Source-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[src/trunk]: src/crypto/external/bsd/openssh Merge conflicts
details: https://anonhg.NetBSD.org/src/rev/2888cb672622
branches: trunk
changeset: 745262:2888cb672622
user: christos <christos%NetBSD.org@localhost>
date: Thu Feb 27 00:24:38 2020 +0000
description:
Merge conflicts
diffstat:
crypto/external/bsd/openssh/Makefile | 4 +-
crypto/external/bsd/openssh/bin/scp/Makefile | 4 +-
crypto/external/bsd/openssh/bin/sftp-server/Makefile | 5 +-
crypto/external/bsd/openssh/bin/sftp/Makefile | 4 +-
crypto/external/bsd/openssh/bin/ssh-add/Makefile | 4 +-
crypto/external/bsd/openssh/bin/ssh-agent/Makefile | 4 +-
crypto/external/bsd/openssh/bin/ssh-keygen/Makefile | 4 +-
crypto/external/bsd/openssh/bin/ssh-keyscan/Makefile | 4 +-
crypto/external/bsd/openssh/bin/ssh-keysign/Makefile | 4 +-
crypto/external/bsd/openssh/bin/ssh-pkcs11-helper/Makefile | 4 +-
crypto/external/bsd/openssh/bin/ssh/Makefile | 5 +-
crypto/external/bsd/openssh/bin/sshd/Makefile | 5 +-
crypto/external/bsd/openssh/dist/PROTOCOL.certkeys | 10 +-
crypto/external/bsd/openssh/dist/auth-options.c | 42 +-
crypto/external/bsd/openssh/dist/auth-options.h | 7 +-
crypto/external/bsd/openssh/dist/auth.c | 30 +-
crypto/external/bsd/openssh/dist/auth2-chall.c | 7 +-
crypto/external/bsd/openssh/dist/auth2-gss.c | 5 +-
crypto/external/bsd/openssh/dist/auth2-hostbased.c | 8 +-
crypto/external/bsd/openssh/dist/auth2-kbdint.c | 7 +-
crypto/external/bsd/openssh/dist/auth2-pubkey.c | 43 +-
crypto/external/bsd/openssh/dist/authfd.c | 66 +-
crypto/external/bsd/openssh/dist/authfd.h | 9 +-
crypto/external/bsd/openssh/dist/authfile.c | 112 +-
crypto/external/bsd/openssh/dist/authfile.h | 7 +-
crypto/external/bsd/openssh/dist/channels.c | 13 +-
crypto/external/bsd/openssh/dist/channels.h | 12 +-
crypto/external/bsd/openssh/dist/cipher.c | 17 +-
crypto/external/bsd/openssh/dist/cipher.h | 5 +-
crypto/external/bsd/openssh/dist/clientloop.c | 140 +-
crypto/external/bsd/openssh/dist/gss-serv.c | 5 +-
crypto/external/bsd/openssh/dist/hash.c | 32 +-
crypto/external/bsd/openssh/dist/hostfile.c | 7 +-
crypto/external/bsd/openssh/dist/kex.c | 11 +-
crypto/external/bsd/openssh/dist/kexgen.c | 6 +-
crypto/external/bsd/openssh/dist/kexgexc.c | 8 +-
crypto/external/bsd/openssh/dist/krl.c | 24 +-
crypto/external/bsd/openssh/dist/match.c | 7 +-
crypto/external/bsd/openssh/dist/misc.c | 73 +-
crypto/external/bsd/openssh/dist/misc.h | 13 +-
crypto/external/bsd/openssh/dist/moduli-gen/moduli.2048 | 161 +-
crypto/external/bsd/openssh/dist/moduli-gen/moduli.3072 | 149 +-
crypto/external/bsd/openssh/dist/moduli-gen/moduli.4096 | 132 +-
