Blame - servconf.c - platform/external/openssh

blob: f978c632b30c5cfad10f001aca04da51b009d566 [file] [log] [blame]

Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	1	/*
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	2	* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
				3	* All rights reserved
Damien Miller	4af5130	2000-04-16 11:18:38 +1000	[diff] [blame]	4	*
Damien Miller	e4340be	2000-09-16 13:29:08 +1100	[diff] [blame]	5	* As far as I am concerned, the code I have written for this software
				6	* can be used freely for any purpose. Any derived versions of this
				7	* software must be clearly marked as such, and if the derived work is
				8	* incompatible with the protocol description in the RFC file, it must be
				9	* called by a name other than "ssh" or "Secure Shell".
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	10	*/
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	11
				12	#include "includes.h"
Ben Lindstrom	5744dc4	2001-04-13 23:28:01 +0000	[diff] [blame^]	13	RCSID("$OpenBSD: servconf.c,v 1.77 2001/04/13 22:46:53 beck Exp $");
Ben Lindstrom	226cfa0	2001-01-22 05:34:40 +0000	[diff] [blame]	14
				15	#ifdef KRB4
				16	#include <krb.h>
				17	#endif
				18	#ifdef AFS
				19	#include <kafs.h>
				20	#endif
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	21
				22	#include "ssh.h"
Ben Lindstrom	226cfa0	2001-01-22 05:34:40 +0000	[diff] [blame]	23	#include "log.h"
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	24	#include "servconf.h"
				25	#include "xmalloc.h"
Damien Miller	7892879	2000-04-12 20:17:38 +1000	[diff] [blame]	26	#include "compat.h"
Ben Lindstrom	226cfa0	2001-01-22 05:34:40 +0000	[diff] [blame]	27	#include "pathnames.h"
				28	#include "tildexpand.h"
				29	#include "misc.h"
				30	#include "cipher.h"
Ben Lindstrom	06b33aa	2001-02-15 03:01:59 +0000	[diff] [blame]	31	#include "kex.h"
				32	#include "mac.h"
Ben Lindstrom	226cfa0	2001-01-22 05:34:40 +0000	[diff] [blame]	33
Ben Lindstrom	19066a1	2001-04-12 23:39:26 +0000	[diff] [blame]	34	void add_listen_addr(ServerOptions options, char addr, u_short port);
Ben Lindstrom	c510af4	2001-04-07 17:25:48 +0000	[diff] [blame]	35	void add_one_listen_addr(ServerOptions options, char addr, u_short port);
Damien Miller	34132e5	2000-01-14 15:45:46 +1100	[diff] [blame]	36
Ben Lindstrom	226cfa0	2001-01-22 05:34:40 +0000	[diff] [blame]	37	/* AF_UNSPEC or AF_INET or AF_INET6 */
				38	extern int IPv4or6;
				39
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	40	/* Initializes the server options to their default values. */
				41
Damien Miller	4af5130	2000-04-16 11:18:38 +1000	[diff] [blame]	42	void
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	43	initialize_server_options(ServerOptions *options)
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	44	{
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	45	memset(options, 0, sizeof(*options));
Damien Miller	34132e5	2000-01-14 15:45:46 +1100	[diff] [blame]	46	options->num_ports = 0;
				47	options->ports_from_cmdline = 0;
				48	options->listen_addrs = NULL;
Damien Miller	0bc1bd8	2000-11-13 22:57:25 +1100	[diff] [blame]	49	options->num_host_key_files = 0;
Damien Miller	6f83b8e	2000-05-02 09:23:45 +1000	[diff] [blame]	50	options->pid_file = NULL;
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	51	options->server_key_bits = -1;
				52	options->login_grace_time = -1;
				53	options->key_regeneration_time = -1;
Ben Lindstrom	d8a9021	2001-02-15 03:08:27 +0000	[diff] [blame]	54	options->permit_root_login = PERMIT_NOT_SET;
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	55	options->ignore_rhosts = -1;
				56	options->ignore_user_known_hosts = -1;
				57	options->print_motd = -1;
Ben Lindstrom	7bfff36	2001-03-26 05:45:53 +0000	[diff] [blame]	58	options->print_lastlog = -1;
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	59	options->check_mail = -1;
				60	options->x11_forwarding = -1;
				61	options->x11_display_offset = -1;
Damien Miller	d3a1857	2000-06-07 19:55:44 +1000	[diff] [blame]	62	options->xauth_location = NULL;
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	63	options->strict_modes = -1;
				64	options->keepalives = -1;
				65	options->log_facility = (SyslogFacility) - 1;
				66	options->log_level = (LogLevel) - 1;
				67	options->rhosts_authentication = -1;
				68	options->rhosts_rsa_authentication = -1;
Ben Lindstrom	5eabda3	2001-04-12 23:34:34 +0000	[diff] [blame]	69	options->hostbased_authentication = -1;
				70	options->hostbased_uses_name_from_packet_only = -1;
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	71	options->rsa_authentication = -1;
Damien Miller	0bc1bd8	2000-11-13 22:57:25 +1100	[diff] [blame]	72	options->pubkey_authentication = -1;
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	73	#ifdef KRB4
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	74	options->kerberos_authentication = -1;
				75	options->kerberos_or_local_passwd = -1;
				76	options->kerberos_ticket_cleanup = -1;
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	77	#endif
				78	#ifdef AFS
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	79	options->kerberos_tgt_passing = -1;
				80	options->afs_token_passing = -1;
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	81	#endif
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	82	options->password_authentication = -1;
Damien Miller	874d77b	2000-10-14 16:23:11 +1100	[diff] [blame]	83	options->kbd_interactive_authentication = -1;
Ben Lindstrom	95fb2dd	2001-01-23 03:12:10 +0000	[diff] [blame]	84	options->challenge_reponse_authentication = -1;
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	85	options->permit_empty_passwd = -1;
				86	options->use_login = -1;
Damien Miller	50a41ed	2000-10-16 12:14:42 +1100	[diff] [blame]	87	options->allow_tcp_forwarding = -1;
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	88	options->num_allow_users = 0;
				89	options->num_deny_users = 0;
				90	options->num_allow_groups = 0;
				91	options->num_deny_groups = 0;
Damien Miller	7892879	2000-04-12 20:17:38 +1000	[diff] [blame]	92	options->ciphers = NULL;
Ben Lindstrom	06b33aa	2001-02-15 03:01:59 +0000	[diff] [blame]	93	options->macs = NULL;
Damien Miller	7892879	2000-04-12 20:17:38 +1000	[diff] [blame]	94	options->protocol = SSH_PROTO_UNKNOWN;
Damien Miller	e247cc4	2000-05-07 12:03:14 +1000	[diff] [blame]	95	options->gateway_ports = -1;
Damien Miller	f6d9e22	2000-06-18 14:50:44 +1000	[diff] [blame]	96	options->num_subsystems = 0;
