Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / external / openssh / 3702396526a2569402696ff7d7c6d0fe2e5a447b / . / servconf.c
blob: 77ac8452749990f35ac667b580ab7238e2670d3c [file] [log] [blame]
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000[diff] [blame]1/*
Damien Miller4af51302000-04-16 11:18:38 +1000[diff] [blame]2 *
Damien Miller95def091999-11-25 00:26:21 +1100[diff] [blame]3 * servconf.c
Damien Miller4af51302000-04-16 11:18:38 +1000[diff] [blame]4 *
Damien Miller95def091999-11-25 00:26:21 +1100[diff] [blame]5 * Author: Tatu Ylonen <ylo@cs.hut.fi>
Damien Miller4af51302000-04-16 11:18:38 +1000[diff] [blame]6 *
Damien Miller95def091999-11-25 00:26:21 +1100[diff] [blame]7 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
8 * All rights reserved
Damien Miller4af51302000-04-16 11:18:38 +1000[diff] [blame]9 *
Damien Miller95def091999-11-25 00:26:21 +1100[diff] [blame]10 * Created: Mon Aug 21 15:48:58 1995 ylo
Damien Miller4af51302000-04-16 11:18:38 +1000[diff] [blame]11 *
Damien Miller95def091999-11-25 00:26:21 +1100[diff] [blame]12 */
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000[diff] [blame]13
14#include "includes.h"
Damien Miller37023962000-07-11 17:31:38 +1000[diff] [blame^]15RCSID("$OpenBSD: servconf.c,v 1.47 2000/07/10 16:30:25 ho Exp $");
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000[diff] [blame]16
17#include "ssh.h"
18#include "servconf.h"
19#include "xmalloc.h"
Damien Miller78928792000-04-12 20:17:38 +1000[diff] [blame]20#include "compat.h"
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000[diff] [blame]21
Damien Miller34132e52000-01-14 15:45:46 +1100[diff] [blame]22/* add listen address */
23void add_listen_addr(ServerOptions *options, char *addr);
24
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000[diff] [blame]25/* Initializes the server options to their default values. */
26
Damien Miller4af51302000-04-16 11:18:38 +1000[diff] [blame]27void
Damien Miller95def091999-11-25 00:26:21 +1100[diff] [blame]28initialize_server_options(ServerOptions *options)
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000[diff] [blame]29{
Damien Miller95def091999-11-25 00:26:21 +1100[diff] [blame]30 memset(options, 0, sizeof(*options));
Damien Miller34132e52000-01-14 15:45:46 +1100[diff] [blame]31 options->num_ports = 0;
32 options->ports_from_cmdline = 0;
33 options->listen_addrs = NULL;
Damien Miller95def091999-11-25 00:26:21 +1100[diff] [blame]34 options->host_key_file = NULL;
Damien Millere247cc42000-05-07 12:03:14 +1000[diff] [blame]35 options->host_dsa_key_file = NULL;
Damien Miller6f83b8e2000-05-02 09:23:45 +1000[diff] [blame]36 options->pid_file = NULL;
Damien Miller95def091999-11-25 00:26:21 +1100[diff] [blame]37 options->server_key_bits = -1;
38 options->login_grace_time = -1;
39 options->key_regeneration_time = -1;
40 options->permit_root_login = -1;
41 options->ignore_rhosts = -1;
42 options->ignore_user_known_hosts = -1;
43 options->print_motd = -1;
44 options->check_mail = -1;
45 options->x11_forwarding = -1;
46 options->x11_display_offset = -1;
Damien Millerd3a18572000-06-07 19:55:44 +1000[diff] [blame]47 options->xauth_location = NULL;
Damien Miller95def091999-11-25 00:26:21 +1100[diff] [blame]48 options->strict_modes = -1;
49 options->keepalives = -1;
50 options->log_facility = (SyslogFacility) - 1;
51 options->log_level = (LogLevel) - 1;
52 options->rhosts_authentication = -1;
53 options->rhosts_rsa_authentication = -1;
54 options->rsa_authentication = -1;
Damien Millere247cc42000-05-07 12:03:14 +1000[diff] [blame]55 options->dsa_authentication = -1;
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000[diff] [blame]56#ifdef KRB4
Damien Miller95def091999-11-25 00:26:21 +1100[diff] [blame]57 options->kerberos_authentication = -1;
58 options->kerberos_or_local_passwd = -1;
59 options->kerberos_ticket_cleanup = -1;
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000[diff] [blame]60#endif
61#ifdef AFS
Damien Miller95def091999-11-25 00:26:21 +1100[diff] [blame]62 options->kerberos_tgt_passing = -1;
63 options->afs_token_passing = -1;
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000[diff] [blame]64#endif
Damien Miller95def091999-11-25 00:26:21 +1100[diff] [blame]65 options->password_authentication = -1;
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000[diff] [blame]66#ifdef SKEY
Damien Miller95def091999-11-25 00:26:21 +1100[diff] [blame]67 options->skey_authentication = -1;
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000[diff] [blame]68#endif
Damien Miller95def091999-11-25 00:26:21 +1100[diff] [blame]69 options->permit_empty_passwd = -1;
70 options->use_login = -1;
71 options->num_allow_users = 0;
72 options->num_deny_users = 0;
73 options->num_allow_groups = 0;
74 options->num_deny_groups = 0;
Damien Miller78928792000-04-12 20:17:38 +1000[diff] [blame]75 options->ciphers = NULL;
76 options->protocol = SSH_PROTO_UNKNOWN;
Damien Millere247cc42000-05-07 12:03:14 +1000[diff] [blame]77 options->gateway_ports = -1;
Damien Millerf6d9e222000-06-18 14:50:44 +1000[diff] [blame]78 options->num_subsystems = 0;
Damien Miller37023962000-07-11 17:31:38 +1000[diff] [blame^]79 options->max_startups = -1;
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000[diff] [blame]80}
81
Damien Miller4af51302000-04-16 11:18:38 +1000[diff] [blame]82void
