diff options
author | Damien Miller <djm@cvs.openbsd.org> | 2011-05-20 03:25:46 +0000 |
---|---|---|
committer | Damien Miller <djm@cvs.openbsd.org> | 2011-05-20 03:25:46 +0000 |
commit | 3d41ed1f361d65793c862bc3c75ce7d4fa66d3d1 (patch) | |
tree | a20e07ab8a0cb782c395e6db70aa57e04180ac94 /usr.bin | |
parent | 69913e0abfc41adc146f71c35d6c77ede590c1ac (diff) |
use a macro to define which string options to copy between configs
for Match. This avoids problems caused by forgetting to keep three
code locations in perfect sync and ordering
"this is at once beautiful and horrible" + ok dtucker@
Diffstat (limited to 'usr.bin')
-rw-r--r-- | usr.bin/ssh/monitor.c | 13 | ||||
-rw-r--r-- | usr.bin/ssh/monitor_wrap.c | 13 | ||||
-rw-r--r-- | usr.bin/ssh/servconf.c | 9 | ||||
-rw-r--r-- | usr.bin/ssh/servconf.h | 16 |
4 files changed, 38 insertions, 13 deletions
diff --git a/usr.bin/ssh/monitor.c b/usr.bin/ssh/monitor.c index 985bf28cf23..0366da43c08 100644 --- a/usr.bin/ssh/monitor.c +++ b/usr.bin/ssh/monitor.c @@ -1,4 +1,4 @@ -/* $OpenBSD: monitor.c,v 1.111 2011/05/15 08:09:01 djm Exp $ */ +/* $OpenBSD: monitor.c,v 1.112 2011/05/20 03:25:45 djm Exp $ */ /* * Copyright 2002 Niels Provos <provos@citi.umich.edu> * Copyright 2002 Markus Friedl <markus@openbsd.org> @@ -584,8 +584,15 @@ mm_answer_pwnamallow(int sock, Buffer *m) out: buffer_put_string(m, &options, sizeof(options)); - if (options.banner != NULL) - buffer_put_cstring(m, options.banner); + +#define M_CP_STROPT(x) do { \ + if (options.x != NULL) \ + buffer_put_cstring(m, options.x); \ + } while (0) + /* See comment in servconf.h */ + COPY_MATCH_STRING_OPTS(); +#undef M_CP_STROPT + debug3("%s: sending MONITOR_ANS_PWNAM: %d", __func__, allowed); mm_request_send(sock, MONITOR_ANS_PWNAM, m); diff --git a/usr.bin/ssh/monitor_wrap.c b/usr.bin/ssh/monitor_wrap.c index dee1f33f56c..47f77667d13 100644 --- a/usr.bin/ssh/monitor_wrap.c +++ b/usr.bin/ssh/monitor_wrap.c @@ -1,4 +1,4 @@ -/* $OpenBSD: monitor_wrap.c,v 1.70 2010/08/31 11:54:45 djm Exp $ */ +/* $OpenBSD: monitor_wrap.c,v 1.71 2011/05/20 03:25:45 djm Exp $ */ /* * Copyright 2002 Niels Provos <provos@citi.umich.edu> * Copyright 2002 Markus Friedl <markus@openbsd.org> @@ -234,8 +234,15 @@ out: newopts = buffer_get_string(&m, &len); if (len != sizeof(*newopts)) fatal("%s: option block size mismatch", __func__); - if (newopts->banner != NULL) - newopts->banner = buffer_get_string(&m, NULL); + +#define M_CP_STROPT(x) do { \ + if (newopts->x != NULL) \ + newopts->x = buffer_get_string(&m, NULL); \ + } while (0) + /* See comment in servconf.h */ + COPY_MATCH_STRING_OPTS(); +#undef M_CP_STROPT + copy_set_server_options(&options, newopts, 1); xfree(newopts); diff --git a/usr.bin/ssh/servconf.c b/usr.bin/ssh/servconf.c index 7785696050c..a2133e200a3 100644 --- a/usr.bin/ssh/servconf.c +++ b/usr.bin/ssh/servconf.c @@ -1,4 +1,4 @@ -/* $OpenBSD: servconf.c,v 1.217 2011/05/20 02:00:19 dtucker Exp $ */ +/* $OpenBSD: servconf.c,v 1.218 2011/05/20 03:25:45 djm Exp $ */ /* * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland * All rights reserved @@ -1455,11 +1455,8 @@ copy_set_server_options(ServerOptions *dst, ServerOptions *src, int preauth) M_CP_INTOPT(ip_qos_interactive); M_CP_INTOPT(ip_qos_bulk); - M_CP_STROPT(banner); - M_CP_STROPT(trusted_user_ca_keys); - M_CP_STROPT(revoked_keys_file); - M_CP_STROPT(authorized_keys_file); - M_CP_STROPT(authorized_principals_file); + /* See comment in servconf.h */ + COPY_MATCH_STRING_OPTS(); /* * The only things that should be below this point are string options diff --git a/usr.bin/ssh/servconf.h b/usr.bin/ssh/servconf.h index a977406ff90..04c5dead19d 100644 --- a/usr.bin/ssh/servconf.h +++ b/usr.bin/ssh/servconf.h @@ -1,4 +1,4 @@ -/* $OpenBSD: servconf.h,v 1.96 2011/05/11 04:47:06 djm Exp $ */ +/* $OpenBSD: servconf.h,v 1.97 2011/05/20 03:25:45 djm Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> @@ -159,6 +159,20 @@ typedef struct { char *authorized_principals_file; } ServerOptions; +/* + * These are string config options that must be copied between the + * Match sub-config and the main config, and must be sent from the + * privsep slave to the privsep master. We use a macro to ensure all + * the options are copied and the copies are done in the correct order. + */ +#define COPY_MATCH_STRING_OPTS() do { \ + M_CP_STROPT(banner); \ + M_CP_STROPT(trusted_user_ca_keys); \ + M_CP_STROPT(revoked_keys_file); \ + M_CP_STROPT(authorized_keys_file); \ + M_CP_STROPT(authorized_principals_file); \ + } while (0) + void initialize_server_options(ServerOptions *); void fill_default_server_options(ServerOptions *); int process_server_config_line(ServerOptions *, char *, const char *, int, |