Blame - readconf.c - platform/external/openssh

blob: 1e3c13239d3aa5011e75ac5bac78776f4904927f [file] [log] [blame]

Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	1	/*
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	2	* Author: Tatu Ylonen <ylo@cs.hut.fi>
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	3	* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
				4	* All rights reserved
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	5	* Functions for reading the configuration files.
Damien Miller	4af5130	2000-04-16 11:18:38 +1000	[diff] [blame]	6	*
Damien Miller	e4340be	2000-09-16 13:29:08 +1100	[diff] [blame]	7	* As far as I am concerned, the code I have written for this software
				8	* can be used freely for any purpose. Any derived versions of this
				9	* software must be clearly marked as such, and if the derived work is
				10	* incompatible with the protocol description in the RFC file, it must be
				11	* called by a name other than "ssh" or "Secure Shell".
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	12	*/
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	13
				14	#include "includes.h"
Damien Miller	0dc1bef	2005-07-17 17:22:45 +1000	[diff] [blame]	15	RCSID("$OpenBSD: readconf.c,v 1.142 2005/07/17 07:17:55 djm Exp $");
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	16
				17	#include "ssh.h"
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	18	#include "xmalloc.h"
Damien Miller	7892879	2000-04-12 20:17:38 +1000	[diff] [blame]	19	#include "compat.h"
Ben Lindstrom	226cfa0	2001-01-22 05:34:40 +0000	[diff] [blame]	20	#include "cipher.h"
				21	#include "pathnames.h"
				22	#include "log.h"
				23	#include "readconf.h"
				24	#include "match.h"
				25	#include "misc.h"
Ben Lindstrom	06b33aa	2001-02-15 03:01:59 +0000	[diff] [blame]	26	#include "kex.h"
				27	#include "mac.h"
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	28
				29	/* Format of the configuration file:
				30
				31	# Configuration data is parsed as follows:
				32	# 1. command line options
				33	# 2. user-specific file
				34	# 3. system-wide file
				35	# Any configuration value is only changed the first time it is set.
				36	# Thus, host-specific definitions should be at the beginning of the
				37	# configuration file, and defaults at the end.
				38
				39	# Host-specific declarations. These may override anything above. A single
				40	# host may match multiple declarations; these are processed in the order
				41	# that they are given in.
				42
				43	Host *.ngs.fi ngs.fi
Ben Lindstrom	4daea86	2002-06-09 20:04:02 +0000	[diff] [blame]	44	User foo
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	45
				46	Host fake.com
				47	HostName another.host.name.real.org
				48	User blaah
				49	Port 34289
				50	ForwardX11 no
				51	ForwardAgent no
				52
				53	Host books.com
				54	RemoteForward 9999 shadows.cs.hut.fi:9999
				55	Cipher 3des
				56
				57	Host fascist.blob.com
				58	Port 23123
				59	User tylonen
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	60	PasswordAuthentication no
				61
				62	Host puukko.hut.fi
				63	User t35124p
				64	ProxyCommand ssh-proxy %h %p
				65
				66	Host *.fr
Ben Lindstrom	4daea86	2002-06-09 20:04:02 +0000	[diff] [blame]	67	PublicKeyAuthentication no
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	68
				69	Host *.su
				70	Cipher none
				71	PasswordAuthentication no
				72
				73	# Defaults for various options
				74	Host *
				75	ForwardAgent no
