blob: 1aa4fe06df700dba1a3f299fb08c2d91b74fa179 [file] [log] [blame]
Damien Millerd4a8b7e1999-10-27 13:42:43 +10001/*
Damien Miller4af51302000-04-16 11:18:38 +10002 *
Damien Miller95def091999-11-25 00:26:21 +11003 * servconf.c
Damien Miller4af51302000-04-16 11:18:38 +10004 *
Damien Miller95def091999-11-25 00:26:21 +11005 * Author: Tatu Ylonen <ylo@cs.hut.fi>
Damien Miller4af51302000-04-16 11:18:38 +10006 *
Damien Miller95def091999-11-25 00:26:21 +11007 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
8 * All rights reserved
Damien Miller4af51302000-04-16 11:18:38 +10009 *
Damien Miller95def091999-11-25 00:26:21 +110010 * Created: Mon Aug 21 15:48:58 1995 ylo
Damien Miller4af51302000-04-16 11:18:38 +100011 *
Damien Miller95def091999-11-25 00:26:21 +110012 */
Damien Millerd4a8b7e1999-10-27 13:42:43 +100013
14#include "includes.h"
Damien Millerb1715dc2000-05-30 13:44:51 +100015RCSID("$Id: servconf.c,v 1.17 2000/05/30 03:44:53 damien Exp $");
Damien Millerd4a8b7e1999-10-27 13:42:43 +100016
17#include "ssh.h"
18#include "servconf.h"
19#include "xmalloc.h"
Damien Miller78928792000-04-12 20:17:38 +100020#include "compat.h"
Damien Millerd4a8b7e1999-10-27 13:42:43 +100021
Damien Miller34132e52000-01-14 15:45:46 +110022/* add listen address */
23void add_listen_addr(ServerOptions *options, char *addr);
24
Damien Millerd4a8b7e1999-10-27 13:42:43 +100025/* Initializes the server options to their default values. */
26
Damien Miller4af51302000-04-16 11:18:38 +100027void
Damien Miller95def091999-11-25 00:26:21 +110028initialize_server_options(ServerOptions *options)
Damien Millerd4a8b7e1999-10-27 13:42:43 +100029{
Damien Miller95def091999-11-25 00:26:21 +110030 memset(options, 0, sizeof(*options));
Damien Miller34132e52000-01-14 15:45:46 +110031 options->num_ports = 0;
32 options->ports_from_cmdline = 0;
33 options->listen_addrs = NULL;
Damien Miller95def091999-11-25 00:26:21 +110034 options->host_key_file = NULL;
Damien Millere247cc42000-05-07 12:03:14 +100035 options->host_dsa_key_file = NULL;
Damien Miller6f83b8e2000-05-02 09:23:45 +100036 options->pid_file = NULL;
Damien Miller95def091999-11-25 00:26:21 +110037 options->server_key_bits = -1;
38 options->login_grace_time = -1;
39 options->key_regeneration_time = -1;
40 options->permit_root_login = -1;
41 options->ignore_rhosts = -1;
42 options->ignore_user_known_hosts = -1;
43 options->print_motd = -1;
44 options->check_mail = -1;
45 options->x11_forwarding = -1;
46 options->x11_display_offset = -1;
47 options->strict_modes = -1;
48 options->keepalives = -1;
49 options->log_facility = (SyslogFacility) - 1;
50 options->log_level = (LogLevel) - 1;
51 options->rhosts_authentication = -1;
52 options->rhosts_rsa_authentication = -1;
53 options->rsa_authentication = -1;
Damien Millere247cc42000-05-07 12:03:14 +100054 options->dsa_authentication = -1;
Damien Millerd4a8b7e1999-10-27 13:42:43 +100055#ifdef KRB4
Damien Miller95def091999-11-25 00:26:21 +110056 options->kerberos_authentication = -1;
57 options->kerberos_or_local_passwd = -1;
58 options->kerberos_ticket_cleanup = -1;
Damien Millerd4a8b7e1999-10-27 13:42:43 +100059#endif
60#ifdef AFS
Damien Miller95def091999-11-25 00:26:21 +110061 options->kerberos_tgt_passing = -1;
62 options->afs_token_passing = -1;
