Blame - servconf.c - platform/external/openssh

blob: 3d0c9efa6f2d28bcb214c2e9402ceaa828844f75 [file] [log] [blame]

Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	1	/*
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	2	* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
				3	* All rights reserved
Damien Miller	4af5130	2000-04-16 11:18:38 +1000	[diff] [blame]	4	*
Damien Miller	e4340be	2000-09-16 13:29:08 +1100	[diff] [blame]	5	* As far as I am concerned, the code I have written for this software
				6	* can be used freely for any purpose. Any derived versions of this
				7	* software must be clearly marked as such, and if the derived work is
				8	* incompatible with the protocol description in the RFC file, it must be
				9	* called by a name other than "ssh" or "Secure Shell".
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	10	*/
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	11
				12	#include "includes.h"
Ben Lindstrom	b5cdc66	2001-04-16 02:13:26 +0000	[diff] [blame^]	13	RCSID("$OpenBSD: servconf.c,v 1.78 2001/04/15 21:28:35 stevesk Exp $");
Ben Lindstrom	226cfa0	2001-01-22 05:34:40 +0000	[diff] [blame]	14
				15	#ifdef KRB4
				16	#include <krb.h>
				17	#endif
				18	#ifdef AFS
				19	#include <kafs.h>
				20	#endif
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	21
				22	#include "ssh.h"
Ben Lindstrom	226cfa0	2001-01-22 05:34:40 +0000	[diff] [blame]	23	#include "log.h"
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	24	#include "servconf.h"
				25	#include "xmalloc.h"
Damien Miller	7892879	2000-04-12 20:17:38 +1000	[diff] [blame]	26	#include "compat.h"
Ben Lindstrom	226cfa0	2001-01-22 05:34:40 +0000	[diff] [blame]	27	#include "pathnames.h"
				28	#include "tildexpand.h"
				29	#include "misc.h"
				30	#include "cipher.h"
Ben Lindstrom	06b33aa	2001-02-15 03:01:59 +0000	[diff] [blame]	31	#include "kex.h"
				32	#include "mac.h"
Ben Lindstrom	226cfa0	2001-01-22 05:34:40 +0000	[diff] [blame]	33
Ben Lindstrom	19066a1	2001-04-12 23:39:26 +0000	[diff] [blame]	34	void add_listen_addr(ServerOptions options, char addr, u_short port);
Ben Lindstrom	c510af4	2001-04-07 17:25:48 +0000	[diff] [blame]	35	void add_one_listen_addr(ServerOptions options, char addr, u_short port);
Damien Miller	34132e5	2000-01-14 15:45:46 +1100	[diff] [blame]	36
Ben Lindstrom	226cfa0	2001-01-22 05:34:40 +0000	[diff] [blame]	37	/* AF_UNSPEC or AF_INET or AF_INET6 */
				38	extern int IPv4or6;
				39
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	40	/* Initializes the server options to their default values. */
				41
Damien Miller	4af5130	2000-04-16 11:18:38 +1000	[diff] [blame]	42	void
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	43	initialize_server_options(ServerOptions *options)
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	44	{
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	45	memset(options, 0, sizeof(*options));
Damien Miller	34132e5	2000-01-14 15:45:46 +1100	[diff] [blame]	46	options->num_ports = 0;
				47	options->ports_from_cmdline = 0;
				48	options->listen_addrs = NULL;
Damien Miller	0bc1bd8	2000-11-13 22:57:25 +1100	[diff] [blame]	49	options->num_host_key_files = 0;
Damien Miller	6f83b8e	2000-05-02 09:23:45 +1000	[diff] [blame]	50	options->pid_file = NULL;
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	51	options->server_key_bits = -1;
				52	options->login_grace_time = -1;
				53	options->key_regeneration_time = -1;
Ben Lindstrom	d8a9021	2001-02-15 03:08:27 +0000	[diff] [blame]	54	options->permit_root_login = PERMIT_NOT_SET;
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	55	options->ignore_rhosts = -1;
				56	options->ignore_user_known_hosts = -1;
				57	options->print_motd = -1;
Ben Lindstrom	7bfff36	2001-03-26 05:45:53 +0000	[diff] [blame]	58	options->print_lastlog = -1;
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	59	options->check_mail = -1;
				60	options->x11_forwarding = -1;
				61	options->x11_display_offset = -1;
Damien Miller	d3a1857	2000-06-07 19:55:44 +1000	[diff] [blame]	62	options->xauth_location = NULL;
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	63	options->strict_modes = -1;
				64	options->keepalives = -1;
				65	options->log_facility = (SyslogFacility) - 1;
				66	options->log_level = (LogLevel) - 1;
				67	options->rhosts_authentication = -1;
				68	options->rhosts_rsa_authentication = -1;
Ben Lindstrom	5eabda3	2001-04-12 23:34:34 +0000	[diff] [blame]	69	options->hostbased_authentication = -1;
				70	options->hostbased_uses_name_from_packet_only = -1;
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	71	options->rsa_authentication = -1;
Damien Miller	0bc1bd8	2000-11-13 22:57:25 +1100	[diff] [blame]	72	options->pubkey_authentication = -1;
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	73	#ifdef KRB4
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	74	options->kerberos_authentication = -1;
				75	options->kerberos_or_local_passwd = -1;
				76	options->kerberos_ticket_cleanup = -1;
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	77	#endif
				78	#ifdef AFS
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	79	options->kerberos_tgt_passing = -1;
				80	options->afs_token_passing = -1;
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	81	#endif
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	82	options->password_authentication = -1;
Damien Miller	874d77b	2000-10-14 16:23:11 +1100	[diff] [blame]	83	options->kbd_interactive_authentication = -1;
Ben Lindstrom	95fb2dd	2001-01-23 03:12:10 +0000	[diff] [blame]	84	options->challenge_reponse_authentication = -1;
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	85	options->permit_empty_passwd = -1;
				86	options->use_login = -1;
Damien Miller	50a41ed	2000-10-16 12:14:42 +1100	[diff] [blame]	87	options->allow_tcp_forwarding = -1;
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	88	options->num_allow_users = 0;
				89	options->num_deny_users = 0;
				90	options->num_allow_groups = 0;
				91	options->num_deny_groups = 0;
Damien Miller	7892879	2000-04-12 20:17:38 +1000	[diff] [blame]	92	options->ciphers = NULL;
Ben Lindstrom	06b33aa	2001-02-15 03:01:59 +0000	[diff] [blame]	93	options->macs = NULL;
Damien Miller	7892879	2000-04-12 20:17:38 +1000	[diff] [blame]	94	options->protocol = SSH_PROTO_UNKNOWN;
Damien Miller	e247cc4	2000-05-07 12:03:14 +1000	[diff] [blame]	95	options->gateway_ports = -1;