Damien Miller	0bc1bd8	2000-11-13 22:57:25 +1100	[diff] [blame]	76	ForwardX11 no
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	77	PasswordAuthentication yes
				78	RSAAuthentication yes
				79	RhostsRSAAuthentication yes
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	80	StrictHostKeyChecking yes
Damien Miller	12c150e	2003-12-17 16:31:10 +1100	[diff] [blame]	81	TcpKeepAlive no
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	82	IdentityFile ~/.ssh/identity
				83	Port 22
				84	EscapeChar ~
				85
				86	*/
				87
				88	/* Keyword tokens. */
				89
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	90	typedef enum {
				91	oBadOption,
Darren Tucker	0a118da	2003-10-15 15:54:32 +1000	[diff] [blame]	92	oForwardAgent, oForwardX11, oForwardX11Trusted, oGatewayPorts,
Ben Lindstrom	cb72e4f	2002-06-21 00:41:51 +0000	[diff] [blame]	93	oPasswordAuthentication, oRSAAuthentication,
Ben Lindstrom	95fb2dd	2001-01-23 03:12:10 +0000	[diff] [blame]	94	oChallengeResponseAuthentication, oXAuthLocation,
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	95	oIdentityFile, oHostName, oPort, oCipher, oRemoteForward, oLocalForward,
				96	oUser, oHost, oEscapeChar, oRhostsRSAAuthentication, oProxyCommand,
				97	oGlobalKnownHostsFile, oUserKnownHostsFile, oConnectionAttempts,
				98	oBatchMode, oCheckHostIP, oStrictHostKeyChecking, oCompression,
Damien Miller	12c150e	2003-12-17 16:31:10 +1100	[diff] [blame]	99	oCompressionLevel, oTCPKeepAlive, oNumberOfPasswordPrompts,
Ben Lindstrom	06b33aa	2001-02-15 03:01:59 +0000	[diff] [blame]	100	oUsePrivilegedPort, oLogLevel, oCiphers, oProtocol, oMacs,
Damien Miller	0bc1bd8	2000-11-13 22:57:25 +1100	[diff] [blame]	101	oGlobalKnownHostsFile2, oUserKnownHostsFile2, oPubkeyAuthentication,
Ben Lindstrom	b9be60a	2001-03-11 01:49:19 +0000	[diff] [blame]	102	oKbdInteractiveAuthentication, oKbdInteractiveDevices, oHostKeyAlias,
Ben Lindstrom	982dbbc	2001-04-17 18:11:36 +0000	[diff] [blame]	103	oDynamicForward, oPreferredAuthentications, oHostbasedAuthentication,
Ben Lindstrom	2b7a0e9	2001-09-20 00:57:55 +0000	[diff] [blame]	104	oHostKeyAlgorithms, oBindAddress, oSmartcardDevice,
Ben Lindstrom	4daea86	2002-06-09 20:04:02 +0000	[diff] [blame]	105	oClearAllForwardings, oNoHostAuthenticationForLocalhost,
Damien Miller	b78d5eb	2003-05-16 11:39:04 +1000	[diff] [blame]	106	oEnableSSHKeysign, oRekeyLimit, oVerifyHostKeyDNS, oConnectTimeout,
Darren Tucker	0efd155	2003-08-26 11:49:55 +1000	[diff] [blame]	107	oAddressFamily, oGssAuthentication, oGssDelegateCreds,
Damien Miller	bd394c3	2004-03-08 23:12:36 +1100	[diff] [blame]	108	oServerAliveInterval, oServerAliveCountMax, oIdentitiesOnly,
Damien Miller	e177615	2005-03-01 21:47:37 +1100	[diff] [blame]	109	oSendEnv, oControlPath, oControlMaster, oHashKnownHosts,
Damien Miller	f9b3feb	2003-05-16 11:38:32 +1000	[diff] [blame]	110	oDeprecated, oUnsupported
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	111	} OpCodes;
				112
				113	/* Textual representations of the tokens. */
				114
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	115	static struct {
				116	const char *name;
				117	OpCodes opcode;
				118	} keywords[] = {
				119	{ "forwardagent", oForwardAgent },
				120	{ "forwardx11", oForwardX11 },
Darren Tucker	0a118da	2003-10-15 15:54:32 +1000	[diff] [blame]	121	{ "forwardx11trusted", oForwardX11Trusted },
Damien Miller	d3a1857	2000-06-07 19:55:44 +1000	[diff] [blame]	122	{ "xauthlocation", oXAuthLocation },