Damien Millerd4a8b7e1999-10-27 13:42:43 +100063#endif
Damien Miller95def091999-11-25 00:26:21 +110064 options->password_authentication = -1;
Damien Millerd4a8b7e1999-10-27 13:42:43 +100065#ifdef SKEY
Damien Miller95def091999-11-25 00:26:21 +110066 options->skey_authentication = -1;
Damien Millerd4a8b7e1999-10-27 13:42:43 +100067#endif
Damien Miller95def091999-11-25 00:26:21 +110068 options->permit_empty_passwd = -1;
69 options->use_login = -1;
70 options->num_allow_users = 0;
71 options->num_deny_users = 0;
72 options->num_allow_groups = 0;
73 options->num_deny_groups = 0;
Damien Miller78928792000-04-12 20:17:38 +100074 options->ciphers = NULL;
75 options->protocol = SSH_PROTO_UNKNOWN;
Damien Millere247cc42000-05-07 12:03:14 +100076 options->gateway_ports = -1;
Damien Millerd4a8b7e1999-10-27 13:42:43 +100077}
78
Damien Miller4af51302000-04-16 11:18:38 +100079void
Damien Miller95def091999-11-25 00:26:21 +110080fill_default_server_options(ServerOptions *options)
Damien Millerd4a8b7e1999-10-27 13:42:43 +100081{
Damien Miller34132e52000-01-14 15:45:46 +110082 if (options->num_ports == 0)
83 options->ports[options->num_ports++] = SSH_DEFAULT_PORT;
84 if (options->listen_addrs == NULL)
85 add_listen_addr(options, NULL);
Damien Miller95def091999-11-25 00:26:21 +110086 if (options->host_key_file == NULL)
87 options->host_key_file = HOST_KEY_FILE;
Damien Millere247cc42000-05-07 12:03:14 +100088 if (options->host_dsa_key_file == NULL)
89 options->host_dsa_key_file = HOST_DSA_KEY_FILE;
Damien Miller6f83b8e2000-05-02 09:23:45 +100090 if (options->pid_file == NULL)
91 options->pid_file = SSH_DAEMON_PID_FILE;
Damien Miller95def091999-11-25 00:26:21 +110092 if (options->server_key_bits == -1)
93 options->server_key_bits = 768;
94 if (options->login_grace_time == -1)
95 options->login_grace_time = 600;
96 if (options->key_regeneration_time == -1)
97 options->key_regeneration_time = 3600;
98 if (options->permit_root_login == -1)
99 options->permit_root_login = 1; /* yes */
100 if (options->ignore_rhosts == -1)
Damien Miller98c7ad62000-03-09 21:27:49 +1100101 options->ignore_rhosts = 1;
Damien Miller95def091999-11-25 00:26:21 +1100102 if (options->ignore_user_known_hosts == -1)
103 options->ignore_user_known_hosts = 0;
104 if (options->check_mail == -1)
105 options->check_mail = 0;
106 if (options->print_motd == -1)
107 options->print_motd = 1;
108 if (options->x11_forwarding == -1)
Damien Miller98c7ad62000-03-09 21:27:49 +1100109 options->x11_forwarding = 0;
Damien Miller95def091999-11-25 00:26:21 +1100110 if (options->x11_display_offset == -1)
Damien Miller98c7ad62000-03-09 21:27:49 +1100111 options->x11_display_offset = 10;
Damien Miller95def091999-11-25 00:26:21 +1100112 if (options->strict_modes == -1)
113 options->strict_modes = 1;
114 if (options->keepalives == -1)
115 options->keepalives = 1;
116 if (options->log_facility == (SyslogFacility) (-1))
117 options->log_facility = SYSLOG_FACILITY_AUTH;
118 if (options->log_level == (LogLevel) (-1))
119 options->log_level = SYSLOG_LEVEL_INFO;
120 if (options->rhosts_authentication == -1)
121 options->rhosts_authentication = 0;
122 if (options->rhosts_rsa_authentication == -1)
Damien Miller98c7ad62000-03-09 21:27:49 +1100123 options->rhosts_rsa_authentication = 0;
