blob: 007056d4d47d9e5ae15363d93bd0fb4306546052 [file] [log] [blame]
Damien Millerd4a8b7e1999-10-27 13:42:43 +10001/*
Damien Miller95def091999-11-25 00:26:21 +11002 * Author: Tatu Ylonen <ylo@cs.hut.fi>
Damien Miller95def091999-11-25 00:26:21 +11003 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
4 * All rights reserved
Damien Miller95def091999-11-25 00:26:21 +11005 * Functions for reading the configuration files.
Damien Miller4af51302000-04-16 11:18:38 +10006 *
Damien Millere4340be2000-09-16 13:29:08 +11007 * As far as I am concerned, the code I have written for this software
8 * can be used freely for any purpose. Any derived versions of this
9 * software must be clearly marked as such, and if the derived work is
10 * incompatible with the protocol description in the RFC file, it must be
11 * called by a name other than "ssh" or "Secure Shell".
Damien Miller95def091999-11-25 00:26:21 +110012 */
Damien Millerd4a8b7e1999-10-27 13:42:43 +100013
14#include "includes.h"
Ben Lindstrom3bb4f9d2001-04-08 18:30:26 +000015RCSID("$OpenBSD: readconf.c,v 1.71 2001/04/07 08:55:17 markus Exp $");
Damien Millerd4a8b7e1999-10-27 13:42:43 +100016
17#include "ssh.h"
Damien Millerd4a8b7e1999-10-27 13:42:43 +100018#include "xmalloc.h"
Damien Miller78928792000-04-12 20:17:38 +100019#include "compat.h"
Ben Lindstrom226cfa02001-01-22 05:34:40 +000020#include "cipher.h"
21#include "pathnames.h"
22#include "log.h"
23#include "readconf.h"
24#include "match.h"
25#include "misc.h"
Ben Lindstrom06b33aa2001-02-15 03:01:59 +000026#include "kex.h"
27#include "mac.h"
Damien Millerd4a8b7e1999-10-27 13:42:43 +100028
29/* Format of the configuration file:
30
31 # Configuration data is parsed as follows:
32 # 1. command line options
33 # 2. user-specific file
34 # 3. system-wide file
35 # Any configuration value is only changed the first time it is set.
36 # Thus, host-specific definitions should be at the beginning of the
37 # configuration file, and defaults at the end.
38
39 # Host-specific declarations. These may override anything above. A single
40 # host may match multiple declarations; these are processed in the order
41 # that they are given in.
42
43 Host *.ngs.fi ngs.fi
44 FallBackToRsh no
45
46 Host fake.com
47 HostName another.host.name.real.org
48 User blaah
49 Port 34289
50 ForwardX11 no
51 ForwardAgent no
52
53 Host books.com
54 RemoteForward 9999 shadows.cs.hut.fi:9999
55 Cipher 3des
56
57 Host fascist.blob.com
58 Port 23123
59 User tylonen
60 RhostsAuthentication no
61 PasswordAuthentication no
62
63 Host puukko.hut.fi
64 User t35124p
65 ProxyCommand ssh-proxy %h %p
66
67 Host *.fr
68 UseRsh yes
69
70 Host *.su
71 Cipher none
72 PasswordAuthentication no
73
74 # Defaults for various options
75 Host *
76 ForwardAgent no
Damien Miller0bc1bd82000-11-13 22:57:25 +110077 ForwardX11 no
Damien Millerd4a8b7e1999-10-27 13:42:43 +100078 RhostsAuthentication yes
79 PasswordAuthentication yes
80 RSAAuthentication yes
81 RhostsRSAAuthentication yes
82 FallBackToRsh no
83 UseRsh no
84 StrictHostKeyChecking yes
85 KeepAlives no
86 IdentityFile ~/.ssh/identity
87 Port 22
88 EscapeChar ~
89
90*/
91
92/* Keyword tokens. */
93
Damien Miller95def091999-11-25 00:26:21 +110094typedef enum {
95 oBadOption,
96 oForwardAgent, oForwardX11, oGatewayPorts, oRhostsAuthentication,
97 oPasswordAuthentication, oRSAAuthentication, oFallBackToRsh, oUseRsh,
Ben Lindstrom95fb2dd2001-01-23 03:12:10 +000098 oChallengeResponseAuthentication, oXAuthLocation,
Damien Millerd4a8b7e1999-10-27 13:42:43 +100099#ifdef KRB4
Damien Miller95def091999-11-25 00:26:21 +1100100 oKerberosAuthentication,
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000101#endif /* KRB4 */
102#ifdef AFS
Damien Miller95def091999-11-25 00:26:21 +1100103 oKerberosTgtPassing, oAFSTokenPassing,
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000104#endif
Damien Miller95def091999-11-25 00:26:21 +1100105 oIdentityFile, oHostName, oPort, oCipher, oRemoteForward, oLocalForward,
106 oUser, oHost, oEscapeChar, oRhostsRSAAuthentication, oProxyCommand,
107 oGlobalKnownHostsFile, oUserKnownHostsFile, oConnectionAttempts,
108 oBatchMode, oCheckHostIP, oStrictHostKeyChecking, oCompression,
Ben Lindstrom95fb2dd2001-01-23 03:12:10 +0000109 oCompressionLevel, oKeepAlives, oNumberOfPasswordPrompts,
Ben Lindstrom06b33aa2001-02-15 03:01:59 +0000110 oUsePrivilegedPort, oLogLevel, oCiphers, oProtocol, oMacs,
Damien Miller0bc1bd82000-11-13 22:57:25 +1100111 oGlobalKnownHostsFile2, oUserKnownHostsFile2, oPubkeyAuthentication,
Ben Lindstromb9be60a2001-03-11 01:49:19 +0000112 oKbdInteractiveAuthentication, oKbdInteractiveDevices, oHostKeyAlias,
Ben Lindstrom3bb4f9d2001-04-08 18:30:26 +0000113 oDynamicForward, oPreferredAuthentications
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000114} OpCodes;
115
116/* Textual representations of the tokens. */
117
Damien Miller95def091999-11-25 00:26:21 +1100118static struct {
119 const char *name;
120 OpCodes opcode;
121} keywords[] = {
122 { "forwardagent", oForwardAgent },
123 { "forwardx11", oForwardX11 },
Damien Millerd3a18572000-06-07 19:55:44 +1000124 { "xauthlocation", oXAuthLocation },
Damien Miller95def091999-11-25 00:26:21 +1100125 { "gatewayports", oGatewayPorts },
126 { "useprivilegedport", oUsePrivilegedPort },
127 { "rhostsauthentication", oRhostsAuthentication },
128 { "passwordauthentication", oPasswordAuthentication },
Damien Miller874d77b2000-10-14 16:23:11 +1100129 { "kbdinteractiveauthentication", oKbdInteractiveAuthentication },
130 { "kbdinteractivedevices", oKbdInteractiveDevices },