Damien Miller	942da03	2000-08-18 13:59:06 +1000	[diff] [blame]	97	options->max_startups_begin = -1;
				98	options->max_startups_rate = -1;
Damien Miller	3702396	2000-07-11 17:31:38 +1000	[diff] [blame]	99	options->max_startups = -1;
Ben Lindstrom	48bd7c1	2001-01-09 00:35:42 +0000	[diff] [blame]	100	options->banner = NULL;
Damien Miller	3380426	2001-02-04 23:20:18 +1100	[diff] [blame]	101	options->reverse_mapping_check = -1;
Ben Lindstrom	5744dc4	2001-04-13 23:28:01 +0000	[diff] [blame^]	102	options->client_alive_interval = -1;
				103	options->client_alive_count_max = -1;
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	104	}
				105
Damien Miller	4af5130	2000-04-16 11:18:38 +1000	[diff] [blame]	106	void
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	107	fill_default_server_options(ServerOptions *options)
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	108	{
Damien Miller	0bc1bd8	2000-11-13 22:57:25 +1100	[diff] [blame]	109	if (options->protocol == SSH_PROTO_UNKNOWN)
				110	options->protocol = SSH_PROTO_1\|SSH_PROTO_2;
				111	if (options->num_host_key_files == 0) {
				112	/* fill default hostkeys for protocols */
				113	if (options->protocol & SSH_PROTO_1)
Ben Lindstrom	226cfa0	2001-01-22 05:34:40 +0000	[diff] [blame]	114	options->host_key_files[options->num_host_key_files++] = _PATH_HOST_KEY_FILE;
Damien Miller	0bc1bd8	2000-11-13 22:57:25 +1100	[diff] [blame]	115	if (options->protocol & SSH_PROTO_2)
Ben Lindstrom	226cfa0	2001-01-22 05:34:40 +0000	[diff] [blame]	116	options->host_key_files[options->num_host_key_files++] = _PATH_HOST_DSA_KEY_FILE;
Damien Miller	0bc1bd8	2000-11-13 22:57:25 +1100	[diff] [blame]	117	}
Damien Miller	34132e5	2000-01-14 15:45:46 +1100	[diff] [blame]	118	if (options->num_ports == 0)
				119	options->ports[options->num_ports++] = SSH_DEFAULT_PORT;
				120	if (options->listen_addrs == NULL)
Ben Lindstrom	19066a1	2001-04-12 23:39:26 +0000	[diff] [blame]	121	add_listen_addr(options, NULL, 0);
Damien Miller	6f83b8e	2000-05-02 09:23:45 +1000	[diff] [blame]	122	if (options->pid_file == NULL)
Ben Lindstrom	226cfa0	2001-01-22 05:34:40 +0000	[diff] [blame]	123	options->pid_file = _PATH_SSH_DAEMON_PID_FILE;
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	124	if (options->server_key_bits == -1)
				125	options->server_key_bits = 768;
				126	if (options->login_grace_time == -1)
				127	options->login_grace_time = 600;
				128	if (options->key_regeneration_time == -1)
				129	options->key_regeneration_time = 3600;
Ben Lindstrom	d8a9021	2001-02-15 03:08:27 +0000	[diff] [blame]	130	if (options->permit_root_login == PERMIT_NOT_SET)
				131	options->permit_root_login = PERMIT_YES;
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	132	if (options->ignore_rhosts == -1)
Damien Miller	98c7ad6	2000-03-09 21:27:49 +1100	[diff] [blame]	133	options->ignore_rhosts = 1;
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	134	if (options->ignore_user_known_hosts == -1)
				135	options->ignore_user_known_hosts = 0;
				136	if (options->check_mail == -1)
				137	options->check_mail = 0;
				138	if (options->print_motd == -1)
				139	options->print_motd = 1;
Ben Lindstrom	7bfff36	2001-03-26 05:45:53 +0000	[diff] [blame]	140	if (options->print_lastlog == -1)
				141	options->print_lastlog = 1;
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	142	if (options->x11_forwarding == -1)
Damien Miller	98c7ad6	2000-03-09 21:27:49 +1100	[diff] [blame]	143	options->x11_forwarding = 0;
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	144	if (options->x11_display_offset == -1)
Damien Miller	98c7ad6	2000-03-09 21:27:49 +1100	[diff] [blame]	145	options->x11_display_offset = 10;
Damien Miller	d3a1857	2000-06-07 19:55:44 +1000	[diff] [blame]	146	#ifdef XAUTH_PATH
				147	if (options->xauth_location == NULL)
				148	options->xauth_location = XAUTH_PATH;
				149	#endif /* XAUTH_PATH */
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	150	if (options->strict_modes == -1)
				151	options->strict_modes = 1;
				152	if (options->keepalives == -1)
				153	options->keepalives = 1;
				154	if (options->log_facility == (SyslogFacility) (-1))
				155	options->log_facility = SYSLOG_FACILITY_AUTH;
				156	if (options->log_level == (LogLevel) (-1))
Ben Lindstrom	db65e8f	2001-01-19 04:26:52 +0000	[diff] [blame]	157	options->log_level = SYSLOG_LEVEL_INFO;
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	158	if (options->rhosts_authentication == -1)
				159	options->rhosts_authentication = 0;
				160	if (options->rhosts_rsa_authentication == -1)
Damien Miller	98c7ad6	2000-03-09 21:27:49 +1100	[diff] [blame]	161	options->rhosts_rsa_authentication = 0;
Ben Lindstrom	5eabda3	2001-04-12 23:34:34 +0000	[diff] [blame]	162	if (options->hostbased_authentication == -1)
				163	options->hostbased_authentication = 0;
				164	if (options->hostbased_uses_name_from_packet_only == -1)
				165	options->hostbased_uses_name_from_packet_only = 0;
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	166	if (options->rsa_authentication == -1)
				167	options->rsa_authentication = 1;
Damien Miller	0bc1bd8	2000-11-13 22:57:25 +1100	[diff] [blame]	168	if (options->pubkey_authentication == -1)
				169	options->pubkey_authentication = 1;
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	170	#ifdef KRB4
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	171	if (options->kerberos_authentication == -1)
				172	options->kerberos_authentication = (access(KEYFILE, R_OK) == 0);
				173	if (options->kerberos_or_local_passwd == -1)
				174	options->kerberos_or_local_passwd = 1;
				175	if (options->kerberos_ticket_cleanup == -1)
				176	options->kerberos_ticket_cleanup = 1;
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	177	#endif /* KRB4 */
				178	#ifdef AFS
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	179	if (options->kerberos_tgt_passing == -1)
				180	options->kerberos_tgt_passing = 0;
				181	if (options->afs_token_passing == -1)
				182	options->afs_token_passing = k_hasafs();
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	183	#endif /* AFS */
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	184	if (options->password_authentication == -1)
				185	options->password_authentication = 1;
Damien Miller	874d77b	2000-10-14 16:23:11 +1100	[diff] [blame]	186	if (options->kbd_interactive_authentication == -1)
				187	options->kbd_interactive_authentication = 0;
