Merge branch 'master' of ssh://git.ipfire.org/pub/git/ipfire-2.x

[people/mfischer/ipfire-2.x.git] / src / misc-progs / sshctrl.c

diff --git a/src/misc-progs/sshctrl.c b/src/misc-progs/sshctrl.c
index 0bdc5834808e45bde4526a0aa8c86e24303cc0d1..f1d0338c23e728e85f6f1587dd013434a10954dc 100644 (file)
--- a/src/misc-progs/sshctrl.c
+++ b/src/misc-progs/sshctrl.c
@@ -5,10 +5,10 @@
  *
  * (c) Mark Wormgoor, 2001
  * Simple program intended to be installed setuid(0) that can be used for
- * restarting SSHd. 
- * 
+ * restarting SSHd.
+ *
  * $Id: sshctrl.c,v 1.3 2003/12/11 10:57:34 riddles Exp $
- * 
+ *
  */
 
 #include <stdio.h>
@@ -24,7 +24,7 @@
 
 #define BUFFER_SIZE 1024
 
-char command[BUFFER_SIZE]; 
+char command[BUFFER_SIZE];
 
 int main(int argc, char *argv[])
 {
@@ -54,10 +54,7 @@ int main(int argc, char *argv[])
                                                exit(1);
                                }
 
-                               if(findkey(kv, "ENABLE_SSH_PROTOCOL1", buffer) && !strcmp(buffer,"on"))
-                                               strlcat(command, "s/^Protocol .*$/Protocol 2,1/;", STRING_SIZE - 1 );
-                               else
-                                               strlcat(command, "s/^Protocol .*$/Protocol 2/;", STRING_SIZE - 1 );
+                               strlcat(command, "s/^Protocol .*$/Protocol 2/;", STRING_SIZE - 1 );
 
                                if(findkey(kv, "ENABLE_SSH_KEYS", buffer) && !strcmp(buffer,"off"))
                                                strlcat(command, "s/^RSAAuthentication .*$/RSAAuthentication no/;"              "s/^PubkeyAuthentication .*$/PubkeyAuthentication no/;", STRING_SIZE - 1 );
@@ -70,14 +67,19 @@ int main(int argc, char *argv[])
                                                strlcat(command, "s/^PasswordAuthentication .*$/PasswordAuthentication yes/;", STRING_SIZE - 1 );
 
                                if(findkey(kv, "ENABLE_SSH_PORTFW", buffer) && !strcmp(buffer,"on"))
-                                               strlcat(command, "s/^AllowTcpForwarding .*$/AllowTcpForwarding yes/;", STRING_SIZE - 1 );
+                                               strlcat(command, "s/^AllowTcpForwarding .*$/AllowTcpForwarding yes/;"   "s/^PermitOpen .*$/PermitOpen any/;", STRING_SIZE - 1 );
                                else
-                                               strlcat(command, "s/^AllowTcpForwarding .*$/AllowTcpForwarding no/;", STRING_SIZE - 1 );
-                                               
+                                               strlcat(command, "s/^AllowTcpForwarding .*$/AllowTcpForwarding no/;"    "s/^PermitOpen .*$/PermitOpen none/;", STRING_SIZE - 1 );
+
                                if(findkey(kv, "SSH_PORT", buffer) && !strcmp(buffer,"on"))
-                                               strlcat(command, "s/^Port .*$/Port 22/", STRING_SIZE - 1 );
+                                               strlcat(command, "s/^Port .*$/Port 22/;", STRING_SIZE - 1 );
                                else
-                                               strlcat(command, "s/^Port .*$/Port 222/", STRING_SIZE - 1 );
+                                               strlcat(command, "s/^Port .*$/Port 222/;", STRING_SIZE - 1 );
+
+                               if(findkey(kv, "SSH_AGENT_FORWARDING", buffer) && !strcmp(buffer,"on"))
+                                               strlcat(command, "s/^AllowAgentForwarding .*$/AllowAgentForwarding yes/;", STRING_SIZE - 1 );
+                               else
+                                               strlcat(command, "s/^AllowAgentForwarding .*$/AllowAgentForwarding no/;", STRING_SIZE - 1 );
 
                                freekeyvalues(kv);
 
@@ -131,6 +133,11 @@ int main(int argc, char *argv[])
                                return 0;
        }
        else if (strcmp(argv[1], "tempstart") == 0) {
+               if (!is_valid_argument_num(argv[2])) {
+                       fprintf(stderr, "Invalid time '%s'\n", argv[2]);
+                       exit(2);
+               }
+
                                safe_system("/usr/local/bin/sshctrl");
                                sleep(5);
                                unlink("/var/ipfire/remote/enablessh");