Damien Miller95def091999-11-25 00:26:21 +1100[diff] [blame]83fill_default_server_options(ServerOptions *options)
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000[diff] [blame]84{
Damien Miller34132e52000-01-14 15:45:46 +1100[diff] [blame]85 if (options->num_ports == 0)
86 options->ports[options->num_ports++] = SSH_DEFAULT_PORT;
87 if (options->listen_addrs == NULL)
88 add_listen_addr(options, NULL);
Damien Miller95def091999-11-25 00:26:21 +1100[diff] [blame]89 if (options->host_key_file == NULL)
90 options->host_key_file = HOST_KEY_FILE;
Damien Millere247cc42000-05-07 12:03:14 +1000[diff] [blame]91 if (options->host_dsa_key_file == NULL)
92 options->host_dsa_key_file = HOST_DSA_KEY_FILE;
Damien Miller6f83b8e2000-05-02 09:23:45 +1000[diff] [blame]93 if (options->pid_file == NULL)
94 options->pid_file = SSH_DAEMON_PID_FILE;
Damien Miller95def091999-11-25 00:26:21 +1100[diff] [blame]95 if (options->server_key_bits == -1)
96 options->server_key_bits = 768;
97 if (options->login_grace_time == -1)
98 options->login_grace_time = 600;
99 if (options->key_regeneration_time == -1)
100 options->key_regeneration_time = 3600;
101 if (options->permit_root_login == -1)
102 options->permit_root_login = 1; /* yes */
103 if (options->ignore_rhosts == -1)
Damien Miller98c7ad62000-03-09 21:27:49 +1100[diff] [blame]104 options->ignore_rhosts = 1;
Damien Miller95def091999-11-25 00:26:21 +1100[diff] [blame]105 if (options->ignore_user_known_hosts == -1)
106 options->ignore_user_known_hosts = 0;
107 if (options->check_mail == -1)
108 options->check_mail = 0;
109 if (options->print_motd == -1)
110 options->print_motd = 1;
111 if (options->x11_forwarding == -1)
Damien Miller98c7ad62000-03-09 21:27:49 +1100[diff] [blame]112 options->x11_forwarding = 0;
Damien Miller95def091999-11-25 00:26:21 +1100[diff] [blame]113 if (options->x11_display_offset == -1)
Damien Miller98c7ad62000-03-09 21:27:49 +1100[diff] [blame]114 options->x11_display_offset = 10;
Damien Millerd3a18572000-06-07 19:55:44 +1000[diff] [blame]115#ifdef XAUTH_PATH
116 if (options->xauth_location == NULL)
117 options->xauth_location = XAUTH_PATH;
118#endif /* XAUTH_PATH */
Damien Miller95def091999-11-25 00:26:21 +1100[diff] [blame]119 if (options->strict_modes == -1)
120 options->strict_modes = 1;
121 if (options->keepalives == -1)
122 options->keepalives = 1;
123 if (options->log_facility == (SyslogFacility) (-1))
124 options->log_facility = SYSLOG_FACILITY_AUTH;
125 if (options->log_level == (LogLevel) (-1))
126 options->log_level = SYSLOG_LEVEL_INFO;
127 if (options->rhosts_authentication == -1)
128 options->rhosts_authentication = 0;
129 if (options->rhosts_rsa_authentication == -1)
Damien Miller98c7ad62000-03-09 21:27:49 +1100[diff] [blame]130 options->rhosts_rsa_authentication = 0;
Damien Miller95def091999-11-25 00:26:21 +1100[diff] [blame]131 if (options->rsa_authentication == -1)
132 options->rsa_authentication = 1;
Damien Millere247cc42000-05-07 12:03:14 +1000[diff] [blame]133 if (options->dsa_authentication == -1)
134 options->dsa_authentication = 1;
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000[diff] [blame]135#ifdef KRB4
Damien Miller95def091999-11-25 00:26:21 +1100[diff] [blame]136 if (options->kerberos_authentication == -1)
137 options->kerberos_authentication = (access(KEYFILE, R_OK) == 0);
138 if (options->kerberos_or_local_passwd == -1)
139 options->kerberos_or_local_passwd = 1;
140 if (options->kerberos_ticket_cleanup == -1)
141 options->kerberos_ticket_cleanup = 1;
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000[diff] [blame]142#endif /* KRB4 */
143#ifdef AFS
Damien Miller95def091999-11-25 00:26:21 +1100[diff] [blame]144 if (options->kerberos_tgt_passing == -1)
145 options->kerberos_tgt_passing = 0;
146 if (options->afs_token_passing == -1)
147 options->afs_token_passing = k_hasafs();
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000[diff] [blame]148#endif /* AFS */
Damien Miller95def091999-11-25 00:26:21 +1100[diff] [blame]149 if (options->password_authentication == -1)
150 options->password_authentication = 1;
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000[diff] [blame]151#ifdef SKEY
Damien Miller95def091999-11-25 00:26:21 +1100[diff] [blame]152 if (options->skey_authentication == -1)
153 options->skey_authentication = 1;
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000[diff] [blame]154#endif
Damien Miller95def091999-11-25 00:26:21 +1100[diff] [blame]155 if (options->permit_empty_passwd == -1)
Damien Miller98c7ad62000-03-09 21:27:49 +1100[diff] [blame]156 options->permit_empty_passwd = 0;
Damien Miller95def091999-11-25 00:26:21 +1100[diff] [blame]157 if (options->use_login == -1)
158 options->use_login = 0;
Damien Miller78928792000-04-12 20:17:38 +1000[diff] [blame]159 if (options->protocol == SSH_PROTO_UNKNOWN)
Damien Millereba71ba2000-04-29 23:57:08 +1000[diff] [blame]160 options->protocol = SSH_PROTO_1|SSH_PROTO_2;
Damien Millere247cc42000-05-07 12:03:14 +1000[diff] [blame]161 if (options->gateway_ports == -1)
162 options->gateway_ports = 0;
Damien Miller37023962000-07-11 17:31:38 +1000[diff] [blame^]163 if (options->max_startups == -1)
164 options->max_startups = 10;
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000[diff] [blame]165}
166
Damien Millerf6d9e222000-06-18 14:50:44 +1000[diff] [blame]167#define WHITESPACE " \t\r\n="
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000[diff] [blame]168