Ben Lindstrom	95fb2dd	2001-01-23 03:12:10 +0000	[diff] [blame]	188	if (options->challenge_reponse_authentication == -1)
				189	options->challenge_reponse_authentication = 1;
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	190	if (options->permit_empty_passwd == -1)
Damien Miller	98c7ad6	2000-03-09 21:27:49 +1100	[diff] [blame]	191	options->permit_empty_passwd = 0;
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	192	if (options->use_login == -1)
				193	options->use_login = 0;
Damien Miller	50a41ed	2000-10-16 12:14:42 +1100	[diff] [blame]	194	if (options->allow_tcp_forwarding == -1)
				195	options->allow_tcp_forwarding = 1;
Damien Miller	e247cc4	2000-05-07 12:03:14 +1000	[diff] [blame]	196	if (options->gateway_ports == -1)
				197	options->gateway_ports = 0;
Damien Miller	3702396	2000-07-11 17:31:38 +1000	[diff] [blame]	198	if (options->max_startups == -1)
				199	options->max_startups = 10;
Damien Miller	942da03	2000-08-18 13:59:06 +1000	[diff] [blame]	200	if (options->max_startups_rate == -1)
				201	options->max_startups_rate = 100; /* 100% */
				202	if (options->max_startups_begin == -1)
				203	options->max_startups_begin = options->max_startups;
Damien Miller	3380426	2001-02-04 23:20:18 +1100	[diff] [blame]	204	if (options->reverse_mapping_check == -1)
				205	options->reverse_mapping_check = 0;
Ben Lindstrom	5744dc4	2001-04-13 23:28:01 +0000	[diff] [blame^]	206	if (options->client_alive_interval == -1)
				207	options->client_alive_interval = 0;
				208	if (options->client_alive_count_max == -1)
				209	options->client_alive_count_max = 3;
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	210	}
				211
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	212	/* Keyword tokens. */
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	213	typedef enum {
				214	sBadOption, /* == unknown option */
				215	sPort, sHostKeyFile, sServerKeyBits, sLoginGraceTime, sKeyRegenerationTime,
				216	sPermitRootLogin, sLogFacility, sLogLevel,
				217	sRhostsAuthentication, sRhostsRSAAuthentication, sRSAAuthentication,
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	218	#ifdef KRB4
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	219	sKerberosAuthentication, sKerberosOrLocalPasswd, sKerberosTicketCleanup,
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	220	#endif
				221	#ifdef AFS
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	222	sKerberosTgtPassing, sAFSTokenPassing,
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	223	#endif
Ben Lindstrom	95fb2dd	2001-01-23 03:12:10 +0000	[diff] [blame]	224	sChallengeResponseAuthentication,
Damien Miller	874d77b	2000-10-14 16:23:11 +1100	[diff] [blame]	225	sPasswordAuthentication, sKbdInteractiveAuthentication, sListenAddress,
Ben Lindstrom	7bfff36	2001-03-26 05:45:53 +0000	[diff] [blame]	226	sPrintMotd, sPrintLastLog, sIgnoreRhosts,
				227	sX11Forwarding, sX11DisplayOffset,
Ben Lindstrom	d9cae22	2001-03-05 07:42:03 +0000	[diff] [blame]	228	sStrictModes, sEmptyPasswd, sKeepAlives, sCheckMail,
Damien Miller	50a41ed	2000-10-16 12:14:42 +1100	[diff] [blame]	229	sUseLogin, sAllowTcpForwarding,
				230	sAllowUsers, sDenyUsers, sAllowGroups, sDenyGroups,
Ben Lindstrom	06b33aa	2001-02-15 03:01:59 +0000	[diff] [blame]	231	sIgnoreUserKnownHosts, sCiphers, sMacs, sProtocol, sPidFile,
Damien Miller	0bc1bd8	2000-11-13 22:57:25 +1100	[diff] [blame]	232	sGatewayPorts, sPubkeyAuthentication, sXAuthLocation, sSubsystem, sMaxStartups,
Ben Lindstrom	5eabda3	2001-04-12 23:34:34 +0000	[diff] [blame]	233	sBanner, sReverseMappingCheck, sHostbasedAuthentication,
Ben Lindstrom	5744dc4	2001-04-13 23:28:01 +0000	[diff] [blame^]	234	sHostbasedUsesNameFromPacketOnly, sClientAliveInterval,
				235	sClientAliveCountMax
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	236	} ServerOpCodes;
				237
				238	/* Textual representation of the tokens. */
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	239	static struct {
				240	const char *name;
				241	ServerOpCodes opcode;
				242	} keywords[] = {
				243	{ "port", sPort },
				244	{ "hostkey", sHostKeyFile },
Damien Miller	0bc1bd8	2000-11-13 22:57:25 +1100	[diff] [blame]	245	{ "hostdsakey", sHostKeyFile }, /* alias */
Kevin Steves	ef4eea9	2001-02-05 12:42:17 +0000	[diff] [blame]	246	{ "pidfile", sPidFile },
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	247	{ "serverkeybits", sServerKeyBits },
				248	{ "logingracetime", sLoginGraceTime },
				249	{ "keyregenerationinterval", sKeyRegenerationTime },
				250	{ "permitrootlogin", sPermitRootLogin },
				251	{ "syslogfacility", sLogFacility },
				252	{ "loglevel", sLogLevel },
				253	{ "rhostsauthentication", sRhostsAuthentication },
				254	{ "rhostsrsaauthentication", sRhostsRSAAuthentication },
Ben Lindstrom	5eabda3	2001-04-12 23:34:34 +0000	[diff] [blame]	255	{ "hostbasedauthentication", sHostbasedAuthentication },
				256	{ "hostbasedusesnamefrompacketonly", sHostbasedUsesNameFromPacketOnly },
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	257	{ "rsaauthentication", sRSAAuthentication },
Damien Miller	0bc1bd8	2000-11-13 22:57:25 +1100	[diff] [blame]	258	{ "pubkeyauthentication", sPubkeyAuthentication },
				259	{ "dsaauthentication", sPubkeyAuthentication }, /* alias */
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	260	#ifdef KRB4
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	261	{ "kerberosauthentication", sKerberosAuthentication },
				262	{ "kerberosorlocalpasswd", sKerberosOrLocalPasswd },
				263	{ "kerberosticketcleanup", sKerberosTicketCleanup },
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	264	#endif
				265	#ifdef AFS
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	266	{ "kerberostgtpassing", sKerberosTgtPassing },
				267	{ "afstokenpassing", sAFSTokenPassing },
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	268	#endif
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	269	{ "passwordauthentication", sPasswordAuthentication },
Damien Miller	874d77b	2000-10-14 16:23:11 +1100	[diff] [blame]	270	{ "kbdinteractiveauthentication", sKbdInteractiveAuthentication },
Ben Lindstrom	95fb2dd	2001-01-23 03:12:10 +0000	[diff] [blame]	271	{ "challengeresponseauthentication", sChallengeResponseAuthentication },
				272	{ "skeyauthentication", sChallengeResponseAuthentication }, /* alias */
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	273	{ "checkmail", sCheckMail },
				274	{ "listenaddress", sListenAddress },
