From bb02848f18878bddada7a9f55b110116f63c2f3c Mon Sep 17 00:00:00 2001 From: des Date: Thu, 27 Jun 2002 22:31:32 +0000 Subject: Vendor import of OpenSSH 3.3p1. --- crypto/openssh/servconf.c | 43 ++++++++++++++++++++++++++++++++++++++++++- 1 file changed, 42 insertions(+), 1 deletion(-) (limited to 'crypto/openssh/servconf.c') diff --git a/crypto/openssh/servconf.c b/crypto/openssh/servconf.c index 3537e92..fb6332c 100644 --- a/crypto/openssh/servconf.c +++ b/crypto/openssh/servconf.c @@ -12,8 +12,17 @@ #include "includes.h" RCSID("$OpenBSD: servconf.c,v 1.111 2002/06/20 23:05:55 markus Exp $"); -#if defined(KRB4) || defined(KRB5) +#if defined(KRB4) +#include +#endif +#if defined(KRB5) +#ifdef HEIMDAL #include +#else +/* Bodge - but then, so is using the kerberos IV KEYFILE to get a Kerberos V + * keytab */ +#define KEYFILE "/etc/krb5.keytab" +#endif #endif #ifdef AFS #include @@ -45,6 +54,11 @@ void initialize_server_options(ServerOptions *options) { memset(options, 0, sizeof(*options)); + + /* Portable-specific options */ + options->pam_authentication_via_kbd_int = -1; + + /* Standard Options */ options->num_ports = 0; options->ports_from_cmdline = 0; options->listen_addrs = NULL; @@ -116,6 +130,11 @@ initialize_server_options(ServerOptions *options) void fill_default_server_options(ServerOptions *options) { + /* Portable-specific options */ + if (options->pam_authentication_via_kbd_int == -1) + options->pam_authentication_via_kbd_int = 0; + + /* Standard Options */ if (options->protocol == SSH_PROTO_UNKNOWN) options->protocol = SSH_PROTO_1|SSH_PROTO_2; if (options->num_host_key_files == 0) { @@ -237,11 +256,24 @@ fill_default_server_options(ServerOptions *options) /* Turn privilege separation on by default */ if (use_privsep == -1) use_privsep = 1; + +#if !defined(HAVE_MMAP) || !defined(MAP_ANON) + if (use_privsep && options->compression == 1) { + error("This platform does not support both privilege " + "separation and compression"); + error("Compression disabled"); + options->compression = 0; + } +#endif + } /* Keyword tokens. */ typedef enum { sBadOption, /* == unknown option */ + /* Portable-specific options */ + sPAMAuthenticationViaKbdInt, + /* Standard Options */ sPort, sHostKeyFile, sServerKeyBits, sLoginGraceTime, sKeyRegenerationTime, sPermitRootLogin, sLogFacility, sLogLevel, sRhostsAuthentication, sRhostsRSAAuthentication, sRSAAuthentication, @@ -275,6 +307,9 @@ static struct { const char *name; ServerOpCodes opcode; } keywords[] = { + /* Portable-specific options */ + { "PAMAuthenticationViaKbdInt", sPAMAuthenticationViaKbdInt }, + /* Standard Options */ { "port", sPort }, { "hostkey", sHostKeyFile }, { "hostdsakey", sHostKeyFile }, /* alias */ @@ -419,6 +454,12 @@ process_server_config_line(ServerOptions *options, char *line, charptr = NULL; opcode = parse_token(arg, filename, linenum); switch (opcode) { + /* Portable-specific options */ + case sPAMAuthenticationViaKbdInt: + intptr = &options->pam_authentication_via_kbd_int; + goto parse_flag; + + /* Standard Options */ case sBadOption: return -1; case sPort: -- cgit v1.1