diff options
| author | Dag-Erling Smørgrav <des@FreeBSD.org> | 2002-06-27 22:31:32 +0000 |
|---|---|---|
| committer | Dag-Erling Smørgrav <des@FreeBSD.org> | 2002-06-27 22:31:32 +0000 |
| commit | 83d2307d00b1f24dddf918c6651fb440d6863bf9 (patch) | |
| tree | d93e4bc5fc0a9a5e99878bd93a4d51c873c1a43e /crypto/openssh/servconf.c | |
| parent | 545d5eca429a5967b3300cb527d49cae8184e79f (diff) | |
| download | src-83d2307d00b1f24dddf918c6651fb440d6863bf9.tar.gz src-83d2307d00b1f24dddf918c6651fb440d6863bf9.zip | |
Vendor import of OpenSSH 3.3p1.
Notes
Notes:
svn path=/vendor-crypto/openssh/dist/; revision=98937
Diffstat (limited to 'crypto/openssh/servconf.c')
| -rw-r--r-- | crypto/openssh/servconf.c | 43 |
1 files changed, 42 insertions, 1 deletions
diff --git a/crypto/openssh/servconf.c b/crypto/openssh/servconf.c index 3537e924d132..fb6332c31b69 100644 --- a/crypto/openssh/servconf.c +++ b/crypto/openssh/servconf.c @@ -12,8 +12,17 @@ #include "includes.h" RCSID("$OpenBSD: servconf.c,v 1.111 2002/06/20 23:05:55 markus Exp $"); -#if defined(KRB4) || defined(KRB5) +#if defined(KRB4) +#include <krb.h> +#endif +#if defined(KRB5) +#ifdef HEIMDAL #include <krb.h> +#else +/* Bodge - but then, so is using the kerberos IV KEYFILE to get a Kerberos V + * keytab */ +#define KEYFILE "/etc/krb5.keytab" +#endif #endif #ifdef AFS #include <kafs.h> @@ -45,6 +54,11 @@ void initialize_server_options(ServerOptions *options) { memset(options, 0, sizeof(*options)); + + /* Portable-specific options */ + options->pam_authentication_via_kbd_int = -1; + + /* Standard Options */ options->num_ports = 0; options->ports_from_cmdline = 0; options->listen_addrs = NULL; @@ -116,6 +130,11 @@ initialize_server_options(ServerOptions *options) void fill_default_server_options(ServerOptions *options) { + /* Portable-specific options */ + if (options->pam_authentication_via_kbd_int == -1) + options->pam_authentication_via_kbd_int = 0; + + /* Standard Options */ if (options->protocol == SSH_PROTO_UNKNOWN) options->protocol = SSH_PROTO_1|SSH_PROTO_2; if (options->num_host_key_files == 0) { @@ -237,11 +256,24 @@ fill_default_server_options(ServerOptions *options) /* Turn privilege separation on by default */ if (use_privsep == -1) use_privsep = 1; + +#if !defined(HAVE_MMAP) || !defined(MAP_ANON) + if (use_privsep && options->compression == 1) { + error("This platform does not support both privilege " + "separation and compression"); + error("Compression disabled"); + options->compression = 0; + } +#endif + } /* Keyword tokens. */ typedef enum { sBadOption, /* == unknown option */ + /* Portable-specific options */ + sPAMAuthenticationViaKbdInt, + /* Standard Options */ sPort, sHostKeyFile, sServerKeyBits, sLoginGraceTime, sKeyRegenerationTime, sPermitRootLogin, sLogFacility, sLogLevel, sRhostsAuthentication, sRhostsRSAAuthentication, sRSAAuthentication, @@ -275,6 +307,9 @@ static struct { const char *name; ServerOpCodes opcode; } keywords[] = { + /* Portable-specific options */ + { "PAMAuthenticationViaKbdInt", sPAMAuthenticationViaKbdInt }, + /* Standard Options */ { "port", sPort }, { "hostkey", sHostKeyFile }, { "hostdsakey", sHostKeyFile }, /* alias */ @@ -419,6 +454,12 @@ process_server_config_line(ServerOptions *options, char *line, charptr = NULL; opcode = parse_token(arg, filename, linenum); switch (opcode) { + /* Portable-specific options */ + case sPAMAuthenticationViaKbdInt: + intptr = &options->pam_authentication_via_kbd_int; + goto parse_flag; + + /* Standard Options */ case sBadOption: return -1; case sPort: |