- jakob@cvs.openbsd.org 2003/11/12 16:39:58

[openssh.git] / readconf.c

diff --git a/readconf.c b/readconf.c
index 5a7084fe890af95d94a49d65267697f5d5b5b2e9..da49a3944a929f2d31925bcbc073185d658d3dbb 100644 (file)
--- a/readconf.c
+++ b/readconf.c
@@ -12,7 +12,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: readconf.c,v 1.122 2003/10/08 15:21:24 markus Exp $");
+RCSID("$OpenBSD: readconf.c,v 1.125 2003/11/12 16:39:58 jakob Exp $");
 
 #include "ssh.h"
 #include "xmalloc.h"
@@ -89,7 +89,7 @@ RCSID("$OpenBSD: readconf.c,v 1.122 2003/10/08 15:21:24 markus Exp $");
 
 typedef enum {
        oBadOption,
-       oForwardAgent, oForwardX11, oGatewayPorts,
+       oForwardAgent, oForwardX11, oForwardX11Trusted, oGatewayPorts,
        oPasswordAuthentication, oRSAAuthentication,
        oChallengeResponseAuthentication, oXAuthLocation,
        oIdentityFile, oHostName, oPort, oCipher, oRemoteForward, oLocalForward,
@@ -116,6 +116,7 @@ static struct {
 } keywords[] = {
        { "forwardagent", oForwardAgent },
        { "forwardx11", oForwardX11 },
+       { "forwardx11trusted", oForwardX11Trusted },
        { "xauthlocation", oXAuthLocation },
        { "gatewayports", oGatewayPorts },
        { "useprivilegedport", oUsePrivilegedPort },
@@ -182,11 +183,7 @@ static struct {
 #endif
        { "clearallforwardings", oClearAllForwardings },
        { "enablesshkeysign", oEnableSSHKeysign },
-#ifdef DNS
        { "verifyhostkeydns", oVerifyHostKeyDNS },
-#else
-       { "verifyhostkeydns", oUnsupported },
-#endif
        { "nohostauthenticationforlocalhost", oNoHostAuthenticationForLocalhost },
        { "rekeylimit", oRekeyLimit },
        { "connecttimeout", oConnectTimeout },
@@ -342,6 +339,10 @@ parse_flag:
                intptr = &options->forward_x11;
                goto parse_flag;
 
+       case oForwardX11Trusted:
+               intptr = &options->forward_x11_trusted;
+               goto parse_flag;
+
        case oGatewayPorts:
                intptr = &options->gateway_ports;
                goto parse_flag;
@@ -400,10 +401,11 @@ parse_flag:
 
        case oVerifyHostKeyDNS:
                intptr = &options->verify_host_key_dns;
-               goto parse_flag;
+               goto parse_yesnoask;
 
        case oStrictHostKeyChecking:
                intptr = &options->strict_host_key_checking;
+parse_yesnoask:
                arg = strdelim(&s);
                if (!arg || *arg == '\0')
                        fatal("%.200s line %d: Missing yes/no/ask argument.",
@@ -806,6 +808,7 @@ initialize_options(Options * options)
        memset(options, 'X', sizeof(*options));
        options->forward_agent = -1;
        options->forward_x11 = -1;
+       options->forward_x11_trusted = -1;
        options->xauth_location = NULL;
        options->gateway_ports = -1;
        options->use_privileged_port = -1;
@@ -872,6 +875,8 @@ fill_default_options(Options * options)
                options->forward_agent = 0;
        if (options->forward_x11 == -1)
                options->forward_x11 = 0;
+       if (options->forward_x11_trusted == -1)
+               options->forward_x11_trusted = 0;
        if (options->xauth_location == NULL)
                options->xauth_location = _PATH_XAUTH;
        if (options->gateway_ports == -1)