aboutsummaryrefslogtreecommitdiff
path: root/crypto/openssh/readconf.c
diff options
context:
space:
mode:
Diffstat (limited to 'crypto/openssh/readconf.c')
-rw-r--r--crypto/openssh/readconf.c60
1 files changed, 27 insertions, 33 deletions
diff --git a/crypto/openssh/readconf.c b/crypto/openssh/readconf.c
index a5317990de1b..d262e6b6ed2c 100644
--- a/crypto/openssh/readconf.c
+++ b/crypto/openssh/readconf.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: readconf.c,v 1.366 2022/02/08 08:59:12 dtucker Exp $ */
+/* $OpenBSD: readconf.c,v 1.369 2022/09/17 10:33:18 djm Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -174,7 +174,7 @@ typedef enum {
oStreamLocalBindMask, oStreamLocalBindUnlink, oRevokedHostKeys,
oFingerprintHash, oUpdateHostkeys, oHostbasedAcceptedAlgorithms,
oPubkeyAcceptedAlgorithms, oCASignatureAlgorithms, oProxyJump,
- oSecurityKeyProvider, oKnownHostsCommand,
+ oSecurityKeyProvider, oKnownHostsCommand, oRequiredRSASize,
oIgnore, oIgnoredUnknownOption, oDeprecated, oUnsupported
} OpCodes;
@@ -320,6 +320,7 @@ static struct {
{ "proxyjump", oProxyJump },
{ "securitykeyprovider", oSecurityKeyProvider },
{ "knownhostscommand", oKnownHostsCommand },
+ { "requiredrsasize", oRequiredRSASize },
{ "hpndisabled", oDeprecated },
{ "hpnbuffersize", oDeprecated },
@@ -761,20 +762,16 @@ match_cfg_line(Options *options, char **condition, struct passwd *pw,
static void
rm_env(Options *options, const char *arg, const char *filename, int linenum)
{
- int i, j, onum_send_env = options->num_send_env;
- char *cp;
+ u_int i, j, onum_send_env = options->num_send_env;
/* Remove an environment variable */
for (i = 0; i < options->num_send_env; ) {
- cp = xstrdup(options->send_env[i]);
- if (!match_pattern(cp, arg + 1)) {
- free(cp);
+ if (!match_pattern(options->send_env[i], arg + 1)) {
i++;
continue;
}
debug3("%s line %d: removing environment %s",
- filename, linenum, cp);
- free(cp);
+ filename, linenum, options->send_env[i]);
free(options->send_env[i]);
options->send_env[i] = NULL;
for (j = i; j < options->num_send_env - 1; j++) {
@@ -1745,20 +1742,10 @@ parse_pubkey_algos:
/* Removing an env var */
rm_env(options, arg, filename, linenum);
continue;
- } else {
- /* Adding an env var */
- if (options->num_send_env >= INT_MAX) {
- error("%s line %d: too many send env.",
- filename, linenum);
- goto out;
- }
- options->send_env = xrecallocarray(
- options->send_env, options->num_send_env,
- options->num_send_env + 1,
- sizeof(*options->send_env));
- options->send_env[options->num_send_env++] =
- xstrdup(arg);
}
+ opt_array_append(filename, linenum,
+ lookup_opcode_name(opcode),
+ &options->send_env, &options->num_send_env, arg);
}
break;
@@ -1772,16 +1759,15 @@ parse_pubkey_algos:
}
if (!*activep || value != 0)
continue;
- /* Adding a setenv var */
- if (options->num_setenv >= INT_MAX) {
- error("%s line %d: too many SetEnv.",
- filename, linenum);
- goto out;
+ if (lookup_setenv_in_list(arg, options->setenv,
+ options->num_setenv) != NULL) {
+ debug2("%s line %d: ignoring duplicate env "
+ "name \"%.64s\"", filename, linenum, arg);
+ continue;
}
- options->setenv = xrecallocarray(
- options->setenv, options->num_setenv,
- options->num_setenv + 1, sizeof(*options->setenv));
- options->setenv[options->num_setenv++] = xstrdup(arg);
+ opt_array_append(filename, linenum,
+ lookup_opcode_name(opcode),
+ &options->setenv, &options->num_setenv, arg);
}
break;
@@ -2199,6 +2185,10 @@ parse_pubkey_algos:
*charptr = xstrdup(arg);
break;
+ case oRequiredRSASize:
+ intptr = &options->required_rsa_size;
+ goto parse_int;
+
case oDeprecated:
debug("%s line %d: Deprecated option \"%s\"",
filename, linenum, keyword);
@@ -2446,6 +2436,7 @@ initialize_options(Options * options)
options->hostbased_accepted_algos = NULL;
options->pubkey_accepted_algos = NULL;
options->known_hosts_command = NULL;
+ options->required_rsa_size = -1;
}
/*
@@ -2648,6 +2639,8 @@ fill_default_options(Options * options)
if (options->sk_provider == NULL)
options->sk_provider = xstrdup("$SSH_SK_PROVIDER");
#endif
+ if (options->required_rsa_size == -1)
+ options->required_rsa_size = SSH_RSA_MINIMUM_MODULUS_SIZE;
/* Expand KEX name lists */
all_cipher = cipher_alg_list(',', 0);
@@ -2788,9 +2781,9 @@ free_options(Options *o)
}
free(o->remote_forwards);
free(o->stdio_forward_host);
- FREE_ARRAY(int, o->num_send_env, o->send_env);
+ FREE_ARRAY(u_int, o->num_send_env, o->send_env);
free(o->send_env);
- FREE_ARRAY(int, o->num_setenv, o->setenv);
+ FREE_ARRAY(u_int, o->num_setenv, o->setenv);
free(o->setenv);
free(o->control_path);
free(o->local_command);
@@ -3337,6 +3330,7 @@ dump_client_config(Options *o, const char *host)
dump_cfg_int(oNumberOfPasswordPrompts, o->number_of_password_prompts);
dump_cfg_int(oServerAliveCountMax, o->server_alive_count_max);
dump_cfg_int(oServerAliveInterval, o->server_alive_interval);
+ dump_cfg_int(oRequiredRSASize, o->required_rsa_size);
/* String options */
dump_cfg_string(oBindAddress, o->bind_address);