diff options
| author | Damien Miller <djm@cvs.openbsd.org> | 2014-12-04 02:24:33 +0000 |
|---|---|---|
| committer | Damien Miller <djm@cvs.openbsd.org> | 2014-12-04 02:24:33 +0000 |
| commit | 39c0875a311e18e682ebe236771ff2e97ae52527 (patch) | |
| tree | e0c3d3b765d28b9cb4d9f2d8abc322278039d274 /usr.bin/ssh/readconf.c | |
| parent | 3609cf92194384b8a354c3f8004ddf8fa9a33511 (diff) | |
add RevokedHostKeys option for the client
Allow textfile or KRL-based revocation of hostkeys.
Diffstat (limited to 'usr.bin/ssh/readconf.c')
| -rw-r--r-- | usr.bin/ssh/readconf.c | 12 |
1 files changed, 10 insertions, 2 deletions
diff --git a/usr.bin/ssh/readconf.c b/usr.bin/ssh/readconf.c index 7fc9a6534c7..16e83f23179 100644 --- a/usr.bin/ssh/readconf.c +++ b/usr.bin/ssh/readconf.c @@ -1,4 +1,4 @@ -/* $OpenBSD: readconf.c,v 1.222 2014/10/24 02:01:20 lteo Exp $ */ +/* $OpenBSD: readconf.c,v 1.223 2014/12/04 02:24:32 djm Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland @@ -143,7 +143,7 @@ typedef enum { oKexAlgorithms, oIPQoS, oRequestTTY, oIgnoreUnknown, oProxyUseFdpass, oCanonicalDomains, oCanonicalizeHostname, oCanonicalizeMaxDots, oCanonicalizeFallbackLocal, oCanonicalizePermittedCNAMEs, - oStreamLocalBindMask, oStreamLocalBindUnlink, + oStreamLocalBindMask, oStreamLocalBindUnlink, oRevokedHostKeys, oIgnoredUnknownOption, oDeprecated, oUnsupported } OpCodes; @@ -258,6 +258,7 @@ static struct { { "canonicalizepermittedcnames", oCanonicalizePermittedCNAMEs }, { "streamlocalbindmask", oStreamLocalBindMask }, { "streamlocalbindunlink", oStreamLocalBindUnlink }, + { "revokedhostkeys", oRevokedHostKeys }, { "ignoreunknown", oIgnoreUnknown }, { NULL, oBadOption } @@ -1443,6 +1444,10 @@ parse_int: intptr = &options->fwd_opts.streamlocal_bind_unlink; goto parse_flag; + case oRevokedHostKeys: + charptr = &options->revoked_host_keys; + goto parse_string; + case oDeprecated: debug("%s line %d: Deprecated option \"%s\"", filename, linenum, keyword); @@ -1619,6 +1624,7 @@ initialize_options(Options * options) options->canonicalize_max_dots = -1; options->canonicalize_fallback_local = -1; options->canonicalize_hostname = -1; + options->revoked_host_keys = NULL; } /* @@ -1804,6 +1810,7 @@ fill_default_options(Options * options) CLEAR_ON_NONE(options->local_command); CLEAR_ON_NONE(options->proxy_command); CLEAR_ON_NONE(options->control_path); + CLEAR_ON_NONE(options->revoked_host_keys); /* options->user will be set in the main program if appropriate */ /* options->hostname will be set in the main program if appropriate */ /* options->host_key_alias should not be set by default */ @@ -2237,6 +2244,7 @@ dump_client_config(Options *o, const char *host) dump_cfg_string(oPreferredAuthentications, o->preferred_authentications); dump_cfg_string(oProxyCommand, o->proxy_command); dump_cfg_string(oXAuthLocation, o->xauth_location); + dump_cfg_string(oRevokedHostKeys, o->revoked_host_keys); dump_cfg_forwards(oDynamicForward, o->num_local_forwards, o->local_forwards); dump_cfg_forwards(oLocalForward, o->num_local_forwards, o->local_forwards); |