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	123	{ "gatewayports", oGatewayPorts },
				124	{ "useprivilegedport", oUsePrivilegedPort },
Darren Tucker	ec960f2	2003-08-13 20:37:05 +1000	[diff] [blame]	125	{ "rhostsauthentication", oDeprecated },
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	126	{ "passwordauthentication", oPasswordAuthentication },
Damien Miller	874d77b	2000-10-14 16:23:11 +1100	[diff] [blame]	127	{ "kbdinteractiveauthentication", oKbdInteractiveAuthentication },
				128	{ "kbdinteractivedevices", oKbdInteractiveDevices },
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	129	{ "rsaauthentication", oRSAAuthentication },
Damien Miller	0bc1bd8	2000-11-13 22:57:25 +1100	[diff] [blame]	130	{ "pubkeyauthentication", oPubkeyAuthentication },
Ben Lindstrom	95fb2dd	2001-01-23 03:12:10 +0000	[diff] [blame]	131	{ "dsaauthentication", oPubkeyAuthentication }, /* alias */
Ben Lindstrom	5eabda3	2001-04-12 23:34:34 +0000	[diff] [blame]	132	{ "rhostsrsaauthentication", oRhostsRSAAuthentication },
Ben Lindstrom	d69dab3	2001-04-12 23:36:05 +0000	[diff] [blame]	133	{ "hostbasedauthentication", oHostbasedAuthentication },
Ben Lindstrom	95fb2dd	2001-01-23 03:12:10 +0000	[diff] [blame]	134	{ "challengeresponseauthentication", oChallengeResponseAuthentication },
				135	{ "skeyauthentication", oChallengeResponseAuthentication }, /* alias */
				136	{ "tisauthentication", oChallengeResponseAuthentication }, /* alias */
Damien Miller	f9b3feb	2003-05-16 11:38:32 +1000	[diff] [blame]	137	{ "kerberosauthentication", oUnsupported },
				138	{ "kerberostgtpassing", oUnsupported },
Damien Miller	f9b3feb	2003-05-16 11:38:32 +1000	[diff] [blame]	139	{ "afstokenpassing", oUnsupported },
Darren Tucker	0efd155	2003-08-26 11:49:55 +1000	[diff] [blame]	140	#if defined(GSSAPI)
				141	{ "gssapiauthentication", oGssAuthentication },
Darren Tucker	0efd155	2003-08-26 11:49:55 +1000	[diff] [blame]	142	{ "gssapidelegatecredentials", oGssDelegateCreds },
				143	#else
				144	{ "gssapiauthentication", oUnsupported },
				145	{ "gssapidelegatecredentials", oUnsupported },
				146	#endif
Ben Lindstrom	4daea86	2002-06-09 20:04:02 +0000	[diff] [blame]	147	{ "fallbacktorsh", oDeprecated },
				148	{ "usersh", oDeprecated },
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	149	{ "identityfile", oIdentityFile },
Damien Miller	0bc1bd8	2000-11-13 22:57:25 +1100	[diff] [blame]	150	{ "identityfile2", oIdentityFile }, /* alias */
Damien Miller	bd394c3	2004-03-08 23:12:36 +1100	[diff] [blame]	151	{ "identitiesonly", oIdentitiesOnly },
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	152	{ "hostname", oHostName },
Ben Lindstrom	4dccfa5	2000-12-28 16:40:05 +0000	[diff] [blame]	153	{ "hostkeyalias", oHostKeyAlias },
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	154	{ "proxycommand", oProxyCommand },
				155	{ "port", oPort },
				156	{ "cipher", oCipher },
Damien Miller	7892879	2000-04-12 20:17:38 +1000	[diff] [blame]	157	{ "ciphers", oCiphers },
Ben Lindstrom	06b33aa	2001-02-15 03:01:59 +0000	[diff] [blame]	158	{ "macs", oMacs },
Damien Miller	7892879	2000-04-12 20:17:38 +1000	[diff] [blame]	159	{ "protocol", oProtocol },
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	160	{ "remoteforward", oRemoteForward },
				161	{ "localforward", oLocalForward },
				162	{ "user", oUser },
				163	{ "host", oHost },
				164	{ "escapechar", oEscapeChar },
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	165	{ "globalknownhostsfile", oGlobalKnownHostsFile },