169/* Keyword tokens. */
Damien Miller95def091999-11-25 00:26:21 +1100[diff] [blame]170typedef enum {
171 sBadOption, /* == unknown option */
172 sPort, sHostKeyFile, sServerKeyBits, sLoginGraceTime, sKeyRegenerationTime,
173 sPermitRootLogin, sLogFacility, sLogLevel,
174 sRhostsAuthentication, sRhostsRSAAuthentication, sRSAAuthentication,
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000[diff] [blame]175#ifdef KRB4
Damien Miller95def091999-11-25 00:26:21 +1100[diff] [blame]176 sKerberosAuthentication, sKerberosOrLocalPasswd, sKerberosTicketCleanup,
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000[diff] [blame]177#endif
178#ifdef AFS
Damien Miller95def091999-11-25 00:26:21 +1100[diff] [blame]179 sKerberosTgtPassing, sAFSTokenPassing,
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000[diff] [blame]180#endif
181#ifdef SKEY
Damien Miller95def091999-11-25 00:26:21 +1100[diff] [blame]182 sSkeyAuthentication,
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000[diff] [blame]183#endif
Damien Miller95def091999-11-25 00:26:21 +1100[diff] [blame]184 sPasswordAuthentication, sListenAddress,
185 sPrintMotd, sIgnoreRhosts, sX11Forwarding, sX11DisplayOffset,
186 sStrictModes, sEmptyPasswd, sRandomSeedFile, sKeepAlives, sCheckMail,
187 sUseLogin, sAllowUsers, sDenyUsers, sAllowGroups, sDenyGroups,
Damien Millere247cc42000-05-07 12:03:14 +1000[diff] [blame]188 sIgnoreUserKnownHosts, sHostDSAKeyFile, sCiphers, sProtocol, sPidFile,
Damien Miller37023962000-07-11 17:31:38 +1000[diff] [blame^]189 sGatewayPorts, sDSAAuthentication, sXAuthLocation, sSubsystem, sMaxStartups
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000[diff] [blame]190} ServerOpCodes;
191
192/* Textual representation of the tokens. */
Damien Miller95def091999-11-25 00:26:21 +1100[diff] [blame]193static struct {
194 const char *name;
195 ServerOpCodes opcode;
196} keywords[] = {
197 { "port", sPort },
198 { "hostkey", sHostKeyFile },
Damien Millere247cc42000-05-07 12:03:14 +1000[diff] [blame]199 { "hostdsakey", sHostDSAKeyFile },
Damien Miller6f83b8e2000-05-02 09:23:45 +1000[diff] [blame]200 { "pidfile", sPidFile },
Damien Miller95def091999-11-25 00:26:21 +1100[diff] [blame]201 { "serverkeybits", sServerKeyBits },
202 { "logingracetime", sLoginGraceTime },
203 { "keyregenerationinterval", sKeyRegenerationTime },
204 { "permitrootlogin", sPermitRootLogin },
205 { "syslogfacility", sLogFacility },
206 { "loglevel", sLogLevel },
207 { "rhostsauthentication", sRhostsAuthentication },
208 { "rhostsrsaauthentication", sRhostsRSAAuthentication },
209 { "rsaauthentication", sRSAAuthentication },
Damien Millere247cc42000-05-07 12:03:14 +1000[diff] [blame]210 { "dsaauthentication", sDSAAuthentication },
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000[diff] [blame]211#ifdef KRB4
Damien Miller95def091999-11-25 00:26:21 +1100[diff] [blame]212 { "kerberosauthentication", sKerberosAuthentication },
213 { "kerberosorlocalpasswd", sKerberosOrLocalPasswd },
214 { "kerberosticketcleanup", sKerberosTicketCleanup },
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000[diff] [blame]215#endif
216#ifdef AFS
Damien Miller95def091999-11-25 00:26:21 +1100[diff] [blame]217 { "kerberostgtpassing", sKerberosTgtPassing },
218 { "afstokenpassing", sAFSTokenPassing },
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000[diff] [blame]219#endif
Damien Miller95def091999-11-25 00:26:21 +1100[diff] [blame]220 { "passwordauthentication", sPasswordAuthentication },
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000[diff] [blame]221#ifdef SKEY
Damien Miller95def091999-11-25 00:26:21 +1100[diff] [blame]222 { "skeyauthentication", sSkeyAuthentication },
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000[diff] [blame]223#endif
Damien Miller95def091999-11-25 00:26:21 +1100[diff] [blame]224 { "checkmail", sCheckMail },
225 { "listenaddress", sListenAddress },
226 { "printmotd", sPrintMotd },
227 { "ignorerhosts", sIgnoreRhosts },
228 { "ignoreuserknownhosts", sIgnoreUserKnownHosts },
229 { "x11forwarding", sX11Forwarding },
230 { "x11displayoffset", sX11DisplayOffset },
Damien Millerd3a18572000-06-07 19:55:44 +1000[diff] [blame]231 { "xauthlocation", sXAuthLocation },
Damien Miller95def091999-11-25 00:26:21 +1100[diff] [blame]232 { "strictmodes", sStrictModes },
233 { "permitemptypasswords", sEmptyPasswd },
234 { "uselogin", sUseLogin },
235 { "randomseed", sRandomSeedFile },
236 { "keepalive", sKeepAlives },
237 { "allowusers", sAllowUsers },
238 { "denyusers", sDenyUsers },
239 { "allowgroups", sAllowGroups },
240 { "denygroups", sDenyGroups },
Damien Miller78928792000-04-12 20:17:38 +1000[diff] [blame]241 { "ciphers", sCiphers },
242 { "protocol", sProtocol },
Damien Millere247cc42000-05-07 12:03:14 +1000[diff] [blame]243 { "gatewayports", sGatewayPorts },
Damien Millerf6d9e222000-06-18 14:50:44 +1000[diff] [blame]244 { "subsystem", sSubsystem },
Damien Miller37023962000-07-11 17:31:38 +1000[diff] [blame^]245 { "maxstartups", sMaxStartups },
Damien Miller95def091999-11-25 00:26:21 +1100[diff] [blame]246 { NULL, 0 }
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000[diff] [blame]247};
248
Damien Miller5428f641999-11-25 11:54:57 +1100[diff] [blame]249/*
250 * Returns the number of the token pointed to by cp of length len. Never
251 * returns if the token is not known.