Damien Miller95def091999-11-25 00:26:21 +1100131 { "rsaauthentication", oRSAAuthentication },
Damien Miller0bc1bd82000-11-13 22:57:25 +1100132 { "pubkeyauthentication", oPubkeyAuthentication },
Ben Lindstrom95fb2dd2001-01-23 03:12:10 +0000133 { "dsaauthentication", oPubkeyAuthentication }, /* alias */
134 { "challengeresponseauthentication", oChallengeResponseAuthentication },
135 { "skeyauthentication", oChallengeResponseAuthentication }, /* alias */
136 { "tisauthentication", oChallengeResponseAuthentication }, /* alias */
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000137#ifdef KRB4
Damien Miller95def091999-11-25 00:26:21 +1100138 { "kerberosauthentication", oKerberosAuthentication },
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000139#endif /* KRB4 */
140#ifdef AFS
Damien Miller95def091999-11-25 00:26:21 +1100141 { "kerberostgtpassing", oKerberosTgtPassing },
142 { "afstokenpassing", oAFSTokenPassing },
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000143#endif
Damien Miller95def091999-11-25 00:26:21 +1100144 { "fallbacktorsh", oFallBackToRsh },
145 { "usersh", oUseRsh },
146 { "identityfile", oIdentityFile },
Damien Miller0bc1bd82000-11-13 22:57:25 +1100147 { "identityfile2", oIdentityFile }, /* alias */
Damien Miller95def091999-11-25 00:26:21 +1100148 { "hostname", oHostName },
Ben Lindstrom4dccfa52000-12-28 16:40:05 +0000149 { "hostkeyalias", oHostKeyAlias },
Damien Miller95def091999-11-25 00:26:21 +1100150 { "proxycommand", oProxyCommand },
151 { "port", oPort },
152 { "cipher", oCipher },
Damien Miller78928792000-04-12 20:17:38 +1000153 { "ciphers", oCiphers },
Ben Lindstrom06b33aa2001-02-15 03:01:59 +0000154 { "macs", oMacs },
Damien Miller78928792000-04-12 20:17:38 +1000155 { "protocol", oProtocol },
Damien Miller95def091999-11-25 00:26:21 +1100156 { "remoteforward", oRemoteForward },
157 { "localforward", oLocalForward },
158 { "user", oUser },
159 { "host", oHost },
160 { "escapechar", oEscapeChar },
161 { "rhostsrsaauthentication", oRhostsRSAAuthentication },
162 { "globalknownhostsfile", oGlobalKnownHostsFile },
163 { "userknownhostsfile", oUserKnownHostsFile },
Damien Millereba71ba2000-04-29 23:57:08 +1000164 { "globalknownhostsfile2", oGlobalKnownHostsFile2 },
165 { "userknownhostsfile2", oUserKnownHostsFile2 },
Damien Miller95def091999-11-25 00:26:21 +1100166 { "connectionattempts", oConnectionAttempts },
167 { "batchmode", oBatchMode },
168 { "checkhostip", oCheckHostIP },
169 { "stricthostkeychecking", oStrictHostKeyChecking },
170 { "compression", oCompression },
171 { "compressionlevel", oCompressionLevel },
172 { "keepalive", oKeepAlives },
173 { "numberofpasswordprompts", oNumberOfPasswordPrompts },
Damien Miller95def091999-11-25 00:26:21 +1100174 { "loglevel", oLogLevel },
Ben Lindstrom3bb4f9d2001-04-08 18:30:26 +0000175 { "dynamicforward", oDynamicForward },
Ben Lindstromb9be60a2001-03-11 01:49:19 +0000176 { "preferredauthentications", oPreferredAuthentications },
Damien Miller95def091999-11-25 00:26:21 +1100177 { NULL, 0 }
Damien Miller5ce662a1999-11-11 17:57:39 +1100178};
179
Damien Miller5428f641999-11-25 11:54:57 +1100180/*
181 * Adds a local TCP/IP port forward to options. Never returns if there is an
182 * error.
183 */
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000184
Damien Miller4af51302000-04-16 11:18:38 +1000185void
Damien Milleraae6c611999-12-06 11:47:28 +1100186add_local_forward(Options *options, u_short port, const char *host,
187 u_short host_port)
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000188{
Damien Miller95def091999-11-25 00:26:21 +1100189 Forward *fwd;
Damien Millerbac2d8a2000-09-05 16:13:06 +1100190#ifndef HAVE_CYGWIN
Damien Miller95def091999-11-25 00:26:21 +1100191 extern uid_t original_real_uid;
Damien Miller95def091999-11-25 00:26:21 +1100192 if (port < IPPORT_RESERVED && original_real_uid != 0)
Ben Lindstrom6df8ef42001-03-05 07:47:23 +0000193 fatal("Privileged ports can only be forwarded by root.");
Damien Millerbac2d8a2000-09-05 16:13:06 +1100194#endif
Damien Miller95def091999-11-25 00:26:21 +1100195 if (options->num_local_forwards >= SSH_MAX_FORWARDS_PER_DIRECTION)
196 fatal("Too many local forwards (max %d).", SSH_MAX_FORWARDS_PER_DIRECTION);
197 fwd = &options->local_forwards[options->num_local_forwards++];
198 fwd->port = port;
199 fwd->host = xstrdup(host);
200 fwd->host_port = host_port;
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000201}
202
Damien Miller5428f641999-11-25 11:54:57 +1100203/*
204 * Adds a remote TCP/IP port forward to options. Never returns if there is
205 * an error.
206 */
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000207
Damien Miller4af51302000-04-16 11:18:38 +1000208void
Damien Milleraae6c611999-12-06 11:47:28 +1100209add_remote_forward(Options *options, u_short port, const char *host,
210 u_short host_port)
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000211{
Damien Miller95def091999-11-25 00:26:21 +1100212 Forward *fwd;
213 if (options->num_remote_forwards >= SSH_MAX_FORWARDS_PER_DIRECTION)
214 fatal("Too many remote forwards (max %d).",
215 SSH_MAX_FORWARDS_PER_DIRECTION);
216 fwd = &options->remote_forwards[options->num_remote_forwards++];
217 fwd->port = port;
218 fwd->host = xstrdup(host);
219 fwd->host_port = host_port;
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000220}
221
Damien Miller5428f641999-11-25 11:54:57 +1100222/*
Ben Lindstrom3704c262001-04-02 18:20:03 +0000223 * Returns the number of the token pointed to by cp or oBadOption.
