*/
#include "includes.h"
-RCSID("$OpenBSD: readconf.c,v 1.115 2003/07/22 13:35:22 markus Exp $");
+RCSID("$OpenBSD: readconf.c,v 1.121 2003/09/01 18:15:50 markus Exp $");
#include "ssh.h"
#include "xmalloc.h"
Host fascist.blob.com
Port 23123
User tylonen
- RhostsAuthentication no
PasswordAuthentication no
Host puukko.hut.fi
Host *
ForwardAgent no
ForwardX11 no
- RhostsAuthentication yes
PasswordAuthentication yes
RSAAuthentication yes
RhostsRSAAuthentication yes
typedef enum {
oBadOption,
- oForwardAgent, oForwardX11, oGatewayPorts, oRhostsAuthentication,
+ oForwardAgent, oForwardX11, oGatewayPorts,
oPasswordAuthentication, oRSAAuthentication,
oChallengeResponseAuthentication, oXAuthLocation,
- oKerberosAuthentication, oKerberosTgtPassing,
oIdentityFile, oHostName, oPort, oCipher, oRemoteForward, oLocalForward,
oUser, oHost, oEscapeChar, oRhostsRSAAuthentication, oProxyCommand,
oGlobalKnownHostsFile, oUserKnownHostsFile, oConnectionAttempts,
oHostKeyAlgorithms, oBindAddress, oSmartcardDevice,
oClearAllForwardings, oNoHostAuthenticationForLocalhost,
oEnableSSHKeysign, oRekeyLimit, oVerifyHostKeyDNS, oConnectTimeout,
- oAddressFamily,
+ oAddressFamily, oGssAuthentication, oGssDelegateCreds,
oDeprecated, oUnsupported
} OpCodes;
{ "xauthlocation", oXAuthLocation },
{ "gatewayports", oGatewayPorts },
{ "useprivilegedport", oUsePrivilegedPort },
- { "rhostsauthentication", oRhostsAuthentication },
+ { "rhostsauthentication", oDeprecated },
{ "passwordauthentication", oPasswordAuthentication },
{ "kbdinteractiveauthentication", oKbdInteractiveAuthentication },
{ "kbdinteractivedevices", oKbdInteractiveDevices },
{ "challengeresponseauthentication", oChallengeResponseAuthentication },
{ "skeyauthentication", oChallengeResponseAuthentication }, /* alias */
{ "tisauthentication", oChallengeResponseAuthentication }, /* alias */
-#ifdef KRB5
- { "kerberosauthentication", oKerberosAuthentication },
- { "kerberostgtpassing", oKerberosTgtPassing },
-#else
{ "kerberosauthentication", oUnsupported },
{ "kerberostgtpassing", oUnsupported },
-#endif
{ "afstokenpassing", oUnsupported },
+#if defined(GSSAPI)
+ { "gssapiauthentication", oGssAuthentication },
+ { "gssapidelegatecredentials", oGssDelegateCreds },
+#else
+ { "gssapiauthentication", oUnsupported },
+ { "gssapidelegatecredentials", oUnsupported },
+#endif
{ "fallbacktorsh", oDeprecated },
{ "usersh", oDeprecated },
{ "identityfile", oIdentityFile },
intptr = &options->use_privileged_port;
goto parse_flag;
- case oRhostsAuthentication:
- intptr = &options->rhosts_authentication;
- goto parse_flag;
-
case oPasswordAuthentication:
intptr = &options->password_authentication;
goto parse_flag;
intptr = &options->challenge_response_authentication;
goto parse_flag;
- case oKerberosAuthentication:
- intptr = &options->kerberos_authentication;
+ case oGssAuthentication:
+ intptr = &options->gss_authentication;
goto parse_flag;
- case oKerberosTgtPassing:
- intptr = &options->kerberos_tgt_passing;
+ case oGssDelegateCreds:
+ intptr = &options->gss_deleg_creds;
goto parse_flag;
case oBatchMode:
fatal("%.200s line %d: Badly formatted port number.",
filename, linenum);
if (*activep)
- add_local_forward(options, fwd_port, "socks4", 0);
+ add_local_forward(options, fwd_port, "socks", 0);
break;
case oClearAllForwardings:
options->xauth_location = NULL;
options->gateway_ports = -1;
options->use_privileged_port = -1;
- options->rhosts_authentication = -1;
options->rsa_authentication = -1;
options->pubkey_authentication = -1;
options->challenge_response_authentication = -1;
- options->kerberos_authentication = -1;
- options->kerberos_tgt_passing = -1;
+ options->gss_authentication = -1;
+ options->gss_deleg_creds = -1;
options->password_authentication = -1;
options->kbd_interactive_authentication = -1;
options->kbd_interactive_devices = NULL;
options->gateway_ports = 0;
if (options->use_privileged_port == -1)
options->use_privileged_port = 0;
- if (options->rhosts_authentication == -1)
- options->rhosts_authentication = 0;
if (options->rsa_authentication == -1)
options->rsa_authentication = 1;
if (options->pubkey_authentication == -1)
options->pubkey_authentication = 1;
if (options->challenge_response_authentication == -1)
options->challenge_response_authentication = 1;
- if (options->kerberos_authentication == -1)
- options->kerberos_authentication = 1;
- if (options->kerberos_tgt_passing == -1)
- options->kerberos_tgt_passing = 1;
+ if (options->gss_authentication == -1)
+ options->gss_authentication = 1;
+ if (options->gss_deleg_creds == -1)
+ options->gss_deleg_creds = 0;
if (options->password_authentication == -1)
options->password_authentication = 1;
if (options->kbd_interactive_authentication == -1)
andersk / openssh.git / blobdiff