warn for unsupported config option. ok markus@

2 files changed, 44 insertions, 20 deletions

diff --git a/usr.bin/ssh/readconf.c b/usr.bin/ssh/readconf.c
index 6634b215962..adbb13fa435 100644
--- a/usr.bin/ssh/readconf.c
+++ b/usr.bin/ssh/readconf.c
@@ -12,7 +12,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: readconf.c,v 1.109 2003/05/15 04:08:44 jakob Exp $");
+RCSID("$OpenBSD: readconf.c,v 1.110 2003/05/15 14:02:47 jakob Exp $");
 
 #include "ssh.h"
 #include "xmalloc.h"
@@ -107,7 +107,7 @@ typedef enum {
 	oHostKeyAlgorithms, oBindAddress, oSmartcardDevice,
 	oClearAllForwardings, oNoHostAuthenticationForLocalhost,
 	oEnableSSHKeysign, oRekeyLimit, oVerifyHostKeyDNS,
-	oDeprecated
+	oDeprecated, oUnsupported
 } OpCodes;
 
 /* Textual representations of the tokens. */
@@ -133,9 +133,18 @@ static struct {
 	{ "challengeresponseauthentication", oChallengeResponseAuthentication },
 	{ "skeyauthentication", oChallengeResponseAuthentication }, /* alias */
 	{ "tisauthentication", oChallengeResponseAuthentication },  /* alias */
+#if defined(KRB4) || defined(KRB5)
 	{ "kerberosauthentication", oKerberosAuthentication },
 	{ "kerberostgtpassing", oKerberosTgtPassing },
+#else
+	{ "kerberosauthentication", oUnsupported },
+	{ "kerberostgtpassing", oUnsupported },
+#endif
+#if defined(AFS)
 	{ "afstokenpassing", oAFSTokenPassing },
+#else
+	{ "afstokenpassing", oUnsupported },
+#endif
 	{ "fallbacktorsh", oDeprecated },
 	{ "usersh", oDeprecated },
 	{ "identityfile", oIdentityFile },
@@ -170,10 +179,18 @@ static struct {
 	{ "preferredauthentications", oPreferredAuthentications },
 	{ "hostkeyalgorithms", oHostKeyAlgorithms },
 	{ "bindaddress", oBindAddress },
+#ifdef SMARTCARD
 	{ "smartcarddevice", oSmartcardDevice },
+#else
+	{ "smartcarddevice", oUnsupported },
+#endif
 	{ "clearallforwardings", oClearAllForwardings },
 	{ "enablesshkeysign", oEnableSSHKeysign },
+#ifdef DNS
 	{ "verifyhostkeydns", oVerifyHostKeyDNS },
+#else
+	{ "verifyhostkeydns", oUnsupported },
+#endif
 	{ "nohostauthenticationforlocalhost", oNoHostAuthenticationForLocalhost },
 	{ "rekeylimit", oRekeyLimit },
 	{ NULL, oBadOption }
@@ -695,6 +712,11 @@ parse_int:
 		    filename, linenum, keyword);
 		return 0;
 
+	case oUnsupported:
+		error("%s line %d: Unsupported option \"%s\"",
+		    filename, linenum, keyword);
+		return 0;
+
 	default:
 		fatal("process_config_line: Unimplemented opcode %d", opcode);
 	}
@@ -842,23 +864,11 @@ fill_default_options(Options * options)
 	if (options->challenge_response_authentication == -1)
 		options->challenge_response_authentication = 1;
 	if (options->kerberos_authentication == -1)
-#if defined(KRB4) || defined(KRB5)
 		options->kerberos_authentication = 1;
-#else
-		options->kerberos_authentication = 0;
-#endif
 	if (options->kerberos_tgt_passing == -1)
-#if defined(KRB4) || defined(KRB5)
 		options->kerberos_tgt_passing = 1;
-#else
-		options->kerberos_tgt_passing = 0;
-#endif
 	if (options->afs_token_passing == -1)
-#if defined(AFS)
 		options->afs_token_passing = 1;
-#else
-		options->afs_token_passing = 0;
-#endif
 	if (options->password_authentication == -1)
 		options->password_authentication = 1;
 	if (options->kbd_interactive_authentication == -1)
diff --git a/usr.bin/ssh/servconf.c b/usr.bin/ssh/servconf.c
index 50e59602086..fc498ac4536 100644
--- a/usr.bin/ssh/servconf.c
+++ b/usr.bin/ssh/servconf.c
@@ -10,7 +10,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: servconf.c,v 1.120 2003/05/15 04:08:44 jakob Exp $");
+RCSID("$OpenBSD: servconf.c,v 1.121 2003/05/15 14:02:47 jakob Exp $");
 
 #if defined(KRB4)
 #include <krb.h>
@@ -180,11 +180,7 @@ fill_default_server_options(ServerOptions *options)
 	if (options->kerberos_or_local_passwd == -1)
 		options->kerberos_or_local_passwd = 1;
 	if (options->kerberos_ticket_cleanup == -1)
-#if defined(KRB4) || defined(KRB5)
 		options->kerberos_ticket_cleanup = 1;
-#else
-		options->kerberos_ticket_cleanup = 0;
-#endif
 	if (options->kerberos_tgt_passing == -1)
 		options->kerberos_tgt_passing = 0;
 	if (options->afs_token_passing == -1)
@@ -254,7 +250,7 @@ typedef enum {
 	sHostbasedUsesNameFromPacketOnly, sClientAliveInterval,
 	sClientAliveCountMax, sAuthorizedKeysFile, sAuthorizedKeysFile2,
 	sUsePrivilegeSeparation,
-	sDeprecated
+	sDeprecated, sUnsupported
 } ServerOpCodes;
 
 /* Textual representation of the tokens. */
@@ -279,11 +275,22 @@ static struct {
 	{ "rsaauthentication", sRSAAuthentication },
 	{ "pubkeyauthentication", sPubkeyAuthentication },
 	{ "dsaauthentication", sPubkeyAuthentication },			/* alias */
+#if defined(KRB4) || defined(KRB5)
 	{ "kerberosauthentication", sKerberosAuthentication },
 	{ "kerberosorlocalpasswd", sKerberosOrLocalPasswd },
 	{ "kerberosticketcleanup", sKerberosTicketCleanup },
 	{ "kerberostgtpassing", sKerberosTgtPassing },
+#else
+	{ "kerberosauthentication", sUnsupported },
+	{ "kerberosorlocalpasswd", sUnsupported },
+	{ "kerberosticketcleanup", sUnsupported },
+	{ "kerberostgtpassing", sUnsupported },
+#endif
+#if defined(AFS)
 	{ "afstokenpassing", sAFSTokenPassing },
+#else
+	{ "afstokenpassing", sUnsupported },
+#endif
 	{ "passwordauthentication", sPasswordAuthentication },
 	{ "kbdinteractiveauthentication", sKbdInteractiveAuthentication },
 	{ "challengeresponseauthentication", sChallengeResponseAuthentication },
@@ -850,6 +857,13 @@ parse_flag:
 		    arg = strdelim(&cp);
 		break;
 
+	case sUnsupported:
+		logit("%s line %d: Unsupported option %s",
+		    filename, linenum, arg);
+		while (arg)
+		    arg = strdelim(&cp);
+		break;
+
 	default:
 		fatal("%s line %d: Missing handler for opcode %s (%d)",
 		    filename, linenum, arg, opcode);