diff options
author | djm@openbsd.org <djm@openbsd.org> | 2021-07-23 03:57:20 +0000 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 2021-07-23 14:07:19 +1000 |
commit | e3957e21ffdc119d6d04c0b1686f8e2fe052f5ea (patch) | |
tree | c2bcc5fc02be59f914ea4f0e04981fc0162c2613 /auth-options.h | |
parent | d0bb1ce731762c55acb95817df4d5fab526c7ecd (diff) |
upstream: make authorized_keys environment="..." directives
first-match-wins and more strictly limit their maximum number; prompted by
OOM reported by OSS-fuzz (35470).
feedback and ok dtucker@
OpenBSD-Commit-ID: 01f63fc10dcd995e7aed9c378ad879161af83121
Diffstat (limited to 'auth-options.h')
-rw-r--r-- | auth-options.h | 7 |
1 files changed, 5 insertions, 2 deletions
diff --git a/auth-options.h b/auth-options.h index 118a3208..6e29b727 100644 --- a/auth-options.h +++ b/auth-options.h @@ -1,4 +1,4 @@ -/* $OpenBSD: auth-options.h,v 1.30 2020/08/27 01:07:09 djm Exp $ */ +/* $OpenBSD: auth-options.h,v 1.31 2021/07/23 03:57:20 djm Exp $ */ /* * Copyright (c) 2018 Damien Miller <djm@mindrot.org> @@ -23,7 +23,10 @@ struct passwd; struct sshkey; /* Maximum number of permitopen/permitlisten directives to accept */ -#define SSH_AUTHOPT_PERMIT_MAX 4096 +#define SSH_AUTHOPT_PERMIT_MAX 4096 + +/* Maximum number of environment directives to accept */ +#define SSH_AUTHOPT_ENV_MAX 1024 /* * sshauthopt represents key options parsed from authorized_keys or |