Bugzilla – Attachment 2691 Details for
Bug 2455
Regression tests tweaks: keyscan and hostkey_rotation
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
fix regress/hostkey_rotate.s
openssh_regress_hostkey_rotate.patch (text/plain), 4.19 KB, created by
Jakub Jelen
on 2015-09-02 00:03:41 AEST
(
hide
)
Description:
fix regress/hostkey_rotate.s
Filename:
MIME Type:
Creator:
Jakub Jelen
Created:
2015-09-02 00:03:41 AEST
Size:
4.19 KB
patch
obsolete
>diff --git a/regress/hostkey-rotate.sh b/regress/hostkey-rotate.sh >index 3aa8c40..3aa462e 100644 >--- a/regress/hostkey-rotate.sh >+++ b/regress/hostkey-rotate.sh >@@ -108,21 +108,3 @@ verbose "check rotate primary hostkey" > dossh -oStrictHostKeyChecking=yes -oHostKeyAlgorithms=ssh-rsa > expect_nkeys 1 "learn hostkeys" > check_key_present ssh-rsa || fail "didn't learn changed key" >- >-# $OpenBSD: hostkey-rotate.sh,v 1.4 2015/07/10 06:23:25 markus Exp $ >-# Placed in the Public Domain. >- >-tid="hostkey rotate" >- >-# Prepare hostkeys file with one key >- >-# Connect to sshd >- >-# Check that other keys learned >- >-# Change one hostkey (non primary) >- >-# Connect to sshd >- >-# Check that the key was replaced >- >diff --git a/servconf.c b/servconf.c >index b5db0f7..5b97b20 100644 >--- a/servconf.c >+++ b/servconf.c >@@ -64,6 +64,7 @@ static void add_one_listen_addr(ServerOptions *, char *, int); > /* Use of privilege separation or not */ > extern int use_privsep; > extern Buffer cfg; >+struct include_item *include_list = NULL; > > /* Initializes the server options to their default values. */ > >@@ -415,7 +416,7 @@ typedef enum { > sAcceptEnv, sPermitTunnel, > sMatch, sPermitOpen, sForceCommand, sChrootDirectory, > sUsePrivilegeSeparation, sAllowAgentForwarding, >- sHostCertificate, >+ sHostCertificate, sInclude, > sRevokedKeys, sTrustedUserCAKeys, sAuthorizedPrincipalsFile, > sAuthorizedPrincipalsCommand, sAuthorizedPrincipalsCommandUser, > sKexAlgorithms, sIPQoS, sVersionAddendum, >@@ -550,6 +551,7 @@ static struct { > { "trustedusercakeys", sTrustedUserCAKeys, SSHCFG_ALL }, > { "authorizedprincipalsfile", sAuthorizedPrincipalsFile, SSHCFG_ALL }, > { "kexalgorithms", sKexAlgorithms, SSHCFG_GLOBAL }, >+ { "include", sInclude, SSHCFG_GLOBAL }, > { "ipqos", sIPQoS, SSHCFG_ALL }, > { "authorizedkeyscommand", sAuthorizedKeysCommand, SSHCFG_ALL }, > { "authorizedkeyscommanduser", sAuthorizedKeysCommandUser, SSHCFG_ALL }, >@@ -964,6 +966,9 @@ process_server_config_line(ServerOptions *options, char *line, > size_t len; > long long val64; > const struct multistate *multistate_ptr; >+ struct include_item *item; >+ int found = 0; >+ glob_t gbuf; > > cp = line; > if ((arg = strdelim(&cp)) == NULL) >@@ -1632,6 +1637,50 @@ process_server_config_line(ServerOptions *options, char *line, > *intptr = value; > break; > >+ case sInclude: >+ arg = strdelim(&cp); >+ if (!arg || *arg == '\0') >+ fatal("%s line %d: missing argument - file to include", >+ filename, linenum); >+ // browse cached list of files >+ for (item = include_list; item != NULL; item = item->next) { >+ if (strcmp(item->selector, arg) == 0) { >+ if (item->filename != NULL) >+ parse_server_config(options, item->filename, &(item->buffer), connectinfo); >+ found = 1; >+ } >+ } >+ // no match. Go glob >+ if (found == 0) { >+ debug3("Glob configuration file to include %s", arg); >+ if (glob(arg, 0, NULL, &gbuf) == 0) >+ for (i = 0; i < gbuf.gl_pathc; i++) { >+ debug3("Including configuration file %s", >+ gbuf.gl_pathv[i]); >+ item = malloc(sizeof(struct include_item)); >+ item->selector = strdup(arg); >+ item->filename = strdup(gbuf.gl_pathv[i]); >+ buffer_init(&(item->buffer)); >+ load_server_config(item->filename, &(item->buffer)); >+ parse_server_config(options, item->filename, &(item->buffer), connectinfo); >+ // prepend item to the start of the list >+ item->next = include_list; >+ include_list = item; >+ } >+ else { /* no match or other error */ >+ // store placeholder to avoid aditional globs >+ item = malloc(sizeof(struct include_item)); >+ item->selector = strdup(arg); >+ item->filename = NULL; >+ buffer_init(&(item->buffer)); >+ // prepend item to the start of the list >+ item->next = include_list; >+ include_list = item; >+ } >+ globfree(&gbuf); >+ } >+ break; >+ > case sMatch: > if (cmdline) > fatal("Match directive not supported as a command-line " >diff --git a/servconf.h b/servconf.h >index f4137af..4d9736f 100644 >--- a/servconf.h >+++ b/servconf.h >@@ -206,6 +206,13 @@ struct connection_info { > int lport; /* local port */ > }; > >+struct include_item { >+ const char *selector; >+ const char *filename; >+ Buffer buffer; >+ struct include_item *next; >+}; >+ > > /* > * These are string config options that must be copied between the
You cannot view the attachment while viewing its details because your browser does not support IFRAMEs.
View the attachment on a separate page
.
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 2455
:
2691