diff options
| author | Damien Miller <djm@cvs.openbsd.org> | 2017-02-03 23:01:20 +0000 |
|---|---|---|
| committer | Damien Miller <djm@cvs.openbsd.org> | 2017-02-03 23:01:20 +0000 |
| commit | 2045604aea45bac776d9ba6ab1f403983f454377 (patch) | |
| tree | 7298d1bf80c8e4d662a2f3a3041aa5c5a5c3394a /usr.bin/ssh/readconf.c | |
| parent | f77ec57434f859ccae5cbe617b9a3c3336c622c9 (diff) | |
support =- for removing methods from algorithms lists, e.g.
Ciphers=-*cbc; suggested by Cristian Ionescu-Idbohrn in bz#2671
"I like it" markus@
Diffstat (limited to 'usr.bin/ssh/readconf.c')
| -rw-r--r-- | usr.bin/ssh/readconf.c | 12 |
1 files changed, 7 insertions, 5 deletions
diff --git a/usr.bin/ssh/readconf.c b/usr.bin/ssh/readconf.c index e8f63e381e3..97b3550388b 100644 --- a/usr.bin/ssh/readconf.c +++ b/usr.bin/ssh/readconf.c @@ -1,4 +1,4 @@ -/* $OpenBSD: readconf.c,v 1.267 2017/02/03 05:05:56 djm Exp $ */ +/* $OpenBSD: readconf.c,v 1.268 2017/02/03 23:01:19 djm Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland @@ -1179,7 +1179,7 @@ parse_int: arg = strdelim(&s); if (!arg || *arg == '\0') fatal("%.200s line %d: Missing argument.", filename, linenum); - if (!ciphers_valid(*arg == '+' ? arg + 1 : arg)) + if (*arg != '-' && !ciphers_valid(*arg == '+' ? arg + 1 : arg)) fatal("%.200s line %d: Bad SSH2 cipher spec '%s'.", filename, linenum, arg ? arg : "<NONE>"); if (*activep && options->ciphers == NULL) @@ -1190,7 +1190,7 @@ parse_int: arg = strdelim(&s); if (!arg || *arg == '\0') fatal("%.200s line %d: Missing argument.", filename, linenum); - if (!mac_valid(*arg == '+' ? arg + 1 : arg)) + if (*arg != '-' && !mac_valid(*arg == '+' ? arg + 1 : arg)) fatal("%.200s line %d: Bad SSH2 Mac spec '%s'.", filename, linenum, arg ? arg : "<NONE>"); if (*activep && options->macs == NULL) @@ -1202,7 +1202,8 @@ parse_int: if (!arg || *arg == '\0') fatal("%.200s line %d: Missing argument.", filename, linenum); - if (!kex_names_valid(*arg == '+' ? arg + 1 : arg)) + if (*arg != '-' && + !kex_names_valid(*arg == '+' ? arg + 1 : arg)) fatal("%.200s line %d: Bad SSH2 KexAlgorithms '%s'.", filename, linenum, arg ? arg : "<NONE>"); if (*activep && options->kex_algorithms == NULL) @@ -1216,7 +1217,8 @@ parse_keytypes: if (!arg || *arg == '\0') fatal("%.200s line %d: Missing argument.", filename, linenum); - if (!sshkey_names_valid2(*arg == '+' ? arg + 1 : arg, 1)) + if (*arg != '-' && + !sshkey_names_valid2(*arg == '+' ? arg + 1 : arg, 1)) fatal("%s line %d: Bad key types '%s'.", filename, linenum, arg ? arg : "<NONE>"); if (*activep && *charptr == NULL) |