diff options
Diffstat (limited to 'crypto/openssh/readconf.c')
-rw-r--r-- | crypto/openssh/readconf.c | 60 |
1 files changed, 27 insertions, 33 deletions
diff --git a/crypto/openssh/readconf.c b/crypto/openssh/readconf.c index a5317990de1b..d262e6b6ed2c 100644 --- a/crypto/openssh/readconf.c +++ b/crypto/openssh/readconf.c @@ -1,4 +1,4 @@ -/* $OpenBSD: readconf.c,v 1.366 2022/02/08 08:59:12 dtucker Exp $ */ +/* $OpenBSD: readconf.c,v 1.369 2022/09/17 10:33:18 djm Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland @@ -174,7 +174,7 @@ typedef enum { oStreamLocalBindMask, oStreamLocalBindUnlink, oRevokedHostKeys, oFingerprintHash, oUpdateHostkeys, oHostbasedAcceptedAlgorithms, oPubkeyAcceptedAlgorithms, oCASignatureAlgorithms, oProxyJump, - oSecurityKeyProvider, oKnownHostsCommand, + oSecurityKeyProvider, oKnownHostsCommand, oRequiredRSASize, oIgnore, oIgnoredUnknownOption, oDeprecated, oUnsupported } OpCodes; @@ -320,6 +320,7 @@ static struct { { "proxyjump", oProxyJump }, { "securitykeyprovider", oSecurityKeyProvider }, { "knownhostscommand", oKnownHostsCommand }, + { "requiredrsasize", oRequiredRSASize }, { "hpndisabled", oDeprecated }, { "hpnbuffersize", oDeprecated }, @@ -761,20 +762,16 @@ match_cfg_line(Options *options, char **condition, struct passwd *pw, static void rm_env(Options *options, const char *arg, const char *filename, int linenum) { - int i, j, onum_send_env = options->num_send_env; - char *cp; + u_int i, j, onum_send_env = options->num_send_env; /* Remove an environment variable */ for (i = 0; i < options->num_send_env; ) { - cp = xstrdup(options->send_env[i]); - if (!match_pattern(cp, arg + 1)) { - free(cp); + if (!match_pattern(options->send_env[i], arg + 1)) { i++; continue; } debug3("%s line %d: removing environment %s", - filename, linenum, cp); - free(cp); + filename, linenum, options->send_env[i]); free(options->send_env[i]); options->send_env[i] = NULL; for (j = i; j < options->num_send_env - 1; j++) { @@ -1745,20 +1742,10 @@ parse_pubkey_algos: /* Removing an env var */ rm_env(options, arg, filename, linenum); continue; - } else { - /* Adding an env var */ - if (options->num_send_env >= INT_MAX) { - error("%s line %d: too many send env.", - filename, linenum); - goto out; - } - options->send_env = xrecallocarray( - options->send_env, options->num_send_env, - options->num_send_env + 1, - sizeof(*options->send_env)); - options->send_env[options->num_send_env++] = - xstrdup(arg); } + opt_array_append(filename, linenum, + lookup_opcode_name(opcode), + &options->send_env, &options->num_send_env, arg); } break; @@ -1772,16 +1759,15 @@ parse_pubkey_algos: } if (!*activep || value != 0) continue; - /* Adding a setenv var */ - if (options->num_setenv >= INT_MAX) { - error("%s line %d: too many SetEnv.", - filename, linenum); - goto out; + if (lookup_setenv_in_list(arg, options->setenv, + options->num_setenv) != NULL) { + debug2("%s line %d: ignoring duplicate env " + "name \"%.64s\"", filename, linenum, arg); + continue; } - options->setenv = xrecallocarray( - options->setenv, options->num_setenv, - options->num_setenv + 1, sizeof(*options->setenv)); - options->setenv[options->num_setenv++] = xstrdup(arg); + opt_array_append(filename, linenum, + lookup_opcode_name(opcode), + &options->setenv, &options->num_setenv, arg); } break; @@ -2199,6 +2185,10 @@ parse_pubkey_algos: *charptr = xstrdup(arg); break; + case oRequiredRSASize: + intptr = &options->required_rsa_size; + goto parse_int; + case oDeprecated: debug("%s line %d: Deprecated option \"%s\"", filename, linenum, keyword); @@ -2446,6 +2436,7 @@ initialize_options(Options * options) options->hostbased_accepted_algos = NULL; options->pubkey_accepted_algos = NULL; options->known_hosts_command = NULL; + options->required_rsa_size = -1; } /* @@ -2648,6 +2639,8 @@ fill_default_options(Options * options) if (options->sk_provider == NULL) options->sk_provider = xstrdup("$SSH_SK_PROVIDER"); #endif + if (options->required_rsa_size == -1) + options->required_rsa_size = SSH_RSA_MINIMUM_MODULUS_SIZE; /* Expand KEX name lists */ all_cipher = cipher_alg_list(',', 0); @@ -2788,9 +2781,9 @@ free_options(Options *o) } free(o->remote_forwards); free(o->stdio_forward_host); - FREE_ARRAY(int, o->num_send_env, o->send_env); + FREE_ARRAY(u_int, o->num_send_env, o->send_env); free(o->send_env); - FREE_ARRAY(int, o->num_setenv, o->setenv); + FREE_ARRAY(u_int, o->num_setenv, o->setenv); free(o->setenv); free(o->control_path); free(o->local_command); @@ -3337,6 +3330,7 @@ dump_client_config(Options *o, const char *host) dump_cfg_int(oNumberOfPasswordPrompts, o->number_of_password_prompts); dump_cfg_int(oServerAliveCountMax, o->server_alive_count_max); dump_cfg_int(oServerAliveInterval, o->server_alive_interval); + dump_cfg_int(oRequiredRSASize, o->required_rsa_size); /* String options */ dump_cfg_string(oBindAddress, o->bind_address); |