252 */
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000[diff] [blame]253
Damien Miller4af51302000-04-16 11:18:38 +1000[diff] [blame]254static ServerOpCodes
Damien Miller95def091999-11-25 00:26:21 +1100[diff] [blame]255parse_token(const char *cp, const char *filename,
256 int linenum)
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000[diff] [blame]257{
Damien Miller95def091999-11-25 00:26:21 +1100[diff] [blame]258 unsigned int i;
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000[diff] [blame]259
Damien Miller95def091999-11-25 00:26:21 +1100[diff] [blame]260 for (i = 0; keywords[i].name; i++)
Damien Miller5428f641999-11-25 11:54:57 +1100[diff] [blame]261 if (strcasecmp(cp, keywords[i].name) == 0)
Damien Miller95def091999-11-25 00:26:21 +1100[diff] [blame]262 return keywords[i].opcode;
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000[diff] [blame]263
Damien Miller95def091999-11-25 00:26:21 +1100[diff] [blame]264 fprintf(stderr, "%s: line %d: Bad configuration option: %s\n",
265 filename, linenum, cp);
266 return sBadOption;
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000[diff] [blame]267}
268
Damien Miller34132e52000-01-14 15:45:46 +1100[diff] [blame]269/*
270 * add listen address
271 */
Damien Miller4af51302000-04-16 11:18:38 +1000[diff] [blame]272void
Damien Miller34132e52000-01-14 15:45:46 +1100[diff] [blame]273add_listen_addr(ServerOptions *options, char *addr)
274{
275 extern int IPv4or6;
276 struct addrinfo hints, *ai, *aitop;
277 char strport[NI_MAXSERV];
278 int gaierr;
279 int i;
280
281 if (options->num_ports == 0)
282 options->ports[options->num_ports++] = SSH_DEFAULT_PORT;
283 for (i = 0; i < options->num_ports; i++) {
284 memset(&hints, 0, sizeof(hints));
285 hints.ai_family = IPv4or6;
286 hints.ai_socktype = SOCK_STREAM;
287 hints.ai_flags = (addr == NULL) ? AI_PASSIVE : 0;
288 snprintf(strport, sizeof strport, "%d", options->ports[i]);
289 if ((gaierr = getaddrinfo(addr, strport, &hints, &aitop)) != 0)
290 fatal("bad addr or host: %s (%s)\n",
291 addr ? addr : "<NULL>",
292 gai_strerror(gaierr));
293 for (ai = aitop; ai->ai_next; ai = ai->ai_next)
294 ;
295 ai->ai_next = options->listen_addrs;
296 options->listen_addrs = aitop;
297 }
298}
299
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000[diff] [blame]300/* Reads the server configuration file. */
301
Damien Miller4af51302000-04-16 11:18:38 +1000[diff] [blame]302void
Damien Miller95def091999-11-25 00:26:21 +1100[diff] [blame]303read_server_config(ServerOptions *options, const char *filename)
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000[diff] [blame]304{
Damien Miller95def091999-11-25 00:26:21 +1100[diff] [blame]305 FILE *f;
306 char line[1024];
Damien Miller37023962000-07-11 17:31:38 +1000[diff] [blame^]307 char *cp, **charptr, *arg;
Damien Miller95def091999-11-25 00:26:21 +1100[diff] [blame]308 int linenum, *intptr, value;
309 int bad_options = 0;
310 ServerOpCodes opcode;
Damien Millerf6d9e222000-06-18 14:50:44 +1000[diff] [blame]311 int i;
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000[diff] [blame]312
Damien Miller95def091999-11-25 00:26:21 +1100[diff] [blame]313 f = fopen(filename, "r");
314 if (!f) {
315 perror(filename);
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000[diff] [blame]316 exit(1);
Damien Miller95def091999-11-25 00:26:21 +1100[diff] [blame]317 }
318 linenum = 0;
319 while (fgets(line, sizeof(line), f)) {
320 linenum++;
321 cp = line + strspn(line, WHITESPACE);
322 if (!*cp || *cp == '#')
323 continue;
Damien Miller37023962000-07-11 17:31:38 +1000[diff] [blame^]324 arg = strsep(&cp, WHITESPACE);
325 opcode = parse_token(arg, filename, linenum);
Damien Miller95def091999-11-25 00:26:21 +1100[diff] [blame]326 switch (opcode) {
327 case sBadOption:
328 bad_options++;
329 continue;
330 case sPort:
Damien Miller34132e52000-01-14 15:45:46 +1100[diff] [blame]331 /* ignore ports from configfile if cmdline specifies ports */
332 if (options->ports_from_cmdline)
333 continue;
334 if (options->listen_addrs != NULL)
335 fatal("%s line %d: ports must be specified before "
336 "ListenAdress.\n", filename, linenum);
337 if (options->num_ports >= MAX_PORTS)
338 fatal("%s line %d: too many ports.\n",
Damien Miller4af51302000-04-16 11:18:38 +1000[diff] [blame]339 filename, linenum);
Damien Miller37023962000-07-11 17:31:38 +1000[diff] [blame^]340 arg = strsep(&cp, WHITESPACE);