				275	{ "printmotd", sPrintMotd },
Ben Lindstrom	7bfff36	2001-03-26 05:45:53 +0000	[diff] [blame]	276	{ "printlastlog", sPrintLastLog },
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	277	{ "ignorerhosts", sIgnoreRhosts },
				278	{ "ignoreuserknownhosts", sIgnoreUserKnownHosts },
				279	{ "x11forwarding", sX11Forwarding },
				280	{ "x11displayoffset", sX11DisplayOffset },
Damien Miller	d3a1857	2000-06-07 19:55:44 +1000	[diff] [blame]	281	{ "xauthlocation", sXAuthLocation },
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	282	{ "strictmodes", sStrictModes },
				283	{ "permitemptypasswords", sEmptyPasswd },
				284	{ "uselogin", sUseLogin },
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	285	{ "keepalive", sKeepAlives },
Damien Miller	50a41ed	2000-10-16 12:14:42 +1100	[diff] [blame]	286	{ "allowtcpforwarding", sAllowTcpForwarding },
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	287	{ "allowusers", sAllowUsers },
				288	{ "denyusers", sDenyUsers },
				289	{ "allowgroups", sAllowGroups },
				290	{ "denygroups", sDenyGroups },
Damien Miller	7892879	2000-04-12 20:17:38 +1000	[diff] [blame]	291	{ "ciphers", sCiphers },
Ben Lindstrom	06b33aa	2001-02-15 03:01:59 +0000	[diff] [blame]	292	{ "macs", sMacs },
Damien Miller	7892879	2000-04-12 20:17:38 +1000	[diff] [blame]	293	{ "protocol", sProtocol },
Damien Miller	e247cc4	2000-05-07 12:03:14 +1000	[diff] [blame]	294	{ "gatewayports", sGatewayPorts },
Damien Miller	f6d9e22	2000-06-18 14:50:44 +1000	[diff] [blame]	295	{ "subsystem", sSubsystem },
Damien Miller	3702396	2000-07-11 17:31:38 +1000	[diff] [blame]	296	{ "maxstartups", sMaxStartups },
Ben Lindstrom	48bd7c1	2001-01-09 00:35:42 +0000	[diff] [blame]	297	{ "banner", sBanner },
Damien Miller	3380426	2001-02-04 23:20:18 +1100	[diff] [blame]	298	{ "reversemappingcheck", sReverseMappingCheck },
Ben Lindstrom	5744dc4	2001-04-13 23:28:01 +0000	[diff] [blame^]	299	{ "clientaliveinterval", sClientAliveInterval },
				300	{ "clientalivecountmax", sClientAliveCountMax },
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	301	{ NULL, 0 }
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	302	};
				303
Damien Miller	5428f64	1999-11-25 11:54:57 +1100	[diff] [blame]	304	/*
Ben Lindstrom	3704c26	2001-04-02 18:20:03 +0000	[diff] [blame]	305	* Returns the number of the token pointed to by cp or sBadOption.
Damien Miller	5428f64	1999-11-25 11:54:57 +1100	[diff] [blame]	306	*/
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	307
Damien Miller	4af5130	2000-04-16 11:18:38 +1000	[diff] [blame]	308	static ServerOpCodes
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	309	parse_token(const char cp, const char filename,
				310	int linenum)
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	311	{
Ben Lindstrom	46c1622	2000-12-22 01:43:59 +0000	[diff] [blame]	312	u_int i;
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	313
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	314	for (i = 0; keywords[i].name; i++)
Damien Miller	5428f64	1999-11-25 11:54:57 +1100	[diff] [blame]	315	if (strcasecmp(cp, keywords[i].name) == 0)
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	316	return keywords[i].opcode;
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	317
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	318	fprintf(stderr, "%s: line %d: Bad configuration option: %s\n",
				319	filename, linenum, cp);
				320	return sBadOption;
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	321	}
				322
Damien Miller	4af5130	2000-04-16 11:18:38 +1000	[diff] [blame]	323	void
Ben Lindstrom	19066a1	2001-04-12 23:39:26 +0000	[diff] [blame]	324	add_listen_addr(ServerOptions options, char addr, u_short port)
Damien Miller	34132e5	2000-01-14 15:45:46 +1100	[diff] [blame]	325	{
Damien Miller	34132e5	2000-01-14 15:45:46 +1100	[diff] [blame]	326	int i;
				327
				328	if (options->num_ports == 0)
				329	options->ports[options->num_ports++] = SSH_DEFAULT_PORT;
Ben Lindstrom	19066a1	2001-04-12 23:39:26 +0000	[diff] [blame]	330	if (port == 0)
Ben Lindstrom	c510af4	2001-04-07 17:25:48 +0000	[diff] [blame]	331	for (i = 0; i < options->num_ports; i++)
				332	add_one_listen_addr(options, addr, options->ports[i]);
				333	else
Ben Lindstrom	19066a1	2001-04-12 23:39:26 +0000	[diff] [blame]	334	add_one_listen_addr(options, addr, port);
Ben Lindstrom	c510af4	2001-04-07 17:25:48 +0000	[diff] [blame]	335	}
				336
				337	void
				338	add_one_listen_addr(ServerOptions options, char addr, u_short port)
				339	{
				340	struct addrinfo hints, ai, aitop;
				341	char strport[NI_MAXSERV];
				342	int gaierr;
				343
				344	memset(&hints, 0, sizeof(hints));
				345	hints.ai_family = IPv4or6;
				346	hints.ai_socktype = SOCK_STREAM;
				347	hints.ai_flags = (addr == NULL) ? AI_PASSIVE : 0;
				348	snprintf(strport, sizeof strport, "%d", port);
				349	if ((gaierr = getaddrinfo(addr, strport, &hints, &aitop)) != 0)
				350	fatal("bad addr or host: %s (%s)",
				351	addr ? addr : "<NULL>",
				352	gai_strerror(gaierr));
				353	for (ai = aitop; ai->ai_next; ai = ai->ai_next)
				354	;
				355	ai->ai_next = options->listen_addrs;
				356	options->listen_addrs = aitop;
Damien Miller	34132e5	2000-01-14 15:45:46 +1100	[diff] [blame]	357	}
				358
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	359	/* Reads the server configuration file. */
				360
Damien Miller	4af5130	2000-04-16 11:18:38 +1000	[diff] [blame]	361	void
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	362	read_server_config(ServerOptions options, const char filename)
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	363	{
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	364	FILE *f;
				365	char line[1024];
Ben Lindstrom	c510af4	2001-04-07 17:25:48 +0000	[diff] [blame]	366	char cp, charptr, arg, *p;
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	367	int linenum, *intptr, value;
				368	int bad_options = 0;
				369	ServerOpCodes opcode;
Damien Miller	f6d9e22	2000-06-18 14:50:44 +1000	[diff] [blame]	370	int i;
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	371
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	372	f = fopen(filename, "r");
				373	if (!f) {
				374	perror(filename);
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	375	exit(1);
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	376	}
				377	linenum = 0;
				378	while (fgets(line, sizeof(line), f)) {
				379	linenum++;
Damien Miller	be484b5	2000-07-15 14:14:16 +1000	[diff] [blame]	380	cp = line;
