diff options
| author | djm@openbsd.org <djm@openbsd.org> | 2021-07-23 05:57:20 +0200 |
|---|---|---|
| committer | Damien Miller <djm@mindrot.org> | 2021-07-23 06:07:19 +0200 |
| commit | e3957e21ffdc119d6d04c0b1686f8e2fe052f5ea (patch) | |
| tree | c2bcc5fc02be59f914ea4f0e04981fc0162c2613 /auth-options.h | |
| parent | upstream: Let allowed signers files used by ssh-keygen(1) (diff) | |
| download | openssh-e3957e21ffdc119d6d04c0b1686f8e2fe052f5ea.tar.xz openssh-e3957e21ffdc119d6d04c0b1686f8e2fe052f5ea.zip | |
upstream: make authorized_keys environment="..." directives
first-match-wins and more strictly limit their maximum number; prompted by
OOM reported by OSS-fuzz (35470).
feedback and ok dtucker@
OpenBSD-Commit-ID: 01f63fc10dcd995e7aed9c378ad879161af83121
Diffstat (limited to 'auth-options.h')
| -rw-r--r-- | auth-options.h | 7 |
1 files changed, 5 insertions, 2 deletions
diff --git a/auth-options.h b/auth-options.h index 118a32087..6e29b727c 100644 --- a/auth-options.h +++ b/auth-options.h @@ -1,4 +1,4 @@ -/* $OpenBSD: auth-options.h,v 1.30 2020/08/27 01:07:09 djm Exp $ */ +/* $OpenBSD: auth-options.h,v 1.31 2021/07/23 03:57:20 djm Exp $ */ /* * Copyright (c) 2018 Damien Miller <djm@mindrot.org> @@ -23,7 +23,10 @@ struct passwd; struct sshkey; /* Maximum number of permitopen/permitlisten directives to accept */ -#define SSH_AUTHOPT_PERMIT_MAX 4096 +#define SSH_AUTHOPT_PERMIT_MAX 4096 + +/* Maximum number of environment directives to accept */ +#define SSH_AUTHOPT_ENV_MAX 1024 /* * sshauthopt represents key options parsed from authorized_keys or |