341 if (!arg || *arg == '\0')
Damien Miller34132e52000-01-14 15:45:46 +1100[diff] [blame]342 fatal("%s line %d: missing port number.\n",
343 filename, linenum);
Damien Miller37023962000-07-11 17:31:38 +1000[diff] [blame^]344 options->ports[options->num_ports++] = atoi(arg);
Damien Miller34132e52000-01-14 15:45:46 +1100[diff] [blame]345 break;
346
347 case sServerKeyBits:
348 intptr = &options->server_key_bits;
Damien Miller95def091999-11-25 00:26:21 +1100[diff] [blame]349parse_int:
Damien Miller37023962000-07-11 17:31:38 +1000[diff] [blame^]350 arg = strsep(&cp, WHITESPACE);
351 if (!arg || *arg == '\0') {
Damien Miller95def091999-11-25 00:26:21 +1100[diff] [blame]352 fprintf(stderr, "%s line %d: missing integer value.\n",
353 filename, linenum);
354 exit(1);
355 }
Damien Miller37023962000-07-11 17:31:38 +1000[diff] [blame^]356 value = atoi(arg);
Damien Miller95def091999-11-25 00:26:21 +1100[diff] [blame]357 if (*intptr == -1)
358 *intptr = value;
359 break;
Damien Miller32265091999-11-12 11:33:04 +1100[diff] [blame]360
Damien Miller95def091999-11-25 00:26:21 +1100[diff] [blame]361 case sLoginGraceTime:
362 intptr = &options->login_grace_time;
363 goto parse_int;
364
365 case sKeyRegenerationTime:
366 intptr = &options->key_regeneration_time;
367 goto parse_int;
368
369 case sListenAddress:
Damien Miller37023962000-07-11 17:31:38 +1000[diff] [blame^]370 arg = strsep(&cp, WHITESPACE);
371 if (!arg || *arg == '\0')
Damien Miller34132e52000-01-14 15:45:46 +1100[diff] [blame]372 fatal("%s line %d: missing inet addr.\n",
373 filename, linenum);
Damien Miller37023962000-07-11 17:31:38 +1000[diff] [blame^]374 add_listen_addr(options, arg);
Damien Miller95def091999-11-25 00:26:21 +1100[diff] [blame]375 break;
376
377 case sHostKeyFile:
Damien Millere247cc42000-05-07 12:03:14 +1000[diff] [blame]378 case sHostDSAKeyFile:
Damien Millerefb4afe2000-04-12 18:45:05 +1000[diff] [blame]379 charptr = (opcode == sHostKeyFile ) ?
Damien Millere247cc42000-05-07 12:03:14 +1000[diff] [blame]380 &options->host_key_file : &options->host_dsa_key_file;
Damien Millerd3a18572000-06-07 19:55:44 +1000[diff] [blame]381parse_filename:
Damien Miller37023962000-07-11 17:31:38 +1000[diff] [blame^]382 arg = strsep(&cp, WHITESPACE);
383 if (!arg || *arg == '\0') {
Damien Miller95def091999-11-25 00:26:21 +1100[diff] [blame]384 fprintf(stderr, "%s line %d: missing file name.\n",
Damien Miller6f83b8e2000-05-02 09:23:45 +1000[diff] [blame]385 filename, linenum);
386 exit(1);
387 }
388 if (*charptr == NULL)
Damien Miller37023962000-07-11 17:31:38 +1000[diff] [blame^]389 *charptr = tilde_expand_filename(arg, getuid());
Damien Miller6f83b8e2000-05-02 09:23:45 +1000[diff] [blame]390 break;
391
392 case sPidFile:
393 charptr = &options->pid_file;
Damien Millerd3a18572000-06-07 19:55:44 +1000[diff] [blame]394 goto parse_filename;
Damien Miller95def091999-11-25 00:26:21 +1100[diff] [blame]395
396 case sRandomSeedFile:
397 fprintf(stderr, "%s line %d: \"randomseed\" option is obsolete.\n",
398 filename, linenum);
Damien Miller37023962000-07-11 17:31:38 +1000[diff] [blame^]399 arg = strsep(&cp, WHITESPACE);
Damien Miller95def091999-11-25 00:26:21 +1100[diff] [blame]400 break;
401
402 case sPermitRootLogin:
403 intptr = &options->permit_root_login;
Damien Miller37023962000-07-11 17:31:38 +1000[diff] [blame^]404 arg = strsep(&cp, WHITESPACE);
405 if (!arg || *arg == '\0') {
Damien Miller95def091999-11-25 00:26:21 +1100[diff] [blame]406 fprintf(stderr, "%s line %d: missing yes/without-password/no argument.\n",
407 filename, linenum);
408 exit(1);
409 }
Damien Miller37023962000-07-11 17:31:38 +1000[diff] [blame^]410 if (strcmp(arg, "without-password") == 0)
Damien Miller95def091999-11-25 00:26:21 +1100[diff] [blame]411 value = 2;
Damien Miller37023962000-07-11 17:31:38 +1000[diff] [blame^]412 else if (strcmp(arg, "yes") == 0)
Damien Miller95def091999-11-25 00:26:21 +1100[diff] [blame]413 value = 1;
Damien Miller37023962000-07-11 17:31:38 +1000[diff] [blame^]414 else if (strcmp(arg, "no") == 0)
Damien Miller95def091999-11-25 00:26:21 +1100[diff] [blame]415 value = 0;
416 else {
417 fprintf(stderr, "%s line %d: Bad yes/without-password/no argument: %s\n",
Damien Miller37023962000-07-11 17:31:38 +1000[diff] [blame^]418 filename, linenum, arg);
Damien Miller95def091999-11-25 00:26:21 +1100[diff] [blame]419 exit(1);
420 }
421 if (*intptr == -1)
422 *intptr = value;
423 break;
424
