merge key exchange patch without rekeying support

[openssh.git] / readconf.c
diff --git a/readconf.c b/readconf.c

index eb4a8b9..091029a 100644 (file)
--- a/readconf.c
+++ b/readconf.c
@@ -129,6 +129,8 @@ typedef enum {
         oClearAllForwardings, oNoHostAuthenticationForLocalhost,
         oEnableSSHKeysign, oRekeyLimit, oVerifyHostKeyDNS, oConnectTimeout,
         oAddressFamily, oGssAuthentication, oGssDelegateCreds,
+       oGssTrustDns, oGssKeyEx, oGssClientIdentity, oGssRenewalRekey,
+       oGssServerIdentity, 
         oServerAliveInterval, oServerAliveCountMax, oIdentitiesOnly,
         oSendEnv, oControlPath, oControlMaster, oControlPersist,
         oHashKnownHosts,
@@ -169,10 +171,19 @@ static struct {
         { "afstokenpassing", oUnsupported },
  #if defined(GSSAPI)
         { "gssapiauthentication", oGssAuthentication },
+       { "gssapikeyexchange", oGssKeyEx },
         { "gssapidelegatecredentials", oGssDelegateCreds },
+       { "gssapitrustdns", oGssTrustDns },
+       { "gssapiclientidentity", oGssClientIdentity },
+       { "gssapiserveridentity", oGssServerIdentity },
+       { "gssapirenewalforcesrekey", oGssRenewalRekey },
  #else
         { "gssapiauthentication", oUnsupported },
+       { "gssapikeyexchange", oUnsupported },
         { "gssapidelegatecredentials", oUnsupported },
+       { "gssapitrustdns", oUnsupported },
+       { "gssapiclientidentity", oUnsupported },
+       { "gssapirenewalforcesrekey", oUnsupported },
  #endif
         { "fallbacktorsh", oDeprecated },
         { "usersh", oDeprecated },
@@ -479,10 +490,30 @@ parse_flag:
                 intptr = &options->gss_authentication;
                 goto parse_flag;
  
+       case oGssKeyEx:
+               intptr = &options->gss_keyex;
+               goto parse_flag;
+
         case oGssDelegateCreds:
                 intptr = &options->gss_deleg_creds;
                 goto parse_flag;
  
+       case oGssTrustDns:
+               intptr = &options->gss_trust_dns;
+               goto parse_flag;
+
+       case oGssClientIdentity:
+               charptr = &options->gss_client_identity;
+               goto parse_string;
+
+       case oGssServerIdentity:
+               charptr = &options->gss_server_identity;
+               goto parse_string;
+
+       case oGssRenewalRekey:
+               intptr = &options->gss_renewal_rekey;
+               goto parse_flag;
+
         case oBatchMode:
                 intptr = &options->batch_mode;
                 goto parse_flag;
@@ -1092,7 +1123,12 @@ initialize_options(Options * options)
         options->pubkey_authentication = -1;
         options->challenge_response_authentication = -1;
         options->gss_authentication = -1;
+       options->gss_keyex = -1;
         options->gss_deleg_creds = -1;
+       options->gss_trust_dns = -1;
+       options->gss_renewal_rekey = -1;
+       options->gss_client_identity = NULL;
+       options->gss_server_identity = NULL;
         options->password_authentication = -1;
         options->kbd_interactive_authentication = -1;
         options->kbd_interactive_devices = NULL;
@@ -1193,8 +1229,14 @@ fill_default_options(Options * options)
                 options->challenge_response_authentication = 1;
         if (options->gss_authentication == -1)
                 options->gss_authentication = 0;
+       if (options->gss_keyex == -1)
+               options->gss_keyex = 0;
         if (options->gss_deleg_creds == -1)
                 options->gss_deleg_creds = 0;
+       if (options->gss_trust_dns == -1)
+               options->gss_trust_dns = 0;
+       if (options->gss_renewal_rekey == -1)
+               options->gss_renewal_rekey = 0;
         if (options->password_authentication == -1)
                 options->password_authentication = 1;
         if (options->kbd_interactive_authentication == -1)