Damien Miller5428f641999-11-25 11:54:57 +1100224 */
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000225
Damien Miller4af51302000-04-16 11:18:38 +1000226static OpCodes
Damien Miller95def091999-11-25 00:26:21 +1100227parse_token(const char *cp, const char *filename, int linenum)
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000228{
Ben Lindstrom46c16222000-12-22 01:43:59 +0000229 u_int i;
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000230
Damien Miller95def091999-11-25 00:26:21 +1100231 for (i = 0; keywords[i].name; i++)
Damien Miller5428f641999-11-25 11:54:57 +1100232 if (strcasecmp(cp, keywords[i].name) == 0)
Damien Miller95def091999-11-25 00:26:21 +1100233 return keywords[i].opcode;
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000234
Damien Miller95def091999-11-25 00:26:21 +1100235 fprintf(stderr, "%s: line %d: Bad configuration option: %s\n",
236 filename, linenum, cp);
237 return oBadOption;
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000238}
239
Damien Miller5428f641999-11-25 11:54:57 +1100240/*
241 * Processes a single option line as used in the configuration files. This
242 * only sets those values that have not already been set.
243 */
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000244
Damien Miller2ccf6611999-11-15 15:25:10 +1100245int
246process_config_line(Options *options, const char *host,
Damien Miller95def091999-11-25 00:26:21 +1100247 char *line, const char *filename, int linenum,
248 int *activep)
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000249{
Damien Miller37023962000-07-11 17:31:38 +1000250 char buf[256], *s, *string, **charptr, *endofnumber, *keyword, *arg;
Damien Milleraae6c611999-12-06 11:47:28 +1100251 int opcode, *intptr, value;
252 u_short fwd_port, fwd_host_port;
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000253
Damien Millerbe484b52000-07-15 14:14:16 +1000254 s = line;
255 /* Get the keyword. (Each line is supposed to begin with a keyword). */
256 keyword = strdelim(&s);
257 /* Ignore leading whitespace. */
258 if (*keyword == '\0')
259 keyword = strdelim(&s);
Ben Lindstrom226cfa02001-01-22 05:34:40 +0000260 if (keyword == NULL || !*keyword || *keyword == '\n' || *keyword == '#')
Damien Miller95def091999-11-25 00:26:21 +1100261 return 0;
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000262
Damien Miller37023962000-07-11 17:31:38 +1000263 opcode = parse_token(keyword, filename, linenum);
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000264
Damien Miller95def091999-11-25 00:26:21 +1100265 switch (opcode) {
266 case oBadOption:
Damien Miller5428f641999-11-25 11:54:57 +1100267 /* don't panic, but count bad options */
268 return -1;
Damien Miller95def091999-11-25 00:26:21 +1100269 /* NOTREACHED */
270 case oForwardAgent:
271 intptr = &options->forward_agent;
272parse_flag:
Damien Millerbe484b52000-07-15 14:14:16 +1000273 arg = strdelim(&s);
Damien Miller37023962000-07-11 17:31:38 +1000274 if (!arg || *arg == '\0')
Damien Miller95def091999-11-25 00:26:21 +1100275 fatal("%.200s line %d: Missing yes/no argument.", filename, linenum);
276 value = 0; /* To avoid compiler warning... */
Damien Miller37023962000-07-11 17:31:38 +1000277 if (strcmp(arg, "yes") == 0 || strcmp(arg, "true") == 0)
Damien Miller95def091999-11-25 00:26:21 +1100278 value = 1;
Damien Miller37023962000-07-11 17:31:38 +1000279 else if (strcmp(arg, "no") == 0 || strcmp(arg, "false") == 0)
Damien Miller95def091999-11-25 00:26:21 +1100280 value = 0;
281 else
282 fatal("%.200s line %d: Bad yes/no argument.", filename, linenum);
283 if (*activep && *intptr == -1)
284 *intptr = value;
285 break;
286
287 case oForwardX11:
288 intptr = &options->forward_x11;
289 goto parse_flag;
290
291 case oGatewayPorts:
292 intptr = &options->gateway_ports;
293 goto parse_flag;
294
295 case oUsePrivilegedPort:
296 intptr = &options->use_privileged_port;
297 goto parse_flag;
298
299 case oRhostsAuthentication:
300 intptr = &options->rhosts_authentication;
301 goto parse_flag;
302
303 case oPasswordAuthentication:
304 intptr = &options->password_authentication;
305 goto parse_flag;
306
Damien Miller874d77b2000-10-14 16:23:11 +1100307 case oKbdInteractiveAuthentication:
308 intptr = &options->kbd_interactive_authentication;
309 goto parse_flag;
310
311 case oKbdInteractiveDevices:
312 charptr = &options->kbd_interactive_devices;
313 goto parse_string;
314
Damien Miller0bc1bd82000-11-13 22:57:25 +1100315 case oPubkeyAuthentication:
316 intptr = &options->pubkey_authentication;
Damien Millere247cc42000-05-07 12:03:14 +1000317 goto parse_flag;
318
Damien Miller95def091999-11-25 00:26:21 +1100319 case oRSAAuthentication:
320 intptr = &options->rsa_authentication;
321 goto parse_flag;
322
323 case oRhostsRSAAuthentication:
324 intptr = &options->rhosts_rsa_authentication;
325 goto parse_flag;
326
Ben Lindstrom95fb2dd2001-01-23 03:12:10 +0000327 case oChallengeResponseAuthentication:
328 intptr = &options->challenge_reponse_authentication;
Damien Miller95def091999-11-25 00:26:21 +1100329 goto parse_flag;
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000330
331#ifdef KRB4
Damien Miller95def091999-11-25 00:26:21 +1100332 case oKerberosAuthentication:
333 intptr = &options->kerberos_authentication;
334 goto parse_flag;
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000335#endif /* KRB4 */
336
337#ifdef AFS
Damien Miller95def091999-11-25 00:26:21 +1100338 case oKerberosTgtPassing:
339 intptr = &options->kerberos_tgt_passing;
340 goto parse_flag;
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000341