425 case sIgnoreRhosts:
426 intptr = &options->ignore_rhosts;
427parse_flag:
Damien Miller37023962000-07-11 17:31:38 +1000[diff] [blame^]428 arg = strsep(&cp, WHITESPACE);
429 if (!arg || *arg == '\0') {
Damien Miller95def091999-11-25 00:26:21 +1100[diff] [blame]430 fprintf(stderr, "%s line %d: missing yes/no argument.\n",
431 filename, linenum);
432 exit(1);
433 }
Damien Miller37023962000-07-11 17:31:38 +1000[diff] [blame^]434 if (strcmp(arg, "yes") == 0)
Damien Miller95def091999-11-25 00:26:21 +1100[diff] [blame]435 value = 1;
Damien Miller37023962000-07-11 17:31:38 +1000[diff] [blame^]436 else if (strcmp(arg, "no") == 0)
Damien Miller95def091999-11-25 00:26:21 +1100[diff] [blame]437 value = 0;
438 else {
439 fprintf(stderr, "%s line %d: Bad yes/no argument: %s\n",
Damien Miller37023962000-07-11 17:31:38 +1000[diff] [blame^]440 filename, linenum, arg);
Damien Miller95def091999-11-25 00:26:21 +1100[diff] [blame]441 exit(1);
442 }
443 if (*intptr == -1)
444 *intptr = value;
445 break;
446
447 case sIgnoreUserKnownHosts:
448 intptr = &options->ignore_user_known_hosts;
Damien Miller98c7ad62000-03-09 21:27:49 +1100[diff] [blame]449 goto parse_flag;
Damien Miller95def091999-11-25 00:26:21 +1100[diff] [blame]450
451 case sRhostsAuthentication:
452 intptr = &options->rhosts_authentication;
453 goto parse_flag;
454
455 case sRhostsRSAAuthentication:
456 intptr = &options->rhosts_rsa_authentication;
457 goto parse_flag;
458
459 case sRSAAuthentication:
460 intptr = &options->rsa_authentication;
461 goto parse_flag;
462
Damien Millere247cc42000-05-07 12:03:14 +1000[diff] [blame]463 case sDSAAuthentication:
464 intptr = &options->dsa_authentication;
465 goto parse_flag;
466
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000[diff] [blame]467#ifdef KRB4
Damien Miller95def091999-11-25 00:26:21 +1100[diff] [blame]468 case sKerberosAuthentication:
469 intptr = &options->kerberos_authentication;
470 goto parse_flag;
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000[diff] [blame]471
Damien Miller95def091999-11-25 00:26:21 +1100[diff] [blame]472 case sKerberosOrLocalPasswd:
473 intptr = &options->kerberos_or_local_passwd;
474 goto parse_flag;
475
476 case sKerberosTicketCleanup:
477 intptr = &options->kerberos_ticket_cleanup;
478 goto parse_flag;
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000[diff] [blame]479#endif
Damien Miller95def091999-11-25 00:26:21 +1100[diff] [blame]480
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000[diff] [blame]481#ifdef AFS
Damien Miller95def091999-11-25 00:26:21 +1100[diff] [blame]482 case sKerberosTgtPassing:
483 intptr = &options->kerberos_tgt_passing;
484 goto parse_flag;
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000[diff] [blame]485
Damien Miller95def091999-11-25 00:26:21 +1100[diff] [blame]486 case sAFSTokenPassing:
487 intptr = &options->afs_token_passing;
488 goto parse_flag;
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000[diff] [blame]489#endif
490
Damien Miller95def091999-11-25 00:26:21 +1100[diff] [blame]491 case sPasswordAuthentication:
492 intptr = &options->password_authentication;
493 goto parse_flag;
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000[diff] [blame]494
Damien Miller95def091999-11-25 00:26:21 +1100[diff] [blame]495 case sCheckMail:
496 intptr = &options->check_mail;
497 goto parse_flag;
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000[diff] [blame]498
499#ifdef SKEY
Damien Miller95def091999-11-25 00:26:21 +1100[diff] [blame]500 case sSkeyAuthentication:
501 intptr = &options->skey_authentication;
502 goto parse_flag;
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000[diff] [blame]503#endif
504
Damien Miller95def091999-11-25 00:26:21 +1100[diff] [blame]505 case sPrintMotd:
506 intptr = &options->print_motd;
507 goto parse_flag;
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000[diff] [blame]508
Damien Miller95def091999-11-25 00:26:21 +1100[diff] [blame]509 case sX11Forwarding:
510 intptr = &options->x11_forwarding;
511 goto parse_flag;
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000[diff] [blame]512
Damien Miller95def091999-11-25 00:26:21 +1100[diff] [blame]513 case sX11DisplayOffset:
514 intptr = &options->x11_display_offset;
515 goto parse_int;
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000[diff] [blame]516
Damien Millerd3a18572000-06-07 19:55:44 +1000[diff] [blame]517 case sXAuthLocation:
518 charptr = &options->xauth_location;
519 goto parse_filename;
520
Damien Miller95def091999-11-25 00:26:21 +1100[diff] [blame]521 case sStrictModes:
522 intptr = &options->strict_modes;
523 goto parse_flag;
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000[diff] [blame]524
Damien Miller95def091999-11-25 00:26:21 +1100[diff] [blame]525 case sKeepAlives:
526 intptr = &options->keepalives;
527 goto parse_flag;
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000[diff] [blame]528
Damien Miller95def091999-11-25 00:26:21 +1100[diff] [blame]529 case sEmptyPasswd:
530 intptr = &options->permit_empty_passwd;
531 goto parse_flag;
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000[diff] [blame]532
Damien Miller95def091999-11-25 00:26:21 +1100[diff] [blame]533 case sUseLogin:
534 intptr = &options->use_login;
535 goto parse_flag;
Damien Miller5ce662a1999-11-11 17:57:39 +1100[diff] [blame]536
Damien Millere247cc42000-05-07 12:03:14 +1000[diff] [blame]537 case sGatewayPorts:
538 intptr = &options->gateway_ports;
539 goto parse_flag;
540
Damien Miller95def091999-11-25 00:26:21 +1100[diff] [blame]541 case sLogFacility:
542 intptr = (int *) &options->log_facility;
Damien Miller37023962000-07-11 17:31:38 +1000[diff] [blame^]543 arg = strsep(&cp, WHITESPACE);
544 value = log_facility_number(arg);
Damien Miller95def091999-11-25 00:26:21 +1100[diff] [blame]545 if (value == (SyslogFacility) - 1)
546 fatal("%.200s line %d: unsupported log facility '%s'\n",
Damien Miller37023962000-07-11 17:31:38 +1000[diff] [blame^]547 filename, linenum, arg ? arg : "<NONE>");
Damien Miller95def091999-11-25 00:26:21 +1100[diff] [blame]548 if (*intptr == -1)
549 *intptr = (SyslogFacility) value;
550 break;
551
552 case sLogLevel:
553 intptr = (int *) &options->log_level;
Damien Miller37023962000-07-11 17:31:38 +1000[diff] [blame^]554 arg = strsep(&cp, WHITESPACE);
555 value = log_level_number(arg);
Damien Miller95def091999-11-25 00:26:21 +1100[diff] [blame]556 if (value == (LogLevel) - 1)
557 fatal("%.200s line %d: unsupported log level '%s'\n",
Damien Miller37023962000-07-11 17:31:38 +1000[diff] [blame^]558 filename, linenum, arg ? arg : "<NONE>");
Damien Miller95def091999-11-25 00:26:21 +1100[diff] [blame]559 if (*intptr == -1)
560 *intptr = (LogLevel) value;
561 break;
562
563 case sAllowUsers:
Damien Miller37023962000-07-11 17:31:38 +1000[diff] [blame^]564 while ((arg = strsep(&cp, WHITESPACE)) && *arg != '\0') {
Damien Miller78928792000-04-12 20:17:38 +1000[diff] [blame]565 if (options->num_allow_users >= MAX_ALLOW_USERS)
566 fatal("%s line %d: too many allow users.\n",
567 filename, linenum);
Damien Miller37023962000-07-11 17:31:38 +1000[diff] [blame^]568 options->allow_users[options->num_allow_users++] = xstrdup(arg);
Damien Miller95def091999-11-25 00:26:21 +1100[diff] [blame]569 }
570 break;
571
572 case sDenyUsers:
Damien Miller37023962000-07-11 17:31:38 +1000[diff] [blame^]573 while ((arg = strsep(&cp, WHITESPACE)) && *arg != '\0') {
Damien Miller78928792000-04-12 20:17:38 +1000[diff] [blame]574 if (options->num_deny_users >= MAX_DENY_USERS)
575 fatal( "%s line %d: too many deny users.\n",
576 filename, linenum);
Damien Miller37023962000-07-11 17:31:38 +1000[diff] [blame^]577 options->deny_users[options->num_deny_users++] = xstrdup(arg);
Damien Miller95def091999-11-25 00:26:21 +1100[diff] [blame]578 }
579 break;
580
581 case sAllowGroups:
Damien Miller37023962000-07-11 17:31:38 +1000[diff] [blame^]582 while ((arg = strsep(&cp, WHITESPACE)) && *arg != '\0') {
Damien Miller78928792000-04-12 20:17:38 +1000[diff] [blame]583 if (options->num_allow_groups >= MAX_ALLOW_GROUPS)
584 fatal("%s line %d: too many allow groups.\n",
585 filename, linenum);
Damien Miller37023962000-07-11 17:31:38 +1000[diff] [blame^]586 options->allow_groups[options->num_allow_groups++] = xstrdup(arg);
Damien Miller95def091999-11-25 00:26:21 +1100[diff] [blame]587 }
588 break;
589
590 case sDenyGroups:
Damien Miller37023962000-07-11 17:31:38 +1000[diff] [blame^]591 while ((arg = strsep(&cp, WHITESPACE)) && *arg != '\0') {
Damien Miller78928792000-04-12 20:17:38 +1000[diff] [blame]592 if (options->num_deny_groups >= MAX_DENY_GROUPS)
593 fatal("%s line %d: too many deny groups.\n",
594 filename, linenum);
Damien Miller37023962000-07-11 17:31:38 +1000[diff] [blame^]595 options->deny_groups[options->num_deny_groups++] = xstrdup(arg);
Damien Miller95def091999-11-25 00:26:21 +1100[diff] [blame]596 }