Damien Miller	f6d9e22	2000-06-18 14:50:44 +1000	[diff] [blame]	96	options->num_subsystems = 0;
Damien Miller	942da03	2000-08-18 13:59:06 +1000	[diff] [blame]	97	options->max_startups_begin = -1;
				98	options->max_startups_rate = -1;
Damien Miller	3702396	2000-07-11 17:31:38 +1000	[diff] [blame]	99	options->max_startups = -1;
Ben Lindstrom	48bd7c1	2001-01-09 00:35:42 +0000	[diff] [blame]	100	options->banner = NULL;
Damien Miller	3380426	2001-02-04 23:20:18 +1100	[diff] [blame]	101	options->reverse_mapping_check = -1;
Ben Lindstrom	5744dc4	2001-04-13 23:28:01 +0000	[diff] [blame]	102	options->client_alive_interval = -1;
				103	options->client_alive_count_max = -1;
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	104	}
				105
Damien Miller	4af5130	2000-04-16 11:18:38 +1000	[diff] [blame]	106	void
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	107	fill_default_server_options(ServerOptions *options)
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	108	{
Damien Miller	0bc1bd8	2000-11-13 22:57:25 +1100	[diff] [blame]	109	if (options->protocol == SSH_PROTO_UNKNOWN)
				110	options->protocol = SSH_PROTO_1\|SSH_PROTO_2;
				111	if (options->num_host_key_files == 0) {
				112	/* fill default hostkeys for protocols */
				113	if (options->protocol & SSH_PROTO_1)
Ben Lindstrom	226cfa0	2001-01-22 05:34:40 +0000	[diff] [blame]	114	options->host_key_files[options->num_host_key_files++] = _PATH_HOST_KEY_FILE;
Damien Miller	0bc1bd8	2000-11-13 22:57:25 +1100	[diff] [blame]	115	if (options->protocol & SSH_PROTO_2)
Ben Lindstrom	226cfa0	2001-01-22 05:34:40 +0000	[diff] [blame]	116	options->host_key_files[options->num_host_key_files++] = _PATH_HOST_DSA_KEY_FILE;
Damien Miller	0bc1bd8	2000-11-13 22:57:25 +1100	[diff] [blame]	117	}
Damien Miller	34132e5	2000-01-14 15:45:46 +1100	[diff] [blame]	118	if (options->num_ports == 0)
				119	options->ports[options->num_ports++] = SSH_DEFAULT_PORT;
				120	if (options->listen_addrs == NULL)
Ben Lindstrom	19066a1	2001-04-12 23:39:26 +0000	[diff] [blame]	121	add_listen_addr(options, NULL, 0);
Damien Miller	6f83b8e	2000-05-02 09:23:45 +1000	[diff] [blame]	122	if (options->pid_file == NULL)
Ben Lindstrom	226cfa0	2001-01-22 05:34:40 +0000	[diff] [blame]	123	options->pid_file = _PATH_SSH_DAEMON_PID_FILE;
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	124	if (options->server_key_bits == -1)
				125	options->server_key_bits = 768;
				126	if (options->login_grace_time == -1)
				127	options->login_grace_time = 600;
				128	if (options->key_regeneration_time == -1)
				129	options->key_regeneration_time = 3600;
Ben Lindstrom	d8a9021	2001-02-15 03:08:27 +0000	[diff] [blame]	130	if (options->permit_root_login == PERMIT_NOT_SET)
				131	options->permit_root_login = PERMIT_YES;
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	132	if (options->ignore_rhosts == -1)
Damien Miller	98c7ad6	2000-03-09 21:27:49 +1100	[diff] [blame]	133	options->ignore_rhosts = 1;
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	134	if (options->ignore_user_known_hosts == -1)
				135	options->ignore_user_known_hosts = 0;
				136	if (options->check_mail == -1)
				137	options->check_mail = 0;
				138	if (options->print_motd == -1)
				139	options->print_motd = 1;
Ben Lindstrom	7bfff36	2001-03-26 05:45:53 +0000	[diff] [blame]	140	if (options->print_lastlog == -1)
				141	options->print_lastlog = 1;
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	142	if (options->x11_forwarding == -1)
Damien Miller	98c7ad6	2000-03-09 21:27:49 +1100	[diff] [blame]	143	options->x11_forwarding = 0;
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	144	if (options->x11_display_offset == -1)
Damien Miller	98c7ad6	2000-03-09 21:27:49 +1100	[diff] [blame]	145	options->x11_display_offset = 10;
Damien Miller	d3a1857	2000-06-07 19:55:44 +1000	[diff] [blame]	146	#ifdef XAUTH_PATH
				147	if (options->xauth_location == NULL)
				148	options->xauth_location = XAUTH_PATH;
				149	#endif /* XAUTH_PATH */
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	150	if (options->strict_modes == -1)
				151	options->strict_modes = 1;
				152	if (options->keepalives == -1)
				153	options->keepalives = 1;
				154	if (options->log_facility == (SyslogFacility) (-1))
				155	options->log_facility = SYSLOG_FACILITY_AUTH;
				156	if (options->log_level == (LogLevel) (-1))
Ben Lindstrom	db65e8f	2001-01-19 04:26:52 +0000	[diff] [blame]	157	options->log_level = SYSLOG_LEVEL_INFO;
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	158	if (options->rhosts_authentication == -1)
				159	options->rhosts_authentication = 0;
				160	if (options->rhosts_rsa_authentication == -1)
Damien Miller	98c7ad6	2000-03-09 21:27:49 +1100	[diff] [blame]	161	options->rhosts_rsa_authentication = 0;
Ben Lindstrom	5eabda3	2001-04-12 23:34:34 +0000	[diff] [blame]	162	if (options->hostbased_authentication == -1)
				163	options->hostbased_authentication = 0;
				164	if (options->hostbased_uses_name_from_packet_only == -1)
				165	options->hostbased_uses_name_from_packet_only = 0;
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	166	if (options->rsa_authentication == -1)
				167	options->rsa_authentication = 1;
Damien Miller	0bc1bd8	2000-11-13 22:57:25 +1100	[diff] [blame]	168	if (options->pubkey_authentication == -1)
				169	options->pubkey_authentication = 1;
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	170	#ifdef KRB4
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	171	if (options->kerberos_authentication == -1)
				172	options->kerberos_authentication = (access(KEYFILE, R_OK) == 0);
				173	if (options->kerberos_or_local_passwd == -1)
				174	options->kerberos_or_local_passwd = 1;
				175	if (options->kerberos_ticket_cleanup == -1)
				176	options->kerberos_ticket_cleanup = 1;
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	177	#endif /* KRB4 */
				178	#ifdef AFS
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	179	if (options->kerberos_tgt_passing == -1)
				180	options->kerberos_tgt_passing = 0;
				181	if (options->afs_token_passing == -1)
				182	options->afs_token_passing = k_hasafs();
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	183	#endif /* AFS */
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	184	if (options->password_authentication == -1)
				185	options->password_authentication = 1;
