diff options
author | Alan Dunn <amdunn@gmail.com> | 2014-03-07 08:13:23 -0600 |
---|---|---|
committer | Andreas Schneider <asn@cryptomilk.org> | 2014-03-27 10:06:11 +0100 |
commit | c82dd2eb81ebdd1456faa0de45eb285d669755fb (patch) | |
tree | 920686b230a0f8f329042a8e9409124d25c783ae /examples | |
parent | f6276fe73940dd35bbd4f95d3cf902bcf69f23f3 (diff) | |
download | libssh-c82dd2eb81ebdd1456faa0de45eb285d669755fb.tar.gz libssh-c82dd2eb81ebdd1456faa0de45eb285d669755fb.tar.xz libssh-c82dd2eb81ebdd1456faa0de45eb285d669755fb.zip |
examples: Add no default keys options to ssh_server_fork
It seems useful to be able to run ssh_server_fork without being
required to load some key of RSA and DSA keytypes. However, with the
current ssh_server_fork, you need to have some keys as some default
value is set by default and you can't unset the value for a keytype
(e.g. by using NULL as an argument). So the "no default keys"
argument turns off the default key assignments.
Signed-off-by: Alan Dunn <amdunn@gmail.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
Diffstat (limited to 'examples')
-rw-r--r-- | examples/ssh_server_fork.c | 45 |
1 files changed, 40 insertions, 5 deletions
diff --git a/examples/ssh_server_fork.c b/examples/ssh_server_fork.c index 10939650..1582b38a 100644 --- a/examples/ssh_server_fork.c +++ b/examples/ssh_server_fork.c @@ -53,6 +53,19 @@ The goal is to show the API in action. #define SESSION_END (SSH_CLOSED | SSH_CLOSED_ERROR) #define SFTP_SERVER_PATH "/usr/lib/sftp-server" +static void set_default_keys(ssh_bind sshbind, + int rsa_already_set, + int dsa_already_set) { + if (!rsa_already_set) { + ssh_bind_options_set(sshbind, SSH_BIND_OPTIONS_RSAKEY, + KEYS_FOLDER "ssh_host_rsa_key"); + } + if (!dsa_already_set) { + ssh_bind_options_set(sshbind, SSH_BIND_OPTIONS_DSAKEY, + KEYS_FOLDER "ssh_host_dsa_key"); + } +} + #ifdef HAVE_ARGP_H const char *argp_program_version = "libssh server example " SSH_STRINGIFY(LIBSSH_VERSION); @@ -99,6 +112,14 @@ static struct argp_option options[] = { .group = 0 }, { + .name = "no-default-keys", + .key = 'n', + .arg = NULL, + .flags = 0, + .doc = "Do not set default key locations.", + .group = 0 + }, + { .name = "verbose", .key = 'v', .arg = NULL, @@ -114,19 +135,29 @@ static error_t parse_opt (int key, char *arg, struct argp_state *state) { /* Get the input argument from argp_parse, which we * know is a pointer to our arguments structure. */ ssh_bind sshbind = state->input; + static int no_default_keys = 0; + static int rsa_already_set = 0, dsa_already_set = 0; switch (key) { + case 'n': + no_default_keys = 1; + break; case 'p': ssh_bind_options_set(sshbind, SSH_BIND_OPTIONS_BINDPORT_STR, arg); break; case 'd': ssh_bind_options_set(sshbind, SSH_BIND_OPTIONS_DSAKEY, arg); + dsa_already_set = 1; break; case 'k': + /* This currently sets the public key algorithms the + server is willing to use, not which key files it will + load */ ssh_bind_options_set(sshbind, SSH_BIND_OPTIONS_HOSTKEY, arg); break; case 'r': ssh_bind_options_set(sshbind, SSH_BIND_OPTIONS_RSAKEY, arg); + rsa_already_set = 1; break; case 'v': ssh_bind_options_set(sshbind, SSH_BIND_OPTIONS_LOG_VERBOSITY_STR, @@ -144,6 +175,13 @@ static error_t parse_opt (int key, char *arg, struct argp_state *state) { /* Not enough arguments. */ argp_usage (state); } + + if (!no_default_keys) { + set_default_keys(sshbind, + rsa_already_set, + dsa_already_set); + } + break; default: return ARGP_ERR_UNKNOWN; @@ -576,16 +614,13 @@ int main(int argc, char **argv) { ssh_init(); sshbind = ssh_bind_new(); - ssh_bind_options_set(sshbind, SSH_BIND_OPTIONS_DSAKEY, - KEYS_FOLDER "ssh_host_dsa_key"); - ssh_bind_options_set(sshbind, SSH_BIND_OPTIONS_RSAKEY, - KEYS_FOLDER "ssh_host_rsa_key"); - #ifdef HAVE_ARGP_H argp_parse(&argp, argc, argv, 0, 0, sshbind); #else (void) argc; (void) argv; + + set_default_keys(sshbind, 0, 0); #endif /* HAVE_ARGP_H */ if(ssh_bind_listen(sshbind) < 0) { |