crypto/external/bsd/openssh/dist/moduli-gen/moduli.6144 | 140 +-
crypto/external/bsd/openssh/dist/moduli-gen/moduli.7680 | 142 +-
crypto/external/bsd/openssh/dist/moduli-gen/moduli.8192 | 130 +-
crypto/external/bsd/openssh/dist/moduli.c | 16 +-
crypto/external/bsd/openssh/dist/monitor.c | 94 +-
crypto/external/bsd/openssh/dist/monitor_wrap.c | 32 +-
crypto/external/bsd/openssh/dist/monitor_wrap.h | 9 +-
crypto/external/bsd/openssh/dist/msg.c | 18 +-
crypto/external/bsd/openssh/dist/mux.c | 26 +-
crypto/external/bsd/openssh/dist/myproposal.h | 49 +-
crypto/external/bsd/openssh/dist/packet.c | 47 +-
crypto/external/bsd/openssh/dist/pathnames.h | 11 +-
crypto/external/bsd/openssh/dist/progressmeter.c | 12 +-
crypto/external/bsd/openssh/dist/readconf.c | 157 +-
crypto/external/bsd/openssh/dist/readconf.h | 7 +-
crypto/external/bsd/openssh/dist/readpass.c | 123 +-
crypto/external/bsd/openssh/dist/scp.1 | 8 +-
crypto/external/bsd/openssh/dist/scp.c | 26 +-
crypto/external/bsd/openssh/dist/servconf.c | 272 +++-
crypto/external/bsd/openssh/dist/servconf.h | 27 +-
crypto/external/bsd/openssh/dist/serverloop.c | 27 +-
crypto/external/bsd/openssh/dist/session.c | 9 +-
crypto/external/bsd/openssh/dist/sftp-glob.c | 7 +-
crypto/external/bsd/openssh/dist/sftp-realpath.c | 2 +
crypto/external/bsd/openssh/dist/sftp-server.8 | 8 +-
crypto/external/bsd/openssh/dist/sftp.1 | 8 +-
crypto/external/bsd/openssh/dist/sftp.c | 39 +-
crypto/external/bsd/openssh/dist/sk-usbhid.c | 6 +-
crypto/external/bsd/openssh/dist/ssh-add.1 | 35 +-
crypto/external/bsd/openssh/dist/ssh-add.c | 144 +-
crypto/external/bsd/openssh/dist/ssh-agent.1 | 172 +-
crypto/external/bsd/openssh/dist/ssh-agent.c | 155 +-
crypto/external/bsd/openssh/dist/ssh-ecdsa-sk.c | 3 +
crypto/external/bsd/openssh/dist/ssh-ed25519-sk.c | 3 +
crypto/external/bsd/openssh/dist/ssh-keygen.1 | 903 +++++++-----
crypto/external/bsd/openssh/dist/ssh-keygen.c | 839 ++++++++---
crypto/external/bsd/openssh/dist/ssh-keyscan.1 | 8 +-
crypto/external/bsd/openssh/dist/ssh-keyscan.c | 28 +-
crypto/external/bsd/openssh/dist/ssh-keysign.8 | 8 +-
crypto/external/bsd/openssh/dist/ssh-keysign.c | 11 +-
crypto/external/bsd/openssh/dist/ssh-pkcs11-client.c | 18 +-
crypto/external/bsd/openssh/dist/ssh-pkcs11-helper.8 | 6 +-
crypto/external/bsd/openssh/dist/ssh-pkcs11-helper.c | 25 +-
crypto/external/bsd/openssh/dist/ssh-pkcs11.c | 146 +-
crypto/external/bsd/openssh/dist/ssh-pkcs11.h | 6 +-
crypto/external/bsd/openssh/dist/ssh-sk-client.c | 5 +-
crypto/external/bsd/openssh/dist/ssh-sk-helper.c | 9 +-
crypto/external/bsd/openssh/dist/ssh-sk.c | 3 +