Damien Miller	874d77b	2000-10-14 16:23:11 +1100	[diff] [blame]	186	if (options->kbd_interactive_authentication == -1)
				187	options->kbd_interactive_authentication = 0;
Ben Lindstrom	95fb2dd	2001-01-23 03:12:10 +0000	[diff] [blame]	188	if (options->challenge_reponse_authentication == -1)
				189	options->challenge_reponse_authentication = 1;
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	190	if (options->permit_empty_passwd == -1)
Damien Miller	98c7ad6	2000-03-09 21:27:49 +1100	[diff] [blame]	191	options->permit_empty_passwd = 0;
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	192	if (options->use_login == -1)
				193	options->use_login = 0;
Damien Miller	50a41ed	2000-10-16 12:14:42 +1100	[diff] [blame]	194	if (options->allow_tcp_forwarding == -1)
				195	options->allow_tcp_forwarding = 1;
Damien Miller	e247cc4	2000-05-07 12:03:14 +1000	[diff] [blame]	196	if (options->gateway_ports == -1)
				197	options->gateway_ports = 0;
Damien Miller	3702396	2000-07-11 17:31:38 +1000	[diff] [blame]	198	if (options->max_startups == -1)
				199	options->max_startups = 10;
Damien Miller	942da03	2000-08-18 13:59:06 +1000	[diff] [blame]	200	if (options->max_startups_rate == -1)
				201	options->max_startups_rate = 100; /* 100% */
				202	if (options->max_startups_begin == -1)
				203	options->max_startups_begin = options->max_startups;
Damien Miller	3380426	2001-02-04 23:20:18 +1100	[diff] [blame]	204	if (options->reverse_mapping_check == -1)
				205	options->reverse_mapping_check = 0;
Ben Lindstrom	5744dc4	2001-04-13 23:28:01 +0000	[diff] [blame]	206	if (options->client_alive_interval == -1)
				207	options->client_alive_interval = 0;
				208	if (options->client_alive_count_max == -1)
				209	options->client_alive_count_max = 3;
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	210	}
				211
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	212	/* Keyword tokens. */
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	213	typedef enum {
				214	sBadOption, /* == unknown option */
				215	sPort, sHostKeyFile, sServerKeyBits, sLoginGraceTime, sKeyRegenerationTime,
				216	sPermitRootLogin, sLogFacility, sLogLevel,
				217	sRhostsAuthentication, sRhostsRSAAuthentication, sRSAAuthentication,
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	218	#ifdef KRB4
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	219	sKerberosAuthentication, sKerberosOrLocalPasswd, sKerberosTicketCleanup,
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	220	#endif
				221	#ifdef AFS
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	222	sKerberosTgtPassing, sAFSTokenPassing,
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	223	#endif
Ben Lindstrom	95fb2dd	2001-01-23 03:12:10 +0000	[diff] [blame]	224	sChallengeResponseAuthentication,
Damien Miller	874d77b	2000-10-14 16:23:11 +1100	[diff] [blame]	225	sPasswordAuthentication, sKbdInteractiveAuthentication, sListenAddress,
Ben Lindstrom	7bfff36	2001-03-26 05:45:53 +0000	[diff] [blame]	226	sPrintMotd, sPrintLastLog, sIgnoreRhosts,
				227	sX11Forwarding, sX11DisplayOffset,
Ben Lindstrom	d9cae22	2001-03-05 07:42:03 +0000	[diff] [blame]	228	sStrictModes, sEmptyPasswd, sKeepAlives, sCheckMail,
Damien Miller	50a41ed	2000-10-16 12:14:42 +1100	[diff] [blame]	229	sUseLogin, sAllowTcpForwarding,
				230	sAllowUsers, sDenyUsers, sAllowGroups, sDenyGroups,
Ben Lindstrom	06b33aa	2001-02-15 03:01:59 +0000	[diff] [blame]	231	sIgnoreUserKnownHosts, sCiphers, sMacs, sProtocol, sPidFile,
Damien Miller	0bc1bd8	2000-11-13 22:57:25 +1100	[diff] [blame]	232	sGatewayPorts, sPubkeyAuthentication, sXAuthLocation, sSubsystem, sMaxStartups,
Ben Lindstrom	5eabda3	2001-04-12 23:34:34 +0000	[diff] [blame]	233	sBanner, sReverseMappingCheck, sHostbasedAuthentication,
Ben Lindstrom	5744dc4	2001-04-13 23:28:01 +0000	[diff] [blame]	234	sHostbasedUsesNameFromPacketOnly, sClientAliveInterval,
				235	sClientAliveCountMax
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	236	} ServerOpCodes;
				237
				238	/* Textual representation of the tokens. */
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	239	static struct {
				240	const char *name;
				241	ServerOpCodes opcode;
				242	} keywords[] = {
				243	{ "port", sPort },
				244	{ "hostkey", sHostKeyFile },
Damien Miller	0bc1bd8	2000-11-13 22:57:25 +1100	[diff] [blame]	245	{ "hostdsakey", sHostKeyFile }, /* alias */
Kevin Steves	ef4eea9	2001-02-05 12:42:17 +0000	[diff] [blame]	246	{ "pidfile", sPidFile },
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	247	{ "serverkeybits", sServerKeyBits },
				248	{ "logingracetime", sLoginGraceTime },
				249	{ "keyregenerationinterval", sKeyRegenerationTime },
				250	{ "permitrootlogin", sPermitRootLogin },
				251	{ "syslogfacility", sLogFacility },
				252	{ "loglevel", sLogLevel },
				253	{ "rhostsauthentication", sRhostsAuthentication },
				254	{ "rhostsrsaauthentication", sRhostsRSAAuthentication },
Ben Lindstrom	5eabda3	2001-04-12 23:34:34 +0000	[diff] [blame]	255	{ "hostbasedauthentication", sHostbasedAuthentication },
				256	{ "hostbasedusesnamefrompacketonly", sHostbasedUsesNameFromPacketOnly },
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	257	{ "rsaauthentication", sRSAAuthentication },
Damien Miller	0bc1bd8	2000-11-13 22:57:25 +1100	[diff] [blame]	258	{ "pubkeyauthentication", sPubkeyAuthentication },
				259	{ "dsaauthentication", sPubkeyAuthentication }, /* alias */
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	260	#ifdef KRB4
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	261	{ "kerberosauthentication", sKerberosAuthentication },
				262	{ "kerberosorlocalpasswd", sKerberosOrLocalPasswd },
				263	{ "kerberosticketcleanup", sKerberosTicketCleanup },
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	264	#endif
				265	#ifdef AFS
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	266	{ "kerberostgtpassing", sKerberosTgtPassing },
				267	{ "afstokenpassing", sAFSTokenPassing },
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	268	#endif
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	269	{ "passwordauthentication", sPasswordAuthentication },
Damien Miller	874d77b	2000-10-14 16:23:11 +1100	[diff] [blame]	270	{ "kbdinteractiveauthentication", sKbdInteractiveAuthentication },
Ben Lindstrom	95fb2dd	2001-01-23 03:12:10 +0000	[diff] [blame]	271	{ "challengeresponseauthentication", sChallengeResponseAuthentication },
				272	{ "skeyauthentication", sChallengeResponseAuthentication }, /* alias */
