|
Lines 92-97
initialize_server_options(ServerOptions
Link Here
|
| 92 |
options->hostbased_uses_name_from_packet_only = -1; |
92 |
options->hostbased_uses_name_from_packet_only = -1; |
| 93 |
options->rsa_authentication = -1; |
93 |
options->rsa_authentication = -1; |
| 94 |
options->pubkey_authentication = -1; |
94 |
options->pubkey_authentication = -1; |
|
|
95 |
options->two_factor_authentication = -1; |
| 96 |
options->second_pubkey_authentication = -1; |
| 97 |
options->second_gss_authentication = -1; |
| 98 |
options->second_password_authentication = -1; |
| 99 |
options->second_kbd_interactive_authentication = -1; |
| 100 |
options->second_zero_knowledge_password_authentication = -1; |
| 101 |
options->second_hostbased_authentication = -1; |
| 95 |
options->kerberos_authentication = -1; |
102 |
options->kerberos_authentication = -1; |
| 96 |
options->kerberos_or_local_passwd = -1; |
103 |
options->kerberos_or_local_passwd = -1; |
| 97 |
options->kerberos_ticket_cleanup = -1; |
104 |
options->kerberos_ticket_cleanup = -1; |
|
Lines 237-242
fill_default_server_options(ServerOption
Link Here
|
| 237 |
options->permit_empty_passwd = 0; |
244 |
options->permit_empty_passwd = 0; |
| 238 |
if (options->permit_user_env == -1) |
245 |
if (options->permit_user_env == -1) |
| 239 |
options->permit_user_env = 0; |
246 |
options->permit_user_env = 0; |
|
|
247 |
if (options->two_factor_authentication == -1) |
| 248 |
options->two_factor_authentication = 0; |
| 249 |
if (options->second_pubkey_authentication == -1) |
| 250 |
options->second_pubkey_authentication = 1; |
| 251 |
if (options->second_gss_authentication == -1) |
| 252 |
options->second_gss_authentication = 0; |
| 253 |
if (options->second_password_authentication == -1) |
| 254 |
options->second_password_authentication = 1; |
| 255 |
if (options->second_kbd_interactive_authentication == -1) |
| 256 |
options->second_kbd_interactive_authentication = 0; |
| 257 |
if (options->second_zero_knowledge_password_authentication == -1) |
| 258 |
options->second_zero_knowledge_password_authentication = 0; |
| 259 |
if (options->second_hostbased_authentication == -1) |
| 260 |
options->second_hostbased_authentication = 0; |
| 240 |
if (options->use_login == -1) |
261 |
if (options->use_login == -1) |
| 241 |
options->use_login = 0; |
262 |
options->use_login = 0; |
| 242 |
if (options->compression == -1) |
263 |
if (options->compression == -1) |
|
Lines 316-323
typedef enum {
Link Here
|
| 316 |
sGatewayPorts, sPubkeyAuthentication, sXAuthLocation, sSubsystem, |
337 |
sGatewayPorts, sPubkeyAuthentication, sXAuthLocation, sSubsystem, |
| 317 |
sMaxStartups, sMaxAuthTries, sMaxSessions, |
338 |
sMaxStartups, sMaxAuthTries, sMaxSessions, |
| 318 |
sBanner, sUseDNS, sHostbasedAuthentication, |
339 |
sBanner, sUseDNS, sHostbasedAuthentication, |
| 319 |
sHostbasedUsesNameFromPacketOnly, sClientAliveInterval, |
340 |
sHostbasedUsesNameFromPacketOnly, sTwoFactorAuthentication, |
| 320 |
sClientAliveCountMax, sAuthorizedKeysFile, |
341 |
sSecondPubkeyAuthentication, sSecondGssAuthentication, |
|
|
342 |
sSecondPasswordAuthentication, sSecondKbdInteractiveAuthentication, |
| 343 |
sSecondZeroKnowledgePasswordAuthentication, sSecondHostbasedAuthentication, |
| 344 |
sClientAliveInterval, sClientAliveCountMax, sAuthorizedKeysFile, |
| 321 |
sGssAuthentication, sGssCleanupCreds, sAcceptEnv, sPermitTunnel, |
345 |
sGssAuthentication, sGssCleanupCreds, sAcceptEnv, sPermitTunnel, |
| 322 |
sMatch, sPermitOpen, sForceCommand, sChrootDirectory, |
346 |
sMatch, sPermitOpen, sForceCommand, sChrootDirectory, |
