diff options
| author |   dtucker <dtucker@openbsd.org> | 2010-01-09 23:04:13 +0000 |
|---|---|---|
| committer | dtucker <dtucker@openbsd.org> | 2010-01-09 23:04:13 +0000 |
| commit | 1026af62530347c25d55d656cc24f775437380fb (patch) | |
| tree | 9fe154790a165998662a94270c727a1b311c4d5c /usr.bin/ssh/servconf.c | |
| parent | Fix fatalx message. (diff) | |
| download | wireguard-openbsd-1026af62530347c25d55d656cc24f775437380fb.tar.xz wireguard-openbsd-1026af62530347c25d55d656cc24f775437380fb.zip | |
Remove RoutingDomain from ssh since it's now not needed. It can be replaced
with "route exec" or "nc -V" as a proxycommand. "route exec" also ensures
that trafic such as DNS lookups stays withing the specified routingdomain.
For example (from reyk):
# route -T 2 exec /usr/sbin/sshd
or inherited from the parent process
$ route -T 2 exec sh
$ ssh 10.1.2.3
ok deraadt@ markus@ stevesk@ reyk@
Diffstat (limited to 'usr.bin/ssh/servconf.c')
| -rw-r--r-- | usr.bin/ssh/servconf.c | 20 |
1 files changed, 2 insertions, 18 deletions
diff --git a/usr.bin/ssh/servconf.c b/usr.bin/ssh/servconf.c index d03959f23b1..45e7233d3bb 100644 --- a/usr.bin/ssh/servconf.c +++ b/usr.bin/ssh/servconf.c @@ -1,4 +1,4 @@ -/* $OpenBSD: servconf.c,v 1.199 2009/12/29 16:38:41 stevesk Exp $ */ +/* $OpenBSD: servconf.c,v 1.200 2010/01/09 23:04:13 dtucker Exp $ */ /* * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland * All rights reserved @@ -121,7 +121,6 @@ initialize_server_options(ServerOptions *options) options->adm_forced_command = NULL; options->chroot_directory = NULL; options->zero_knowledge_password_authentication = -1; - options->rdomain = -1; } void @@ -280,7 +279,7 @@ typedef enum { sClientAliveCountMax, sAuthorizedKeysFile, sAuthorizedKeysFile2, sGssAuthentication, sGssCleanupCreds, sAcceptEnv, sPermitTunnel, sMatch, sPermitOpen, sForceCommand, sChrootDirectory, - sUsePrivilegeSeparation, sAllowAgentForwarding, sRDomain, + sUsePrivilegeSeparation, sAllowAgentForwarding, sZeroKnowledgePasswordAuthentication, sDeprecated, sUnsupported } ServerOpCodes; @@ -387,7 +386,6 @@ static struct { { "match", sMatch, SSHCFG_ALL }, { "permitopen", sPermitOpen, SSHCFG_ALL }, { "forcecommand", sForceCommand, SSHCFG_ALL }, - { "routingdomain", sRDomain, SSHCFG_GLOBAL }, { "chrootdirectory", sChrootDirectory, SSHCFG_ALL }, { NULL, sBadOption, 0 } }; @@ -1253,19 +1251,6 @@ process_server_config_line(ServerOptions *options, char *line, *charptr = xstrdup(arg); break; - case sRDomain: - intptr = &options->rdomain; - arg = strdelim(&cp); - if (!arg || *arg == '\0') - fatal("%s line %d: missing rdomain value.", - filename, linenum); - if ((value = a2rdomain(arg)) == -1) - fatal("%s line %d: invalid rdomain value.", - filename, linenum); - if (*intptr == -1) - *intptr = value; - break; - case sDeprecated: logit("%s line %d: Deprecated option %s", filename, linenum, arg); @@ -1539,7 +1524,6 @@ dump_config(ServerOptions *o) dump_cfg_int(sMaxSessions, o->max_sessions); dump_cfg_int(sClientAliveInterval, o->client_alive_interval); dump_cfg_int(sClientAliveCountMax, o->client_alive_count_max); - dump_cfg_int(sRDomain, o->rdomain); /* formatted integer arguments */ dump_cfg_fmtint(sPermitRootLogin, o->permit_root_login); |