options: Allow avoiding system-wide configuration

The added option SSH_BIND_OPTIONS_PROCESS_CONFIG allows to skip
processing the system-wide configuration file.  The global configuration
file is processed automatically if this option is not set as false.

This option will only be effective if set before any call to
ssh_bind_options_parse_config().

Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>

2 files changed, 28 insertions, 9 deletions

diff --git a/src/bind.c b/src/bind.c
index d5193f77..8b45ef8b 100644
--- a/src/bind.c
+++ b/src/bind.c
@@ -132,7 +132,6 @@ static socket_t bind_socket(ssh_bind sshbind, const char *hostname,
 
 ssh_bind ssh_bind_new(void) {
     ssh_bind ptr;
-    int rc;
 
     ptr = calloc(1, sizeof(struct ssh_bind_struct));
     if (ptr == NULL) {
@@ -142,13 +141,6 @@ ssh_bind ssh_bind_new(void) {
     ptr->bindport = 22;
     ptr->common.log_verbosity = 0;
 
-    /* Apply global bind configurations */
-    rc = ssh_bind_options_parse_config(ptr, NULL);
-    if (rc != 0) {
-        ssh_bind_free(ptr);
-        ptr = NULL;
-    }
-
     return ptr;
 }
 
@@ -431,14 +423,25 @@ void ssh_bind_free(ssh_bind sshbind){
 int ssh_bind_accept_fd(ssh_bind sshbind, ssh_session session, socket_t fd){
     int i, rc;
 
+    if (sshbind == NULL) {
+        return SSH_ERROR;
+    }
+
     if (session == NULL){
         ssh_set_error(sshbind, SSH_FATAL,"session is null");
         return SSH_ERROR;
     }
 
+    /* Apply global bind configurations, if it hasn't been applied before */
+    rc = ssh_bind_options_parse_config(sshbind, NULL);
+    if (rc != 0) {
+        ssh_set_error(sshbind, SSH_FATAL,"Could not parse global config");
+        return SSH_ERROR;
+    }
+
     session->server = 1;
 
-    /* copy options */
+    /* Copy options from bind to session */
     for (i = 0; i < 10; i++) {
       if (sshbind->wanted_methods[i]) {
         session->opts.wanted_methods[i] = strdup(sshbind->wanted_methods[i]);
diff --git a/src/options.c b/src/options.c
index 3b58fe2c..9af7b22b 100644
--- a/src/options.c
+++ b/src/options.c
@@ -1608,6 +1608,13 @@ static int ssh_bind_set_algo(ssh_bind sshbind,
  *                        paths of configuration files to
  *                        ssh_bind_options_parse_config().
  *
+ *                      - SSH_BIND_OPTIONS_PROCESS_CONFIG
+ *                        Set it to false to disable automatic processing of
+ *                        system-wide configuration files. LibSSH automatically
+ *                        uses these configuration files otherwise. This
+ *                        option will only have effect if set before any call
+ *                        to ssh_bind_options_parse_config() (bool).
+ *
  *                      - SSH_BIND_OPTIONS_PUBKEY_ACCEPTED_KEY_TYPES:
  *                        Set the public key algorithm accepted by the server
  *                        (const char *, comma-separated list).
@@ -1955,6 +1962,15 @@ int ssh_bind_options_set(ssh_bind sshbind, enum ssh_bind_options_e type,
             }
         }
         break;
+    case SSH_BIND_OPTIONS_PROCESS_CONFIG:
+        if (value == NULL) {
+            ssh_set_error_invalid(sshbind);
+            return -1;
+        } else {
+            bool *x = (bool *)value;
+            sshbind->config_processed = !(*x);
+        }
+        break;
     default:
       ssh_set_error(sshbind, SSH_REQUEST_DENIED, "Unknown ssh option %d", type);
       return -1;