| 323 |
sUsePrivilegeSeparation, sAllowAgentForwarding, |
347 |
sUsePrivilegeSeparation, sAllowAgentForwarding, |
|
Lines 395-400
static struct {
Link Here
|
| 395 |
#else |
419 |
#else |
| 396 |
{ "zeroknowledgepasswordauthentication", sUnsupported, SSHCFG_ALL }, |
420 |
{ "zeroknowledgepasswordauthentication", sUnsupported, SSHCFG_ALL }, |
| 397 |
#endif |
421 |
#endif |
|
|
422 |
{ "twofactorauthentication", sTwoFactorAuthentication, SSHCFG_ALL }, |
| 423 |
{ "secondpubkeyauthentication", sSecondPubkeyAuthentication, SSHCFG_ALL }, |
| 424 |
#ifdef GSSAPI |
| 425 |
{ "secondgssapiauthentication", sSecondGssAuthentication, SSHCFG_ALL }, |
| 426 |
#else |
| 427 |
{ "secondgssapiauthentication", sUnsupported, SSHCFG_ALL }, |
| 428 |
#endif |
| 429 |
{ "secondpasswordauthentication", sSecondPasswordAuthentication, SSHCFG_ALL }, |
| 430 |
{ "secondkbdinteractiveauthentication", sSecondKbdInteractiveAuthentication, SSHCFG_ALL }, |
| 431 |
#ifdef JPAKE |
| 432 |
{ "secondzeroknowledgepasswordauthentication", sSecondZeroKnowledgePasswordAuthentication, SSHCFG_ALL }, |
| 433 |
#else |
| 434 |
{ "secondzeroknowledgepasswordauthentication", sUnsupported, SSHCFG_ALL }, |
| 435 |
#endif |
| 436 |
{ "secondhostbasedauthentication", sSecondHostbasedAuthentication, SSHCFG_ALL }, |
| 398 |
{ "checkmail", sDeprecated, SSHCFG_GLOBAL }, |
437 |
{ "checkmail", sDeprecated, SSHCFG_GLOBAL }, |
| 399 |
{ "listenaddress", sListenAddress, SSHCFG_GLOBAL }, |
438 |
{ "listenaddress", sListenAddress, SSHCFG_GLOBAL }, |
| 400 |
{ "addressfamily", sAddressFamily, SSHCFG_GLOBAL }, |
439 |
{ "addressfamily", sAddressFamily, SSHCFG_GLOBAL }, |
|
Lines 982-987
process_server_config_line(ServerOptions
Link Here
|
| 982 |
intptr = &options->challenge_response_authentication; |
1021 |
intptr = &options->challenge_response_authentication; |
| 983 |
goto parse_flag; |
1022 |
goto parse_flag; |
| 984 |
|
1023 |
|
|
|
1024 |
case sTwoFactorAuthentication: |
| 1025 |
intptr = &options->two_factor_authentication; |
| 1026 |
goto parse_flag; |
| 1027 |
|
| 1028 |
case sSecondPubkeyAuthentication: |
| 1029 |
intptr = &options->second_pubkey_authentication; |
| 1030 |
goto parse_flag; |
| 1031 |
|
| 1032 |
case sSecondGssAuthentication: |
| 1033 |
intptr = &options->second_gss_authentication; |
| 1034 |
goto parse_flag; |
| 1035 |
|
| 1036 |
case sSecondPasswordAuthentication: |
| 1037 |
intptr = &options->second_password_authentication; |
| 1038 |
goto parse_flag; |
| 1039 |
|
| 1040 |
case sSecondKbdInteractiveAuthentication: |
| 1041 |
intptr = &options->second_kbd_interactive_authentication; |
| 1042 |
goto parse_flag; |
| 1043 |
|
| 1044 |
case sSecondZeroKnowledgePasswordAuthentication: |
| 1045 |
intptr = &options->second_zero_knowledge_password_authentication; |
| 1046 |
goto parse_flag; |
| 1047 |
|
| 1048 |
case sSecondHostbasedAuthentication: |
| 1049 |
intptr = &options->second_hostbased_authentication; |
| 1050 |
goto parse_flag; |
| 1051 |
|
| 985 |
case sPrintMotd: |
1052 |
case sPrintMotd: |
| 986 |
intptr = &options->print_motd; |
1053 |
intptr = &options->print_motd; |
| 987 |
goto parse_flag; |
1054 |
goto parse_flag; |
|
Lines 1491-1504
void
Link Here
|
| 1491 |
copy_set_server_options(ServerOptions *dst, ServerOptions *src, int preauth) |
1558 |
copy_set_server_options(ServerOptions *dst, ServerOptions *src, int preauth) |
| 1492 |
{ |
1559 |
{ |
| 1493 |
M_CP_INTOPT(password_authentication); |
1560 |
M_CP_INTOPT(password_authentication); |
|
|
1561 |
M_CP_INTOPT(second_password_authentication); |
| 1494 |
