]> andersk Git - openssh.git/blobdiff - servconf.c
andersk / openssh.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
- (djm) Bug #442: Check for and deny access to accounts with locked
[openssh.git] / servconf.c
diff --git a/servconf.c b/servconf.c
index f311ae48ddea4e5a69738ae82835db66043c2cb6..e3939df401450f718820b1bf583a16dd1ff7562b 100644 (file)
--- a/servconf.c
+++ b/servconf.c
@@ -10,7 +10,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: servconf.c,v 1.112 2002/06/23 09:46:51 deraadt Exp $");
+RCSID("$OpenBSD: servconf.c,v 1.115 2002/09/04 18:52:42 stevesk Exp $");
 
 #if defined(KRB4)
 #include <krb.h>
@@ -101,6 +101,7 @@ initialize_server_options(ServerOptions *options)
        options->kbd_interactive_authentication = -1;
        options->challenge_response_authentication = -1;
        options->permit_empty_passwd = -1;
+       options->permit_user_env = -1;
        options->use_login = -1;
        options->compression = -1;
        options->allow_tcp_forwarding = -1;
@@ -158,7 +159,7 @@ fill_default_server_options(ServerOptions *options)
        if (options->server_key_bits == -1)
                options->server_key_bits = 768;
        if (options->login_grace_time == -1)
-               options->login_grace_time = 600;
+               options->login_grace_time = 120;
        if (options->key_regeneration_time == -1)
                options->key_regeneration_time = 3600;
        if (options->permit_root_login == PERMIT_NOT_SET)
@@ -223,6 +224,8 @@ fill_default_server_options(ServerOptions *options)
                options->challenge_response_authentication = 1;
        if (options->permit_empty_passwd == -1)
                options->permit_empty_passwd = 0;
+       if (options->permit_user_env == -1)
+               options->permit_user_env = 0;
        if (options->use_login == -1)
                options->use_login = 0;
        if (options->compression == -1)
@@ -257,7 +260,7 @@ fill_default_server_options(ServerOptions *options)
        if (use_privsep == -1)
                use_privsep = 1;
 
-#if !defined(HAVE_MMAP_ANON_SHARED)
+#ifndef HAVE_MMAP
        if (use_privsep && options->compression == 1) {
                error("This platform does not support both privilege "
                    "separation and compression");
@@ -291,7 +294,7 @@ typedef enum {
        sPrintMotd, sPrintLastLog, sIgnoreRhosts,
        sX11Forwarding, sX11DisplayOffset, sX11UseLocalhost,
        sStrictModes, sEmptyPasswd, sKeepAlives,
-       sUseLogin, sAllowTcpForwarding, sCompression,
+       sPermitUserEnvironment, sUseLogin, sAllowTcpForwarding, sCompression,
        sAllowUsers, sDenyUsers, sAllowGroups, sDenyGroups,
        sIgnoreUserKnownHosts, sCiphers, sMacs, sProtocol, sPidFile,
        sGatewayPorts, sPubkeyAuthentication, sXAuthLocation, sSubsystem, sMaxStartups,
@@ -354,6 +357,7 @@ static struct {
        { "xauthlocation", sXAuthLocation },
        { "strictmodes", sStrictModes },
        { "permitemptypasswords", sEmptyPasswd },
+       { "permituserenvironment", sPermitUserEnvironment },
        { "uselogin", sUseLogin },
        { "compression", sCompression },
        { "keepalive", sKeepAlives },
@@ -713,6 +717,10 @@ parse_flag:
                intptr = &options->permit_empty_passwd;
                goto parse_flag;
 
+       case sPermitUserEnvironment:
+               intptr = &options->permit_user_env;
+               goto parse_flag;
+
        case sUseLogin:
                intptr = &options->use_login;
                goto parse_flag;
git-cvsimport mirror of OpenSSH
This page took 0.08132 seconds and 4 git commands to generate.