Bugzilla – Attachment 2691 Details for
Bug 2455
Regression tests tweaks: keyscan and hostkey_rotation
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
fix regress/hostkey_rotate.s
openssh_regress_hostkey_rotate.patch (text/plain), 4.19 KB, created by
Jakub Jelen
on 2015-09-02 00:03:41 AEST
(
hide
)
Description:
fix regress/hostkey_rotate.s
Filename:
MIME Type:
Creator:
Jakub Jelen
Created:
2015-09-02 00:03:41 AEST
Size:
4.19 KB
patch
obsolete
>diff --git a/regress/hostkey-rotate.sh b/regress/hostkey-rotate.sh >index 3aa8c40..3aa462e 100644 >--- a/regress/hostkey-rotate.sh >+++ b/regress/hostkey-rotate.sh >@@ -108,21 +108,3 @@ verbose "check rotate primary hostkey" > dossh -oStrictHostKeyChecking=yes -oHostKeyAlgorithms=ssh-rsa > expect_nkeys 1 "learn hostkeys" > check_key_present ssh-rsa || fail "didn't learn changed key" >- >-# $OpenBSD: hostkey-rotate.sh,v 1.4 2015/07/10 06:23:25 markus Exp $ >-# Placed in the Public Domain. >- >-tid="hostkey rotate" >- >-# Prepare hostkeys file with one key >- >-# Connect to sshd >- >-# Check that other keys learned >- >-# Change one hostkey (non primary) >- >-# Connect to sshd >- >-# Check that the key was replaced >- >diff --git a/servconf.c b/servconf.c >index b5db0f7..5b97b20 100644 >--- a/servconf.c >+++ b/servconf.c >@@ -64,6 +64,7 @@ static void add_one_listen_addr(ServerOptions *, char *, int); > /* Use of privilege separation or not */ > extern int use_privsep; > extern Buffer cfg; >+struct include_item *include_list = NULL; > > /* Initializes the server options to their default values. */ > >@@ -415,7 +416,7 @@ typedef enum { > sAcceptEnv, sPermitTunnel, > sMatch, sPermitOpen, sForceCommand, sChrootDirectory, > sUsePrivilegeSeparation, sAllowAgentForwarding, >- sHostCertificate, >+ sHostCertificate, sInclude, > sRevokedKeys, sTrustedUserCAKeys, sAuthorizedPrincipalsFile, > sAuthorizedPrincipalsCommand, sAuthorizedPrincipalsCommandUser, > sKexAlgorithms, sIPQoS, sVersionAddendum, >@@ -550,6 +551,7 @@ static struct { > { "trustedusercakeys", sTrustedUserCAKeys, SSHCFG_ALL }, > { "authorizedprincipalsfile", sAuthorizedPrincipalsFile, SSHCFG_ALL }, > { "kexalgorithms", sKexAlgorithms, SSHCFG_GLOBAL }, >+ { "include", sInclude, SSHCFG_GLOBAL }, > { "ipqos", sIPQoS, SSHCFG_ALL }, > { "authorizedkeyscommand", sAuthorizedKeysCommand, SSHCFG_ALL }, > { "authorizedkeyscommanduser", sAuthorizedKeysCommandUser, SSHCFG_ALL }, >@@ -964,6 +966,9 @@ process_server_config_line(ServerOptions *options, char *line, > size_t len; > long long val64; > const struct multistate *multistate_ptr; >+ struct include_item *item; >+ int found = 0; >+ glob_t gbuf; > > cp = line; > if ((arg = strdelim(&cp)) == NULL) >@@ -1632,6 +1637,50 @@ process_server_config_line(ServerOptions *options, char *line, > *intptr = value; > break; > >+ case sInclude: >+ arg = strdelim(&cp); >+ if (!arg || *arg == '\0') >+ fatal("%s line %d: missing argument - file to include", >+ filename, linenum); >+ // browse cached list of files >+ for (item = include_list; item != NULL; item = item->next) { >+ if (strcmp(item->selector, arg) == 0) { >+ if (item->filename != NULL) >+ parse_server_config(options, item->filename, &(item->buffer), connectinfo); >+ found = 1; >+ } >+ } >+ // no match. Go glob >+ if (found == 0) { >+ debug3("Glob configuration file to include %s", arg); >+ if (glob(arg, 0, NULL, &gbuf) == 0) >+ for (i = 0; i < gbuf.gl_pathc; i++) { >+ debug3("Including configuration file %s", >+ gbuf.gl_pathv[i]); >+ item = malloc(sizeof(struct include_item)); >+ item->selector = strdup(arg); >+ item->filename = strdup(gbuf.gl_pathv[i]); >+ buffer_init(&(item->buffer)); >+ load_server_config(item->filename, &(item->buffer)); >+ parse_server_config(options, item->filename, &(item->buffer), connectinfo); >+ // prepend item to the start of the list >+ item->next = include_list; >+ include_list = item; >+ } >+ else { /* no match or other error */ >+ // store placeholder to avoid aditional globs >+ item = malloc(sizeof(struct include_item)); >+ item->selector = strdup(arg); >+ item->filename = NULL; >+ buffer_init(&(item->buffer)); >+ // prepend item to the start of the list >+ item->next = include_list; >+ include_list = item; >+ } >+ globfree(&gbuf); >+ } >+ break; >+ > case sMatch: > if (cmdline) > fatal("Match directive not supported as a command-line " >diff --git a/servconf.h b/servconf.h >index f4137af..4d9736f 100644 >--- a/servconf.h >+++ b/servconf.h >@@ -206,6 +206,13 @@ struct connection_info { > int lport; /* local port */ > }; > >+struct include_item { >+ const char *selector; >+ const char *filename; >+ Buffer buffer; >+ struct include_item *next; >+}; >+ > > /* > * These are string config options that must be copied between the
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=2691">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 2455
:
2691