Damien Miller95def091999-11-25 00:26:21 +1100124 if (options->rsa_authentication == -1)
125 options->rsa_authentication = 1;
Damien Millere247cc42000-05-07 12:03:14 +1000126 if (options->dsa_authentication == -1)
127 options->dsa_authentication = 1;
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000128#ifdef KRB4
Damien Miller95def091999-11-25 00:26:21 +1100129 if (options->kerberos_authentication == -1)
130 options->kerberos_authentication = (access(KEYFILE, R_OK) == 0);
131 if (options->kerberos_or_local_passwd == -1)
132 options->kerberos_or_local_passwd = 1;
133 if (options->kerberos_ticket_cleanup == -1)
134 options->kerberos_ticket_cleanup = 1;
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000135#endif /* KRB4 */
136#ifdef AFS
Damien Miller95def091999-11-25 00:26:21 +1100137 if (options->kerberos_tgt_passing == -1)
138 options->kerberos_tgt_passing = 0;
139 if (options->afs_token_passing == -1)
140 options->afs_token_passing = k_hasafs();
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000141#endif /* AFS */
Damien Miller95def091999-11-25 00:26:21 +1100142 if (options->password_authentication == -1)
143 options->password_authentication = 1;
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000144#ifdef SKEY
Damien Miller95def091999-11-25 00:26:21 +1100145 if (options->skey_authentication == -1)
146 options->skey_authentication = 1;
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000147#endif
Damien Miller95def091999-11-25 00:26:21 +1100148 if (options->permit_empty_passwd == -1)
Damien Miller98c7ad62000-03-09 21:27:49 +1100149 options->permit_empty_passwd = 0;
Damien Miller95def091999-11-25 00:26:21 +1100150 if (options->use_login == -1)
151 options->use_login = 0;
Damien Miller78928792000-04-12 20:17:38 +1000152 if (options->protocol == SSH_PROTO_UNKNOWN)
Damien Millereba71ba2000-04-29 23:57:08 +1000153 options->protocol = SSH_PROTO_1|SSH_PROTO_2;
Damien Millere247cc42000-05-07 12:03:14 +1000154 if (options->gateway_ports == -1)
155 options->gateway_ports = 0;
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000156}
157
158#define WHITESPACE " \t\r\n"
159
160/* Keyword tokens. */
Damien Miller95def091999-11-25 00:26:21 +1100161typedef enum {
162 sBadOption, /* == unknown option */
163 sPort, sHostKeyFile, sServerKeyBits, sLoginGraceTime, sKeyRegenerationTime,
164 sPermitRootLogin, sLogFacility, sLogLevel,
165 sRhostsAuthentication, sRhostsRSAAuthentication, sRSAAuthentication,
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000166#ifdef KRB4
Damien Miller95def091999-11-25 00:26:21 +1100167 sKerberosAuthentication, sKerberosOrLocalPasswd, sKerberosTicketCleanup,
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000168#endif
169#ifdef AFS
Damien Miller95def091999-11-25 00:26:21 +1100170 sKerberosTgtPassing, sAFSTokenPassing,
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000171#endif
172#ifdef SKEY
Damien Miller95def091999-11-25 00:26:21 +1100173 sSkeyAuthentication,
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000174#endif
Damien Miller95def091999-11-25 00:26:21 +1100175 sPasswordAuthentication, sListenAddress,
176 sPrintMotd, sIgnoreRhosts, sX11Forwarding, sX11DisplayOffset,
177 sStrictModes, sEmptyPasswd, sRandomSeedFile, sKeepAlives, sCheckMail,
178 sUseLogin, sAllowUsers, sDenyUsers, sAllowGroups, sDenyGroups,