Ben Lindstrom	d6481ea	2001-06-25 04:37:41 +0000	[diff] [blame]	166	{ "userknownhostsfile", oUserKnownHostsFile }, /* obsolete */
Damien Miller	eba71ba	2000-04-29 23:57:08 +1000	[diff] [blame]	167	{ "globalknownhostsfile2", oGlobalKnownHostsFile2 },
Ben Lindstrom	d6481ea	2001-06-25 04:37:41 +0000	[diff] [blame]	168	{ "userknownhostsfile2", oUserKnownHostsFile2 }, /* obsolete */
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	169	{ "connectionattempts", oConnectionAttempts },
				170	{ "batchmode", oBatchMode },
				171	{ "checkhostip", oCheckHostIP },
				172	{ "stricthostkeychecking", oStrictHostKeyChecking },
				173	{ "compression", oCompression },
				174	{ "compressionlevel", oCompressionLevel },
Damien Miller	12c150e	2003-12-17 16:31:10 +1100	[diff] [blame]	175	{ "tcpkeepalive", oTCPKeepAlive },
				176	{ "keepalive", oTCPKeepAlive }, /* obsolete */
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	177	{ "numberofpasswordprompts", oNumberOfPasswordPrompts },
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	178	{ "loglevel", oLogLevel },
Ben Lindstrom	3bb4f9d	2001-04-08 18:30:26 +0000	[diff] [blame]	179	{ "dynamicforward", oDynamicForward },
Ben Lindstrom	b9be60a	2001-03-11 01:49:19 +0000	[diff] [blame]	180	{ "preferredauthentications", oPreferredAuthentications },
Ben Lindstrom	982dbbc	2001-04-17 18:11:36 +0000	[diff] [blame]	181	{ "hostkeyalgorithms", oHostKeyAlgorithms },
Ben Lindstrom	e0f8804	2001-04-30 13:06:24 +0000	[diff] [blame]	182	{ "bindaddress", oBindAddress },
Damien Miller	f9b3feb	2003-05-16 11:38:32 +1000	[diff] [blame]	183	#ifdef SMARTCARD
Ben Lindstrom	ae996bf	2001-08-06 21:27:53 +0000	[diff] [blame]	184	{ "smartcarddevice", oSmartcardDevice },
Damien Miller	f9b3feb	2003-05-16 11:38:32 +1000	[diff] [blame]	185	#else
				186	{ "smartcarddevice", oUnsupported },
				187	#endif
Damien Miller	9f0f5c6	2001-12-21 14:45:46 +1100	[diff] [blame]	188	{ "clearallforwardings", oClearAllForwardings },
Ben Lindstrom	b6df73b	2002-11-09 15:52:31 +0000	[diff] [blame]	189	{ "enablesshkeysign", oEnableSSHKeysign },
Damien Miller	37876e9	2003-05-15 10:19:46 +1000	[diff] [blame]	190	{ "verifyhostkeydns", oVerifyHostKeyDNS },
Damien Miller	9f0f5c6	2001-12-21 14:45:46 +1100	[diff] [blame]	191	{ "nohostauthenticationforlocalhost", oNoHostAuthenticationForLocalhost },
Damien Miller	a5539d2	2003-04-09 20:50:06 +1000	[diff] [blame]	192	{ "rekeylimit", oRekeyLimit },
Damien Miller	b78d5eb	2003-05-16 11:39:04 +1000	[diff] [blame]	193	{ "connecttimeout", oConnectTimeout },
Damien Miller	20a8f97	2003-05-18 20:50:30 +1000	[diff] [blame]	194	{ "addressfamily", oAddressFamily },
Damien Miller	509b010	2003-12-17 16:33:10 +1100	[diff] [blame]	195	{ "serveraliveinterval", oServerAliveInterval },
				196	{ "serveralivecountmax", oServerAliveCountMax },
Darren Tucker	46bc075	2004-05-02 22:11:30 +1000	[diff] [blame]	197	{ "sendenv", oSendEnv },
Damien Miller	0e220db	2004-06-15 10:34:08 +1000	[diff] [blame]	198	{ "controlpath", oControlPath },
				199	{ "controlmaster", oControlMaster },
Damien Miller	e177615	2005-03-01 21:47:37 +1100	[diff] [blame]	200	{ "hashknownhosts", oHashKnownHosts },
Ben Lindstrom	65366a8	2001-12-06 16:32:47 +0000	[diff] [blame]	201	{ NULL, oBadOption }
Damien Miller	5ce662a	1999-11-11 17:57:39 +1100	[diff] [blame]	202	};
				203
Damien Miller	5428f64	1999-11-25 11:54:57 +1100	[diff] [blame]	204	/*
				205	* Adds a local TCP/IP port forward to options. Never returns if there is an
				206	* error.
