1/* $OpenBSD: auth-options.c,v 1.68 2015/07/03 03:43:18 djm Exp $ */ |
2/* 3 * Author: Tatu Ylonen <ylo@cs.hut.fi> 4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland 5 * All rights reserved 6 * As far as I am concerned, the code I have written for this software 7 * can be used freely for any purpose. Any derived versions of this 8 * software must be clearly marked as such, and if the derived work is 9 * incompatible with the protocol description in the RFC file, it must be --- 573 unchanged lines hidden (view full) --- 583 int cert_no_port_forwarding_flag = 1; 584 int cert_no_agent_forwarding_flag = 1; 585 int cert_no_x11_forwarding_flag = 1; 586 int cert_no_pty_flag = 1; 587 int cert_no_user_rc = 1; 588 char *cert_forced_command = NULL; 589 int cert_source_address_done = 0; 590 |
591 /* Separate options and extensions for v01 certs */ 592 if (parse_option_list(k->cert->critical, pw, 593 OPTIONS_CRITICAL, 1, NULL, NULL, NULL, NULL, NULL, 594 &cert_forced_command, 595 &cert_source_address_done) == -1) 596 return -1; 597 if (parse_option_list(k->cert->extensions, pw, 598 OPTIONS_EXTENSIONS, 0, 599 &cert_no_port_forwarding_flag, 600 &cert_no_agent_forwarding_flag, 601 &cert_no_x11_forwarding_flag, 602 &cert_no_pty_flag, 603 &cert_no_user_rc, 604 NULL, NULL) == -1) 605 return -1; |
606 607 no_port_forwarding_flag |= cert_no_port_forwarding_flag; 608 no_agent_forwarding_flag |= cert_no_agent_forwarding_flag; 609 no_x11_forwarding_flag |= cert_no_x11_forwarding_flag; 610 no_pty_flag |= cert_no_pty_flag; 611 no_user_rc |= cert_no_user_rc; 612 /* CA-specified forced command supersedes key option */ 613 if (cert_forced_command != NULL) { 614 if (forced_command != NULL) 615 free(forced_command); 616 forced_command = cert_forced_command; 617 } 618 return 0; 619} 620 |