Damien Millere247cc42000-05-07 12:03:14 +1000179 sIgnoreUserKnownHosts, sHostDSAKeyFile, sCiphers, sProtocol, sPidFile,
180 sGatewayPorts, sDSAAuthentication
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000181} ServerOpCodes;
182
183/* Textual representation of the tokens. */
Damien Miller95def091999-11-25 00:26:21 +1100184static struct {
185 const char *name;
186 ServerOpCodes opcode;
187} keywords[] = {
188 { "port", sPort },
189 { "hostkey", sHostKeyFile },
Damien Millere247cc42000-05-07 12:03:14 +1000190 { "hostdsakey", sHostDSAKeyFile },
Damien Miller6f83b8e2000-05-02 09:23:45 +1000191 { "pidfile", sPidFile },
Damien Miller95def091999-11-25 00:26:21 +1100192 { "serverkeybits", sServerKeyBits },
193 { "logingracetime", sLoginGraceTime },
194 { "keyregenerationinterval", sKeyRegenerationTime },
195 { "permitrootlogin", sPermitRootLogin },
196 { "syslogfacility", sLogFacility },
197 { "loglevel", sLogLevel },
198 { "rhostsauthentication", sRhostsAuthentication },
199 { "rhostsrsaauthentication", sRhostsRSAAuthentication },
200 { "rsaauthentication", sRSAAuthentication },
Damien Millere247cc42000-05-07 12:03:14 +1000201 { "dsaauthentication", sDSAAuthentication },
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000202#ifdef KRB4
Damien Miller95def091999-11-25 00:26:21 +1100203 { "kerberosauthentication", sKerberosAuthentication },
204 { "kerberosorlocalpasswd", sKerberosOrLocalPasswd },
205 { "kerberosticketcleanup", sKerberosTicketCleanup },
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000206#endif
207#ifdef AFS
Damien Miller95def091999-11-25 00:26:21 +1100208 { "kerberostgtpassing", sKerberosTgtPassing },
209 { "afstokenpassing", sAFSTokenPassing },
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000210#endif
Damien Miller95def091999-11-25 00:26:21 +1100211 { "passwordauthentication", sPasswordAuthentication },
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000212#ifdef SKEY
Damien Miller95def091999-11-25 00:26:21 +1100213 { "skeyauthentication", sSkeyAuthentication },
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000214#endif
Damien Miller95def091999-11-25 00:26:21 +1100215 { "checkmail", sCheckMail },
216 { "listenaddress", sListenAddress },
217 { "printmotd", sPrintMotd },
218 { "ignorerhosts", sIgnoreRhosts },
219 { "ignoreuserknownhosts", sIgnoreUserKnownHosts },
220 { "x11forwarding", sX11Forwarding },
221 { "x11displayoffset", sX11DisplayOffset },
222 { "strictmodes", sStrictModes },
223 { "permitemptypasswords", sEmptyPasswd },
224 { "uselogin", sUseLogin },
225 { "randomseed", sRandomSeedFile },
226 { "keepalive", sKeepAlives },
227 { "allowusers", sAllowUsers },
228 { "denyusers", sDenyUsers },
229 { "allowgroups", sAllowGroups },
230 { "denygroups", sDenyGroups },
Damien Miller78928792000-04-12 20:17:38 +1000231 { "ciphers", sCiphers },
232 { "protocol", sProtocol },
Damien Millere247cc42000-05-07 12:03:14 +1000233 { "gatewayports", sGatewayPorts },
Damien Miller95def091999-11-25 00:26:21 +1100234 { NULL, 0 }
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000235};
236
Damien Miller5428f641999-11-25 11:54:57 +1100237/*
238 * Returns the number of the token pointed to by cp of length len. Never
239 * returns if the token is not known.
