openssh-3.6.1p2-gssapi-20030430.diff from Simon

[gssapi-openssh.git] / openssh / readconf.c

diff --git a/openssh/readconf.c b/openssh/readconf.c
index 1df5ce2d9b9d8d2210fc43972940e45fd8fed626..7bf3b08049fb3f6a81cc2f3841e7832d3160f615 100644 (file)
--- a/openssh/readconf.c
+++ b/openssh/readconf.c
@@ -97,6 +97,12 @@ typedef enum {
 #if defined(KRB4) || defined(KRB5)
        oKerberosAuthentication,
 #endif
+#ifdef GSSAPI
+       oGssAuthentication, oGssDelegateCreds,
+#ifdef GSI
+       oGssGlobusDelegateLimitedCreds,
+#endif /* GSI */
+#endif /* GSSAPI */
 #if defined(AFS) || defined(KRB5)
        oKerberosTgtPassing,
 #endif
@@ -144,6 +150,15 @@ static struct {
 #if defined(KRB4) || defined(KRB5)
        { "kerberosauthentication", oKerberosAuthentication },
 #endif
+#ifdef GSSAPI
+       { "gssapiauthentication", oGssAuthentication },
+       { "gssapidelegatecredentials", oGssDelegateCreds },
+#ifdef GSI
+       /* For backwards compatability with old 1.2.27 client code */
+       { "forwardgssapiglobusproxy", oGssDelegateCreds }, /* alias */
+       { "forwardgssapiglobuslimitedproxy", oGssGlobusDelegateLimitedCreds },
+#endif /* GSI */
+#endif /* GSSAPI */
 #if defined(AFS) || defined(KRB5)
        { "kerberostgtpassing", oKerberosTgtPassing },
 #endif
@@ -366,6 +381,23 @@ parse_flag:
                intptr = &options->kerberos_authentication;
                goto parse_flag;
 #endif
+#ifdef GSSAPI
+       case oGssAuthentication:
+               intptr = &options->gss_authentication;
+               goto parse_flag;
+      
+       case oGssDelegateCreds:
+               intptr = &options->gss_deleg_creds;
+               goto parse_flag;
+ 
+#ifdef GSI
+       case oGssGlobusDelegateLimitedCreds:
+               intptr = &options->gss_globus_deleg_limited_proxy;
+               goto parse_flag;
+#endif /* GSI */
+
+#endif /* GSSAPI */
+
 #if defined(AFS) || defined(KRB5)
        case oKerberosTgtPassing:
                intptr = &options->kerberos_tgt_passing;
@@ -748,6 +780,14 @@ initialize_options(Options * options)
        options->rsa_authentication = -1;
        options->pubkey_authentication = -1;
        options->challenge_response_authentication = -1;
+#ifdef GSSAPI
+        options->gss_authentication = -1;
+        options->gss_deleg_creds = -1;
+#ifdef GSI
+        options->gss_globus_deleg_limited_proxy = -1;
+#endif /* GSI */
+#endif /* GSSAPI */
+
 #if defined(KRB4) || defined(KRB5)
        options->kerberos_authentication = -1;
 #endif
@@ -825,6 +865,16 @@ fill_default_options(Options * options)
                options->pubkey_authentication = 1;
        if (options->challenge_response_authentication == -1)
                options->challenge_response_authentication = 1;
+#ifdef GSSAPI
+       if (options->gss_authentication == -1)
+               options->gss_authentication = 1;
+       if (options->gss_deleg_creds == -1)
+               options->gss_deleg_creds = 1;
+#ifdef GSI
+       if (options->gss_globus_deleg_limited_proxy == -1)
+               options->gss_globus_deleg_limited_proxy = 0;
+#endif /* GSI */
+#endif /* GSSAPI */
 #if defined(KRB4) || defined(KRB5)
        if (options->kerberos_authentication == -1)
                options->kerberos_authentication = 1;