diff options
| author | naddy@openbsd.org <naddy@openbsd.org> | 2019-09-06 16:45:34 +0200 |
|---|---|---|
| committer | Damien Miller <djm@mindrot.org> | 2019-09-08 06:49:04 +0200 |
| commit | 91a2135f32acdd6378476c5bae475a6e7811a6a2 (patch) | |
| tree | da8ddb5e4236cb12f3c70ab939e3abe674aa8ba4 /readconf.c | |
| parent | upstream: key conversion should fail for !openssl builds, not fall (diff) | |
| download | openssh-91a2135f32acdd6378476c5bae475a6e7811a6a2.tar.xz openssh-91a2135f32acdd6378476c5bae475a6e7811a6a2.zip | |
upstream: Allow prepending a list of algorithms to the default set
by starting the list with the '^' character, e.g.
HostKeyAlgorithms ^ssh-ed25519
Ciphers ^aes128-gcm@openssh.com,aes256-gcm@openssh.com
ok djm@ dtucker@
OpenBSD-Commit-ID: 1e1996fac0dc8a4b0d0ff58395135848287f6f97
Diffstat (limited to 'readconf.c')
| -rw-r--r-- | readconf.c | 14 |
1 files changed, 9 insertions, 5 deletions
diff --git a/readconf.c b/readconf.c index d1b7871ec..f78b4d6fe 100644 --- a/readconf.c +++ b/readconf.c @@ -1,4 +1,4 @@ -/* $OpenBSD: readconf.c,v 1.308 2019/08/09 05:05:54 djm Exp $ */ +/* $OpenBSD: readconf.c,v 1.309 2019/09/06 14:45:34 naddy Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland @@ -1199,7 +1199,8 @@ parse_int: arg = strdelim(&s); if (!arg || *arg == '\0') fatal("%.200s line %d: Missing argument.", filename, linenum); - if (*arg != '-' && !ciphers_valid(*arg == '+' ? arg + 1 : arg)) + if (*arg != '-' && + !ciphers_valid(*arg == '+' || *arg == '^' ? arg + 1 : arg)) fatal("%.200s line %d: Bad SSH2 cipher spec '%s'.", filename, linenum, arg ? arg : "<NONE>"); if (*activep && options->ciphers == NULL) @@ -1210,7 +1211,8 @@ parse_int: arg = strdelim(&s); if (!arg || *arg == '\0') fatal("%.200s line %d: Missing argument.", filename, linenum); - if (*arg != '-' && !mac_valid(*arg == '+' ? arg + 1 : arg)) + if (*arg != '-' && + !mac_valid(*arg == '+' || *arg == '^' ? arg + 1 : arg)) fatal("%.200s line %d: Bad SSH2 MAC spec '%s'.", filename, linenum, arg ? arg : "<NONE>"); if (*activep && options->macs == NULL) @@ -1223,7 +1225,8 @@ parse_int: fatal("%.200s line %d: Missing argument.", filename, linenum); if (*arg != '-' && - !kex_names_valid(*arg == '+' ? arg + 1 : arg)) + !kex_names_valid(*arg == '+' || *arg == '^' ? + arg + 1 : arg)) fatal("%.200s line %d: Bad SSH2 KexAlgorithms '%s'.", filename, linenum, arg ? arg : "<NONE>"); if (*activep && options->kex_algorithms == NULL) @@ -1238,7 +1241,8 @@ parse_keytypes: fatal("%.200s line %d: Missing argument.", filename, linenum); if (*arg != '-' && - !sshkey_names_valid2(*arg == '+' ? arg + 1 : arg, 1)) + !sshkey_names_valid2(*arg == '+' || *arg == '^' ? + arg + 1 : arg, 1)) fatal("%s line %d: Bad key types '%s'.", filename, linenum, arg ? arg : "<NONE>"); if (*activep && *charptr == NULL) |