240 */
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000241
Damien Miller4af51302000-04-16 11:18:38 +1000242static ServerOpCodes
Damien Miller95def091999-11-25 00:26:21 +1100243parse_token(const char *cp, const char *filename,
244 int linenum)
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000245{
Damien Miller95def091999-11-25 00:26:21 +1100246 unsigned int i;
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000247
Damien Miller95def091999-11-25 00:26:21 +1100248 for (i = 0; keywords[i].name; i++)
Damien Miller5428f641999-11-25 11:54:57 +1100249 if (strcasecmp(cp, keywords[i].name) == 0)
Damien Miller95def091999-11-25 00:26:21 +1100250 return keywords[i].opcode;
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000251
Damien Miller95def091999-11-25 00:26:21 +1100252 fprintf(stderr, "%s: line %d: Bad configuration option: %s\n",
253 filename, linenum, cp);
254 return sBadOption;
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000255}
256
Damien Miller34132e52000-01-14 15:45:46 +1100257/*
258 * add listen address
259 */
Damien Miller4af51302000-04-16 11:18:38 +1000260void
Damien Miller34132e52000-01-14 15:45:46 +1100261add_listen_addr(ServerOptions *options, char *addr)
262{
263 extern int IPv4or6;
264 struct addrinfo hints, *ai, *aitop;
265 char strport[NI_MAXSERV];
266 int gaierr;
267 int i;
268
269 if (options->num_ports == 0)
270 options->ports[options->num_ports++] = SSH_DEFAULT_PORT;
271 for (i = 0; i < options->num_ports; i++) {
272 memset(&hints, 0, sizeof(hints));
273 hints.ai_family = IPv4or6;
274 hints.ai_socktype = SOCK_STREAM;
275 hints.ai_flags = (addr == NULL) ? AI_PASSIVE : 0;
276 snprintf(strport, sizeof strport, "%d", options->ports[i]);
277 if ((gaierr = getaddrinfo(addr, strport, &hints, &aitop)) != 0)
278 fatal("bad addr or host: %s (%s)\n",
279 addr ? addr : "<NULL>",
280 gai_strerror(gaierr));
281 for (ai = aitop; ai->ai_next; ai = ai->ai_next)
282 ;
283 ai->ai_next = options->listen_addrs;
284 options->listen_addrs = aitop;
285 }
286}
287
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000288/* Reads the server configuration file. */
289
Damien Miller4af51302000-04-16 11:18:38 +1000290void
Damien Miller95def091999-11-25 00:26:21 +1100291read_server_config(ServerOptions *options, const char *filename)
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000292{
Damien Miller95def091999-11-25 00:26:21 +1100293 FILE *f;
294 char line[1024];
295 char *cp, **charptr;
296 int linenum, *intptr, value;
297 int bad_options = 0;
298 ServerOpCodes opcode;
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000299
Damien Miller95def091999-11-25 00:26:21 +1100300 f = fopen(filename, "r");
301 if (!f) {
302 perror(filename);
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000303 exit(1);
Damien Miller95def091999-11-25 00:26:21 +1100304 }
305 linenum = 0;
306 while (fgets(line, sizeof(line), f)) {
307 linenum++;
308 cp = line + strspn(line, WHITESPACE);
309 if (!*cp || *cp == '#')
310 continue;
311 cp = strtok(cp, WHITESPACE);
Damien Miller95def091999-11-25 00:26:21 +1100312 opcode = parse_token(cp, filename, linenum);
313 switch (opcode) {
314 case sBadOption:
315 bad_options++;
316 continue;
317 case sPort:
Damien Miller34132e52000-01-14 15:45:46 +1100318 /* ignore ports from configfile if cmdline specifies ports */
319 if (options->ports_from_cmdline)
320 continue;
321 if (options->listen_addrs != NULL)
322 fatal("%s line %d: ports must be specified before "
323 "ListenAdress.\n", filename, linenum);
324 if (options->num_ports >= MAX_PORTS)
325 fatal("%s line %d: too many ports.\n",
Damien Miller4af51302000-04-16 11:18:38 +1000326 filename, linenum);
Damien Miller34132e52000-01-14 15:45:46 +1100327 cp = strtok(NULL, WHITESPACE);
328 if (!cp)
329 fatal("%s line %d: missing port number.\n",
330 filename, linenum);
331 options->ports[options->num_ports++] = atoi(cp);
332 break;
333
334 case sServerKeyBits:
335 intptr = &options->server_key_bits;
Damien Miller95def091999-11-25 00:26:21 +1100336parse_int:
337 cp = strtok(NULL, WHITESPACE);
338 if (!cp) {
339 fprintf(stderr, "%s line %d: missing integer value.\n",
340 filename, linenum);
341 exit(1);
342 }
343 value = atoi(cp);
344 if (*intptr == -1)
345 *intptr = value;
346 break;
Damien Miller32265091999-11-12 11:33:04 +1100347
Damien Miller95def091999-11-25 00:26:21 +1100348 case sLoginGraceTime:
349 intptr = &options->login_grace_time;
350 goto parse_int;
351
352 case sKeyRegenerationTime:
353 intptr = &options->key_regeneration_time;
354 goto parse_int;
355
356 case sListenAddress:
357 cp = strtok(NULL, WHITESPACE);
Damien Miller34132e52000-01-14 15:45:46 +1100358 if (!cp)
359 fatal("%s line %d: missing inet addr.\n",
360 filename, linenum);
361 add_listen_addr(options, cp);
Damien Miller95def091999-11-25 00:26:21 +1100362 break;
363
364 case sHostKeyFile:
Damien Millere247cc42000-05-07 12:03:14 +1000365 case sHostDSAKeyFile:
Damien Millerefb4afe2000-04-12 18:45:05 +1000366 charptr = (opcode == sHostKeyFile ) ?
