- (djm) Bug #573 - Remove unneeded Krb headers and compat goop. Patch from

[openssh.git] / servconf.c

diff --git a/servconf.c b/servconf.c
index 5840961e3870dab529b781d811985c580109a21a..6df2a255bd3e5afd197fdd430204f4d2c014abd8 100644 (file)
--- a/servconf.c
+++ b/servconf.c
@@ -10,24 +10,12 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: servconf.c,v 1.120 2003/05/15 04:08:44 jakob Exp $");
+RCSID("$OpenBSD: servconf.c,v 1.122 2003/06/02 09:17:34 markus Exp $");
 
 #if defined(KRB4)
 #include <krb.h>
 #endif
 
-#if defined(KRB5)
-# ifdef HEIMDAL
-#  include <krb.h>
-# else
-/*
- * XXX: Bodge - but then, so is using the kerberos IV KEYFILE to get a 
- * Kerberos V keytab
- */
-#  define KEYFILE "/etc/krb5.keytab"
-# endif
-#endif
-
 #ifdef AFS
 #include <kafs.h>
 #endif
@@ -116,7 +104,7 @@ initialize_server_options(ServerOptions *options)
        options->max_startups_rate = -1;
        options->max_startups = -1;
        options->banner = NULL;
-       options->verify_reverse_mapping = -1;
+       options->use_dns = -1;
        options->client_alive_interval = -1;
        options->client_alive_count_max = -1;
        options->authorized_keys_file = NULL;
@@ -131,11 +119,7 @@ fill_default_server_options(ServerOptions *options)
 {
        /* Portable-specific options */
        if (options->use_pam == -1)
-#ifdef USE_PAM
                options->use_pam = 1;
-#else
-               options->use_pam = 0;
-#endif
 
        /* Standard Options */
        if (options->protocol == SSH_PROTO_UNKNOWN)
@@ -207,11 +191,7 @@ fill_default_server_options(ServerOptions *options)
        if (options->kerberos_or_local_passwd == -1)
                options->kerberos_or_local_passwd = 1;
        if (options->kerberos_ticket_cleanup == -1)
-#if defined(KRB4) || defined(KRB5)
                options->kerberos_ticket_cleanup = 1;
-#else
-               options->kerberos_ticket_cleanup = 0;
-#endif
        if (options->kerberos_tgt_passing == -1)
                options->kerberos_tgt_passing = 0;
        if (options->afs_token_passing == -1)
@@ -240,8 +220,8 @@ fill_default_server_options(ServerOptions *options)
                options->max_startups_rate = 100;               /* 100% */
        if (options->max_startups_begin == -1)
                options->max_startups_begin = options->max_startups;
-       if (options->verify_reverse_mapping == -1)
-               options->verify_reverse_mapping = 0;
+       if (options->use_dns == -1)
+               options->use_dns = 1;
        if (options->client_alive_interval == -1)
                options->client_alive_interval = 0;
        if (options->client_alive_count_max == -1)
@@ -290,11 +270,11 @@ typedef enum {
        sAllowUsers, sDenyUsers, sAllowGroups, sDenyGroups,
        sIgnoreUserKnownHosts, sCiphers, sMacs, sProtocol, sPidFile,
        sGatewayPorts, sPubkeyAuthentication, sXAuthLocation, sSubsystem, sMaxStartups,
-       sBanner, sVerifyReverseMapping, sHostbasedAuthentication,
+       sBanner, sUseDNS, sHostbasedAuthentication,
        sHostbasedUsesNameFromPacketOnly, sClientAliveInterval,
        sClientAliveCountMax, sAuthorizedKeysFile, sAuthorizedKeysFile2,
        sUsePrivilegeSeparation,
-       sDeprecated
+       sDeprecated, sUnsupported
 } ServerOpCodes;
 
 /* Textual representation of the tokens. */
@@ -303,7 +283,11 @@ static struct {
        ServerOpCodes opcode;
 } keywords[] = {
        /* Portable-specific options */
+#ifdef USE_PAM
        { "UsePAM", sUsePAM },
+#else
+       { "UsePAM", sUnsupported },
+#endif
        /* Standard Options */
        { "port", sPort },
        { "hostkey", sHostKeyFile },
@@ -322,11 +306,22 @@ static struct {
        { "rsaauthentication", sRSAAuthentication },
        { "pubkeyauthentication", sPubkeyAuthentication },
        { "dsaauthentication", sPubkeyAuthentication },                 /* alias */
+#if defined(KRB4) || defined(KRB5)
        { "kerberosauthentication", sKerberosAuthentication },
        { "kerberosorlocalpasswd", sKerberosOrLocalPasswd },
        { "kerberosticketcleanup", sKerberosTicketCleanup },
        { "kerberostgtpassing", sKerberosTgtPassing },
+#else
+       { "kerberosauthentication", sUnsupported },
+       { "kerberosorlocalpasswd", sUnsupported },
+       { "kerberosticketcleanup", sUnsupported },
+       { "kerberostgtpassing", sUnsupported },
+#endif
+#if defined(AFS)
        { "afstokenpassing", sAFSTokenPassing },
+#else
+       { "afstokenpassing", sUnsupported },
+#endif
        { "passwordauthentication", sPasswordAuthentication },
        { "kbdinteractiveauthentication", sKbdInteractiveAuthentication },
        { "challengeresponseauthentication", sChallengeResponseAuthentication },
@@ -359,8 +354,9 @@ static struct {
        { "subsystem", sSubsystem },
        { "maxstartups", sMaxStartups },
        { "banner", sBanner },
-       { "verifyreversemapping", sVerifyReverseMapping },
-       { "reversemappingcheck", sVerifyReverseMapping },
+       { "usedns", sUseDNS },
+       { "verifyreversemapping", sDeprecated },
+       { "reversemappingcheck", sDeprecated },
        { "clientaliveinterval", sClientAliveInterval },
        { "clientalivecountmax", sClientAliveCountMax },
        { "authorizedkeysfile", sAuthorizedKeysFile },
@@ -716,8 +712,8 @@ parse_flag:
                intptr = &options->gateway_ports;
                goto parse_flag;
 
-       case sVerifyReverseMapping:
-               intptr = &options->verify_reverse_mapping;
+       case sUseDNS:
+               intptr = &options->use_dns;
                goto parse_flag;
 
        case sLogFacility:
@@ -899,6 +895,13 @@ parse_flag:
                    arg = strdelim(&cp);
                break;
 
+       case sUnsupported:
+               logit("%s line %d: Unsupported option %s",
+                   filename, linenum, arg);
+               while (arg)
+                   arg = strdelim(&cp);
+               break;
+
        default:
                fatal("%s line %d: Missing handler for opcode %s (%d)",
                    filename, linenum, arg, opcode);