diff options
author | djm <djm> | 2013-12-05 03:07:27 +0000 |
---|---|---|
committer | djm <djm> | 2013-12-05 03:07:27 +0000 |
commit | e9ec7df9386f486bd5e0992f5044deb714a80c53 (patch) | |
tree | 9e30c6f848252b06c47f57169128154935ec018a | |
parent | d4961d721e9871ab434f37b06f0ae7634873b249 (diff) | |
download | openssh-e9ec7df9386f486bd5e0992f5044deb714a80c53.tar.gz |
- djm@cvs.openbsd.org 2013/12/05 01:16:41
[servconf.c servconf.h]
bz#2161 - fix AuthorizedKeysCommand inside a Match block and
rearrange things so the same error is harder to make next time;
with and ok dtucker@
-rw-r--r-- | ChangeLog | 5 | ||||
-rw-r--r-- | servconf.c | 41 | ||||
-rw-r--r-- | servconf.h | 5 |
3 files changed, 29 insertions, 22 deletions
@@ -43,6 +43,11 @@ [sftp-client.c] bz#2171: don't leak local_fd on error; from Loganaden Velvindron @ AfriNIC + - djm@cvs.openbsd.org 2013/12/05 01:16:41 + [servconf.c servconf.h] + bz#2161 - fix AuthorizedKeysCommand inside a Match block and + rearrange things so the same error is harder to make next time; + with and ok dtucker@ - (dtucker) [configure.ac] bz#2173: use pkg-config --libs to include correct -L location for libedit. Patch from Serge van den Boom. @@ -1,5 +1,5 @@ -/* $OpenBSD: servconf.c,v 1.246 2013/11/21 00:45:44 djm Exp $ */ +/* $OpenBSD: servconf.c,v 1.247 2013/12/05 01:16:41 djm Exp $ */ /* * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland * All rights reserved @@ -1742,24 +1742,6 @@ int server_match_spec_complete(struct connection_info *ci) return 0; /* partial */ } -/* Helper macros */ -#define M_CP_INTOPT(n) do {\ - if (src->n != -1) \ - dst->n = src->n; \ -} while (0) -#define M_CP_STROPT(n) do {\ - if (src->n != NULL) { \ - free(dst->n); \ - dst->n = src->n; \ - } \ -} while(0) -#define M_CP_STRARRAYOPT(n, num_n) do {\ - if (src->num_n != 0) { \ - for (dst->num_n = 0; dst->num_n < src->num_n; dst->num_n++) \ - dst->n[dst->num_n] = xstrdup(src->n[dst->num_n]); \ - } \ -} while(0) - /* * Copy any supported values that are set. * @@ -1770,6 +1752,11 @@ int server_match_spec_complete(struct connection_info *ci) void copy_set_server_options(ServerOptions *dst, ServerOptions *src, int preauth) { +#define M_CP_INTOPT(n) do {\ + if (src->n != -1) \ + dst->n = src->n; \ +} while (0) + M_CP_INTOPT(password_authentication); M_CP_INTOPT(gss_authentication); M_CP_INTOPT(rsa_authentication); @@ -1779,8 +1766,6 @@ copy_set_server_options(ServerOptions *dst, ServerOptions *src, int preauth) M_CP_INTOPT(hostbased_uses_name_from_packet_only); M_CP_INTOPT(kbd_interactive_authentication); M_CP_INTOPT(zero_knowledge_password_authentication); - M_CP_STROPT(authorized_keys_command); - M_CP_STROPT(authorized_keys_command_user); M_CP_INTOPT(permit_root_login); M_CP_INTOPT(permit_empty_passwd); @@ -1799,6 +1784,20 @@ copy_set_server_options(ServerOptions *dst, ServerOptions *src, int preauth) M_CP_INTOPT(rekey_limit); M_CP_INTOPT(rekey_interval); + /* M_CP_STROPT and M_CP_STRARRAYOPT should not appear before here */ +#define M_CP_STROPT(n) do {\ + if (src->n != NULL && dst->n != src->n) { \ + free(dst->n); \ + dst->n = src->n; \ + } \ +} while(0) +#define M_CP_STRARRAYOPT(n, num_n) do {\ + if (src->num_n != 0) { \ + for (dst->num_n = 0; dst->num_n < src->num_n; dst->num_n++) \ + dst->n[dst->num_n] = xstrdup(src->n[dst->num_n]); \ + } \ +} while(0) + /* See comment in servconf.h */ COPY_MATCH_STRING_OPTS(); @@ -1,4 +1,4 @@ -/* $OpenBSD: servconf.h,v 1.110 2013/10/29 09:48:02 djm Exp $ */ +/* $OpenBSD: servconf.h,v 1.111 2013/12/05 01:16:41 djm Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> @@ -202,6 +202,9 @@ struct connection_info { * Match sub-config and the main config, and must be sent from the * privsep slave to the privsep master. We use a macro to ensure all * the options are copied and the copies are done in the correct order. + * + * NB. an option must appear in servconf.c:copy_set_server_options() or + * COPY_MATCH_STRING_OPTS here but never both. */ #define COPY_MATCH_STRING_OPTS() do { \ M_CP_STROPT(banner); \ |