Damien Millere247cc42000-05-07 12:03:14 +1000367 &options->host_key_file : &options->host_dsa_key_file;
Damien Miller95def091999-11-25 00:26:21 +1100368 cp = strtok(NULL, WHITESPACE);
369 if (!cp) {
370 fprintf(stderr, "%s line %d: missing file name.\n",
Damien Miller6f83b8e2000-05-02 09:23:45 +1000371 filename, linenum);
372 exit(1);
373 }
374 if (*charptr == NULL)
375 *charptr = tilde_expand_filename(cp, getuid());
376 break;
377
378 case sPidFile:
379 charptr = &options->pid_file;
380 cp = strtok(NULL, WHITESPACE);
381 if (!cp) {
382 fprintf(stderr, "%s line %d: missing file name.\n",
383 filename, linenum);
Damien Miller95def091999-11-25 00:26:21 +1100384 exit(1);
385 }
386 if (*charptr == NULL)
387 *charptr = tilde_expand_filename(cp, getuid());
388 break;
389
390 case sRandomSeedFile:
391 fprintf(stderr, "%s line %d: \"randomseed\" option is obsolete.\n",
392 filename, linenum);
393 cp = strtok(NULL, WHITESPACE);
394 break;
395
396 case sPermitRootLogin:
397 intptr = &options->permit_root_login;
398 cp = strtok(NULL, WHITESPACE);
399 if (!cp) {
400 fprintf(stderr, "%s line %d: missing yes/without-password/no argument.\n",
401 filename, linenum);
402 exit(1);
403 }
404 if (strcmp(cp, "without-password") == 0)
405 value = 2;
406 else if (strcmp(cp, "yes") == 0)
407 value = 1;
408 else if (strcmp(cp, "no") == 0)
409 value = 0;
410 else {
411 fprintf(stderr, "%s line %d: Bad yes/without-password/no argument: %s\n",
412 filename, linenum, cp);
413 exit(1);
414 }
415 if (*intptr == -1)
416 *intptr = value;
417 break;
418
419 case sIgnoreRhosts:
420 intptr = &options->ignore_rhosts;
421parse_flag:
422 cp = strtok(NULL, WHITESPACE);
423 if (!cp) {
424 fprintf(stderr, "%s line %d: missing yes/no argument.\n",
425 filename, linenum);
426 exit(1);
427 }
428 if (strcmp(cp, "yes") == 0)
429 value = 1;
430 else if (strcmp(cp, "no") == 0)
431 value = 0;
432 else {
433 fprintf(stderr, "%s line %d: Bad yes/no argument: %s\n",
434 filename, linenum, cp);
435 exit(1);
436 }
437 if (*intptr == -1)
438 *intptr = value;
439 break;
440
441 case sIgnoreUserKnownHosts:
442 intptr = &options->ignore_user_known_hosts;
Damien Miller98c7ad62000-03-09 21:27:49 +1100443 goto parse_flag;
Damien Miller95def091999-11-25 00:26:21 +1100444
445 case sRhostsAuthentication:
446 intptr = &options->rhosts_authentication;
447 goto parse_flag;
448
449 case sRhostsRSAAuthentication:
450 intptr = &options->rhosts_rsa_authentication;
451 goto parse_flag;
452
453 case sRSAAuthentication:
454 intptr = &options->rsa_authentication;
455 goto parse_flag;
456
Damien Millere247cc42000-05-07 12:03:14 +1000457 case sDSAAuthentication:
458 intptr = &options->dsa_authentication;
459 goto parse_flag;
460
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000461#ifdef KRB4
Damien Miller95def091999-11-25 00:26:21 +1100462 case sKerberosAuthentication:
463 intptr = &options->kerberos_authentication;
464 goto parse_flag;
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000465
Damien Miller95def091999-11-25 00:26:21 +1100466 case sKerberosOrLocalPasswd:
467 intptr = &options->kerberos_or_local_passwd;
468 goto parse_flag;
469
470 case sKerberosTicketCleanup:
471 intptr = &options->kerberos_ticket_cleanup;
472 goto parse_flag;
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000473#endif
Damien Miller95def091999-11-25 00:26:21 +1100474
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000475#ifdef AFS