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	273	{ "checkmail", sCheckMail },
				274	{ "listenaddress", sListenAddress },
				275	{ "printmotd", sPrintMotd },
Ben Lindstrom	7bfff36	2001-03-26 05:45:53 +0000	[diff] [blame]	276	{ "printlastlog", sPrintLastLog },
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	277	{ "ignorerhosts", sIgnoreRhosts },
				278	{ "ignoreuserknownhosts", sIgnoreUserKnownHosts },
				279	{ "x11forwarding", sX11Forwarding },
				280	{ "x11displayoffset", sX11DisplayOffset },
Damien Miller	d3a1857	2000-06-07 19:55:44 +1000	[diff] [blame]	281	{ "xauthlocation", sXAuthLocation },
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	282	{ "strictmodes", sStrictModes },
				283	{ "permitemptypasswords", sEmptyPasswd },
				284	{ "uselogin", sUseLogin },
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	285	{ "keepalive", sKeepAlives },
Damien Miller	50a41ed	2000-10-16 12:14:42 +1100	[diff] [blame]	286	{ "allowtcpforwarding", sAllowTcpForwarding },
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	287	{ "allowusers", sAllowUsers },
				288	{ "denyusers", sDenyUsers },
				289	{ "allowgroups", sAllowGroups },
				290	{ "denygroups", sDenyGroups },
Damien Miller	7892879	2000-04-12 20:17:38 +1000	[diff] [blame]	291	{ "ciphers", sCiphers },
Ben Lindstrom	06b33aa	2001-02-15 03:01:59 +0000	[diff] [blame]	292	{ "macs", sMacs },
Damien Miller	7892879	2000-04-12 20:17:38 +1000	[diff] [blame]	293	{ "protocol", sProtocol },
Damien Miller	e247cc4	2000-05-07 12:03:14 +1000	[diff] [blame]	294	{ "gatewayports", sGatewayPorts },
Damien Miller	f6d9e22	2000-06-18 14:50:44 +1000	[diff] [blame]	295	{ "subsystem", sSubsystem },
Damien Miller	3702396	2000-07-11 17:31:38 +1000	[diff] [blame]	296	{ "maxstartups", sMaxStartups },
Ben Lindstrom	48bd7c1	2001-01-09 00:35:42 +0000	[diff] [blame]	297	{ "banner", sBanner },
Damien Miller	3380426	2001-02-04 23:20:18 +1100	[diff] [blame]	298	{ "reversemappingcheck", sReverseMappingCheck },
Ben Lindstrom	5744dc4	2001-04-13 23:28:01 +0000	[diff] [blame]	299	{ "clientaliveinterval", sClientAliveInterval },
				300	{ "clientalivecountmax", sClientAliveCountMax },
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	301	{ NULL, 0 }
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	302	};
				303
Damien Miller	5428f64	1999-11-25 11:54:57 +1100	[diff] [blame]	304	/*
Ben Lindstrom	3704c26	2001-04-02 18:20:03 +0000	[diff] [blame]	305	* Returns the number of the token pointed to by cp or sBadOption.
Damien Miller	5428f64	1999-11-25 11:54:57 +1100	[diff] [blame]	306	*/
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	307
Damien Miller	4af5130	2000-04-16 11:18:38 +1000	[diff] [blame]	308	static ServerOpCodes
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	309	parse_token(const char cp, const char filename,
				310	int linenum)
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	311	{
Ben Lindstrom	46c1622	2000-12-22 01:43:59 +0000	[diff] [blame]	312	u_int i;
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	313
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	314	for (i = 0; keywords[i].name; i++)
Damien Miller	5428f64	1999-11-25 11:54:57 +1100	[diff] [blame]	315	if (strcasecmp(cp, keywords[i].name) == 0)
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	316	return keywords[i].opcode;
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	317
Ben Lindstrom	b5cdc66	2001-04-16 02:13:26 +0000	[diff] [blame^]	318	error("%s: line %d: Bad configuration option: %s",
				319	filename, linenum, cp);
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	320	return sBadOption;
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	321	}
				322
Damien Miller	4af5130	2000-04-16 11:18:38 +1000	[diff] [blame]	323	void
Ben Lindstrom	19066a1	2001-04-12 23:39:26 +0000	[diff] [blame]	324	add_listen_addr(ServerOptions options, char addr, u_short port)
Damien Miller	34132e5	2000-01-14 15:45:46 +1100	[diff] [blame]	325	{
Damien Miller	34132e5	2000-01-14 15:45:46 +1100	[diff] [blame]	326	int i;
				327
				328	if (options->num_ports == 0)
				329	options->ports[options->num_ports++] = SSH_DEFAULT_PORT;
Ben Lindstrom	19066a1	2001-04-12 23:39:26 +0000	[diff] [blame]	330	if (port == 0)
Ben Lindstrom	c510af4	2001-04-07 17:25:48 +0000	[diff] [blame]	331	for (i = 0; i < options->num_ports; i++)
				332	add_one_listen_addr(options, addr, options->ports[i]);
				333	else
Ben Lindstrom	19066a1	2001-04-12 23:39:26 +0000	[diff] [blame]	334	add_one_listen_addr(options, addr, port);
Ben Lindstrom	c510af4	2001-04-07 17:25:48 +0000	[diff] [blame]	335	}
				336
				337	void
				338	add_one_listen_addr(ServerOptions options, char addr, u_short port)
				339	{
				340	struct addrinfo hints, ai, aitop;
				341	char strport[NI_MAXSERV];
				342	int gaierr;
				343
				344	memset(&hints, 0, sizeof(hints));
				345	hints.ai_family = IPv4or6;
				346	hints.ai_socktype = SOCK_STREAM;
				347	hints.ai_flags = (addr == NULL) ? AI_PASSIVE : 0;
				348	snprintf(strport, sizeof strport, "%d", port);
				349	if ((gaierr = getaddrinfo(addr, strport, &hints, &aitop)) != 0)
				350	fatal("bad addr or host: %s (%s)",
				351	addr ? addr : "<NULL>",
				352	gai_strerror(gaierr));
				353	for (ai = aitop; ai->ai_next; ai = ai->ai_next)
				354	;
				355	ai->ai_next = options->listen_addrs;
				356	options->listen_addrs = aitop;
Damien Miller	34132e5	2000-01-14 15:45:46 +1100	[diff] [blame]	357	}
				358
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	359	/* Reads the server configuration file. */
				360
Damien Miller	4af5130	2000-04-16 11:18:38 +1000	[diff] [blame]	361	void
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	362	read_server_config(ServerOptions options, const char filename)
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	363	{
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	364	FILE *f;
				365	char line[1024];
Ben Lindstrom	c510af4	2001-04-07 17:25:48 +0000	[diff] [blame]	366	char cp, charptr, arg, *p;
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	367	int linenum, *intptr, value;
				368	int bad_options = 0;
				369	ServerOpCodes opcode;
Damien Miller	f6d9e22	2000-06-18 14:50:44 +1000	[diff] [blame]	370	int i;
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	371
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	372	f = fopen(filename, "r");
				373	if (!f) {
