GSSAPI patch for OpenSSH 3.0.2p1 Protocol version 2 by Simon Wilkinson from

[gssapi-openssh.git] / openssh / readconf.c

diff --git a/openssh/readconf.c b/openssh/readconf.c
index 63035b37f9e84c02b4341f02b7e8f5f307dfb76b..1f35670d33739e7e62227d6ccbc324aec81b54da 100644 (file)
--- a/openssh/readconf.c
+++ b/openssh/readconf.c
@@ -99,6 +99,12 @@ typedef enum {
 #if defined(KRB4) || defined(KRB5)
        oKerberosAuthentication,
 #endif
+#ifdef GSSAPI
+       oGssAuthentication, oGssDelegateCreds,
+#ifdef GSI
+       oGssGlobusDelegateLimitedCreds,
+#endif /* GSI */
+#endif /* GSSAPI */
 #if defined(AFS) || defined(KRB5)
        oKerberosTgtPassing,
 #endif
@@ -144,6 +150,15 @@ static struct {
 #if defined(KRB4) || defined(KRB5)
        { "kerberosauthentication", oKerberosAuthentication },
 #endif
+#ifdef GSSAPI
+       { "gssapiauthentication", oGssAuthentication },
+       { "gssapidelegatecredentials", oGssDelegateCreds },
+#ifdef GSI
+       /* For backwards compatability with old 1.2.27 client code */
+       { "forwardgssapiglobusproxy", oGssDelegateCreds }, /* alias */
+       { "forwardgssapiglobuslimitedproxy", oGssGlobusDelegateLimitedCreds },
+#endif /* GSI */
+#endif /* GSSAPI */
 #if defined(AFS) || defined(KRB5)
        { "kerberostgtpassing", oKerberosTgtPassing },
 #endif
@@ -363,6 +378,23 @@ parse_flag:
                intptr = &options->kerberos_authentication;
                goto parse_flag;
 #endif
+#ifdef GSSAPI
+       case oGssAuthentication:
+               intptr = &options->gss_authentication;
+               goto parse_flag;
+      
+       case oGssDelegateCreds:
+               intptr = &options->gss_deleg_creds;
+               goto parse_flag;
+ 
+#ifdef GSI
+       case oGssGlobusDelegateLimitedCreds:
+               intptr = &options->gss_globus_deleg_limited_proxy;
+               goto parse_flag;
+#endif /* GSI */
+
+#endif /* GSSAPI */
+
 #if defined(AFS) || defined(KRB5)
        case oKerberosTgtPassing:
                intptr = &options->kerberos_tgt_passing;
@@ -751,6 +783,14 @@ initialize_options(Options * options)
        options->rsa_authentication = -1;
        options->pubkey_authentication = -1;
        options->challenge_response_authentication = -1;
+#ifdef GSSAPI
+        options->gss_authentication = -1;
+        options->gss_deleg_creds = -1;
+#ifdef GSI
+        options->gss_globus_deleg_limited_proxy = -1;
+#endif /* GSI */
+#endif /* GSSAPI */
+
 #if defined(KRB4) || defined(KRB5)
        options->kerberos_authentication = -1;
 #endif
@@ -831,6 +871,16 @@ fill_default_options(Options * options)
                options->pubkey_authentication = 1;
        if (options->challenge_response_authentication == -1)
                options->challenge_response_authentication = 1;
+#ifdef GSSAPI
+       if (options->gss_authentication == -1)
+               options->gss_authentication = 1;
+       if (options->gss_deleg_creds == -1)
+               options->gss_deleg_creds = 1;
+#ifdef GSI
+       if (options->gss_globus_deleg_limited_proxy == -1)
+               options->gss_globus_deleg_limited_proxy = 0;
+#endif /* GSI */
+#endif /* GSSAPI */
 #if defined(KRB4) || defined(KRB5)
        if (options->kerberos_authentication == -1)
                options->kerberos_authentication = 1;