diff options
| author | Reyk Floeter <reyk@cvs.openbsd.org> | 2005-12-08 18:34:12 +0000 |
|---|---|---|
| committer | Reyk Floeter <reyk@cvs.openbsd.org> | 2005-12-08 18:34:12 +0000 |
| commit | 71e9c1668d8823e2153147c31d4d55045ff4112c (patch) | |
| tree | 4add4b6e62b561c08001e9bd96fed4da3229880c /usr.bin/ssh/servconf.c | |
| parent | b0e765b15c8ba03873c4d8f9a97dc1bc518b24f2 (diff) | |
two changes to the new ssh tunnel support. this breaks compatibility
with the initial commit but is required for a portable approach.
- make the tunnel id u_int and platform friendly, use predefined types.
- support configuration of layer 2 (ethernet) or layer 3
(point-to-point, default) modes. configuration is done using the
Tunnel (yes|point-to-point|ethernet|no) option is ssh_config(5) and
restricted by the PermitTunnel (yes|point-to-point|ethernet|no) option
in sshd_config(5).
ok djm@, man page bits by jmc@
Diffstat (limited to 'usr.bin/ssh/servconf.c')
| -rw-r--r-- | usr.bin/ssh/servconf.c | 24 |
1 files changed, 21 insertions, 3 deletions
diff --git a/usr.bin/ssh/servconf.c b/usr.bin/ssh/servconf.c index 307c4d0ef45..8ce43cca63f 100644 --- a/usr.bin/ssh/servconf.c +++ b/usr.bin/ssh/servconf.c @@ -10,7 +10,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: servconf.c,v 1.145 2005/12/06 22:38:27 reyk Exp $"); +RCSID("$OpenBSD: servconf.c,v 1.146 2005/12/08 18:34:11 reyk Exp $"); #include "ssh.h" #include "log.h" @@ -221,7 +221,7 @@ fill_default_server_options(ServerOptions *options) if (options->authorized_keys_file == NULL) options->authorized_keys_file = _PATH_SSH_USER_PERMITTED_KEYS; if (options->permit_tun == -1) - options->permit_tun = 0; + options->permit_tun = SSH_TUNMODE_NO; /* Turn privilege separation on by default */ if (use_privsep == -1) @@ -927,7 +927,25 @@ parse_flag: case sPermitTunnel: intptr = &options->permit_tun; - goto parse_flag; + arg = strdelim(&cp); + if (!arg || *arg == '\0') + fatal("%s line %d: Missing yes/point-to-point/" + "ethernet/no argument.", filename, linenum); + value = 0; /* silence compiler */ + if (strcasecmp(arg, "ethernet") == 0) + value = SSH_TUNMODE_ETHERNET; + else if (strcasecmp(arg, "point-to-point") == 0) + value = SSH_TUNMODE_POINTOPOINT; + else if (strcasecmp(arg, "yes") == 0) + value = SSH_TUNMODE_YES; + else if (strcasecmp(arg, "no") == 0) + value = SSH_TUNMODE_NO; + else + fatal("%s line %d: Bad yes/point-to-point/ethernet/" + "no argument: %s", filename, linenum, arg); + if (*intptr == -1) + *intptr = value; + break; case sDeprecated: logit("%s line %d: Deprecated option %s", |