diff options
author | dtucker@openbsd.org <dtucker@openbsd.org> | 2021-03-12 04:08:19 +0000 |
---|---|---|
committer | Darren Tucker <dtucker@dtucker.net> | 2021-03-13 13:14:13 +1100 |
commit | 88057eb6df912abf2678ea5c846d9d9cbc92752c (patch) | |
tree | 7eae3d98c66cb57b8433b83d2e50aa63a47a3368 /servconf.c | |
parent | f07519a2af96109325b5a48b1af18b57601074ca (diff) | |
download | openssh-git-88057eb6df912abf2678ea5c846d9d9cbc92752c.tar.gz |
upstream: Add ModuliFile keyword to sshd_config to specify the
location of the "moduli" file containing the groups for DH-GEX. This will
allow us to run tests against arbitrary moduli files without having to
install them. ok djm@
OpenBSD-Commit-ID: 8df99d60b14ecaaa28f3469d01fc7f56bff49f66
Diffstat (limited to 'servconf.c')
-rw-r--r-- | servconf.c | 12 |
1 files changed, 10 insertions, 2 deletions
@@ -1,5 +1,5 @@ -/* $OpenBSD: servconf.c,v 1.377 2021/02/24 01:18:08 dtucker Exp $ */ +/* $OpenBSD: servconf.c,v 1.378 2021/03/12 04:08:19 dtucker Exp $ */ /* * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland * All rights reserved @@ -305,6 +305,8 @@ fill_default_server_options(ServerOptions *options) add_listen_addr(options, NULL, NULL, 0); if (options->pid_file == NULL) options->pid_file = xstrdup(_PATH_SSH_DAEMON_PID_FILE); + if (options->moduli_file == NULL) + options->moduli_file = xstrdup(_PATH_DH_MODULI); if (options->login_grace_time == -1) options->login_grace_time = 120; if (options->permit_root_login == PERMIT_NOT_SET) @@ -500,7 +502,7 @@ typedef enum { sPermitTTY, sStrictModes, sEmptyPasswd, sTCPKeepAlive, sPermitUserEnvironment, sAllowTcpForwarding, sCompression, sRekeyLimit, sAllowUsers, sDenyUsers, sAllowGroups, sDenyGroups, - sIgnoreUserKnownHosts, sCiphers, sMacs, sPidFile, + sIgnoreUserKnownHosts, sCiphers, sMacs, sPidFile, sModuliFile, sGatewayPorts, sPubkeyAuthentication, sPubkeyAcceptedAlgorithms, sXAuthLocation, sSubsystem, sMaxStartups, sMaxAuthTries, sMaxSessions, sBanner, sUseDNS, sHostbasedAuthentication, @@ -548,6 +550,7 @@ static struct { { "hostdsakey", sHostKeyFile, SSHCFG_GLOBAL }, /* alias */ { "hostkeyagent", sHostKeyAgent, SSHCFG_GLOBAL }, { "pidfile", sPidFile, SSHCFG_GLOBAL }, + { "modulifile", sModuliFile, SSHCFG_GLOBAL }, { "serverkeybits", sDeprecated, SSHCFG_GLOBAL }, { "logingracetime", sLoginGraceTime, SSHCFG_GLOBAL }, { "keyregenerationinterval", sDeprecated, SSHCFG_GLOBAL }, @@ -1451,6 +1454,10 @@ process_server_config_line_depth(ServerOptions *options, char *line, } break; + case sModuliFile: + charptr = &options->moduli_file; + goto parse_filename; + case sPermitRootLogin: intptr = &options->permit_root_login; multistate_ptr = multistate_permitrootlogin; @@ -2875,6 +2882,7 @@ dump_config(ServerOptions *o) /* string arguments */ dump_cfg_string(sPidFile, o->pid_file); + dump_cfg_string(sModuliFile, o->moduli_file); dump_cfg_string(sXAuthLocation, o->xauth_location); dump_cfg_string(sCiphers, o->ciphers); dump_cfg_string(sMacs, o->macs); |