crypto/external/bsd/openssh/dist/ssh.1 | 38 +-
crypto/external/bsd/openssh/dist/ssh.c | 123 +-
crypto/external/bsd/openssh/dist/ssh_api.c | 13 +-
crypto/external/bsd/openssh/dist/ssh_config.5 | 103 +-
crypto/external/bsd/openssh/dist/sshbuf-getput-basic.c | 7 +-
crypto/external/bsd/openssh/dist/sshbuf-getput-crypto.c | 14 +-
crypto/external/bsd/openssh/dist/sshbuf-io.c | 3 +
crypto/external/bsd/openssh/dist/sshbuf-misc.c | 4 +-
crypto/external/bsd/openssh/dist/sshbuf.c | 6 +-
crypto/external/bsd/openssh/dist/sshbuf.h | 20 +-
crypto/external/bsd/openssh/dist/sshconnect.c | 41 +-
crypto/external/bsd/openssh/dist/sshconnect.h | 7 +-
crypto/external/bsd/openssh/dist/sshconnect2.c | 175 +-
crypto/external/bsd/openssh/dist/sshd.8 | 66 +-
crypto/external/bsd/openssh/dist/sshd.c | 166 +-
crypto/external/bsd/openssh/dist/sshd_config.5 | 123 +-
crypto/external/bsd/openssh/dist/ssherr.c | 8 +-
crypto/external/bsd/openssh/dist/ssherr.h | 6 +-
crypto/external/bsd/openssh/dist/sshkey-xmss.c | 84 +-
crypto/external/bsd/openssh/dist/sshkey.c | 509 +++++-
crypto/external/bsd/openssh/dist/sshkey.h | 55 +-
crypto/external/bsd/openssh/dist/sshsig.c | 358 ++++-
crypto/external/bsd/openssh/dist/umac.c | 7 +-
crypto/external/bsd/openssh/dist/version.h | 8 +-
crypto/external/bsd/openssh/dist/xmalloc.c | 25 +-
crypto/external/bsd/openssh/dist/xmalloc.h | 6 +-
crypto/external/bsd/openssh/lib/Makefile | 5 +-
crypto/external/bsd/openssh/lib/shlib_version | 4 +-
crypto/external/bsd/openssh/libexec/Makefile | 7 +
crypto/external/bsd/openssh/libexec/Makefile.inc | 7 +
crypto/external/bsd/openssh/libexec/ssh-sk-helper/Makefile | 12 +
122 files changed, 4835 insertions(+), 2373 deletions(-)
diffs (truncated from 13835 to 300 lines):
diff -r 45f55e8084cf -r 2888cb672622 crypto/external/bsd/openssh/Makefile
--- a/crypto/external/bsd/openssh/Makefile Thu Feb 27 00:21:35 2020 +0000
+++ b/crypto/external/bsd/openssh/Makefile Thu Feb 27 00:24:38 2020 +0000
@@ -1,5 +1,5 @@
-# $NetBSD: Makefile,v 1.1 2009/06/07 22:38:44 christos Exp $
+# $NetBSD: Makefile,v 1.2 2020/02/27 00:24:38 christos Exp $
-SUBDIR= lib .WAIT bin
+SUBDIR= lib .WAIT bin # libexec
.include <bsd.subdir.mk>
diff -r 45f55e8084cf -r 2888cb672622 crypto/external/bsd/openssh/bin/scp/Makefile
--- a/crypto/external/bsd/openssh/bin/scp/Makefile Thu Feb 27 00:21:35 2020 +0000
+++ b/crypto/external/bsd/openssh/bin/scp/Makefile Thu Feb 27 00:24:38 2020 +0000
@@ -1,8 +1,8 @@
-# $NetBSD: Makefile,v 1.1 2009/06/07 22:38:45 christos Exp $
+# $NetBSD: Makefile,v 1.2 2020/02/27 00:24:38 christos Exp $
BINDIR=/usr/bin
PROG= scp
-SRCS= scp.c
+SRCS= scp.c ssh-sk-client.c
.include <bsd.prog.mk>