				381	arg = strdelim(&cp);
				382	/* Ignore leading whitespace */
				383	if (*arg == '\0')
				384	arg = strdelim(&cp);
Ben Lindstrom	226cfa0	2001-01-22 05:34:40 +0000	[diff] [blame]	385	if (!arg \|\| !arg \|\| arg == '#')
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	386	continue;
Damien Miller	0bc1bd8	2000-11-13 22:57:25 +1100	[diff] [blame]	387	intptr = NULL;
				388	charptr = NULL;
Damien Miller	3702396	2000-07-11 17:31:38 +1000	[diff] [blame]	389	opcode = parse_token(arg, filename, linenum);
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	390	switch (opcode) {
				391	case sBadOption:
				392	bad_options++;
				393	continue;
				394	case sPort:
Damien Miller	34132e5	2000-01-14 15:45:46 +1100	[diff] [blame]	395	/* ignore ports from configfile if cmdline specifies ports */
				396	if (options->ports_from_cmdline)
				397	continue;
				398	if (options->listen_addrs != NULL)
				399	fatal("%s line %d: ports must be specified before "
				400	"ListenAdress.\n", filename, linenum);
				401	if (options->num_ports >= MAX_PORTS)
Ben Lindstrom	6df8ef4	2001-03-05 07:47:23 +0000	[diff] [blame]	402	fatal("%s line %d: too many ports.",
Damien Miller	4af5130	2000-04-16 11:18:38 +1000	[diff] [blame]	403	filename, linenum);
Damien Miller	be484b5	2000-07-15 14:14:16 +1000	[diff] [blame]	404	arg = strdelim(&cp);
Damien Miller	3702396	2000-07-11 17:31:38 +1000	[diff] [blame]	405	if (!arg \|\| *arg == '\0')
Ben Lindstrom	6df8ef4	2001-03-05 07:47:23 +0000	[diff] [blame]	406	fatal("%s line %d: missing port number.",
Damien Miller	34132e5	2000-01-14 15:45:46 +1100	[diff] [blame]	407	filename, linenum);
Ben Lindstrom	19066a1	2001-04-12 23:39:26 +0000	[diff] [blame]	408	options->ports[options->num_ports++] = a2port(arg);
				409	if (options->ports[options->num_ports-1] == 0)
				410	fatal("%s line %d: Badly formatted port number.",
				411	filename, linenum);
Damien Miller	34132e5	2000-01-14 15:45:46 +1100	[diff] [blame]	412	break;
				413
				414	case sServerKeyBits:
				415	intptr = &options->server_key_bits;
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	416	parse_int:
Damien Miller	be484b5	2000-07-15 14:14:16 +1000	[diff] [blame]	417	arg = strdelim(&cp);
Damien Miller	3702396	2000-07-11 17:31:38 +1000	[diff] [blame]	418	if (!arg \|\| *arg == '\0') {
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	419	fprintf(stderr, "%s line %d: missing integer value.\n",
				420	filename, linenum);
				421	exit(1);
				422	}
Damien Miller	3702396	2000-07-11 17:31:38 +1000	[diff] [blame]	423	value = atoi(arg);
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	424	if (*intptr == -1)
				425	*intptr = value;
				426	break;
Damien Miller	3226509	1999-11-12 11:33:04 +1100	[diff] [blame]	427
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	428	case sLoginGraceTime:
				429	intptr = &options->login_grace_time;
				430	goto parse_int;
				431
				432	case sKeyRegenerationTime:
				433	intptr = &options->key_regeneration_time;
				434	goto parse_int;
				435
				436	case sListenAddress:
Damien Miller	be484b5	2000-07-15 14:14:16 +1000	[diff] [blame]	437	arg = strdelim(&cp);
Ben Lindstrom	c510af4	2001-04-07 17:25:48 +0000	[diff] [blame]	438	if (!arg \|\| *arg == '\0' \|\| strncmp(arg, "[]", 2) == 0)
Ben Lindstrom	6df8ef4	2001-03-05 07:47:23 +0000	[diff] [blame]	439	fatal("%s line %d: missing inet addr.",
Damien Miller	34132e5	2000-01-14 15:45:46 +1100	[diff] [blame]	440	filename, linenum);
Ben Lindstrom	c510af4	2001-04-07 17:25:48 +0000	[diff] [blame]	441	if (*arg == '[') {
				442	if ((p = strchr(arg, ']')) == NULL)
				443	fatal("%s line %d: bad ipv6 inet addr usage.",
				444	filename, linenum);
				445	arg++;
				446	memmove(p, p+1, strlen(p+1)+1);
				447	} else if (((p = strchr(arg, ':')) == NULL) \|\|
				448	(strchr(p+1, ':') != NULL)) {
Ben Lindstrom	19066a1	2001-04-12 23:39:26 +0000	[diff] [blame]	449	add_listen_addr(options, arg, 0);
Ben Lindstrom	c510af4	2001-04-07 17:25:48 +0000	[diff] [blame]	450	break;
				451	}
				452	if (*p == ':') {
Ben Lindstrom	19066a1	2001-04-12 23:39:26 +0000	[diff] [blame]	453	u_short port;
				454
Ben Lindstrom	c510af4	2001-04-07 17:25:48 +0000	[diff] [blame]	455	p++;
				456	if (*p == '\0')
				457	fatal("%s line %d: bad inet addr:port usage.",
				458	filename, linenum);
				459	else {
				460	*(p-1) = '\0';
Ben Lindstrom	19066a1	2001-04-12 23:39:26 +0000	[diff] [blame]	461	if ((port = a2port(p)) == 0)
				462	fatal("%s line %d: bad port number.",
				463	filename, linenum);
				464	add_listen_addr(options, arg, port);
Ben Lindstrom	c510af4	2001-04-07 17:25:48 +0000	[diff] [blame]	465	}
				466	} else if (*p == '\0')
Ben Lindstrom	19066a1	2001-04-12 23:39:26 +0000	[diff] [blame]	467	add_listen_addr(options, arg, 0);
Ben Lindstrom	c510af4	2001-04-07 17:25:48 +0000	[diff] [blame]	468	else
				469	fatal("%s line %d: bad inet addr usage.",
				470	filename, linenum);
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	471	break;
				472
				473	case sHostKeyFile:
Damien Miller	0bc1bd8	2000-11-13 22:57:25 +1100	[diff] [blame]	474	intptr = &options->num_host_key_files;
				475	if (*intptr >= MAX_HOSTKEYS) {
Ben Lindstrom	33a3cc3	2001-03-05 05:07:52 +0000	[diff] [blame]	476	fprintf(stderr,
				477	"%s line %d: too many host keys specified (max %d).\n",
Damien Miller	0bc1bd8	2000-11-13 22:57:25 +1100	[diff] [blame]	478	filename, linenum, MAX_HOSTKEYS);
				479	exit(1);
				480	}
				481	charptr = &options->host_key_files[*intptr];
Damien Miller	d3a1857	2000-06-07 19:55:44 +1000	[diff] [blame]	482	parse_filename:
Damien Miller	be484b5	2000-07-15 14:14:16 +1000	[diff] [blame]	483	arg = strdelim(&cp);
Damien Miller	3702396	2000-07-11 17:31:38 +1000	[diff] [blame]	484	if (!arg \|\| *arg == '\0') {
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	485	fprintf(stderr, "%s line %d: missing file name.\n",
Damien Miller	6f83b8e	2000-05-02 09:23:45 +1000	[diff] [blame]	486	filename, linenum);
				487	exit(1);
				488	}
Damien Miller	0bc1bd8	2000-11-13 22:57:25 +1100	[diff] [blame]	489	if (*charptr == NULL) {
Damien Miller	3702396	2000-07-11 17:31:38 +1000	[diff] [blame]	490	*charptr = tilde_expand_filename(arg, getuid());
Damien Miller	0bc1bd8	2000-11-13 22:57:25 +1100	[diff] [blame]	491	/* increase optional counter */
				492	if (intptr != NULL)
				493	intptr = intptr + 1;
				494	}
Damien Miller	6f83b8e	2000-05-02 09:23:45 +1000	[diff] [blame]	495	break;
				496