Damien Miller95def091999-11-25 00:26:21 +1100342 case oAFSTokenPassing:
343 intptr = &options->afs_token_passing;
344 goto parse_flag;
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000345#endif
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000346
Damien Miller95def091999-11-25 00:26:21 +1100347 case oFallBackToRsh:
348 intptr = &options->fallback_to_rsh;
349 goto parse_flag;
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000350
Damien Miller95def091999-11-25 00:26:21 +1100351 case oUseRsh:
352 intptr = &options->use_rsh;
353 goto parse_flag;
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000354
Damien Miller95def091999-11-25 00:26:21 +1100355 case oBatchMode:
356 intptr = &options->batch_mode;
357 goto parse_flag;
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000358
Damien Miller95def091999-11-25 00:26:21 +1100359 case oCheckHostIP:
360 intptr = &options->check_host_ip;
361 goto parse_flag;
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000362
Damien Miller95def091999-11-25 00:26:21 +1100363 case oStrictHostKeyChecking:
364 intptr = &options->strict_host_key_checking;
Damien Millerbe484b52000-07-15 14:14:16 +1000365 arg = strdelim(&s);
Damien Miller37023962000-07-11 17:31:38 +1000366 if (!arg || *arg == '\0')
Ben Lindstrom5ed8acd2001-01-29 08:00:54 +0000367 fatal("%.200s line %d: Missing yes/no/ask argument.",
Damien Miller95def091999-11-25 00:26:21 +1100368 filename, linenum);
369 value = 0; /* To avoid compiler warning... */
Damien Miller37023962000-07-11 17:31:38 +1000370 if (strcmp(arg, "yes") == 0 || strcmp(arg, "true") == 0)
Damien Miller95def091999-11-25 00:26:21 +1100371 value = 1;
Damien Miller37023962000-07-11 17:31:38 +1000372 else if (strcmp(arg, "no") == 0 || strcmp(arg, "false") == 0)
Damien Miller95def091999-11-25 00:26:21 +1100373 value = 0;
Damien Miller37023962000-07-11 17:31:38 +1000374 else if (strcmp(arg, "ask") == 0)
Damien Miller95def091999-11-25 00:26:21 +1100375 value = 2;
376 else
377 fatal("%.200s line %d: Bad yes/no/ask argument.", filename, linenum);
378 if (*activep && *intptr == -1)
379 *intptr = value;
380 break;
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000381
Damien Miller95def091999-11-25 00:26:21 +1100382 case oCompression:
383 intptr = &options->compression;
384 goto parse_flag;
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000385
Damien Miller95def091999-11-25 00:26:21 +1100386 case oKeepAlives:
387 intptr = &options->keepalives;
388 goto parse_flag;
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000389
Damien Miller95def091999-11-25 00:26:21 +1100390 case oNumberOfPasswordPrompts:
391 intptr = &options->number_of_password_prompts;
392 goto parse_int;
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000393
Damien Miller95def091999-11-25 00:26:21 +1100394 case oCompressionLevel:
395 intptr = &options->compression_level;
396 goto parse_int;
397
398 case oIdentityFile:
Damien Millerbe484b52000-07-15 14:14:16 +1000399 arg = strdelim(&s);
Damien Miller37023962000-07-11 17:31:38 +1000400 if (!arg || *arg == '\0')
Damien Miller95def091999-11-25 00:26:21 +1100401 fatal("%.200s line %d: Missing argument.", filename, linenum);
402 if (*activep) {
Damien Miller0bc1bd82000-11-13 22:57:25 +1100403 intptr = &options->num_identity_files;
Damien Millereba71ba2000-04-29 23:57:08 +1000404 if (*intptr >= SSH_MAX_IDENTITY_FILES)
Damien Miller95def091999-11-25 00:26:21 +1100405 fatal("%.200s line %d: Too many identity files specified (max %d).",
406 filename, linenum, SSH_MAX_IDENTITY_FILES);
Damien Miller0bc1bd82000-11-13 22:57:25 +1100407 charptr = &options->identity_files[*intptr];
Damien Miller37023962000-07-11 17:31:38 +1000408 *charptr = xstrdup(arg);
Damien Millereba71ba2000-04-29 23:57:08 +1000409 *intptr = *intptr + 1;
Damien Miller95def091999-11-25 00:26:21 +1100410 }
411 break;
412
Damien Millerd3a18572000-06-07 19:55:44 +1000413 case oXAuthLocation:
414 charptr=&options->xauth_location;
415 goto parse_string;
416
Damien Miller95def091999-11-25 00:26:21 +1100417 case oUser:
418 charptr = &options->user;
419parse_string:
Damien Millerbe484b52000-07-15 14:14:16 +1000420 arg = strdelim(&s);
Damien Miller37023962000-07-11 17:31:38 +1000421 if (!arg || *arg == '\0')
Damien Miller95def091999-11-25 00:26:21 +1100422 fatal("%.200s line %d: Missing argument.", filename, linenum);
423 if (*activep && *charptr == NULL)
Damien Miller37023962000-07-11 17:31:38 +1000424 *charptr = xstrdup(arg);
Damien Miller95def091999-11-25 00:26:21 +1100425 break;
426
427 case oGlobalKnownHostsFile:
428 charptr = &options->system_hostfile;
429 goto parse_string;
430
431 case oUserKnownHostsFile:
432 charptr = &options->user_hostfile;
433 goto parse_string;
434
Damien Millereba71ba2000-04-29 23:57:08 +1000435 case oGlobalKnownHostsFile2:
436 charptr = &options->system_hostfile2;
437 goto parse_string;
438
439 case oUserKnownHostsFile2:
440 charptr = &options->user_hostfile2;
441 goto parse_string;
442
Damien Miller95def091999-11-25 00:26:21 +1100443 case oHostName:
444 charptr = &options->hostname;
445 goto parse_string;
446
Ben Lindstrom4dccfa52000-12-28 16:40:05 +0000447 case oHostKeyAlias:
448 charptr = &options->host_key_alias;
449 goto parse_string;
450
Ben Lindstromb9be60a2001-03-11 01:49:19 +0000451 case oPreferredAuthentications:
452 charptr = &options->preferred_authentications;
453 goto parse_string;
454
Damien Miller95def091999-11-25 00:26:21 +1100455 case oProxyCommand:
456 charptr = &options->proxy_command;
457 string = xstrdup("");
Damien Millerbe484b52000-07-15 14:14:16 +1000458 while ((arg = strdelim(&s)) != NULL && *arg != '\0') {