diff -r 45f55e8084cf -r 2888cb672622 crypto/external/bsd/openssh/bin/sftp-server/Makefile
--- a/crypto/external/bsd/openssh/bin/sftp-server/Makefile Thu Feb 27 00:21:35 2020 +0000
+++ b/crypto/external/bsd/openssh/bin/sftp-server/Makefile Thu Feb 27 00:24:38 2020 +0000
@@ -1,9 +1,10 @@
-# $NetBSD: Makefile,v 1.2 2019/10/12 18:32:21 christos Exp $
+# $NetBSD: Makefile,v 1.3 2020/02/27 00:24:39 christos Exp $
BINDIR= /usr/libexec
PROG= sftp-server
-SRCS= sftp-server.c sftp-common.c sftp-server-main.c sftp-realpath.c
+SRCS= sftp-server.c sftp-common.c sftp-server-main.c sftp-realpath.c \
+ ssh-sk-client.c
MAN= sftp-server.8
.include <bsd.prog.mk>
diff -r 45f55e8084cf -r 2888cb672622 crypto/external/bsd/openssh/bin/sftp/Makefile
--- a/crypto/external/bsd/openssh/bin/sftp/Makefile Thu Feb 27 00:21:35 2020 +0000
+++ b/crypto/external/bsd/openssh/bin/sftp/Makefile Thu Feb 27 00:24:38 2020 +0000
@@ -1,9 +1,9 @@
-# $NetBSD: Makefile,v 1.7 2019/09/29 23:44:58 mrg Exp $
+# $NetBSD: Makefile,v 1.8 2020/02/27 00:24:38 christos Exp $
BINDIR= /usr/bin
PROG= sftp
-SRCS= sftp.c sftp-client.c sftp-common.c sftp-glob.c
+SRCS= sftp.c sftp-client.c sftp-common.c sftp-glob.c ssh-sk-client.c
MAN= sftp.1
LDADD+= -ledit -lterminfo
diff -r 45f55e8084cf -r 2888cb672622 crypto/external/bsd/openssh/bin/ssh-add/Makefile
--- a/crypto/external/bsd/openssh/bin/ssh-add/Makefile Thu Feb 27 00:21:35 2020 +0000
+++ b/crypto/external/bsd/openssh/bin/ssh-add/Makefile Thu Feb 27 00:24:38 2020 +0000
@@ -1,8 +1,8 @@
-# $NetBSD: Makefile,v 1.1 2009/06/07 22:38:45 christos Exp $
+# $NetBSD: Makefile,v 1.2 2020/02/27 00:24:39 christos Exp $
BINDIR=/usr/bin
PROG= ssh-add
-SRCS= ssh-add.c
+SRCS= ssh-add.c ssh-sk-client.c
.include <bsd.prog.mk>
diff -r 45f55e8084cf -r 2888cb672622 crypto/external/bsd/openssh/bin/ssh-agent/Makefile
--- a/crypto/external/bsd/openssh/bin/ssh-agent/Makefile Thu Feb 27 00:21:35 2020 +0000
+++ b/crypto/external/bsd/openssh/bin/ssh-agent/Makefile Thu Feb 27 00:24:38 2020 +0000
@@ -1,9 +1,9 @@
-# $NetBSD: Makefile,v 1.3 2019/10/13 07:28:05 mrg Exp $
+# $NetBSD: Makefile,v 1.4 2020/02/27 00:24:39 christos Exp $
BINDIR=/usr/bin
PROG= ssh-agent
-SRCS= ssh-agent.c ssh-pkcs11-client.c
+SRCS= ssh-agent.c ssh-pkcs11-client.c ssh-sk-client.c
COPTS.ssh-agent.c+= ${GCC_NO_FORMAT_TRUNCATION}
diff -r 45f55e8084cf -r 2888cb672622 crypto/external/bsd/openssh/bin/ssh-keygen/Makefile
--- a/crypto/external/bsd/openssh/bin/ssh-keygen/Makefile Thu Feb 27 00:21:35 2020 +0000
+++ b/crypto/external/bsd/openssh/bin/ssh-keygen/Makefile Thu Feb 27 00:24:38 2020 +0000
@@ -1,9 +1,9 @@
-# $NetBSD: Makefile,v 1.6 2019/10/13 07:28:05 mrg Exp $
