diff options
Diffstat (limited to 'sshd.c')
| -rw-r--r-- | sshd.c | 44 |
1 files changed, 28 insertions, 16 deletions
@@ -1,4 +1,4 @@ -/* $OpenBSD: sshd.c,v 1.596 2023/01/18 01:50:21 millert Exp $ */ +/* $OpenBSD: sshd.c,v 1.597 2023/02/10 04:47:19 djm Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland @@ -901,7 +901,7 @@ usage(void) { fprintf(stderr, "%s, %s\n", SSH_RELEASE, SSH_OPENSSL_VERSION); fprintf(stderr, -"usage: sshd [-46DdeiqTtV] [-C connection_spec] [-c host_cert_file]\n" +"usage: sshd [-46DdeGiqTtV] [-C connection_spec] [-c host_cert_file]\n" " [-E log_file] [-f config_file] [-g login_grace_time]\n" " [-h host_key_file] [-o option] [-p port] [-u len]\n" ); @@ -1524,6 +1524,21 @@ prepare_proctitle(int ac, char **av) return ret; } +static void +print_config(struct ssh *ssh, struct connection_info *connection_info) +{ + /* + * If no connection info was provided by -C then use + * use a blank one that will cause no predicate to match. + */ + if (connection_info == NULL) + connection_info = get_connection_info(ssh, 0, 0); + connection_info->test = 1; + parse_server_match_config(&options, &includes, connection_info); + dump_config(&options); + exit(0); +} + /* * Main program for the daemon. */ @@ -1533,7 +1548,7 @@ main(int ac, char **av) struct ssh *ssh = NULL; extern char *optarg; extern int optind; - int r, opt, on = 1, already_daemon, remote_port; + int r, opt, on = 1, do_dump_cfg = 0, already_daemon, remote_port; int sock_in = -1, sock_out = -1, newsock = -1; const char *remote_ip, *rdomain; char *fp, *line, *laddr, *logfile = NULL; @@ -1581,7 +1596,7 @@ main(int ac, char **av) /* Parse command-line arguments. */ while ((opt = getopt(ac, av, - "C:E:b:c:f:g:h:k:o:p:u:46DQRTdeiqrtV")) != -1) { + "C:E:b:c:f:g:h:k:o:p:u:46DGQRTdeiqrtV")) != -1) { switch (opt) { case '4': options.address_family = AF_INET; @@ -1606,6 +1621,9 @@ main(int ac, char **av) case 'D': no_daemon_flag = 1; break; + case 'G': + do_dump_cfg = 1; + break; case 'E': logfile = optarg; /* FALLTHROUGH */ @@ -1693,7 +1711,7 @@ main(int ac, char **av) } if (rexeced_flag || inetd_flag) rexec_flag = 0; - if (!test_flag && rexec_flag && !path_absolute(av[0])) + if (!test_flag && !do_dump_cfg && rexec_flag && !path_absolute(av[0])) fatal("sshd re-exec requires execution with an absolute path"); if (rexeced_flag) closefrom(REEXEC_MIN_FREE_FD); @@ -1799,6 +1817,9 @@ main(int ac, char **av) debug("sshd version %s, %s", SSH_VERSION, SSH_OPENSSL_VERSION); + if (do_dump_cfg) + print_config(ssh, connection_info); + /* Store privilege separation user for later use if required. */ privsep_chroot = use_privsep && (getuid() == 0 || geteuid() == 0); if ((privsep_pw = getpwnam(SSH_PRIVSEP_USER)) == NULL) { @@ -1981,17 +2002,8 @@ main(int ac, char **av) "world-writable.", _PATH_PRIVSEP_CHROOT_DIR); } - if (test_flag > 1) { - /* - * If no connection info was provided by -C then use - * use a blank one that will cause no predicate to match. - */ - if (connection_info == NULL) - connection_info = get_connection_info(ssh, 0, 0); - connection_info->test = 1; - parse_server_match_config(&options, &includes, connection_info); - dump_config(&options); - } + if (test_flag > 1) + print_config(ssh, connection_info); /* Configuration looks good, so exit if in test mode. */ if (test_flag) |