Damien Miller37023962000-07-11 17:31:38 +1000459 string = xrealloc(string, strlen(string) + strlen(arg) + 2);
Damien Miller95def091999-11-25 00:26:21 +1100460 strcat(string, " ");
Damien Miller37023962000-07-11 17:31:38 +1000461 strcat(string, arg);
Damien Miller95def091999-11-25 00:26:21 +1100462 }
463 if (*activep && *charptr == NULL)
464 *charptr = string;
465 else
466 xfree(string);
467 return 0;
468
469 case oPort:
470 intptr = &options->port;
471parse_int:
Damien Millerbe484b52000-07-15 14:14:16 +1000472 arg = strdelim(&s);
Damien Miller37023962000-07-11 17:31:38 +1000473 if (!arg || *arg == '\0')
Damien Miller95def091999-11-25 00:26:21 +1100474 fatal("%.200s line %d: Missing argument.", filename, linenum);
Damien Miller37023962000-07-11 17:31:38 +1000475 if (arg[0] < '0' || arg[0] > '9')
Damien Miller95def091999-11-25 00:26:21 +1100476 fatal("%.200s line %d: Bad number.", filename, linenum);
Damien Miller5428f641999-11-25 11:54:57 +1100477
478 /* Octal, decimal, or hex format? */
Damien Miller37023962000-07-11 17:31:38 +1000479 value = strtol(arg, &endofnumber, 0);
480 if (arg == endofnumber)
Damien Miller5428f641999-11-25 11:54:57 +1100481 fatal("%.200s line %d: Bad number.", filename, linenum);
Damien Miller95def091999-11-25 00:26:21 +1100482 if (*activep && *intptr == -1)
483 *intptr = value;
484 break;
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000485
Damien Miller95def091999-11-25 00:26:21 +1100486 case oConnectionAttempts:
487 intptr = &options->connection_attempts;
488 goto parse_int;
Damien Miller5ce662a1999-11-11 17:57:39 +1100489
Damien Miller95def091999-11-25 00:26:21 +1100490 case oCipher:
491 intptr = &options->cipher;
Damien Millerbe484b52000-07-15 14:14:16 +1000492 arg = strdelim(&s);
Damien Miller37023962000-07-11 17:31:38 +1000493 if (!arg || *arg == '\0')
Damien Millerb1715dc2000-05-30 13:44:51 +1000494 fatal("%.200s line %d: Missing argument.", filename, linenum);
Damien Miller37023962000-07-11 17:31:38 +1000495 value = cipher_number(arg);
Damien Miller95def091999-11-25 00:26:21 +1100496 if (value == -1)
497 fatal("%.200s line %d: Bad cipher '%s'.",
Damien Miller37023962000-07-11 17:31:38 +1000498 filename, linenum, arg ? arg : "<NONE>");
Damien Miller95def091999-11-25 00:26:21 +1100499 if (*activep && *intptr == -1)
500 *intptr = value;
501 break;
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000502
Damien Miller78928792000-04-12 20:17:38 +1000503 case oCiphers:
Damien Millerbe484b52000-07-15 14:14:16 +1000504 arg = strdelim(&s);
Damien Miller37023962000-07-11 17:31:38 +1000505 if (!arg || *arg == '\0')
Damien Millerb1715dc2000-05-30 13:44:51 +1000506 fatal("%.200s line %d: Missing argument.", filename, linenum);
Damien Miller37023962000-07-11 17:31:38 +1000507 if (!ciphers_valid(arg))
Damien Miller30c3d422000-05-09 11:02:59 +1000508 fatal("%.200s line %d: Bad SSH2 cipher spec '%s'.",
Damien Miller37023962000-07-11 17:31:38 +1000509 filename, linenum, arg ? arg : "<NONE>");
Damien Miller78928792000-04-12 20:17:38 +1000510 if (*activep && options->ciphers == NULL)
Damien Miller37023962000-07-11 17:31:38 +1000511 options->ciphers = xstrdup(arg);
Damien Miller78928792000-04-12 20:17:38 +1000512 break;
513
Ben Lindstrom06b33aa2001-02-15 03:01:59 +0000514 case oMacs:
515 arg = strdelim(&s);
516 if (!arg || *arg == '\0')
517 fatal("%.200s line %d: Missing argument.", filename, linenum);
518 if (!mac_valid(arg))
519 fatal("%.200s line %d: Bad SSH2 Mac spec '%s'.",
520 filename, linenum, arg ? arg : "<NONE>");
521 if (*activep && options->macs == NULL)
522 options->macs = xstrdup(arg);
523 break;
524
Damien Miller78928792000-04-12 20:17:38 +1000525 case oProtocol:
526 intptr = &options->protocol;
Damien Millerbe484b52000-07-15 14:14:16 +1000527 arg = strdelim(&s);
Damien Miller37023962000-07-11 17:31:38 +1000528 if (!arg || *arg == '\0')
Damien Millerb1715dc2000-05-30 13:44:51 +1000529 fatal("%.200s line %d: Missing argument.", filename, linenum);
Damien Miller37023962000-07-11 17:31:38 +1000530 value = proto_spec(arg);
Damien Miller78928792000-04-12 20:17:38 +1000531 if (value == SSH_PROTO_UNKNOWN)
532 fatal("%.200s line %d: Bad protocol spec '%s'.",
Damien Miller37023962000-07-11 17:31:38 +1000533 filename, linenum, arg ? arg : "<NONE>");
Damien Miller78928792000-04-12 20:17:38 +1000534 if (*activep && *intptr == SSH_PROTO_UNKNOWN)
535 *intptr = value;
536 break;
537
Damien Miller95def091999-11-25 00:26:21 +1100538 case oLogLevel:
539 intptr = (int *) &options->log_level;
Damien Millerbe484b52000-07-15 14:14:16 +1000540 arg = strdelim(&s);
Damien Miller37023962000-07-11 17:31:38 +1000541 value = log_level_number(arg);
Damien Miller95def091999-11-25 00:26:21 +1100542 if (value == (LogLevel) - 1)
Ben Lindstrom6df8ef42001-03-05 07:47:23 +0000543 fatal("%.200s line %d: unsupported log level '%s'",
Damien Miller37023962000-07-11 17:31:38 +1000544 filename, linenum, arg ? arg : "<NONE>");
Damien Miller95def091999-11-25 00:26:21 +1100545 if (*activep && (LogLevel) * intptr == -1)
546 *intptr = (LogLevel) value;
547 break;
548
549 case oRemoteForward:
Damien Millerbe484b52000-07-15 14:14:16 +1000550 arg = strdelim(&s);
Damien Miller37023962000-07-11 17:31:38 +1000551 if (!arg || *arg == '\0')
Damien Miller95def091999-11-25 00:26:21 +1100552 fatal("%.200s line %d: Missing argument.", filename, linenum);
Damien Miller37023962000-07-11 17:31:38 +1000553 if (arg[0] < '0' || arg[0] > '9')
Damien Miller95def091999-11-25 00:26:21 +1100554 fatal("%.200s line %d: Badly formatted port number.",
555 filename, linenum);
Damien Miller37023962000-07-11 17:31:38 +1000556 fwd_port = atoi(arg);