				374	perror(filename);
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	375	exit(1);
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	376	}
				377	linenum = 0;
				378	while (fgets(line, sizeof(line), f)) {
				379	linenum++;
Damien Miller	be484b5	2000-07-15 14:14:16 +1000	[diff] [blame]	380	cp = line;
				381	arg = strdelim(&cp);
				382	/* Ignore leading whitespace */
				383	if (*arg == '\0')
				384	arg = strdelim(&cp);
Ben Lindstrom	226cfa0	2001-01-22 05:34:40 +0000	[diff] [blame]	385	if (!arg \|\| !arg \|\| arg == '#')
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	386	continue;
Damien Miller	0bc1bd8	2000-11-13 22:57:25 +1100	[diff] [blame]	387	intptr = NULL;
				388	charptr = NULL;
Damien Miller	3702396	2000-07-11 17:31:38 +1000	[diff] [blame]	389	opcode = parse_token(arg, filename, linenum);
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	390	switch (opcode) {
				391	case sBadOption:
				392	bad_options++;
				393	continue;
				394	case sPort:
Damien Miller	34132e5	2000-01-14 15:45:46 +1100	[diff] [blame]	395	/* ignore ports from configfile if cmdline specifies ports */
				396	if (options->ports_from_cmdline)
				397	continue;
				398	if (options->listen_addrs != NULL)
				399	fatal("%s line %d: ports must be specified before "
				400	"ListenAdress.\n", filename, linenum);
				401	if (options->num_ports >= MAX_PORTS)
Ben Lindstrom	6df8ef4	2001-03-05 07:47:23 +0000	[diff] [blame]	402	fatal("%s line %d: too many ports.",
Damien Miller	4af5130	2000-04-16 11:18:38 +1000	[diff] [blame]	403	filename, linenum);
Damien Miller	be484b5	2000-07-15 14:14:16 +1000	[diff] [blame]	404	arg = strdelim(&cp);
Damien Miller	3702396	2000-07-11 17:31:38 +1000	[diff] [blame]	405	if (!arg \|\| *arg == '\0')
Ben Lindstrom	6df8ef4	2001-03-05 07:47:23 +0000	[diff] [blame]	406	fatal("%s line %d: missing port number.",
Damien Miller	34132e5	2000-01-14 15:45:46 +1100	[diff] [blame]	407	filename, linenum);
Ben Lindstrom	19066a1	2001-04-12 23:39:26 +0000	[diff] [blame]	408	options->ports[options->num_ports++] = a2port(arg);
				409	if (options->ports[options->num_ports-1] == 0)
				410	fatal("%s line %d: Badly formatted port number.",
				411	filename, linenum);
Damien Miller	34132e5	2000-01-14 15:45:46 +1100	[diff] [blame]	412	break;
				413
				414	case sServerKeyBits:
				415	intptr = &options->server_key_bits;
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	416	parse_int:
Damien Miller	be484b5	2000-07-15 14:14:16 +1000	[diff] [blame]	417	arg = strdelim(&cp);
Ben Lindstrom	b5cdc66	2001-04-16 02:13:26 +0000	[diff] [blame^]	418	if (!arg \|\| *arg == '\0')
				419	fatal("%s line %d: missing integer value.",
				420	filename, linenum);
Damien Miller	3702396	2000-07-11 17:31:38 +1000	[diff] [blame]	421	value = atoi(arg);
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	422	if (*intptr == -1)
				423	*intptr = value;
				424	break;
Damien Miller	3226509	1999-11-12 11:33:04 +1100	[diff] [blame]	425
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	426	case sLoginGraceTime:
				427	intptr = &options->login_grace_time;
				428	goto parse_int;
				429
				430	case sKeyRegenerationTime:
				431	intptr = &options->key_regeneration_time;
				432	goto parse_int;
				433
				434	case sListenAddress:
Damien Miller	be484b5	2000-07-15 14:14:16 +1000	[diff] [blame]	435	arg = strdelim(&cp);
Ben Lindstrom	c510af4	2001-04-07 17:25:48 +0000	[diff] [blame]	436	if (!arg \|\| *arg == '\0' \|\| strncmp(arg, "[]", 2) == 0)
Ben Lindstrom	6df8ef4	2001-03-05 07:47:23 +0000	[diff] [blame]	437	fatal("%s line %d: missing inet addr.",
Damien Miller	34132e5	2000-01-14 15:45:46 +1100	[diff] [blame]	438	filename, linenum);
Ben Lindstrom	c510af4	2001-04-07 17:25:48 +0000	[diff] [blame]	439	if (*arg == '[') {
				440	if ((p = strchr(arg, ']')) == NULL)
				441	fatal("%s line %d: bad ipv6 inet addr usage.",
				442	filename, linenum);
				443	arg++;
				444	memmove(p, p+1, strlen(p+1)+1);
				445	} else if (((p = strchr(arg, ':')) == NULL) \|\|
				446	(strchr(p+1, ':') != NULL)) {
Ben Lindstrom	19066a1	2001-04-12 23:39:26 +0000	[diff] [blame]	447	add_listen_addr(options, arg, 0);
Ben Lindstrom	c510af4	2001-04-07 17:25:48 +0000	[diff] [blame]	448	break;
				449	}
				450	if (*p == ':') {
Ben Lindstrom	19066a1	2001-04-12 23:39:26 +0000	[diff] [blame]	451	u_short port;
				452
Ben Lindstrom	c510af4	2001-04-07 17:25:48 +0000	[diff] [blame]	453	p++;
				454	if (*p == '\0')
				455	fatal("%s line %d: bad inet addr:port usage.",
				456	filename, linenum);
				457	else {
				458	*(p-1) = '\0';
Ben Lindstrom	19066a1	2001-04-12 23:39:26 +0000	[diff] [blame]	459	if ((port = a2port(p)) == 0)
				460	fatal("%s line %d: bad port number.",
				461	filename, linenum);
				462	add_listen_addr(options, arg, port);
Ben Lindstrom	c510af4	2001-04-07 17:25:48 +0000	[diff] [blame]	463	}
				464	} else if (*p == '\0')
Ben Lindstrom	19066a1	2001-04-12 23:39:26 +0000	[diff] [blame]	465	add_listen_addr(options, arg, 0);
Ben Lindstrom	c510af4	2001-04-07 17:25:48 +0000	[diff] [blame]	466	else
				467	fatal("%s line %d: bad inet addr usage.",
				468	filename, linenum);
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	469	break;
				470
				471	case sHostKeyFile:
Damien Miller	0bc1bd8	2000-11-13 22:57:25 +1100	[diff] [blame]	472	intptr = &options->num_host_key_files;
Ben Lindstrom	b5cdc66	2001-04-16 02:13:26 +0000	[diff] [blame^]	473	if (*intptr >= MAX_HOSTKEYS)
				474	fatal("%s line %d: too many host keys specified (max %d).",
Damien Miller	0bc1bd8	2000-11-13 22:57:25 +1100	[diff] [blame]	475	filename, linenum, MAX_HOSTKEYS);
Damien Miller	0bc1bd8	2000-11-13 22:57:25 +1100	[diff] [blame]	476	charptr = &options->host_key_files[*intptr];
Damien Miller	d3a1857	2000-06-07 19:55:44 +1000	[diff] [blame]	477	parse_filename:
Damien Miller	be484b5	2000-07-15 14:14:16 +1000	[diff] [blame]	478	arg = strdelim(&cp);
Ben Lindstrom	b5cdc66	2001-04-16 02:13:26 +0000	[diff] [blame^]	479	if (!arg \|\| *arg == '\0')
				480	fatal("%s line %d: missing file name.",
Damien Miller	6f83b8e	2000-05-02 09:23:45 +1000	[diff] [blame]	481	filename, linenum);
Damien Miller	0bc1bd8	2000-11-13 22:57:25 +1100	[diff] [blame]	482	if (*charptr == NULL) {
Damien Miller	3702396	2000-07-11 17:31:38 +1000	[diff] [blame]	483	*charptr = tilde_expand_filename(arg, getuid());
Damien Miller	0bc1bd8	2000-11-13 22:57:25 +1100	[diff] [blame]	484	/* increase optional counter */