+# $NetBSD: Makefile,v 1.7 2020/02/27 00:24:39 christos Exp $
BINDIR= /usr/bin
PROG= ssh-keygen
-SRCS= ssh-keygen.c moduli.c sshsig.c
+SRCS= ssh-keygen.c moduli.c sshsig.c ssh-sk-client.c
COPTS.ssh-keygen.c= -Wno-pointer-sign
diff -r 45f55e8084cf -r 2888cb672622 crypto/external/bsd/openssh/bin/ssh-keyscan/Makefile
--- a/crypto/external/bsd/openssh/bin/ssh-keyscan/Makefile Thu Feb 27 00:21:35 2020 +0000
+++ b/crypto/external/bsd/openssh/bin/ssh-keyscan/Makefile Thu Feb 27 00:24:38 2020 +0000
@@ -1,9 +1,9 @@
-# $NetBSD: Makefile,v 1.3 2019/04/20 17:16:40 christos Exp $
+# $NetBSD: Makefile,v 1.4 2020/02/27 00:24:39 christos Exp $
BINDIR= /usr/bin
PROG= ssh-keyscan
-SRCS= ssh-keyscan.c ssh_api.c kexgexs.c
+SRCS= ssh-keyscan.c ssh_api.c kexgexs.c ssh-sk-client.c
MAN= ssh-keyscan.1
.include <bsd.prog.mk>
diff -r 45f55e8084cf -r 2888cb672622 crypto/external/bsd/openssh/bin/ssh-keysign/Makefile
--- a/crypto/external/bsd/openssh/bin/ssh-keysign/Makefile Thu Feb 27 00:21:35 2020 +0000
+++ b/crypto/external/bsd/openssh/bin/ssh-keysign/Makefile Thu Feb 27 00:24:38 2020 +0000
@@ -1,11 +1,11 @@
-# $NetBSD: Makefile,v 1.1 2009/06/07 22:38:46 christos Exp $
+# $NetBSD: Makefile,v 1.2 2020/02/27 00:24:39 christos Exp $
BINOWN= root
BINMODE=4555
BINDIR= /usr/libexec
PROG= ssh-keysign
-SRCS= ssh-keysign.c readconf.c
+SRCS= ssh-keysign.c readconf.c ssh-sk-client.c
MAN= ssh-keysign.8
.include <bsd.prog.mk>
diff -r 45f55e8084cf -r 2888cb672622 crypto/external/bsd/openssh/bin/ssh-pkcs11-helper/Makefile
--- a/crypto/external/bsd/openssh/bin/ssh-pkcs11-helper/Makefile Thu Feb 27 00:21:35 2020 +0000
+++ b/crypto/external/bsd/openssh/bin/ssh-pkcs11-helper/Makefile Thu Feb 27 00:24:38 2020 +0000
@@ -1,11 +1,11 @@
-# $NetBSD: Makefile,v 1.1 2010/11/21 19:19:22 adam Exp $
+# $NetBSD: Makefile,v 1.2 2020/02/27 00:24:39 christos Exp $
BINOWN= root
BINMODE=555
BINDIR= /usr/libexec
PROG= ssh-pkcs11-helper
-SRCS= ssh-pkcs11-helper.c
+SRCS= ssh-pkcs11-helper.c ssh-sk-client.c
MAN= ssh-pkcs11-helper.8
.include <bsd.prog.mk>
diff -r 45f55e8084cf -r 2888cb672622 crypto/external/bsd/openssh/bin/ssh/Makefile
--- a/crypto/external/bsd/openssh/bin/ssh/Makefile Thu Feb 27 00:21:35 2020 +0000
+++ b/crypto/external/bsd/openssh/bin/ssh/Makefile Thu Feb 27 00:24:38 2020 +0000
@@ -1,4 +1,4 @@
-# $NetBSD: Makefile,v 1.15 2019/10/13 07:28:05 mrg Exp $
+# $NetBSD: Makefile,v 1.16 2020/02/27 00:24:39 christos Exp $
.include <bsd.own.mk>
@@ -6,7 +6,8 @@
PROG= ssh
SRCS= ssh.c readconf.c clientloop.c sshtty.c \
- sshconnect.c sshconnect2.c mux.c auth.c
+ sshconnect.c sshconnect2.c mux.c auth.c \
+ ssh-sk-client.c
COPTS.auth.c= -DHOST_ONLY