				497	case sPidFile:
				498	charptr = &options->pid_file;
Damien Miller	d3a1857	2000-06-07 19:55:44 +1000	[diff] [blame]	499	goto parse_filename;
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	500
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	501	case sPermitRootLogin:
				502	intptr = &options->permit_root_login;
Damien Miller	be484b5	2000-07-15 14:14:16 +1000	[diff] [blame]	503	arg = strdelim(&cp);
Damien Miller	3702396	2000-07-11 17:31:38 +1000	[diff] [blame]	504	if (!arg \|\| *arg == '\0') {
Ben Lindstrom	35f1f4e	2001-03-06 01:02:41 +0000	[diff] [blame]	505	fprintf(stderr, "%s line %d: missing yes/"
				506	"without-password/forced-commands-only/no "
				507	"argument.\n", filename, linenum);
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	508	exit(1);
				509	}
Damien Miller	3702396	2000-07-11 17:31:38 +1000	[diff] [blame]	510	if (strcmp(arg, "without-password") == 0)
Ben Lindstrom	d8a9021	2001-02-15 03:08:27 +0000	[diff] [blame]	511	value = PERMIT_NO_PASSWD;
				512	else if (strcmp(arg, "forced-commands-only") == 0)
				513	value = PERMIT_FORCED_ONLY;
Damien Miller	3702396	2000-07-11 17:31:38 +1000	[diff] [blame]	514	else if (strcmp(arg, "yes") == 0)
Ben Lindstrom	d8a9021	2001-02-15 03:08:27 +0000	[diff] [blame]	515	value = PERMIT_YES;
Damien Miller	3702396	2000-07-11 17:31:38 +1000	[diff] [blame]	516	else if (strcmp(arg, "no") == 0)
Ben Lindstrom	d8a9021	2001-02-15 03:08:27 +0000	[diff] [blame]	517	value = PERMIT_NO;
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	518	else {
Ben Lindstrom	d8a9021	2001-02-15 03:08:27 +0000	[diff] [blame]	519	fprintf(stderr, "%s line %d: Bad yes/"
				520	"without-password/forced-commands-only/no "
				521	"argument: %s\n", filename, linenum, arg);
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	522	exit(1);
				523	}
				524	if (*intptr == -1)
				525	*intptr = value;
				526	break;
				527
				528	case sIgnoreRhosts:
				529	intptr = &options->ignore_rhosts;
				530	parse_flag:
Damien Miller	be484b5	2000-07-15 14:14:16 +1000	[diff] [blame]	531	arg = strdelim(&cp);
Damien Miller	3702396	2000-07-11 17:31:38 +1000	[diff] [blame]	532	if (!arg \|\| *arg == '\0') {
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	533	fprintf(stderr, "%s line %d: missing yes/no argument.\n",
				534	filename, linenum);
				535	exit(1);
				536	}
Damien Miller	3702396	2000-07-11 17:31:38 +1000	[diff] [blame]	537	if (strcmp(arg, "yes") == 0)
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	538	value = 1;
Damien Miller	3702396	2000-07-11 17:31:38 +1000	[diff] [blame]	539	else if (strcmp(arg, "no") == 0)
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	540	value = 0;
				541	else {
				542	fprintf(stderr, "%s line %d: Bad yes/no argument: %s\n",
Damien Miller	3702396	2000-07-11 17:31:38 +1000	[diff] [blame]	543	filename, linenum, arg);
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	544	exit(1);
				545	}
				546	if (*intptr == -1)
				547	*intptr = value;
				548	break;
				549
				550	case sIgnoreUserKnownHosts:
				551	intptr = &options->ignore_user_known_hosts;
Damien Miller	98c7ad6	2000-03-09 21:27:49 +1100	[diff] [blame]	552	goto parse_flag;
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	553
				554	case sRhostsAuthentication:
				555	intptr = &options->rhosts_authentication;
				556	goto parse_flag;
				557
				558	case sRhostsRSAAuthentication:
				559	intptr = &options->rhosts_rsa_authentication;
				560	goto parse_flag;
				561
Ben Lindstrom	5eabda3	2001-04-12 23:34:34 +0000	[diff] [blame]	562	case sHostbasedAuthentication:
				563	intptr = &options->hostbased_authentication;
				564	goto parse_flag;
				565
				566	case sHostbasedUsesNameFromPacketOnly:
				567	intptr = &options->hostbased_uses_name_from_packet_only;
				568	goto parse_flag;
				569
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	570	case sRSAAuthentication:
				571	intptr = &options->rsa_authentication;
				572	goto parse_flag;
				573
Damien Miller	0bc1bd8	2000-11-13 22:57:25 +1100	[diff] [blame]	574	case sPubkeyAuthentication:
				575	intptr = &options->pubkey_authentication;
Damien Miller	e247cc4	2000-05-07 12:03:14 +1000	[diff] [blame]	576	goto parse_flag;
				577
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	578	#ifdef KRB4
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	579	case sKerberosAuthentication:
				580	intptr = &options->kerberos_authentication;
				581	goto parse_flag;
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	582
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	583	case sKerberosOrLocalPasswd:
				584	intptr = &options->kerberos_or_local_passwd;
				585	goto parse_flag;
				586
				587	case sKerberosTicketCleanup:
				588	intptr = &options->kerberos_ticket_cleanup;
				589	goto parse_flag;
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	590	#endif
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	591
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	592	#ifdef AFS
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	593	case sKerberosTgtPassing:
				594	intptr = &options->kerberos_tgt_passing;
				595	goto parse_flag;
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	596
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	597	case sAFSTokenPassing:
				598	intptr = &options->afs_token_passing;
				599	goto parse_flag;
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	600	#endif
				601
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	602	case sPasswordAuthentication:
				603	intptr = &options->password_authentication;
				604	goto parse_flag;
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	605
Damien Miller	874d77b	2000-10-14 16:23:11 +1100	[diff] [blame]	606	case sKbdInteractiveAuthentication:
				607	intptr = &options->kbd_interactive_authentication;
				608	goto parse_flag;
				609
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	610	case sCheckMail:
				611	intptr = &options->check_mail;
				612	goto parse_flag;
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	613
Ben Lindstrom	95fb2dd	2001-01-23 03:12:10 +0000	[diff] [blame]	614	case sChallengeResponseAuthentication:
				615	intptr = &options->challenge_reponse_authentication;
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	616	goto parse_flag;
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	617
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	618	case sPrintMotd:
				619	intptr = &options->print_motd;
