[readconf.c ssh.1 ssh.c sshconnect.c]
cleanup connect(); connection_attempts 4 -> 1; from
eivind@freebsd.org
+ - stevesk@cvs.openbsd.org 2001/07/26 17:18:22
+ [sshd.8 sshd.c]
+ add -t option to test configuration file and keys; pekkas@netcore.fi
+ ok markus@
20010803
- (djm) Fix interrupted read in entropy gatherer. Spotted by markus@ on
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
-.\" $OpenBSD: sshd.8,v 1.136 2001/07/22 22:24:16 markus Exp $
+.\" $OpenBSD: sshd.8,v 1.137 2001/07/26 17:18:22 stevesk Exp $
.Dd September 25, 1999
.Dt SSHD 8
.Os
Nothing is sent to the system log.
Normally the beginning,
authentication, and termination of each connection is logged.
+.It Fl t
+Test mode.
+Only check the validity of the configuration file and sanity of the keys.
+This is useful for updating
+.Nm
+reliably as configuration options may change.
.It Fl u Ar len
This option is used to specify the size of the field
in the
*/
#include "includes.h"
-RCSID("$OpenBSD: sshd.c,v 1.202 2001/06/26 16:15:25 dugsong Exp $");
+RCSID("$OpenBSD: sshd.c,v 1.203 2001/07/26 17:18:22 stevesk Exp $");
#include <openssl/dh.h>
#include <openssl/bn.h>
*/
int debug_flag = 0;
+/* Flag indicating that the daemon should only test the configuration and keys. */
+int test_flag = 0;
+
/* Flag indicating that the daemon is being started from inetd. */
int inetd_flag = 0;
initialize_server_options(&options);
/* Parse command-line arguments. */
- while ((opt = getopt(ac, av, "f:p:b:k:h:g:V:u:dDeiqQ46")) != -1) {
+ while ((opt = getopt(ac, av, "f:p:b:k:h:g:V:u:dDeiqtQ46")) != -1) {
switch (opt) {
case '4':
IPv4or6 = AF_INET;
/* only makes sense with inetd_flag, i.e. no listen() */
inetd_flag = 1;
break;
+ case 't':
+ test_flag = 1;
+ break;
case 'u':
utmp_len = atoi(optarg);
break;
fprintf(stderr, " -d Debugging mode (multiple -d means more debugging)\n");
fprintf(stderr, " -i Started from inetd\n");
fprintf(stderr, " -D Do not fork into daemon mode\n");
+ fprintf(stderr, " -t Only test configuration file and keys\n");
fprintf(stderr, " -q Quiet (no logging)\n");
fprintf(stderr, " -p port Listen on the specified port (default: 22)\n");
fprintf(stderr, " -k seconds Regenerate server key every this many seconds (default: 3600)\n");
}
}
+ /* Configuration looks good, so exit if in test mode. */
+ if (test_flag)
+ exit(0);
+
#ifdef HAVE_SCO_PROTECTED_PW
(void) set_auth_parameters(ac, av);
#endif