COPTS.mux.c= -Wno-pointer-sign
diff -r 45f55e8084cf -r 2888cb672622 crypto/external/bsd/openssh/bin/sshd/Makefile
--- a/crypto/external/bsd/openssh/bin/sshd/Makefile Thu Feb 27 00:21:35 2020 +0000
+++ b/crypto/external/bsd/openssh/bin/sshd/Makefile Thu Feb 27 00:24:38 2020 +0000
@@ -1,4 +1,4 @@
-# $NetBSD: Makefile,v 1.19 2019/10/13 07:28:05 mrg Exp $
+# $NetBSD: Makefile,v 1.20 2020/02/27 00:24:39 christos Exp $
.include <bsd.own.mk>
@@ -15,7 +15,8 @@
auth2-none.c auth2-passwd.c auth2-pubkey.c \
monitor.c monitor_wrap.c \
kexgexs.c sftp-server.c sftp-common.c \
- sftp-realpath.c sandbox-rlimit.c pfilter.c
+ sftp-realpath.c sandbox-rlimit.c pfilter.c \
+ ssh-sk-client.c
COPTS.auth-options.c+= -Wno-pointer-sign
COPTS.ldapauth.c+= -Wno-format-nonliteral # XXX: should fix
diff -r 45f55e8084cf -r 2888cb672622 crypto/external/bsd/openssh/dist/PROTOCOL.certkeys
--- a/crypto/external/bsd/openssh/dist/PROTOCOL.certkeys Thu Feb 27 00:21:35 2020 +0000
+++ b/crypto/external/bsd/openssh/dist/PROTOCOL.certkeys Thu Feb 27 00:24:38 2020 +0000
@@ -280,6 +280,13 @@
Name Format Description
-----------------------------------------------------------------------------
+no-presence-required empty Flag indicating that signatures made
+ with this certificate need not assert
+ user presence. This option only make
+ sense for the U2F/FIDO security key
+ types that support this feature in
+ their signature formats.
+
permit-X11-forwarding empty Flag indicating that X11 forwarding
should be permitted. X11 forwarding will
be refused if this option is absent.
@@ -305,4 +312,5 @@
this option is not present.
$OpenBSD: PROTOCOL.certkeys,v 1.16 2018/10/26 01:23:03 djm Exp $
-$NetBSD: PROTOCOL.certkeys,v 1.11 2019/04/20 17:16:40 christos Exp $
+$OpenBSD: PROTOCOL.certkeys,v 1.17 2019/11/25 00:57:51 djm Exp $
+$NetBSD: PROTOCOL.certkeys,v 1.12 2020/02/27 00:24:40 christos Exp $
diff -r 45f55e8084cf -r 2888cb672622 crypto/external/bsd/openssh/dist/auth-options.c
--- a/crypto/external/bsd/openssh/dist/auth-options.c Thu Feb 27 00:21:35 2020 +0000
+++ b/crypto/external/bsd/openssh/dist/auth-options.c Thu Feb 27 00:24:38 2020 +0000
@@ -1,5 +1,5 @@
-/* $NetBSD: auth-options.c,v 1.21 2019/10/12 18:32:22 christos Exp $ */
-/* $OpenBSD: auth-options.c,v 1.89 2019/09/13 04:36:43 dtucker Exp $ */
+/* $NetBSD: auth-options.c,v 1.22 2020/02/27 00:24:40 christos Exp $ */
+/* $OpenBSD: auth-options.c,v 1.90 2019/11/25 00:54:23 djm Exp $ */
/*
* Copyright (c) 2018 Damien Miller <djm%mindrot.org@localhost>
*
@@ -17,7 +17,7 @@
*/
#include "includes.h"
-__RCSID("$NetBSD: auth-options.c,v 1.21 2019/10/12 18:32:22 christos Exp $");