Damien Millerbe484b52000-07-15 14:14:16 +1000557 arg = strdelim(&s);
Damien Miller37023962000-07-11 17:31:38 +1000558 if (!arg || *arg == '\0')
Damien Miller95def091999-11-25 00:26:21 +1100559 fatal("%.200s line %d: Missing second argument.",
560 filename, linenum);
Damien Miller37023962000-07-11 17:31:38 +1000561 if (sscanf(arg, "%255[^:]:%hu", buf, &fwd_host_port) != 2)
Damien Miller95def091999-11-25 00:26:21 +1100562 fatal("%.200s line %d: Badly formatted host:port.",
563 filename, linenum);
564 if (*activep)
565 add_remote_forward(options, fwd_port, buf, fwd_host_port);
566 break;
567
568 case oLocalForward:
Damien Millerbe484b52000-07-15 14:14:16 +1000569 arg = strdelim(&s);
Damien Miller37023962000-07-11 17:31:38 +1000570 if (!arg || *arg == '\0')
Damien Miller95def091999-11-25 00:26:21 +1100571 fatal("%.200s line %d: Missing argument.", filename, linenum);
Damien Miller37023962000-07-11 17:31:38 +1000572 if (arg[0] < '0' || arg[0] > '9')
Damien Miller95def091999-11-25 00:26:21 +1100573 fatal("%.200s line %d: Badly formatted port number.",
574 filename, linenum);
Damien Miller37023962000-07-11 17:31:38 +1000575 fwd_port = atoi(arg);
Damien Millerbe484b52000-07-15 14:14:16 +1000576 arg = strdelim(&s);
Damien Miller37023962000-07-11 17:31:38 +1000577 if (!arg || *arg == '\0')
Damien Miller95def091999-11-25 00:26:21 +1100578 fatal("%.200s line %d: Missing second argument.",
579 filename, linenum);
Damien Miller37023962000-07-11 17:31:38 +1000580 if (sscanf(arg, "%255[^:]:%hu", buf, &fwd_host_port) != 2)
Damien Miller95def091999-11-25 00:26:21 +1100581 fatal("%.200s line %d: Badly formatted host:port.",
582 filename, linenum);
583 if (*activep)
584 add_local_forward(options, fwd_port, buf, fwd_host_port);
585 break;
586
Ben Lindstrom3bb4f9d2001-04-08 18:30:26 +0000587 case oDynamicForward:
588 arg = strdelim(&s);
589 if (!arg || *arg == '\0')
590 fatal("%.200s line %d: Missing port argument.",
591 filename, linenum);
592 if (arg[0] < '0' || arg[0] > '9')
593 fatal("%.200s line %d: Badly formatted port number.",
594 filename, linenum);
595 fwd_port = atoi(arg);
596 add_local_forward(options, fwd_port, "socks4", 0);
597 break;
598
Damien Miller95def091999-11-25 00:26:21 +1100599 case oHost:
600 *activep = 0;
Damien Millerbe484b52000-07-15 14:14:16 +1000601 while ((arg = strdelim(&s)) != NULL && *arg != '\0')
Damien Miller37023962000-07-11 17:31:38 +1000602 if (match_pattern(host, arg)) {
603 debug("Applying options for %.100s", arg);
Damien Miller95def091999-11-25 00:26:21 +1100604 *activep = 1;
605 break;
606 }
Damien Millerbe484b52000-07-15 14:14:16 +1000607 /* Avoid garbage check below, as strdelim is done. */
Damien Miller95def091999-11-25 00:26:21 +1100608 return 0;
609
610 case oEscapeChar:
611 intptr = &options->escape_char;
Damien Millerbe484b52000-07-15 14:14:16 +1000612 arg = strdelim(&s);
Damien Miller37023962000-07-11 17:31:38 +1000613 if (!arg || *arg == '\0')
Damien Miller95def091999-11-25 00:26:21 +1100614 fatal("%.200s line %d: Missing argument.", filename, linenum);
Damien Miller37023962000-07-11 17:31:38 +1000615 if (arg[0] == '^' && arg[2] == 0 &&
Ben Lindstrom46c16222000-12-22 01:43:59 +0000616 (u_char) arg[1] >= 64 && (u_char) arg[1] < 128)
617 value = (u_char) arg[1] & 31;
Damien Miller37023962000-07-11 17:31:38 +1000618 else if (strlen(arg) == 1)
Ben Lindstrom46c16222000-12-22 01:43:59 +0000619 value = (u_char) arg[0];
Damien Miller37023962000-07-11 17:31:38 +1000620 else if (strcmp(arg, "none") == 0)
Damien Miller95def091999-11-25 00:26:21 +1100621 value = -2;
622 else {
623 fatal("%.200s line %d: Bad escape character.",
624 filename, linenum);
625 /* NOTREACHED */
626 value = 0; /* Avoid compiler warning. */
627 }
628 if (*activep && *intptr == -1)
629 *intptr = value;
630 break;
631
632 default:
633 fatal("process_config_line: Unimplemented opcode %d", opcode);
634 }
635
636 /* Check that there is no garbage at end of line. */
Ben Lindstrom226cfa02001-01-22 05:34:40 +0000637 if ((arg = strdelim(&s)) != NULL && *arg != '\0') {
Damien Miller37023962000-07-11 17:31:38 +1000638 fatal("%.200s line %d: garbage at end of line; \"%.200s\".",
639 filename, linenum, arg);
640 }
Damien Miller95def091999-11-25 00:26:21 +1100641 return 0;
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000642}
643
644
Damien Miller5428f641999-11-25 11:54:57 +1100645/*
646 * Reads the config file and modifies the options accordingly. Options
647 * should already be initialized before this call. This never returns if
648 * there is an error. If the file does not exist, this returns immediately.
649 */
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000650
Damien Miller4af51302000-04-16 11:18:38 +1000651void
Damien Miller95def091999-11-25 00:26:21 +1100652read_config_file(const char *filename, const char *host, Options *options)
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000653{
Damien Miller95def091999-11-25 00:26:21 +1100654 FILE *f;
655 char line[1024];
656 int active, linenum;
657 int bad_options = 0;
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000658
Damien Miller95def091999-11-25 00:26:21 +1100659 /* Open the file. */
660 f = fopen(filename, "r");
661 if (!f)
662 return;
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000663
Damien Miller95def091999-11-25 00:26:21 +1100664 debug("Reading configuration data %.200s", filename);
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000665
Damien Miller5428f641999-11-25 11:54:57 +1100666 /*
667 * Mark that we are now processing the options. This flag is turned
668 * on/off by Host specifications.