				207	*/
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	208
Damien Miller	4af5130	2000-04-16 11:18:38 +1000	[diff] [blame]	209	void
Damien Miller	f91ee4c	2005-03-01 21:24:33 +1100	[diff] [blame]	210	add_local_forward(Options options, const Forward newfwd)
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	211	{
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	212	Forward *fwd;
Ben Lindstrom	99a4e14	2002-07-09 14:06:40 +0000	[diff] [blame]	213	#ifndef NO_IPPORT_RESERVED_CONCEPT
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	214	extern uid_t original_real_uid;
Damien Miller	f91ee4c	2005-03-01 21:24:33 +1100	[diff] [blame]	215	if (newfwd->listen_port < IPPORT_RESERVED && original_real_uid != 0)
Ben Lindstrom	6df8ef4	2001-03-05 07:47:23 +0000	[diff] [blame]	216	fatal("Privileged ports can only be forwarded by root.");
Damien Miller	bac2d8a	2000-09-05 16:13:06 +1100	[diff] [blame]	217	#endif
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	218	if (options->num_local_forwards >= SSH_MAX_FORWARDS_PER_DIRECTION)
				219	fatal("Too many local forwards (max %d).", SSH_MAX_FORWARDS_PER_DIRECTION);
				220	fwd = &options->local_forwards[options->num_local_forwards++];
Damien Miller	f91ee4c	2005-03-01 21:24:33 +1100	[diff] [blame]	221
				222	fwd->listen_host = (newfwd->listen_host == NULL) ?
				223	NULL : xstrdup(newfwd->listen_host);
				224	fwd->listen_port = newfwd->listen_port;
				225	fwd->connect_host = xstrdup(newfwd->connect_host);
				226	fwd->connect_port = newfwd->connect_port;
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	227	}
				228
Damien Miller	5428f64	1999-11-25 11:54:57 +1100	[diff] [blame]	229	/*
				230	* Adds a remote TCP/IP port forward to options. Never returns if there is
				231	* an error.
				232	*/
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	233
Damien Miller	4af5130	2000-04-16 11:18:38 +1000	[diff] [blame]	234	void
Damien Miller	f91ee4c	2005-03-01 21:24:33 +1100	[diff] [blame]	235	add_remote_forward(Options options, const Forward newfwd)
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	236	{
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	237	Forward *fwd;
				238	if (options->num_remote_forwards >= SSH_MAX_FORWARDS_PER_DIRECTION)
				239	fatal("Too many remote forwards (max %d).",
Damien Miller	9f0f5c6	2001-12-21 14:45:46 +1100	[diff] [blame]	240	SSH_MAX_FORWARDS_PER_DIRECTION);
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	241	fwd = &options->remote_forwards[options->num_remote_forwards++];
Damien Miller	f91ee4c	2005-03-01 21:24:33 +1100	[diff] [blame]	242
				243	fwd->listen_host = (newfwd->listen_host == NULL) ?
				244	NULL : xstrdup(newfwd->listen_host);
				245	fwd->listen_port = newfwd->listen_port;
				246	fwd->connect_host = xstrdup(newfwd->connect_host);
				247	fwd->connect_port = newfwd->connect_port;
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	248	}
				249
Ben Lindstrom	2b7a0e9	2001-09-20 00:57:55 +0000	[diff] [blame]	250	static void
				251	clear_forwardings(Options *options)
				252	{
				253	int i;
				254
Damien Miller	f91ee4c	2005-03-01 21:24:33 +1100	[diff] [blame]	255	for (i = 0; i < options->num_local_forwards; i++) {
Darren Tucker	1d55ca7	2005-03-14 22:58:40 +1100	[diff] [blame]	256	if (options->local_forwards[i].listen_host != NULL)
				257	xfree(options->local_forwards[i].listen_host);
Damien Miller	f91ee4c	2005-03-01 21:24:33 +1100	[diff] [blame]	258	xfree(options->local_forwards[i].connect_host);
				259	}
Ben Lindstrom	2b7a0e9	2001-09-20 00:57:55 +0000	[diff] [blame]	260	options->num_local_forwards = 0;
Damien Miller	f91ee4c	2005-03-01 21:24:33 +1100	[diff] [blame]	261	for (i = 0; i < options->num_remote_forwards; i++) {
Darren Tucker	1d55ca7	2005-03-14 22:58:40 +1100	[diff] [blame]	262	if (options->remote_forwards[i].listen_host != NULL)
				263	xfree(options->remote_forwards[i].listen_host);
Damien Miller	f91ee4c	2005-03-01 21:24:33 +1100	[diff] [blame]	264	xfree(options->remote_forwards[i].connect_host);
				265	}
Ben Lindstrom	2b7a0e9	2001-09-20 00:57:55 +0000	[diff] [blame]	266	options->num_remote_forwards = 0;
				267	}
				268
Damien Miller	5428f64	1999-11-25 11:54:57 +1100	[diff] [blame]	269	/*
Ben Lindstrom	3704c26	2001-04-02 18:20:03 +0000	[diff] [blame]	270	* Returns the number of the token pointed to by cp or oBadOption.
