diff options
| author |   dtucker <dtucker@openbsd.org> | 2018-07-19 10:28:47 +0000 |
|---|---|---|
| committer | dtucker <dtucker@openbsd.org> | 2018-07-19 10:28:47 +0000 |
| commit | 31c76a1f562c0d7d634bf0131bab8c2de524814c (patch) | |
| tree | 9b0f092fc356ea2e1a7063f29f76148cd9529ae7 /usr.bin/ssh/readconf.c | |
| parent | revert previous, something isn't quite right as clients see ntpd (diff) | |
| download | wireguard-openbsd-31c76a1f562c0d7d634bf0131bab8c2de524814c.tar.xz wireguard-openbsd-31c76a1f562c0d7d634bf0131bab8c2de524814c.zip | |
Deprecate UsePrivilegedPort now that support for running ssh(1)
setuid has been removed, remove supporting code and clean up
references to it in the man pages
We have not shipped ssh(1) the setuid bit since 2002. If ayone
really needs to make connections from a low port number this can
be implemented via a small setuid ProxyCommand.
ok markus@ jmc@ djm@
Diffstat (limited to 'usr.bin/ssh/readconf.c')
| -rw-r--r-- | usr.bin/ssh/readconf.c | 12 |
1 files changed, 2 insertions, 10 deletions
diff --git a/usr.bin/ssh/readconf.c b/usr.bin/ssh/readconf.c index 3454608770c..6b5a4183e2a 100644 --- a/usr.bin/ssh/readconf.c +++ b/usr.bin/ssh/readconf.c @@ -1,4 +1,4 @@ -/* $OpenBSD: readconf.c,v 1.293 2018/07/18 11:34:04 dtucker Exp $ */ +/* $OpenBSD: readconf.c,v 1.294 2018/07/19 10:28:47 dtucker Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland @@ -175,6 +175,7 @@ static struct { { "userknownhostsfile2", oDeprecated }, { "useroaming", oDeprecated }, { "usersh", oDeprecated }, + { "useprivilegedport", oDeprecated }, /* Unsupported options */ { "afstokenpassing", oUnsupported }, @@ -207,7 +208,6 @@ static struct { { "exitonforwardfailure", oExitOnForwardFailure }, { "xauthlocation", oXAuthLocation }, { "gatewayports", oGatewayPorts }, - { "useprivilegedport", oUsePrivilegedPort }, { "passwordauthentication", oPasswordAuthentication }, { "kbdinteractiveauthentication", oKbdInteractiveAuthentication }, { "kbdinteractivedevices", oKbdInteractiveDevices }, @@ -934,10 +934,6 @@ parse_time: intptr = &options->exit_on_forward_failure; goto parse_flag; - case oUsePrivilegedPort: - intptr = &options->use_privileged_port; - goto parse_flag; - case oPasswordAuthentication: intptr = &options->password_authentication; goto parse_flag; @@ -1807,7 +1803,6 @@ initialize_options(Options * options) options->fwd_opts.gateway_ports = -1; options->fwd_opts.streamlocal_bind_mask = (mode_t)-1; options->fwd_opts.streamlocal_bind_unlink = -1; - options->use_privileged_port = -1; options->pubkey_authentication = -1; options->challenge_response_authentication = -1; options->gss_authentication = -1; @@ -1949,8 +1944,6 @@ fill_default_options(Options * options) options->fwd_opts.streamlocal_bind_mask = 0177; if (options->fwd_opts.streamlocal_bind_unlink == -1) options->fwd_opts.streamlocal_bind_unlink = 0; - if (options->use_privileged_port == -1) - options->use_privileged_port = 0; if (options->pubkey_authentication == -1) options->pubkey_authentication = 1; if (options->challenge_response_authentication == -1) @@ -2582,7 +2575,6 @@ dump_client_config(Options *o, const char *host) dump_cfg_fmtint(oStrictHostKeyChecking, o->strict_host_key_checking); dump_cfg_fmtint(oTCPKeepAlive, o->tcp_keep_alive); dump_cfg_fmtint(oTunnel, o->tun_open); - dump_cfg_fmtint(oUsePrivilegedPort, o->use_privileged_port); dump_cfg_fmtint(oVerifyHostKeyDNS, o->verify_host_key_dns); dump_cfg_fmtint(oVisualHostKey, o->visual_host_key); dump_cfg_fmtint(oUpdateHostkeys, o->update_hostkeys); |