669 */
Damien Miller95def091999-11-25 00:26:21 +1100670 active = 1;
671 linenum = 0;
672 while (fgets(line, sizeof(line), f)) {
673 /* Update line number counter. */
674 linenum++;
675 if (process_config_line(options, host, line, filename, linenum, &active) != 0)
676 bad_options++;
677 }
678 fclose(f);
679 if (bad_options > 0)
Ben Lindstrom6df8ef42001-03-05 07:47:23 +0000680 fatal("%s: terminating, %d bad configuration options",
Damien Miller95def091999-11-25 00:26:21 +1100681 filename, bad_options);
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000682}
683
Damien Miller5428f641999-11-25 11:54:57 +1100684/*
685 * Initializes options to special values that indicate that they have not yet
686 * been set. Read_config_file will only set options with this value. Options
687 * are processed in the following order: command line, user config file,
688 * system config file. Last, fill_default_options is called.
689 */
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000690
Damien Miller4af51302000-04-16 11:18:38 +1000691void
Damien Miller95def091999-11-25 00:26:21 +1100692initialize_options(Options * options)
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000693{
Damien Miller95def091999-11-25 00:26:21 +1100694 memset(options, 'X', sizeof(*options));
695 options->forward_agent = -1;
696 options->forward_x11 = -1;
Damien Millerd3a18572000-06-07 19:55:44 +1000697 options->xauth_location = NULL;
Damien Miller95def091999-11-25 00:26:21 +1100698 options->gateway_ports = -1;
699 options->use_privileged_port = -1;
700 options->rhosts_authentication = -1;
701 options->rsa_authentication = -1;
Damien Miller0bc1bd82000-11-13 22:57:25 +1100702 options->pubkey_authentication = -1;
Ben Lindstrom95fb2dd2001-01-23 03:12:10 +0000703 options->challenge_reponse_authentication = -1;
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000704#ifdef KRB4
Damien Miller95def091999-11-25 00:26:21 +1100705 options->kerberos_authentication = -1;
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000706#endif
707#ifdef AFS
Damien Miller95def091999-11-25 00:26:21 +1100708 options->kerberos_tgt_passing = -1;
709 options->afs_token_passing = -1;
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000710#endif
Damien Miller95def091999-11-25 00:26:21 +1100711 options->password_authentication = -1;
Damien Miller874d77b2000-10-14 16:23:11 +1100712 options->kbd_interactive_authentication = -1;
713 options->kbd_interactive_devices = NULL;
Damien Miller95def091999-11-25 00:26:21 +1100714 options->rhosts_rsa_authentication = -1;
715 options->fallback_to_rsh = -1;
716 options->use_rsh = -1;
717 options->batch_mode = -1;
718 options->check_host_ip = -1;
719 options->strict_host_key_checking = -1;
720 options->compression = -1;
721 options->keepalives = -1;
722 options->compression_level = -1;
723 options->port = -1;
724 options->connection_attempts = -1;
725 options->number_of_password_prompts = -1;
726 options->cipher = -1;
Damien Miller78928792000-04-12 20:17:38 +1000727 options->ciphers = NULL;
Ben Lindstrom06b33aa2001-02-15 03:01:59 +0000728 options->macs = NULL;
Damien Miller78928792000-04-12 20:17:38 +1000729 options->protocol = SSH_PROTO_UNKNOWN;
Damien Miller95def091999-11-25 00:26:21 +1100730 options->num_identity_files = 0;
731 options->hostname = NULL;
Ben Lindstrom4dccfa52000-12-28 16:40:05 +0000732 options->host_key_alias = NULL;
Damien Miller95def091999-11-25 00:26:21 +1100733 options->proxy_command = NULL;
734 options->user = NULL;
735 options->escape_char = -1;
736 options->system_hostfile = NULL;
737 options->user_hostfile = NULL;
Damien Millereba71ba2000-04-29 23:57:08 +1000738 options->system_hostfile2 = NULL;
739 options->user_hostfile2 = NULL;
Damien Miller95def091999-11-25 00:26:21 +1100740 options->num_local_forwards = 0;
741 options->num_remote_forwards = 0;
742 options->log_level = (LogLevel) - 1;
Ben Lindstromb9be60a2001-03-11 01:49:19 +0000743 options->preferred_authentications = NULL;
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000744}
745
Damien Miller5428f641999-11-25 11:54:57 +1100746/*
747 * Called after processing other sources of option data, this fills those
748 * options for which no value has been specified with their default values.