Damien Miller	5428f64	1999-11-25 11:54:57 +1100	[diff] [blame]	271	*/
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	272
Damien Miller	4af5130	2000-04-16 11:18:38 +1000	[diff] [blame]	273	static OpCodes
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	274	parse_token(const char cp, const char filename, int linenum)
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	275	{
Ben Lindstrom	46c1622	2000-12-22 01:43:59 +0000	[diff] [blame]	276	u_int i;
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	277
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	278	for (i = 0; keywords[i].name; i++)
Damien Miller	5428f64	1999-11-25 11:54:57 +1100	[diff] [blame]	279	if (strcasecmp(cp, keywords[i].name) == 0)
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	280	return keywords[i].opcode;
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	281
Ben Lindstrom	b5cdc66	2001-04-16 02:13:26 +0000	[diff] [blame]	282	error("%s: line %d: Bad configuration option: %s",
				283	filename, linenum, cp);
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	284	return oBadOption;
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	285	}
				286
Damien Miller	5428f64	1999-11-25 11:54:57 +1100	[diff] [blame]	287	/*
				288	* Processes a single option line as used in the configuration files. This
				289	* only sets those values that have not already been set.
				290	*/
Damien Miller	61f08ac	2003-02-24 11:56:27 +1100	[diff] [blame]	291	#define WHITESPACE " \t\r\n"
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	292
Damien Miller	2ccf661	1999-11-15 15:25:10 +1100	[diff] [blame]	293	int
				294	process_config_line(Options options, const char host,
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	295	char line, const char filename, int linenum,
				296	int *activep)
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	297	{
Damien Miller	f91ee4c	2005-03-01 21:24:33 +1100	[diff] [blame]	298	char s, charptr, endofnumber, keyword, arg, *arg2, fwdarg[256];
Damien Miller	aae6c61	1999-12-06 11:47:28 +1100	[diff] [blame]	299	int opcode, *intptr, value;
Damien Miller	61f08ac	2003-02-24 11:56:27 +1100	[diff] [blame]	300	size_t len;
Damien Miller	f91ee4c	2005-03-01 21:24:33 +1100	[diff] [blame]	301	Forward fwd;
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	302
Damien Miller	c652cac	2003-05-14 13:40:54 +1000	[diff] [blame]	303	/* Strip trailing whitespace */
Darren Tucker	47eede7	2005-03-14 23:08:12 +1100	[diff] [blame]	304	for (len = strlen(line) - 1; len > 0; len--) {
Damien Miller	c652cac	2003-05-14 13:40:54 +1000	[diff] [blame]	305	if (strchr(WHITESPACE, line[len]) == NULL)
				306	break;
				307	line[len] = '\0';
				308	}
				309
Damien Miller	be484b5	2000-07-15 14:14:16 +1000	[diff] [blame]	310	s = line;
				311	/* Get the keyword. (Each line is supposed to begin with a keyword). */
				312	keyword = strdelim(&s);
				313	/* Ignore leading whitespace. */
				314	if (*keyword == '\0')
				315	keyword = strdelim(&s);
Ben Lindstrom	226cfa0	2001-01-22 05:34:40 +0000	[diff] [blame]	316	if (keyword == NULL \|\| !keyword \|\| keyword == '\n' \|\| *keyword == '#')
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	317	return 0;
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	318
Damien Miller	3702396	2000-07-11 17:31:38 +1000	[diff] [blame]	319	opcode = parse_token(keyword, filename, linenum);
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	320
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	321	switch (opcode) {
				322	case oBadOption:
Damien Miller	5428f64	1999-11-25 11:54:57 +1100	[diff] [blame]	323	/* don't panic, but count bad options */
				324	return -1;
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	325	/* NOTREACHED */
Damien Miller	b78d5eb	2003-05-16 11:39:04 +1000	[diff] [blame]	326	case oConnectTimeout:
				327	intptr = &options->connection_timeout;
Damien Miller	509b010	2003-12-17 16:33:10 +1100	[diff] [blame]	328	parse_time:
Damien Miller	b78d5eb	2003-05-16 11:39:04 +1000	[diff] [blame]	329	arg = strdelim(&s);
				330	if (!arg \|\| *arg == '\0')
				331	fatal("%s line %d: missing time value.",
				332	filename, linenum);
				333	if ((value = convtime(arg)) == -1)
				334	fatal("%s line %d: invalid time value.",
				335	filename, linenum);
				336	if (*intptr == -1)
				337	*intptr = value;
				338	break;
				339
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	340	case oForwardAgent:
				341	intptr = &options->forward_agent;
				342	parse_flag:
Damien Miller	be484b5	2000-07-15 14:14:16 +1000	[diff] [blame]	343	arg = strdelim(&s);
Damien Miller	3702396	2000-07-11 17:31:38 +1000	[diff] [blame]	344	if (!arg \|\| *arg == '\0')
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	345	fatal("%.200s line %d: Missing yes/no argument.", filename, linenum);
				346	value = 0; /* To avoid compiler warning... */
Damien Miller	3702396	2000-07-11 17:31:38 +1000	[diff] [blame]	347	if (strcmp(arg, "yes") == 0 \|\| strcmp(arg, "true") == 0)
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	348	value = 1;
Damien Miller	3702396	2000-07-11 17:31:38 +1000	[diff] [blame]	349	else if (strcmp(arg, "no") == 0 \|\| strcmp(arg, "false") == 0)
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	350	value = 0;
				351	else
				352	fatal("%.200s line %d: Bad yes/no argument.", filename, linenum);
				353	if (activep && intptr == -1)
				354	*intptr = value;
				355	break;
				356
				357	case oForwardX11:
				358	intptr = &options->forward_x11;
				359	goto parse_flag;
				360
Darren Tucker	0a118da	2003-10-15 15:54:32 +1000	[diff] [blame]	361	case oForwardX11Trusted:
				362	intptr = &options->forward_x11_trusted;
				363	goto parse_flag;
				364
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	365	case oGatewayPorts:
				366	intptr = &options->gateway_ports;
				367	goto parse_flag;
				368
				369	case oUsePrivilegedPort:
				370	intptr = &options->use_privileged_port;
				371	goto parse_flag;
				372
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	373	case oPasswordAuthentication:
				374	intptr = &options->password_authentication;
				375	goto parse_flag;
				376
Damien Miller	874d77b	2000-10-14 16:23:11 +1100	[diff] [blame]	377	case oKbdInteractiveAuthentication:
				378	intptr = &options->kbd_interactive_authentication;
				379	goto parse_flag;
				380
				381	case oKbdInteractiveDevices:
				382	charptr = &options->kbd_interactive_devices;
				383	goto parse_string;
				384
Damien Miller	0bc1bd8	2000-11-13 22:57:25 +1100	[diff] [blame]	385	case oPubkeyAuthentication:
				386	intptr = &options->pubkey_authentication;
Damien Miller	e247cc4	2000-05-07 12:03:14 +1000	[diff] [blame]	387	goto parse_flag;
				388
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	389	case oRSAAuthentication:
				390	intptr = &options->rsa_authentication;
				391	goto parse_flag;
				392
				393	case oRhostsRSAAuthentication:
				394	intptr = &options->rhosts_rsa_authentication;
				395	goto parse_flag;
				396
Ben Lindstrom	5eabda3	2001-04-12 23:34:34 +0000	[diff] [blame]	397	case oHostbasedAuthentication:
				398	intptr = &options->hostbased_authentication;
				399	goto parse_flag;
				400
Ben Lindstrom	95fb2dd	2001-01-23 03:12:10 +0000	[diff] [blame]	401	case oChallengeResponseAuthentication:
Ben Lindstrom	551ea37	2001-06-05 18:56:16 +0000	[diff] [blame]	402	intptr = &options->challenge_response_authentication;
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	403	goto parse_flag;
Damien Miller	2aa0ab4	2003-05-15 12:05:28 +1000	[diff] [blame]	404
