diff options
Diffstat (limited to 'servconf.c')
| -rw-r--r-- | servconf.c | 20 |
1 files changed, 13 insertions, 7 deletions
diff --git a/servconf.c b/servconf.c index 9d5b73ecfc0b..45a2f2c2781c 100644 --- a/servconf.c +++ b/servconf.c @@ -1,5 +1,4 @@ - -/* $OpenBSD: servconf.c,v 1.392 2023/03/05 05:34:09 dtucker Exp $ */ +/* $OpenBSD: servconf.c,v 1.396 2023/07/17 05:26:38 djm Exp $ */ /* * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland * All rights reserved @@ -959,7 +958,7 @@ process_permitopen(struct ssh *ssh, ServerOptions *options) /* Parse a ChannelTimeout clause "pattern=interval" */ static int -parse_timeout(const char *s, char **typep, u_int *secsp) +parse_timeout(const char *s, char **typep, int *secsp) { char *cp, *sdup; int secs; @@ -985,7 +984,7 @@ parse_timeout(const char *s, char **typep, u_int *secsp) if (typep != NULL) *typep = xstrdup(sdup); if (secsp != NULL) - *secsp = (u_int)secs; + *secsp = secs; free(sdup); return 0; } @@ -993,7 +992,8 @@ parse_timeout(const char *s, char **typep, u_int *secsp) void process_channel_timeouts(struct ssh *ssh, ServerOptions *options) { - u_int i, secs; + int secs; + u_int i; char *type; debug3_f("setting %u timeouts", options->num_channel_timeouts); @@ -1332,6 +1332,7 @@ process_server_config_line_depth(ServerOptions *options, char *line, { char *str, ***chararrayptr, **charptr, *arg, *arg2, *p, *keyword; int cmdline = 0, *intptr, value, value2, n, port, oactive, r, found; + int ca_only = 0; SyslogFacility *log_facility_ptr; LogLevel *log_level_ptr; ServerOpCodes opcode; @@ -1573,6 +1574,7 @@ process_server_config_line_depth(ServerOptions *options, char *line, case sHostbasedAcceptedAlgorithms: charptr = &options->hostbased_accepted_algos; + ca_only = 0; parse_pubkey_algos: arg = argv_next(&ac, &av); if (!arg || *arg == '\0') @@ -1580,7 +1582,7 @@ process_server_config_line_depth(ServerOptions *options, char *line, filename, linenum); if (*arg != '-' && !sshkey_names_valid2(*arg == '+' || *arg == '^' ? - arg + 1 : arg, 1)) + arg + 1 : arg, 1, ca_only)) fatal("%s line %d: Bad key types '%s'.", filename, linenum, arg ? arg : "<NONE>"); if (*activep && *charptr == NULL) @@ -1589,18 +1591,22 @@ process_server_config_line_depth(ServerOptions *options, char *line, case sHostKeyAlgorithms: charptr = &options->hostkeyalgorithms; + ca_only = 0; goto parse_pubkey_algos; case sCASignatureAlgorithms: charptr = &options->ca_sign_algorithms; + ca_only = 1; goto parse_pubkey_algos; case sPubkeyAuthentication: intptr = &options->pubkey_authentication; + ca_only = 0; goto parse_flag; case sPubkeyAcceptedAlgorithms: charptr = &options->pubkey_accepted_algos; + ca_only = 0; goto parse_pubkey_algos; case sPubkeyAuthOptions: @@ -2403,7 +2409,7 @@ process_server_config_line_depth(ServerOptions *options, char *line, fatal("%.200s line %d: %s must be an absolute path", filename, linenum, keyword); } - if (*activep && options->authorized_keys_command == NULL) + if (*activep && *charptr == NULL) *charptr = xstrdup(str + len); argv_consume(&ac); break; |