749 */
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000750
Damien Miller4af51302000-04-16 11:18:38 +1000751void
Damien Miller95def091999-11-25 00:26:21 +1100752fill_default_options(Options * options)
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000753{
Ben Lindstrom4f7a64a2001-02-10 22:50:09 +0000754 int len;
755
Damien Miller95def091999-11-25 00:26:21 +1100756 if (options->forward_agent == -1)
Damien Millerb1715dc2000-05-30 13:44:51 +1000757 options->forward_agent = 0;
Damien Miller95def091999-11-25 00:26:21 +1100758 if (options->forward_x11 == -1)
Damien Miller98c7ad62000-03-09 21:27:49 +1100759 options->forward_x11 = 0;
Damien Millerd3a18572000-06-07 19:55:44 +1000760#ifdef XAUTH_PATH
761 if (options->xauth_location == NULL)
762 options->xauth_location = XAUTH_PATH;
763#endif /* XAUTH_PATH */
Damien Miller95def091999-11-25 00:26:21 +1100764 if (options->gateway_ports == -1)
765 options->gateway_ports = 0;
766 if (options->use_privileged_port == -1)
Ben Lindstromcebc8582001-03-08 03:39:10 +0000767 options->use_privileged_port = 0;
Damien Miller95def091999-11-25 00:26:21 +1100768 if (options->rhosts_authentication == -1)
769 options->rhosts_authentication = 1;
770 if (options->rsa_authentication == -1)
771 options->rsa_authentication = 1;
Damien Miller0bc1bd82000-11-13 22:57:25 +1100772 if (options->pubkey_authentication == -1)
773 options->pubkey_authentication = 1;
Ben Lindstrom95fb2dd2001-01-23 03:12:10 +0000774 if (options->challenge_reponse_authentication == -1)
775 options->challenge_reponse_authentication = 0;
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000776#ifdef KRB4
Damien Miller95def091999-11-25 00:26:21 +1100777 if (options->kerberos_authentication == -1)
778 options->kerberos_authentication = 1;
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000779#endif /* KRB4 */
780#ifdef AFS
Damien Miller95def091999-11-25 00:26:21 +1100781 if (options->kerberos_tgt_passing == -1)
782 options->kerberos_tgt_passing = 1;
783 if (options->afs_token_passing == -1)
784 options->afs_token_passing = 1;
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000785#endif /* AFS */
Damien Miller95def091999-11-25 00:26:21 +1100786 if (options->password_authentication == -1)
787 options->password_authentication = 1;
Damien Miller874d77b2000-10-14 16:23:11 +1100788 if (options->kbd_interactive_authentication == -1)
Ben Lindstrom95fb2dd2001-01-23 03:12:10 +0000789 options->kbd_interactive_authentication = 1;
Damien Miller95def091999-11-25 00:26:21 +1100790 if (options->rhosts_rsa_authentication == -1)
791 options->rhosts_rsa_authentication = 1;
792 if (options->fallback_to_rsh == -1)
Damien Miller182ee6e2000-07-12 09:45:27 +1000793 options->fallback_to_rsh = 0;
Damien Miller95def091999-11-25 00:26:21 +1100794 if (options->use_rsh == -1)
795 options->use_rsh = 0;
796 if (options->batch_mode == -1)
797 options->batch_mode = 0;
798 if (options->check_host_ip == -1)
799 options->check_host_ip = 1;
800 if (options->strict_host_key_checking == -1)
801 options->strict_host_key_checking = 2; /* 2 is default */
802 if (options->compression == -1)
803 options->compression = 0;
804 if (options->keepalives == -1)
805 options->keepalives = 1;
806 if (options->compression_level == -1)
807 options->compression_level = 6;
808 if (options->port == -1)
809 options->port = 0; /* Filled in ssh_connect. */
810 if (options->connection_attempts == -1)
811 options->connection_attempts = 4;
812 if (options->number_of_password_prompts == -1)
813 options->number_of_password_prompts = 3;
814 /* Selected in ssh_login(). */
815 if (options->cipher == -1)
816 options->cipher = SSH_CIPHER_NOT_SET;
Damien Miller30c3d422000-05-09 11:02:59 +1000817 /* options->ciphers, default set in myproposals.h */
Ben Lindstrom06b33aa2001-02-15 03:01:59 +0000818 /* options->macs, default set in myproposals.h */
Damien Miller78928792000-04-12 20:17:38 +1000819 if (options->protocol == SSH_PROTO_UNKNOWN)
Ben Lindstrom6b776432001-03-22 01:24:04 +0000820 options->protocol = SSH_PROTO_1|SSH_PROTO_2;
Damien Miller95def091999-11-25 00:26:21 +1100821 if (options->num_identity_files == 0) {
Damien Miller0bc1bd82000-11-13 22:57:25 +1100822 if (options->protocol & SSH_PROTO_1) {
Ben Lindstrom4f7a64a2001-02-10 22:50:09 +0000823 len = 2 + strlen(_PATH_SSH_CLIENT_IDENTITY) + 1;
Damien Miller0bc1bd82000-11-13 22:57:25 +1100824 options->identity_files[options->num_identity_files] =
Ben Lindstrom4f7a64a2001-02-10 22:50:09 +0000825 xmalloc(len);
826 snprintf(options->identity_files[options->num_identity_files++],
827 len, "~/%.100s", _PATH_SSH_CLIENT_IDENTITY);
Damien Miller0bc1bd82000-11-13 22:57:25 +1100828 }
829 if (options->protocol & SSH_PROTO_2) {
Ben Lindstromb00d4fb2001-03-05 06:03:03 +0000830 len = 2 + strlen(_PATH_SSH_CLIENT_ID_RSA) + 1;
831 options->identity_files[options->num_identity_files] =
832 xmalloc(len);
833 snprintf(options->identity_files[options->num_identity_files++],
834 len, "~/%.100s", _PATH_SSH_CLIENT_ID_RSA);
835
Ben Lindstrom4f7a64a2001-02-10 22:50:09 +0000836 len = 2 + strlen(_PATH_SSH_CLIENT_ID_DSA) + 1;
Damien Miller0bc1bd82000-11-13 22:57:25 +1100837 options->identity_files[options->num_identity_files] =
Ben Lindstrom4f7a64a2001-02-10 22:50:09 +0000838 xmalloc(len);
839 snprintf(options->identity_files[options->num_identity_files++],
840 len, "~/%.100s", _PATH_SSH_CLIENT_ID_DSA);
Damien Miller0bc1bd82000-11-13 22:57:25 +1100841 }
Damien Millereba71ba2000-04-29 23:57:08 +1000842 }
Damien Miller95def091999-11-25 00:26:21 +1100843 if (options->escape_char == -1)
844 options->escape_char = '~';
845 if (options->system_hostfile == NULL)
Ben Lindstrom226cfa02001-01-22 05:34:40 +0000846 options->system_hostfile = _PATH_SSH_SYSTEM_HOSTFILE;
Damien Miller95def091999-11-25 00:26:21 +1100847 if (options->user_hostfile == NULL)
Ben Lindstrom226cfa02001-01-22 05:34:40 +0000848 options->user_hostfile = _PATH_SSH_USER_HOSTFILE;
Damien Millereba71ba2000-04-29 23:57:08 +1000849 if (options->system_hostfile2 == NULL)
Ben Lindstrom226cfa02001-01-22 05:34:40 +0000850 options->system_hostfile2 = _PATH_SSH_SYSTEM_HOSTFILE2;
Damien Millereba71ba2000-04-29 23:57:08 +1000851 if (options->user_hostfile2 == NULL)
Ben Lindstrom226cfa02001-01-22 05:34:40 +0000852 options->user_hostfile2 = _PATH_SSH_USER_HOSTFILE2;
Damien Miller95def091999-11-25 00:26:21 +1100853 if (options->log_level == (LogLevel) - 1)
Ben Lindstromdb65e8f2001-01-19 04:26:52 +0000854 options->log_level = SYSLOG_LEVEL_INFO;
Damien Miller95def091999-11-25 00:26:21 +1100855 /* options->proxy_command should not be set by default */
856 /* options->user will be set in the main program if appropriate */
857 /* options->hostname will be set in the main program if appropriate */
Ben Lindstrom4dccfa52000-12-28 16:40:05 +0000858 /* options->host_key_alias should not be set by default */
Ben Lindstromb9be60a2001-03-11 01:49:19 +0000859 /* options->preferred_authentications will be set in ssh */
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000860}