+__RCSID("$NetBSD: auth-options.c,v 1.22 2020/02/27 00:24:40 christos Exp $");
#include <sys/types.h>
#include <sys/queue.h>
@@ -97,7 +97,10 @@
name, sshbuf_len(data));
found = 0;
if ((which & OPTIONS_EXTENSIONS) != 0) {
- if (strcmp(name, "permit-X11-forwarding") == 0) {
+ if (strcmp(name, "no-touch-required") == 0) {
+ opts->no_require_user_presence = 1;
+ found = 1;
+ } else if (strcmp(name, "permit-X11-forwarding") == 0) {
opts->permit_x11_forwarding_flag = 1;
found = 1;
} else if (strcmp(name,
@@ -348,6 +351,8 @@
ret->permit_agent_forwarding_flag = r == 1;
} else if ((r = opt_flag("x11-forwarding", 1, &opts)) != -1) {
ret->permit_x11_forwarding_flag = r == 1;
+ } else if ((r = opt_flag("touch-required", 1, &opts)) != -1) {
+ ret->no_require_user_presence = r != 1; /* NB. flip */
} else if ((r = opt_flag("pty", 1, &opts)) != -1) {
ret->permit_pty_flag = r == 1;
} else if ((r = opt_flag("user-rc", 1, &opts)) != -1) {
@@ -568,14 +573,15 @@
goto alloc_fail;
}
- /* Flags are logical-AND (i.e. must be set in both for permission) */
-#define OPTFLAG(x) ret->x = (primary->x == 1) && (additional->x == 1)
- OPTFLAG(permit_port_forwarding_flag);
- OPTFLAG(permit_agent_forwarding_flag);
- OPTFLAG(permit_x11_forwarding_flag);
- OPTFLAG(permit_pty_flag);
- OPTFLAG(permit_user_rc);
-#undef OPTFLAG
+#define OPTFLAG_AND(x) ret->x = (primary->x == 1) && (additional->x == 1)
+ /* Permissive flags are logical-AND (i.e. must be set in both) */
+ OPTFLAG_AND(permit_port_forwarding_flag);
+ OPTFLAG_AND(permit_agent_forwarding_flag);
+ OPTFLAG_AND(permit_x11_forwarding_flag);
+ OPTFLAG_AND(permit_pty_flag);
+ OPTFLAG_AND(permit_user_rc);
+ OPTFLAG_AND(no_require_user_presence);
+#undef OPTFLAG_AND
/* Earliest expiry time should win */
if (primary->valid_before != 0)
@@ -644,6 +650,7 @@
OPTSCALAR(cert_authority);
OPTSCALAR(force_tun_device);
OPTSCALAR(valid_before);
+ OPTSCALAR(no_require_user_presence);
#undef OPTSCALAR
#define OPTSTRING(x) \
do { \
@@ -766,7 +773,7 @@
{
int r = SSH_ERR_INTERNAL_ERROR;
- /* Flag and simple integer options */
+ /* Flag options */
if ((r = sshbuf_put_u8(m, opts->permit_port_forwarding_flag)) != 0 ||
(r = sshbuf_put_u8(m, opts->permit_agent_forwarding_flag)) != 0 ||
(r = sshbuf_put_u8(m, opts->permit_x11_forwarding_flag)) != 0 ||
@@ -774,7 +781,11 @@
(r = sshbuf_put_u8(m, opts->permit_user_rc)) != 0 ||
(r = sshbuf_put_u8(m, opts->restricted)) != 0 ||
(r = sshbuf_put_u8(m, opts->cert_authority)) != 0 ||
- (r = sshbuf_put_u64(m, opts->valid_before)) != 0)
+ (r = sshbuf_put_u8(m, opts->no_require_user_presence)) != 0)
+ return r;
Home |
Main Index |
Thread Index |
Old Index