				620	goto parse_flag;
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	621
Ben Lindstrom	7bfff36	2001-03-26 05:45:53 +0000	[diff] [blame]	622	case sPrintLastLog:
				623	intptr = &options->print_lastlog;
				624	goto parse_flag;
				625
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	626	case sX11Forwarding:
				627	intptr = &options->x11_forwarding;
				628	goto parse_flag;
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	629
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	630	case sX11DisplayOffset:
				631	intptr = &options->x11_display_offset;
				632	goto parse_int;
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	633
Damien Miller	d3a1857	2000-06-07 19:55:44 +1000	[diff] [blame]	634	case sXAuthLocation:
				635	charptr = &options->xauth_location;
				636	goto parse_filename;
Kevin Steves	ef4eea9	2001-02-05 12:42:17 +0000	[diff] [blame]	637
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	638	case sStrictModes:
				639	intptr = &options->strict_modes;
				640	goto parse_flag;
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	641
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	642	case sKeepAlives:
				643	intptr = &options->keepalives;
				644	goto parse_flag;
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	645
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	646	case sEmptyPasswd:
				647	intptr = &options->permit_empty_passwd;
				648	goto parse_flag;
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	649
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	650	case sUseLogin:
				651	intptr = &options->use_login;
				652	goto parse_flag;
Damien Miller	5ce662a	1999-11-11 17:57:39 +1100	[diff] [blame]	653
Damien Miller	e247cc4	2000-05-07 12:03:14 +1000	[diff] [blame]	654	case sGatewayPorts:
				655	intptr = &options->gateway_ports;
				656	goto parse_flag;
				657
Damien Miller	3380426	2001-02-04 23:20:18 +1100	[diff] [blame]	658	case sReverseMappingCheck:
				659	intptr = &options->reverse_mapping_check;
				660	goto parse_flag;
				661
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	662	case sLogFacility:
				663	intptr = (int *) &options->log_facility;
Damien Miller	be484b5	2000-07-15 14:14:16 +1000	[diff] [blame]	664	arg = strdelim(&cp);
Damien Miller	3702396	2000-07-11 17:31:38 +1000	[diff] [blame]	665	value = log_facility_number(arg);
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	666	if (value == (SyslogFacility) - 1)
Ben Lindstrom	6df8ef4	2001-03-05 07:47:23 +0000	[diff] [blame]	667	fatal("%.200s line %d: unsupported log facility '%s'",
Damien Miller	3702396	2000-07-11 17:31:38 +1000	[diff] [blame]	668	filename, linenum, arg ? arg : "<NONE>");
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	669	if (*intptr == -1)
				670	*intptr = (SyslogFacility) value;
				671	break;
				672
				673	case sLogLevel:
				674	intptr = (int *) &options->log_level;
Damien Miller	be484b5	2000-07-15 14:14:16 +1000	[diff] [blame]	675	arg = strdelim(&cp);
Damien Miller	3702396	2000-07-11 17:31:38 +1000	[diff] [blame]	676	value = log_level_number(arg);
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	677	if (value == (LogLevel) - 1)
Ben Lindstrom	6df8ef4	2001-03-05 07:47:23 +0000	[diff] [blame]	678	fatal("%.200s line %d: unsupported log level '%s'",
Damien Miller	3702396	2000-07-11 17:31:38 +1000	[diff] [blame]	679	filename, linenum, arg ? arg : "<NONE>");
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	680	if (*intptr == -1)
				681	*intptr = (LogLevel) value;
				682	break;
				683
Damien Miller	50a41ed	2000-10-16 12:14:42 +1100	[diff] [blame]	684	case sAllowTcpForwarding:
				685	intptr = &options->allow_tcp_forwarding;
				686	goto parse_flag;
				687
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	688	case sAllowUsers:
Damien Miller	be484b5	2000-07-15 14:14:16 +1000	[diff] [blame]	689	while ((arg = strdelim(&cp)) && *arg != '\0') {
Damien Miller	7892879	2000-04-12 20:17:38 +1000	[diff] [blame]	690	if (options->num_allow_users >= MAX_ALLOW_USERS)
Ben Lindstrom	6df8ef4	2001-03-05 07:47:23 +0000	[diff] [blame]	691	fatal("%s line %d: too many allow users.",
Damien Miller	7892879	2000-04-12 20:17:38 +1000	[diff] [blame]	692	filename, linenum);
Damien Miller	3702396	2000-07-11 17:31:38 +1000	[diff] [blame]	693	options->allow_users[options->num_allow_users++] = xstrdup(arg);
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	694	}
				695	break;
				696
				697	case sDenyUsers:
Damien Miller	be484b5	2000-07-15 14:14:16 +1000	[diff] [blame]	698	while ((arg = strdelim(&cp)) && *arg != '\0') {
Damien Miller	7892879	2000-04-12 20:17:38 +1000	[diff] [blame]	699	if (options->num_deny_users >= MAX_DENY_USERS)
Ben Lindstrom	6df8ef4	2001-03-05 07:47:23 +0000	[diff] [blame]	700	fatal( "%s line %d: too many deny users.",
Damien Miller	7892879	2000-04-12 20:17:38 +1000	[diff] [blame]	701	filename, linenum);
Damien Miller	3702396	2000-07-11 17:31:38 +1000	[diff] [blame]	702	options->deny_users[options->num_deny_users++] = xstrdup(arg);
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	703	}
				704	break;
				705
				706	case sAllowGroups:
Damien Miller	be484b5	2000-07-15 14:14:16 +1000	[diff] [blame]	707	while ((arg = strdelim(&cp)) && *arg != '\0') {
Damien Miller	7892879	2000-04-12 20:17:38 +1000	[diff] [blame]	708	if (options->num_allow_groups >= MAX_ALLOW_GROUPS)
Ben Lindstrom	6df8ef4	2001-03-05 07:47:23 +0000	[diff] [blame]	709	fatal("%s line %d: too many allow groups.",
Damien Miller	7892879	2000-04-12 20:17:38 +1000	[diff] [blame]	710	filename, linenum);
Damien Miller	3702396	2000-07-11 17:31:38 +1000	[diff] [blame]	711	options->allow_groups[options->num_allow_groups++] = xstrdup(arg);
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	712	}
				713	break;
				714
				715	case sDenyGroups:
Damien Miller	be484b5	2000-07-15 14:14:16 +1000	[diff] [blame]	716	while ((arg = strdelim(&cp)) && *arg != '\0') {
Damien Miller	7892879	2000-04-12 20:17:38 +1000	[diff] [blame]	717	if (options->num_deny_groups >= MAX_DENY_GROUPS)
Ben Lindstrom	6df8ef4	2001-03-05 07:47:23 +0000	[diff] [blame]	718	fatal("%s line %d: too many deny groups.",
Damien Miller	7892879	2000-04-12 20:17:38 +1000	[diff] [blame]	719	filename, linenum);
Damien Miller	3702396	2000-07-11 17:31:38 +1000	[diff] [blame]	720	options->deny_groups[options->num_deny_groups++] = xstrdup(arg);
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	721	}
				722	break;
				723