				485	if (intptr != NULL)
				486	intptr = intptr + 1;
				487	}
Damien Miller	6f83b8e	2000-05-02 09:23:45 +1000	[diff] [blame]	488	break;
				489
				490	case sPidFile:
				491	charptr = &options->pid_file;
Damien Miller	d3a1857	2000-06-07 19:55:44 +1000	[diff] [blame]	492	goto parse_filename;
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	493
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	494	case sPermitRootLogin:
				495	intptr = &options->permit_root_login;
Damien Miller	be484b5	2000-07-15 14:14:16 +1000	[diff] [blame]	496	arg = strdelim(&cp);
Ben Lindstrom	b5cdc66	2001-04-16 02:13:26 +0000	[diff] [blame^]	497	if (!arg \|\| *arg == '\0')
				498	fatal("%s line %d: missing yes/"
Ben Lindstrom	35f1f4e	2001-03-06 01:02:41 +0000	[diff] [blame]	499	"without-password/forced-commands-only/no "
Ben Lindstrom	b5cdc66	2001-04-16 02:13:26 +0000	[diff] [blame^]	500	"argument.", filename, linenum);
				501	value = 0; /* silence compiler */
Damien Miller	3702396	2000-07-11 17:31:38 +1000	[diff] [blame]	502	if (strcmp(arg, "without-password") == 0)
Ben Lindstrom	d8a9021	2001-02-15 03:08:27 +0000	[diff] [blame]	503	value = PERMIT_NO_PASSWD;
				504	else if (strcmp(arg, "forced-commands-only") == 0)
				505	value = PERMIT_FORCED_ONLY;
Damien Miller	3702396	2000-07-11 17:31:38 +1000	[diff] [blame]	506	else if (strcmp(arg, "yes") == 0)
Ben Lindstrom	d8a9021	2001-02-15 03:08:27 +0000	[diff] [blame]	507	value = PERMIT_YES;
Damien Miller	3702396	2000-07-11 17:31:38 +1000	[diff] [blame]	508	else if (strcmp(arg, "no") == 0)
Ben Lindstrom	d8a9021	2001-02-15 03:08:27 +0000	[diff] [blame]	509	value = PERMIT_NO;
Ben Lindstrom	b5cdc66	2001-04-16 02:13:26 +0000	[diff] [blame^]	510	else
				511	fatal("%s line %d: Bad yes/"
Ben Lindstrom	d8a9021	2001-02-15 03:08:27 +0000	[diff] [blame]	512	"without-password/forced-commands-only/no "
Ben Lindstrom	b5cdc66	2001-04-16 02:13:26 +0000	[diff] [blame^]	513	"argument: %s", filename, linenum, arg);
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	514	if (*intptr == -1)
				515	*intptr = value;
				516	break;
				517
				518	case sIgnoreRhosts:
				519	intptr = &options->ignore_rhosts;
				520	parse_flag:
Damien Miller	be484b5	2000-07-15 14:14:16 +1000	[diff] [blame]	521	arg = strdelim(&cp);
Ben Lindstrom	b5cdc66	2001-04-16 02:13:26 +0000	[diff] [blame^]	522	if (!arg \|\| *arg == '\0')
				523	fatal("%s line %d: missing yes/no argument.",
				524	filename, linenum);
				525	value = 0; /* silence compiler */
Damien Miller	3702396	2000-07-11 17:31:38 +1000	[diff] [blame]	526	if (strcmp(arg, "yes") == 0)
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	527	value = 1;
Damien Miller	3702396	2000-07-11 17:31:38 +1000	[diff] [blame]	528	else if (strcmp(arg, "no") == 0)
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	529	value = 0;
Ben Lindstrom	b5cdc66	2001-04-16 02:13:26 +0000	[diff] [blame^]	530	else
				531	fatal("%s line %d: Bad yes/no argument: %s",
Damien Miller	3702396	2000-07-11 17:31:38 +1000	[diff] [blame]	532	filename, linenum, arg);
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	533	if (*intptr == -1)
				534	*intptr = value;
				535	break;
				536
				537	case sIgnoreUserKnownHosts:
				538	intptr = &options->ignore_user_known_hosts;
Damien Miller	98c7ad6	2000-03-09 21:27:49 +1100	[diff] [blame]	539	goto parse_flag;
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	540
				541	case sRhostsAuthentication:
				542	intptr = &options->rhosts_authentication;
				543	goto parse_flag;
				544
				545	case sRhostsRSAAuthentication:
				546	intptr = &options->rhosts_rsa_authentication;
				547	goto parse_flag;
				548
Ben Lindstrom	5eabda3	2001-04-12 23:34:34 +0000	[diff] [blame]	549	case sHostbasedAuthentication:
				550	intptr = &options->hostbased_authentication;
				551	goto parse_flag;
				552
				553	case sHostbasedUsesNameFromPacketOnly:
				554	intptr = &options->hostbased_uses_name_from_packet_only;
				555	goto parse_flag;
				556
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	557	case sRSAAuthentication:
				558	intptr = &options->rsa_authentication;
				559	goto parse_flag;
				560
Damien Miller	0bc1bd8	2000-11-13 22:57:25 +1100	[diff] [blame]	561	case sPubkeyAuthentication:
				562	intptr = &options->pubkey_authentication;
Damien Miller	e247cc4	2000-05-07 12:03:14 +1000	[diff] [blame]	563	goto parse_flag;
				564
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	565	#ifdef KRB4
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	566	case sKerberosAuthentication:
				567	intptr = &options->kerberos_authentication;
				568	goto parse_flag;
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	569
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	570	case sKerberosOrLocalPasswd:
				571	intptr = &options->kerberos_or_local_passwd;
				572	goto parse_flag;
				573
				574	case sKerberosTicketCleanup:
				575	intptr = &options->kerberos_ticket_cleanup;
				576	goto parse_flag;
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	577	#endif
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	578
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	579	#ifdef AFS
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	580	case sKerberosTgtPassing:
				581	intptr = &options->kerberos_tgt_passing;
				582	goto parse_flag;
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	583
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	584	case sAFSTokenPassing:
				585	intptr = &options->afs_token_passing;
				586	goto parse_flag;
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	587	#endif
				588
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	589	case sPasswordAuthentication:
				590	intptr = &options->password_authentication;
				591	goto parse_flag;
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	592
Damien Miller	874d77b	2000-10-14 16:23:11 +1100	[diff] [blame]	593	case sKbdInteractiveAuthentication:
				594	intptr = &options->kbd_interactive_authentication;
				595	goto parse_flag;
				596
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	597	case sCheckMail:
				598	intptr = &options->check_mail;
				599	goto parse_flag;
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	600
Ben Lindstrom	95fb2dd	2001-01-23 03:12:10 +0000	[diff] [blame]	601	case sChallengeResponseAuthentication:
				602	intptr = &options->challenge_reponse_authentication;
