint(sExposeAuthInfo, o->expose_userauth_info); | dump_cfg_fmtint(sExposeAuthInfo, o->expose_userauth_info); | ||||
dump_cfg_fmtint(sUseBlacklist, o->use_blacklist); | |||||
/* string arguments */ | /* string arguments */ | ||||
dump_cfg_string(sPidFile, o->pid_file); | dump_cfg_string(sPidFile, o->pid_file); | ||||
dump_cfg_string(sXAuthLocation, o->xauth_location); | dump_cfg_string(sXAuthLocation, o->xauth_location); | ||||
dump_cfg_string(sCiphers, o->ciphers ? o->ciphers : KEX_SERVER_ENCRYPT); | dump_cfg_string(sCiphers, o->ciphers ? o->ciphers : KEX_SERVER_ENCRYPT); | ||||
dump_cfg_string(sMacs, o->macs ? o->macs : KEX_SERVER_MAC); | dump_cfg_string(sMacs, o->macs ? o->macs : KEX_SERVER_MAC); | ||||
dump_cfg_string(sBanner, o->banner); | dump_cfg_string(sBanner, o->banner); | ||||
dump_cfg_string(sForceCommand, o->adm_forced_command); | dump_cfg_string(sForceCommand, o->adm_forced_command); | ||||
▲ Show 20 Lines • Show All 92 Lines • Show Last 20 Lines |
hmm