Damien Miller	7892879	2000-04-12 20:17:38 +1000	[diff] [blame]	724	case sCiphers:
Damien Miller	be484b5	2000-07-15 14:14:16 +1000	[diff] [blame]	725	arg = strdelim(&cp);
Damien Miller	3702396	2000-07-11 17:31:38 +1000	[diff] [blame]	726	if (!arg \|\| *arg == '\0')
Damien Miller	b1715dc	2000-05-30 13:44:51 +1000	[diff] [blame]	727	fatal("%s line %d: Missing argument.", filename, linenum);
Damien Miller	3702396	2000-07-11 17:31:38 +1000	[diff] [blame]	728	if (!ciphers_valid(arg))
Damien Miller	30c3d42	2000-05-09 11:02:59 +1000	[diff] [blame]	729	fatal("%s line %d: Bad SSH2 cipher spec '%s'.",
Damien Miller	3702396	2000-07-11 17:31:38 +1000	[diff] [blame]	730	filename, linenum, arg ? arg : "<NONE>");
Damien Miller	7892879	2000-04-12 20:17:38 +1000	[diff] [blame]	731	if (options->ciphers == NULL)
Damien Miller	3702396	2000-07-11 17:31:38 +1000	[diff] [blame]	732	options->ciphers = xstrdup(arg);
Damien Miller	7892879	2000-04-12 20:17:38 +1000	[diff] [blame]	733	break;
				734
Ben Lindstrom	06b33aa	2001-02-15 03:01:59 +0000	[diff] [blame]	735	case sMacs:
				736	arg = strdelim(&cp);
				737	if (!arg \|\| *arg == '\0')
				738	fatal("%s line %d: Missing argument.", filename, linenum);
				739	if (!mac_valid(arg))
				740	fatal("%s line %d: Bad SSH2 mac spec '%s'.",
				741	filename, linenum, arg ? arg : "<NONE>");
				742	if (options->macs == NULL)
				743	options->macs = xstrdup(arg);
				744	break;
				745
Damien Miller	7892879	2000-04-12 20:17:38 +1000	[diff] [blame]	746	case sProtocol:
				747	intptr = &options->protocol;
Damien Miller	be484b5	2000-07-15 14:14:16 +1000	[diff] [blame]	748	arg = strdelim(&cp);
Damien Miller	3702396	2000-07-11 17:31:38 +1000	[diff] [blame]	749	if (!arg \|\| *arg == '\0')
Damien Miller	b1715dc	2000-05-30 13:44:51 +1000	[diff] [blame]	750	fatal("%s line %d: Missing argument.", filename, linenum);
Damien Miller	3702396	2000-07-11 17:31:38 +1000	[diff] [blame]	751	value = proto_spec(arg);
Damien Miller	7892879	2000-04-12 20:17:38 +1000	[diff] [blame]	752	if (value == SSH_PROTO_UNKNOWN)
				753	fatal("%s line %d: Bad protocol spec '%s'.",
Damien Miller	3702396	2000-07-11 17:31:38 +1000	[diff] [blame]	754	filename, linenum, arg ? arg : "<NONE>");
Damien Miller	7892879	2000-04-12 20:17:38 +1000	[diff] [blame]	755	if (*intptr == SSH_PROTO_UNKNOWN)
				756	*intptr = value;
				757	break;
				758
Damien Miller	f6d9e22	2000-06-18 14:50:44 +1000	[diff] [blame]	759	case sSubsystem:
				760	if(options->num_subsystems >= MAX_SUBSYSTEMS) {
				761	fatal("%s line %d: too many subsystems defined.",
				762	filename, linenum);
				763	}
Damien Miller	be484b5	2000-07-15 14:14:16 +1000	[diff] [blame]	764	arg = strdelim(&cp);
Damien Miller	3702396	2000-07-11 17:31:38 +1000	[diff] [blame]	765	if (!arg \|\| *arg == '\0')
Damien Miller	f6d9e22	2000-06-18 14:50:44 +1000	[diff] [blame]	766	fatal("%s line %d: Missing subsystem name.",
				767	filename, linenum);
				768	for (i = 0; i < options->num_subsystems; i++)
Damien Miller	3702396	2000-07-11 17:31:38 +1000	[diff] [blame]	769	if(strcmp(arg, options->subsystem_name[i]) == 0)
Damien Miller	f6d9e22	2000-06-18 14:50:44 +1000	[diff] [blame]	770	fatal("%s line %d: Subsystem '%s' already defined.",
Damien Miller	3702396	2000-07-11 17:31:38 +1000	[diff] [blame]	771	filename, linenum, arg);
				772	options->subsystem_name[options->num_subsystems] = xstrdup(arg);
Damien Miller	be484b5	2000-07-15 14:14:16 +1000	[diff] [blame]	773	arg = strdelim(&cp);
Damien Miller	3702396	2000-07-11 17:31:38 +1000	[diff] [blame]	774	if (!arg \|\| *arg == '\0')
Damien Miller	f6d9e22	2000-06-18 14:50:44 +1000	[diff] [blame]	775	fatal("%s line %d: Missing subsystem command.",
				776	filename, linenum);
Damien Miller	3702396	2000-07-11 17:31:38 +1000	[diff] [blame]	777	options->subsystem_command[options->num_subsystems] = xstrdup(arg);
Damien Miller	f6d9e22	2000-06-18 14:50:44 +1000	[diff] [blame]	778	options->num_subsystems++;
				779	break;
				780
Damien Miller	3702396	2000-07-11 17:31:38 +1000	[diff] [blame]	781	case sMaxStartups:
Damien Miller	942da03	2000-08-18 13:59:06 +1000	[diff] [blame]	782	arg = strdelim(&cp);
				783	if (!arg \|\| *arg == '\0')
				784	fatal("%s line %d: Missing MaxStartups spec.",
				785	filename, linenum);
				786	if (sscanf(arg, "%d:%d:%d",
				787	&options->max_startups_begin,
				788	&options->max_startups_rate,
				789	&options->max_startups) == 3) {
				790	if (options->max_startups_begin >
				791	options->max_startups \|\|
				792	options->max_startups_rate > 100 \|\|
				793	options->max_startups_rate < 1)
				794	fatal("%s line %d: Illegal MaxStartups spec.",
				795	filename, linenum);
				796	break;
				797	}
Damien Miller	3702396	2000-07-11 17:31:38 +1000	[diff] [blame]	798	intptr = &options->max_startups;
				799	goto parse_int;
				800
Ben Lindstrom	48bd7c1	2001-01-09 00:35:42 +0000	[diff] [blame]	801	case sBanner:
				802	charptr = &options->banner;
				803	goto parse_filename;
Ben Lindstrom	5744dc4	2001-04-13 23:28:01 +0000	[diff] [blame^]	804	case sClientAliveInterval:
				805	intptr = &options->client_alive_interval;
				806	goto parse_int;
				807	case sClientAliveCountMax:
				808	intptr = &options->client_alive_count_max;
				809	goto parse_int;
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	810	default:
				811	fprintf(stderr, "%s line %d: Missing handler for opcode %s (%d)\n",
Damien Miller	3702396	2000-07-11 17:31:38 +1000	[diff] [blame]	812	filename, linenum, arg, opcode);
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	813	exit(1);
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	814	}
Damien Miller	be484b5	2000-07-15 14:14:16 +1000	[diff] [blame]	815	if ((arg = strdelim(&cp)) != NULL && *arg != '\0') {
Kevin Steves	ef4eea9	2001-02-05 12:42:17 +0000	[diff] [blame]	816	fprintf(stderr,
Damien Miller	3702396	2000-07-11 17:31:38 +1000	[diff] [blame]	817	"%s line %d: garbage at end of line; \"%.200s\".\n",
				818	filename, linenum, arg);
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	819	exit(1);
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	820	}
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	821	}
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	822	fclose(f);
				823	if (bad_options > 0) {
				824	fprintf(stderr, "%s: terminating, %d bad configuration options\n",
				825	filename, bad_options);
				826	exit(1);
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	827	}
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	828	}