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	603	goto parse_flag;
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	604
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	605	case sPrintMotd:
				606	intptr = &options->print_motd;
				607	goto parse_flag;
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	608
Ben Lindstrom	7bfff36	2001-03-26 05:45:53 +0000	[diff] [blame]	609	case sPrintLastLog:
				610	intptr = &options->print_lastlog;
				611	goto parse_flag;
				612
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	613	case sX11Forwarding:
				614	intptr = &options->x11_forwarding;
				615	goto parse_flag;
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	616
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	617	case sX11DisplayOffset:
				618	intptr = &options->x11_display_offset;
				619	goto parse_int;
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	620
Damien Miller	d3a1857	2000-06-07 19:55:44 +1000	[diff] [blame]	621	case sXAuthLocation:
				622	charptr = &options->xauth_location;
				623	goto parse_filename;
Kevin Steves	ef4eea9	2001-02-05 12:42:17 +0000	[diff] [blame]	624
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	625	case sStrictModes:
				626	intptr = &options->strict_modes;
				627	goto parse_flag;
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	628
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	629	case sKeepAlives:
				630	intptr = &options->keepalives;
				631	goto parse_flag;
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	632
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	633	case sEmptyPasswd:
				634	intptr = &options->permit_empty_passwd;
				635	goto parse_flag;
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	636
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	637	case sUseLogin:
				638	intptr = &options->use_login;
				639	goto parse_flag;
Damien Miller	5ce662a	1999-11-11 17:57:39 +1100	[diff] [blame]	640
Damien Miller	e247cc4	2000-05-07 12:03:14 +1000	[diff] [blame]	641	case sGatewayPorts:
				642	intptr = &options->gateway_ports;
				643	goto parse_flag;
				644
Damien Miller	3380426	2001-02-04 23:20:18 +1100	[diff] [blame]	645	case sReverseMappingCheck:
				646	intptr = &options->reverse_mapping_check;
				647	goto parse_flag;
				648
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	649	case sLogFacility:
				650	intptr = (int *) &options->log_facility;
Damien Miller	be484b5	2000-07-15 14:14:16 +1000	[diff] [blame]	651	arg = strdelim(&cp);
Damien Miller	3702396	2000-07-11 17:31:38 +1000	[diff] [blame]	652	value = log_facility_number(arg);
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	653	if (value == (SyslogFacility) - 1)
Ben Lindstrom	6df8ef4	2001-03-05 07:47:23 +0000	[diff] [blame]	654	fatal("%.200s line %d: unsupported log facility '%s'",
Damien Miller	3702396	2000-07-11 17:31:38 +1000	[diff] [blame]	655	filename, linenum, arg ? arg : "<NONE>");
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	656	if (*intptr == -1)
				657	*intptr = (SyslogFacility) value;
				658	break;
				659
				660	case sLogLevel:
				661	intptr = (int *) &options->log_level;
Damien Miller	be484b5	2000-07-15 14:14:16 +1000	[diff] [blame]	662	arg = strdelim(&cp);
Damien Miller	3702396	2000-07-11 17:31:38 +1000	[diff] [blame]	663	value = log_level_number(arg);
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	664	if (value == (LogLevel) - 1)
Ben Lindstrom	6df8ef4	2001-03-05 07:47:23 +0000	[diff] [blame]	665	fatal("%.200s line %d: unsupported log level '%s'",
Damien Miller	3702396	2000-07-11 17:31:38 +1000	[diff] [blame]	666	filename, linenum, arg ? arg : "<NONE>");
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	667	if (*intptr == -1)
				668	*intptr = (LogLevel) value;
				669	break;
				670
Damien Miller	50a41ed	2000-10-16 12:14:42 +1100	[diff] [blame]	671	case sAllowTcpForwarding:
				672	intptr = &options->allow_tcp_forwarding;
				673	goto parse_flag;
				674
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	675	case sAllowUsers:
Damien Miller	be484b5	2000-07-15 14:14:16 +1000	[diff] [blame]	676	while ((arg = strdelim(&cp)) && *arg != '\0') {
Damien Miller	7892879	2000-04-12 20:17:38 +1000	[diff] [blame]	677	if (options->num_allow_users >= MAX_ALLOW_USERS)
Ben Lindstrom	6df8ef4	2001-03-05 07:47:23 +0000	[diff] [blame]	678	fatal("%s line %d: too many allow users.",
Damien Miller	7892879	2000-04-12 20:17:38 +1000	[diff] [blame]	679	filename, linenum);
Damien Miller	3702396	2000-07-11 17:31:38 +1000	[diff] [blame]	680	options->allow_users[options->num_allow_users++] = xstrdup(arg);
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	681	}
				682	break;
				683
				684	case sDenyUsers:
Damien Miller	be484b5	2000-07-15 14:14:16 +1000	[diff] [blame]	685	while ((arg = strdelim(&cp)) && *arg != '\0') {
Damien Miller	7892879	2000-04-12 20:17:38 +1000	[diff] [blame]	686	if (options->num_deny_users >= MAX_DENY_USERS)
Ben Lindstrom	6df8ef4	2001-03-05 07:47:23 +0000	[diff] [blame]	687	fatal( "%s line %d: too many deny users.",
Damien Miller	7892879	2000-04-12 20:17:38 +1000	[diff] [blame]	688	filename, linenum);
Damien Miller	3702396	2000-07-11 17:31:38 +1000	[diff] [blame]	689	options->deny_users[options->num_deny_users++] = xstrdup(arg);
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	690	}
				691	break;
				692
				693	case sAllowGroups:
Damien Miller	be484b5	2000-07-15 14:14:16 +1000	[diff] [blame]	694	while ((arg = strdelim(&cp)) && *arg != '\0') {
Damien Miller	7892879	2000-04-12 20:17:38 +1000	[diff] [blame]	695	if (options->num_allow_groups >= MAX_ALLOW_GROUPS)
Ben Lindstrom	6df8ef4	2001-03-05 07:47:23 +0000	[diff] [blame]	696	fatal("%s line %d: too many allow groups.",
Damien Miller	7892879	2000-04-12 20:17:38 +1000	[diff] [blame]	697	filename, linenum);
Damien Miller	3702396	2000-07-11 17:31:38 +1000	[diff] [blame]	698	options->allow_groups[options->num_allow_groups++] = xstrdup(arg);
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	699	}
				700	break;
				701
				702	case sDenyGroups:
Damien Miller	be484b5	2000-07-15 14:14:16 +1000	[diff] [blame]	703	while ((arg = strdelim(&cp)) && *arg != '\0') {
Damien Miller	7892879	2000-04-12 20:17:38 +1000	[diff] [blame]	704	if (options->num_deny_groups >= MAX_DENY_GROUPS)
Ben Lindstrom	6df8ef4	2001-03-05 07:47:23 +0000	[diff] [blame]	705	fatal("%s line %d: too many deny groups.",