M_CP_INTOPT(gss_authentication); |
1562 |
M_CP_INTOPT(gss_authentication); |
|
|
1563 |
M_CP_INTOPT(second_gss_authentication); |
| 1495 |
M_CP_INTOPT(rsa_authentication); |
1564 |
M_CP_INTOPT(rsa_authentication); |
| 1496 |
M_CP_INTOPT(pubkey_authentication); |
1565 |
M_CP_INTOPT(pubkey_authentication); |
|
|
1566 |
M_CP_INTOPT(second_pubkey_authentication); |
| 1497 |
M_CP_INTOPT(kerberos_authentication); |
1567 |
M_CP_INTOPT(kerberos_authentication); |
| 1498 |
M_CP_INTOPT(hostbased_authentication); |
1568 |
M_CP_INTOPT(hostbased_authentication); |
|
|
1569 |
M_CP_INTOPT(second_hostbased_authentication); |
| 1499 |
M_CP_INTOPT(hostbased_uses_name_from_packet_only); |
1570 |
M_CP_INTOPT(hostbased_uses_name_from_packet_only); |
| 1500 |
M_CP_INTOPT(kbd_interactive_authentication); |
1571 |
M_CP_INTOPT(kbd_interactive_authentication); |
|
|
1572 |
M_CP_INTOPT(second_kbd_interactive_authentication); |
| 1501 |
M_CP_INTOPT(zero_knowledge_password_authentication); |
1573 |
M_CP_INTOPT(zero_knowledge_password_authentication); |
|
|
1574 |
M_CP_INTOPT(second_zero_knowledge_password_authentication); |
| 1575 |
M_CP_INTOPT(two_factor_authentication); |
| 1502 |
M_CP_INTOPT(permit_root_login); |
1576 |
M_CP_INTOPT(permit_root_login); |
| 1503 |
M_CP_INTOPT(permit_empty_passwd); |
1577 |
M_CP_INTOPT(permit_empty_passwd); |
| 1504 |
|
1578 |
|
|
Lines 1720-1736
dump_config(ServerOptions *o)
Link Here
|
| 1720 |
#endif |
1794 |
#endif |
| 1721 |
#ifdef GSSAPI |
1795 |
#ifdef GSSAPI |
| 1722 |
dump_cfg_fmtint(sGssAuthentication, o->gss_authentication); |
1796 |
dump_cfg_fmtint(sGssAuthentication, o->gss_authentication); |
|
|
1797 |
dump_cfg_fmtint(sSecondGssAuthentication, o->second_gss_authentication); |
| 1723 |
dump_cfg_fmtint(sGssCleanupCreds, o->gss_cleanup_creds); |
1798 |
dump_cfg_fmtint(sGssCleanupCreds, o->gss_cleanup_creds); |
| 1724 |
#endif |
1799 |
#endif |
| 1725 |
#ifdef JPAKE |
1800 |
#ifdef JPAKE |
| 1726 |
dump_cfg_fmtint(sZeroKnowledgePasswordAuthentication, |
1801 |
dump_cfg_fmtint(sZeroKnowledgePasswordAuthentication, |
| 1727 |
o->zero_knowledge_password_authentication); |
1802 |
o->zero_knowledge_password_authentication); |
|
|
1803 |
dump_cfg_fmtint(sSecondZeroKnowledgePasswordAuthentication, |
| 1804 |
o->second_zero_knowledge_password_authentication); |
| 1728 |
#endif |
1805 |
#endif |
| 1729 |
dump_cfg_fmtint(sPasswordAuthentication, o->password_authentication); |
1806 |
dump_cfg_fmtint(sPasswordAuthentication, o->password_authentication); |
|
|
1807 |
dump_cfg_fmtint(sSecondPasswordAuthentication, o->second_password_authentication); |
| 1730 |
dump_cfg_fmtint(sKbdInteractiveAuthentication, |
1808 |
dump_cfg_fmtint(sKbdInteractiveAuthentication, |
| 1731 |
o->kbd_interactive_authentication); |
1809 |
o->kbd_interactive_authentication); |
|
|
1810 |
dump_cfg_fmtint(sSecondKbdInteractiveAuthentication, |
| 1811 |
o->second_kbd_interactive_authentication); |
| 1732 |
dump_cfg_fmtint(sChallengeResponseAuthentication, |
1812 |
dump_cfg_fmtint(sChallengeResponseAuthentication, |
| 1733 |
o->challenge_response_authentication); |
1813 |
o->challenge_response_authentication); |
|
|
1814 |
dump_cfg_fmtint(sTwoFactorAuthentication, o->two_factor_authentication); |
| 1734 |
dump_cfg_fmtint(sPrintMotd, o->print_motd); |
1815 |
dump_cfg_fmtint(sPrintMotd, o->print_motd); |
| 1735 |
dump_cfg_fmtint(sPrintLastLog, o->print_lastlog); |
1816 |
dump_cfg_fmtint(sPrintLastLog, o->print_lastlog); |
| 1736 |
dump_cfg_fmtint(sX11Forwarding, o->x11_forwarding); |
1817 |
dump_cfg_fmtint(sX11Forwarding, o->x11_forwarding); |