597 break;
598
Damien Miller78928792000-04-12 20:17:38 +1000[diff] [blame]599 case sCiphers:
Damien Miller37023962000-07-11 17:31:38 +1000[diff] [blame^]600 arg = strsep(&cp, WHITESPACE);
601 if (!arg || *arg == '\0')
Damien Millerb1715dc2000-05-30 13:44:51 +1000[diff] [blame]602 fatal("%s line %d: Missing argument.", filename, linenum);
Damien Miller37023962000-07-11 17:31:38 +1000[diff] [blame^]603 if (!ciphers_valid(arg))
Damien Miller30c3d422000-05-09 11:02:59 +1000[diff] [blame]604 fatal("%s line %d: Bad SSH2 cipher spec '%s'.",
Damien Miller37023962000-07-11 17:31:38 +1000[diff] [blame^]605 filename, linenum, arg ? arg : "<NONE>");
Damien Miller78928792000-04-12 20:17:38 +1000[diff] [blame]606 if (options->ciphers == NULL)
Damien Miller37023962000-07-11 17:31:38 +1000[diff] [blame^]607 options->ciphers = xstrdup(arg);
Damien Miller78928792000-04-12 20:17:38 +1000[diff] [blame]608 break;
609
610 case sProtocol:
611 intptr = &options->protocol;
Damien Miller37023962000-07-11 17:31:38 +1000[diff] [blame^]612 arg = strsep(&cp, WHITESPACE);
613 if (!arg || *arg == '\0')
Damien Millerb1715dc2000-05-30 13:44:51 +1000[diff] [blame]614 fatal("%s line %d: Missing argument.", filename, linenum);
Damien Miller37023962000-07-11 17:31:38 +1000[diff] [blame^]615 value = proto_spec(arg);
Damien Miller78928792000-04-12 20:17:38 +1000[diff] [blame]616 if (value == SSH_PROTO_UNKNOWN)
617 fatal("%s line %d: Bad protocol spec '%s'.",
Damien Miller37023962000-07-11 17:31:38 +1000[diff] [blame^]618 filename, linenum, arg ? arg : "<NONE>");
Damien Miller78928792000-04-12 20:17:38 +1000[diff] [blame]619 if (*intptr == SSH_PROTO_UNKNOWN)
620 *intptr = value;
621 break;
622
Damien Millerf6d9e222000-06-18 14:50:44 +1000[diff] [blame]623 case sSubsystem:
624 if(options->num_subsystems >= MAX_SUBSYSTEMS) {
625 fatal("%s line %d: too many subsystems defined.",
626 filename, linenum);
627 }
Damien Miller37023962000-07-11 17:31:38 +1000[diff] [blame^]628 arg = strsep(&cp, WHITESPACE);
629 if (!arg || *arg == '\0')
Damien Millerf6d9e222000-06-18 14:50:44 +1000[diff] [blame]630 fatal("%s line %d: Missing subsystem name.",
631 filename, linenum);
632 for (i = 0; i < options->num_subsystems; i++)
Damien Miller37023962000-07-11 17:31:38 +1000[diff] [blame^]633 if(strcmp(arg, options->subsystem_name[i]) == 0)
Damien Millerf6d9e222000-06-18 14:50:44 +1000[diff] [blame]634 fatal("%s line %d: Subsystem '%s' already defined.",
Damien Miller37023962000-07-11 17:31:38 +1000[diff] [blame^]635 filename, linenum, arg);
636 options->subsystem_name[options->num_subsystems] = xstrdup(arg);
637 arg = strsep(&cp, WHITESPACE);
638 if (!arg || *arg == '\0')
Damien Millerf6d9e222000-06-18 14:50:44 +1000[diff] [blame]639 fatal("%s line %d: Missing subsystem command.",
640 filename, linenum);
Damien Miller37023962000-07-11 17:31:38 +1000[diff] [blame^]641 options->subsystem_command[options->num_subsystems] = xstrdup(arg);
Damien Millerf6d9e222000-06-18 14:50:44 +1000[diff] [blame]642 options->num_subsystems++;
643 break;
644
Damien Miller37023962000-07-11 17:31:38 +1000[diff] [blame^]645 case sMaxStartups:
646 intptr = &options->max_startups;
647 goto parse_int;
648
Damien Miller95def091999-11-25 00:26:21 +1100[diff] [blame]649 default:
650 fprintf(stderr, "%s line %d: Missing handler for opcode %s (%d)\n",
Damien Miller37023962000-07-11 17:31:38 +1000[diff] [blame^]651 filename, linenum, arg, opcode);
Damien Miller95def091999-11-25 00:26:21 +1100[diff] [blame]652 exit(1);
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000[diff] [blame]653 }
Damien Miller37023962000-07-11 17:31:38 +1000[diff] [blame^]654 if ((arg = strsep(&cp, WHITESPACE)) != NULL && *arg != '\0') {
655 fprintf(stderr,
656 "%s line %d: garbage at end of line; \"%.200s\".\n",
657 filename, linenum, arg);
Damien Miller95def091999-11-25 00:26:21 +1100[diff] [blame]658 exit(1);
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000[diff] [blame]659 }
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000[diff] [blame]660 }
Damien Miller95def091999-11-25 00:26:21 +1100[diff] [blame]661 fclose(f);
662 if (bad_options > 0) {
663 fprintf(stderr, "%s: terminating, %d bad configuration options\n",
664 filename, bad_options);
665 exit(1);
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000[diff] [blame]666 }
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000[diff] [blame]667}