Damien Miller95def091999-11-25 00:26:21 +1100476 case sKerberosTgtPassing:
477 intptr = &options->kerberos_tgt_passing;
478 goto parse_flag;
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000479
Damien Miller95def091999-11-25 00:26:21 +1100480 case sAFSTokenPassing:
481 intptr = &options->afs_token_passing;
482 goto parse_flag;
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000483#endif
484
Damien Miller95def091999-11-25 00:26:21 +1100485 case sPasswordAuthentication:
486 intptr = &options->password_authentication;
487 goto parse_flag;
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000488
Damien Miller95def091999-11-25 00:26:21 +1100489 case sCheckMail:
490 intptr = &options->check_mail;
491 goto parse_flag;
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000492
493#ifdef SKEY
Damien Miller95def091999-11-25 00:26:21 +1100494 case sSkeyAuthentication:
495 intptr = &options->skey_authentication;
496 goto parse_flag;
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000497#endif
498
Damien Miller95def091999-11-25 00:26:21 +1100499 case sPrintMotd:
500 intptr = &options->print_motd;
501 goto parse_flag;
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000502
Damien Miller95def091999-11-25 00:26:21 +1100503 case sX11Forwarding:
504 intptr = &options->x11_forwarding;
505 goto parse_flag;
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000506
Damien Miller95def091999-11-25 00:26:21 +1100507 case sX11DisplayOffset:
508 intptr = &options->x11_display_offset;
509 goto parse_int;
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000510
Damien Miller95def091999-11-25 00:26:21 +1100511 case sStrictModes:
512 intptr = &options->strict_modes;
513 goto parse_flag;
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000514
Damien Miller95def091999-11-25 00:26:21 +1100515 case sKeepAlives:
516 intptr = &options->keepalives;
517 goto parse_flag;
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000518
Damien Miller95def091999-11-25 00:26:21 +1100519 case sEmptyPasswd:
520 intptr = &options->permit_empty_passwd;
521 goto parse_flag;
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000522
Damien Miller95def091999-11-25 00:26:21 +1100523 case sUseLogin:
524 intptr = &options->use_login;
525 goto parse_flag;
Damien Miller5ce662a1999-11-11 17:57:39 +1100526
Damien Millere247cc42000-05-07 12:03:14 +1000527 case sGatewayPorts:
528 intptr = &options->gateway_ports;
529 goto parse_flag;
530
Damien Miller95def091999-11-25 00:26:21 +1100531 case sLogFacility:
532 intptr = (int *) &options->log_facility;
533 cp = strtok(NULL, WHITESPACE);
534 value = log_facility_number(cp);
535 if (value == (SyslogFacility) - 1)
536 fatal("%.200s line %d: unsupported log facility '%s'\n",
Damien Miller78928792000-04-12 20:17:38 +1000537 filename, linenum, cp ? cp : "<NONE>");
Damien Miller95def091999-11-25 00:26:21 +1100538 if (*intptr == -1)
539 *intptr = (SyslogFacility) value;
540 break;
541
542 case sLogLevel:
543 intptr = (int *) &options->log_level;
544 cp = strtok(NULL, WHITESPACE);
545 value = log_level_number(cp);
546 if (value == (LogLevel) - 1)
547 fatal("%.200s line %d: unsupported log level '%s'\n",
Damien Miller78928792000-04-12 20:17:38 +1000548 filename, linenum, cp ? cp : "<NONE>");
Damien Miller95def091999-11-25 00:26:21 +1100549 if (*intptr == -1)
550 *intptr = (LogLevel) value;
551 break;
552
553 case sAllowUsers:
554 while ((cp = strtok(NULL, WHITESPACE))) {
Damien Miller78928792000-04-12 20:17:38 +1000555 if (options->num_allow_users >= MAX_ALLOW_USERS)
556 fatal("%s line %d: too many allow users.\n",
557 filename, linenum);
Damien Miller95def091999-11-25 00:26:21 +1100558 options->allow_users[options->num_allow_users++] = xstrdup(cp);
559 }
560 break;
561
562 case sDenyUsers:
563 while ((cp = strtok(NULL, WHITESPACE))) {
Damien Miller78928792000-04-12 20:17:38 +1000564 if (options->num_deny_users >= MAX_DENY_USERS)
565 fatal( "%s line %d: too many deny users.\n",
566 filename, linenum);
Damien Miller95def091999-11-25 00:26:21 +1100567 options->deny_users[options->num_deny_users++] = xstrdup(cp);
568 }
569 break;
570
571 case sAllowGroups:
572 while ((cp = strtok(NULL, WHITESPACE))) {
Damien Miller78928792000-04-12 20:17:38 +1000573 if (options->num_allow_groups >= MAX_ALLOW_GROUPS)
574 fatal("%s line %d: too many allow groups.\n",
575 filename, linenum);
Damien Miller95def091999-11-25 00:26:21 +1100576 options->allow_groups[options->num_allow_groups++] = xstrdup(cp);
577 }
578 break;
579
580 case sDenyGroups:
581 while ((cp = strtok(NULL, WHITESPACE))) {
Damien Miller78928792000-04-12 20:17:38 +1000582 if (options->num_deny_groups >= MAX_DENY_GROUPS)
583 fatal("%s line %d: too many deny groups.\n",
584 filename, linenum);
Damien Miller95def091999-11-25 00:26:21 +1100585 options->deny_groups[options->num_deny_groups++] = xstrdup(cp);
586 }
587 break;
588
Damien Miller78928792000-04-12 20:17:38 +1000589 case sCiphers:
590 cp = strtok(NULL, WHITESPACE);
Damien Millerb1715dc2000-05-30 13:44:51 +1000591 if (!cp)
592 fatal("%s line %d: Missing argument.", filename, linenum);
Damien Miller78928792000-04-12 20:17:38 +1000593 if (!ciphers_valid(cp))
Damien Miller30c3d422000-05-09 11:02:59 +1000594 fatal("%s line %d: Bad SSH2 cipher spec '%s'.",
Damien Miller78928792000-04-12 20:17:38 +1000595 filename, linenum, cp ? cp : "<NONE>");
596 if (options->ciphers == NULL)
597 options->ciphers = xstrdup(cp);
598 break;
599
600 case sProtocol:
601 intptr = &options->protocol;
602 cp = strtok(NULL, WHITESPACE);
Damien Millerb1715dc2000-05-30 13:44:51 +1000603 if (!cp)
604 fatal("%s line %d: Missing argument.", filename, linenum);
Damien Miller78928792000-04-12 20:17:38 +1000605 value = proto_spec(cp);
606 if (value == SSH_PROTO_UNKNOWN)
607 fatal("%s line %d: Bad protocol spec '%s'.",
608 filename, linenum, cp ? cp : "<NONE>");
609 if (*intptr == SSH_PROTO_UNKNOWN)
610 *intptr = value;
611 break;
612
Damien Miller95def091999-11-25 00:26:21 +1100613 default:
614 fprintf(stderr, "%s line %d: Missing handler for opcode %s (%d)\n",
615 filename, linenum, cp, opcode);
616 exit(1);
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000617 }
Damien Miller95def091999-11-25 00:26:21 +1100618 if (strtok(NULL, WHITESPACE) != NULL) {
619 fprintf(stderr, "%s line %d: garbage at end of line.\n",
620 filename, linenum);
621 exit(1);
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000622 }
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000623 }
Damien Miller95def091999-11-25 00:26:21 +1100624 fclose(f);
625 if (bad_options > 0) {
626 fprintf(stderr, "%s: terminating, %d bad configuration options\n",
627 filename, bad_options);
628 exit(1);
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000629 }
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000630}