Damien Miller	7892879	2000-04-12 20:17:38 +1000	[diff] [blame]	706	filename, linenum);
Damien Miller	3702396	2000-07-11 17:31:38 +1000	[diff] [blame]	707	options->deny_groups[options->num_deny_groups++] = xstrdup(arg);
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	708	}
				709	break;
				710
Damien Miller	7892879	2000-04-12 20:17:38 +1000	[diff] [blame]	711	case sCiphers:
Damien Miller	be484b5	2000-07-15 14:14:16 +1000	[diff] [blame]	712	arg = strdelim(&cp);
Damien Miller	3702396	2000-07-11 17:31:38 +1000	[diff] [blame]	713	if (!arg \|\| *arg == '\0')
Damien Miller	b1715dc	2000-05-30 13:44:51 +1000	[diff] [blame]	714	fatal("%s line %d: Missing argument.", filename, linenum);
Damien Miller	3702396	2000-07-11 17:31:38 +1000	[diff] [blame]	715	if (!ciphers_valid(arg))
Damien Miller	30c3d42	2000-05-09 11:02:59 +1000	[diff] [blame]	716	fatal("%s line %d: Bad SSH2 cipher spec '%s'.",
Damien Miller	3702396	2000-07-11 17:31:38 +1000	[diff] [blame]	717	filename, linenum, arg ? arg : "<NONE>");
Damien Miller	7892879	2000-04-12 20:17:38 +1000	[diff] [blame]	718	if (options->ciphers == NULL)
Damien Miller	3702396	2000-07-11 17:31:38 +1000	[diff] [blame]	719	options->ciphers = xstrdup(arg);
Damien Miller	7892879	2000-04-12 20:17:38 +1000	[diff] [blame]	720	break;
				721
Ben Lindstrom	06b33aa	2001-02-15 03:01:59 +0000	[diff] [blame]	722	case sMacs:
				723	arg = strdelim(&cp);
				724	if (!arg \|\| *arg == '\0')
				725	fatal("%s line %d: Missing argument.", filename, linenum);
				726	if (!mac_valid(arg))
				727	fatal("%s line %d: Bad SSH2 mac spec '%s'.",
				728	filename, linenum, arg ? arg : "<NONE>");
				729	if (options->macs == NULL)
				730	options->macs = xstrdup(arg);
				731	break;
				732
Damien Miller	7892879	2000-04-12 20:17:38 +1000	[diff] [blame]	733	case sProtocol:
				734	intptr = &options->protocol;
Damien Miller	be484b5	2000-07-15 14:14:16 +1000	[diff] [blame]	735	arg = strdelim(&cp);
Damien Miller	3702396	2000-07-11 17:31:38 +1000	[diff] [blame]	736	if (!arg \|\| *arg == '\0')
Damien Miller	b1715dc	2000-05-30 13:44:51 +1000	[diff] [blame]	737	fatal("%s line %d: Missing argument.", filename, linenum);
Damien Miller	3702396	2000-07-11 17:31:38 +1000	[diff] [blame]	738	value = proto_spec(arg);
Damien Miller	7892879	2000-04-12 20:17:38 +1000	[diff] [blame]	739	if (value == SSH_PROTO_UNKNOWN)
				740	fatal("%s line %d: Bad protocol spec '%s'.",
Damien Miller	3702396	2000-07-11 17:31:38 +1000	[diff] [blame]	741	filename, linenum, arg ? arg : "<NONE>");
Damien Miller	7892879	2000-04-12 20:17:38 +1000	[diff] [blame]	742	if (*intptr == SSH_PROTO_UNKNOWN)
				743	*intptr = value;
				744	break;
				745
Damien Miller	f6d9e22	2000-06-18 14:50:44 +1000	[diff] [blame]	746	case sSubsystem:
				747	if(options->num_subsystems >= MAX_SUBSYSTEMS) {
				748	fatal("%s line %d: too many subsystems defined.",
				749	filename, linenum);
				750	}
Damien Miller	be484b5	2000-07-15 14:14:16 +1000	[diff] [blame]	751	arg = strdelim(&cp);
Damien Miller	3702396	2000-07-11 17:31:38 +1000	[diff] [blame]	752	if (!arg \|\| *arg == '\0')
Damien Miller	f6d9e22	2000-06-18 14:50:44 +1000	[diff] [blame]	753	fatal("%s line %d: Missing subsystem name.",
				754	filename, linenum);
				755	for (i = 0; i < options->num_subsystems; i++)
Damien Miller	3702396	2000-07-11 17:31:38 +1000	[diff] [blame]	756	if(strcmp(arg, options->subsystem_name[i]) == 0)
Damien Miller	f6d9e22	2000-06-18 14:50:44 +1000	[diff] [blame]	757	fatal("%s line %d: Subsystem '%s' already defined.",
Damien Miller	3702396	2000-07-11 17:31:38 +1000	[diff] [blame]	758	filename, linenum, arg);
				759	options->subsystem_name[options->num_subsystems] = xstrdup(arg);
Damien Miller	be484b5	2000-07-15 14:14:16 +1000	[diff] [blame]	760	arg = strdelim(&cp);
Damien Miller	3702396	2000-07-11 17:31:38 +1000	[diff] [blame]	761	if (!arg \|\| *arg == '\0')
Damien Miller	f6d9e22	2000-06-18 14:50:44 +1000	[diff] [blame]	762	fatal("%s line %d: Missing subsystem command.",
				763	filename, linenum);
Damien Miller	3702396	2000-07-11 17:31:38 +1000	[diff] [blame]	764	options->subsystem_command[options->num_subsystems] = xstrdup(arg);
Damien Miller	f6d9e22	2000-06-18 14:50:44 +1000	[diff] [blame]	765	options->num_subsystems++;
				766	break;
				767
Damien Miller	3702396	2000-07-11 17:31:38 +1000	[diff] [blame]	768	case sMaxStartups:
Damien Miller	942da03	2000-08-18 13:59:06 +1000	[diff] [blame]	769	arg = strdelim(&cp);
				770	if (!arg \|\| *arg == '\0')
				771	fatal("%s line %d: Missing MaxStartups spec.",
				772	filename, linenum);
				773	if (sscanf(arg, "%d:%d:%d",
				774	&options->max_startups_begin,
				775	&options->max_startups_rate,
				776	&options->max_startups) == 3) {
				777	if (options->max_startups_begin >
				778	options->max_startups \|\|
				779	options->max_startups_rate > 100 \|\|
				780	options->max_startups_rate < 1)
				781	fatal("%s line %d: Illegal MaxStartups spec.",
				782	filename, linenum);
				783	break;
				784	}
Damien Miller	3702396	2000-07-11 17:31:38 +1000	[diff] [blame]	785	intptr = &options->max_startups;
				786	goto parse_int;
				787
Ben Lindstrom	48bd7c1	2001-01-09 00:35:42 +0000	[diff] [blame]	788	case sBanner:
				789	charptr = &options->banner;
				790	goto parse_filename;
Ben Lindstrom	5744dc4	2001-04-13 23:28:01 +0000	[diff] [blame]	791	case sClientAliveInterval:
				792	intptr = &options->client_alive_interval;
				793	goto parse_int;
				794	case sClientAliveCountMax:
				795	intptr = &options->client_alive_count_max;
				796	goto parse_int;
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	797	default:
Ben Lindstrom	b5cdc66	2001-04-16 02:13:26 +0000	[diff] [blame^]	798	fatal("%s line %d: Missing handler for opcode %s (%d)",
				799	filename, linenum, arg, opcode);
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	800	}
Ben Lindstrom	b5cdc66	2001-04-16 02:13:26 +0000	[diff] [blame^]	801	if ((arg = strdelim(&cp)) != NULL && *arg != '\0')
				802	fatal("%s line %d: garbage at end of line; \"%.200s\".",
				803	filename, linenum, arg);
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	804	}
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	805	fclose(f);
Ben Lindstrom	b5cdc66	2001-04-16 02:13:26 +0000	[diff] [blame^]	806	if (bad_options > 0)
				807	fatal("%s: terminating, %d bad configuration options",
				808	filename, bad_options);
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	809	}