|
Lines 137-142
initialize_server_options(ServerOptions
Link Here
|
| 137 |
options->zero_knowledge_password_authentication = -1; |
137 |
options->zero_knowledge_password_authentication = -1; |
| 138 |
options->revoked_keys_file = NULL; |
138 |
options->revoked_keys_file = NULL; |
| 139 |
options->trusted_user_ca_keys = NULL; |
139 |
options->trusted_user_ca_keys = NULL; |
|
|
140 |
options->use_kuserok = -1; |
| 140 |
} |
141 |
} |
| 141 |
|
142 |
|
| 142 |
void |
143 |
void |
|
Lines 285-290
fill_default_server_options(ServerOption
Link Here
|
| 285 |
if (use_privsep == -1) |
286 |
if (use_privsep == -1) |
| 286 |
use_privsep = 1; |
287 |
use_privsep = 1; |
| 287 |
|
288 |
|
|
|
289 |
if (options->use_kuserok == -1) |
| 290 |
options->use_kuserok = 1; |
| 288 |
#ifndef HAVE_MMAP |
291 |
#ifndef HAVE_MMAP |
| 289 |
if (use_privsep && options->compression == 1) { |
292 |
if (use_privsep && options->compression == 1) { |
| 290 |
error("This platform does not support both privilege " |
293 |
error("This platform does not support both privilege " |
|
Lines 306-312
typedef enum {
Link Here
|
| 306 |
sPermitRootLogin, sLogFacility, sLogLevel, |
309 |
sPermitRootLogin, sLogFacility, sLogLevel, |
| 307 |
sRhostsRSAAuthentication, sRSAAuthentication, |
310 |
sRhostsRSAAuthentication, sRSAAuthentication, |
| 308 |
sKerberosAuthentication, sKerberosOrLocalPasswd, sKerberosTicketCleanup, |
311 |
sKerberosAuthentication, sKerberosOrLocalPasswd, sKerberosTicketCleanup, |
| 309 |
sKerberosGetAFSToken, |
312 |
sKerberosGetAFSToken, sKerberosUseKuserok, |
| 310 |
sKerberosTgtPassing, sChallengeResponseAuthentication, |
313 |
sKerberosTgtPassing, sChallengeResponseAuthentication, |
| 311 |
sPasswordAuthentication, sKbdInteractiveAuthentication, |
314 |
sPasswordAuthentication, sKbdInteractiveAuthentication, |
| 312 |
sListenAddress, sAddressFamily, |
315 |
sListenAddress, sAddressFamily, |
|
Lines 376-386
static struct {
Link Here
|
| 376 |
#else |
379 |
#else |
| 377 |
{ "kerberosgetafstoken", sUnsupported, SSHCFG_GLOBAL }, |
380 |
{ "kerberosgetafstoken", sUnsupported, SSHCFG_GLOBAL }, |
| 378 |
#endif |
381 |
#endif |
|
|
382 |
{ "kerberosusekuserok", sKerberosUseKuserok, SSHCFG_ALL }, |
| 379 |
#else |
383 |
#else |
| 380 |
{ "kerberosauthentication", sUnsupported, SSHCFG_ALL }, |
384 |
{ "kerberosauthentication", sUnsupported, SSHCFG_ALL }, |
| 381 |
{ "kerberosorlocalpasswd", sUnsupported, SSHCFG_GLOBAL }, |
385 |
{ "kerberosorlocalpasswd", sUnsupported, SSHCFG_GLOBAL }, |
| 382 |
{ "kerberosticketcleanup", sUnsupported, SSHCFG_GLOBAL }, |
386 |
{ "kerberosticketcleanup", sUnsupported, SSHCFG_GLOBAL }, |
| 383 |
{ "kerberosgetafstoken", sUnsupported, SSHCFG_GLOBAL }, |
387 |
{ "kerberosgetafstoken", sUnsupported, SSHCFG_GLOBAL }, |
|
|
388 |
{ "kerberosusekuserok", sUnsupported, SSHCFG_ALL }, |
| 384 |
#endif |
389 |
#endif |
| 385 |
{ "kerberostgtpassing", sUnsupported, SSHCFG_GLOBAL }, |
390 |
{ "kerberostgtpassing", sUnsupported, SSHCFG_GLOBAL }, |
| 386 |
{ "afstokenpassing", sUnsupported, SSHCFG_GLOBAL }, |
391 |
{ "afstokenpassing", sUnsupported, SSHCFG_GLOBAL }, |
|
Lines 1335-1340
process_server_config_line(ServerOptions
Link Here
|
| 1335 |
*activep = value; |
1340 |
*activep = value; |
| 1336 |
break; |
1341 |
break; |
| 1337 |
|
1342 |
|
|
|
1343 |
case sKerberosUseKuserok: |
| 1344 |
intptr = &options->use_kuserok; |
| 1345 |
goto parse_flag; |
| 1346 |
|
| 1338 |
case sPermitOpen: |
1347 |
case sPermitOpen: |
| 1339 |
arg = strdelim(&cp); |
1348 |
arg = strdelim(&cp); |
| 1340 |
if (!arg || *arg == '\0') |
1349 |
if (!arg || *arg == '\0') |
|
Lines 1517-1522
copy_set_server_options(ServerOptions *d
Link Here
|
| 1517 |
M_CP_INTOPT(x11_use_localhost); |
1526 |
M_CP_INTOPT(x11_use_localhost); |
| 1518 |
M_CP_INTOPT(max_sessions); |
1527 |
M_CP_INTOPT(max_sessions); |
| 1519 |
M_CP_INTOPT(max_authtries); |
1528 |
M_CP_INTOPT(max_authtries); |
|
|
1529 |
M_CP_INTOPT(use_kuserok); |
| 1520 |
|
1530 |
|
| 1521 |
M_CP_STROPT(banner); |
1531 |
M_CP_STROPT(banner); |
| 1522 |
if (preauth) |
1532 |
if (preauth) |
|
Lines 1734-1739
dump_config(ServerOptions *o)
Link Here
|
| 1734 |
dump_cfg_fmtint(sUseDNS, o->use_dns); |
1744 |
dump_cfg_fmtint(sUseDNS, o->use_dns); |
| 1735 |
dump_cfg_fmtint(sAllowTcpForwarding, o->allow_tcp_forwarding); |
1745 |
dump_cfg_fmtint(sAllowTcpForwarding, o->allow_tcp_forwarding); |
| 1736 |
dump_cfg_fmtint(sUsePrivilegeSeparation, use_privsep); |
1746 |
dump_cfg_fmtint(sUsePrivilegeSeparation, use_privsep); |
|
|
1747 |
dump_cfg_fmtint(sKerberosUseKuserok, o->use_kuserok); |
| 1737 |
|
1748 |
|
| 1738 |
/* string arguments */ |
1749 |
/* string arguments */ |
| 1739 |
dump_cfg_string(sPidFile, o->pid_file); |
1750 |
dump_cfg_string(sPidFile, o->pid_file); |