Darren Tucker	0efd155	2003-08-26 11:49:55 +1000	[diff] [blame]	405	case oGssAuthentication:
				406	intptr = &options->gss_authentication;
				407	goto parse_flag;
				408
				409	case oGssDelegateCreds:
				410	intptr = &options->gss_deleg_creds;
				411	goto parse_flag;
				412
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	413	case oBatchMode:
				414	intptr = &options->batch_mode;
				415	goto parse_flag;
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	416
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	417	case oCheckHostIP:
				418	intptr = &options->check_host_ip;
				419	goto parse_flag;
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	420
Damien Miller	37876e9	2003-05-15 10:19:46 +1000	[diff] [blame]	421	case oVerifyHostKeyDNS:
				422	intptr = &options->verify_host_key_dns;
Damien Miller	150b557	2003-11-17 21:19:29 +1100	[diff] [blame]	423	goto parse_yesnoask;
Damien Miller	37876e9	2003-05-15 10:19:46 +1000	[diff] [blame]	424
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	425	case oStrictHostKeyChecking:
				426	intptr = &options->strict_host_key_checking;
Damien Miller	150b557	2003-11-17 21:19:29 +1100	[diff] [blame]	427	parse_yesnoask:
Damien Miller	be484b5	2000-07-15 14:14:16 +1000	[diff] [blame]	428	arg = strdelim(&s);
Damien Miller	3702396	2000-07-11 17:31:38 +1000	[diff] [blame]	429	if (!arg \|\| *arg == '\0')
Ben Lindstrom	5ed8acd	2001-01-29 08:00:54 +0000	[diff] [blame]	430	fatal("%.200s line %d: Missing yes/no/ask argument.",
Damien Miller	9f0f5c6	2001-12-21 14:45:46 +1100	[diff] [blame]	431	filename, linenum);
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	432	value = 0; /* To avoid compiler warning... */
Damien Miller	3702396	2000-07-11 17:31:38 +1000	[diff] [blame]	433	if (strcmp(arg, "yes") == 0 \|\| strcmp(arg, "true") == 0)
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	434	value = 1;
Damien Miller	3702396	2000-07-11 17:31:38 +1000	[diff] [blame]	435	else if (strcmp(arg, "no") == 0 \|\| strcmp(arg, "false") == 0)
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	436	value = 0;
Damien Miller	3702396	2000-07-11 17:31:38 +1000	[diff] [blame]	437	else if (strcmp(arg, "ask") == 0)
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	438	value = 2;
				439	else
				440	fatal("%.200s line %d: Bad yes/no/ask argument.", filename, linenum);
				441	if (activep && intptr == -1)
				442	*intptr = value;
				443	break;
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	444
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	445	case oCompression:
				446	intptr = &options->compression;
				447	goto parse_flag;
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	448
Damien Miller	12c150e	2003-12-17 16:31:10 +1100	[diff] [blame]	449	case oTCPKeepAlive:
				450	intptr = &options->tcp_keep_alive;
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	451	goto parse_flag;
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	452
Ben Lindstrom	3cecc9a	2001-10-03 17:39:38 +0000	[diff] [blame]	453	case oNoHostAuthenticationForLocalhost:
				454	intptr = &options->no_host_authentication_for_localhost;
				455	goto parse_flag;
				456
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	457	case oNumberOfPasswordPrompts:
				458	intptr = &options->number_of_password_prompts;
				459	goto parse_int;
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	460
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	461	case oCompressionLevel:
				462	intptr = &options->compression_level;
				463	goto parse_int;
				464
Damien Miller	a5539d2	2003-04-09 20:50:06 +1000	[diff] [blame]	465	case oRekeyLimit:
				466	intptr = &options->rekey_limit;
				467	arg = strdelim(&s);
				468	if (!arg \|\| *arg == '\0')
				469	fatal("%.200s line %d: Missing argument.", filename, linenum);
				470	if (arg[0] < '0' \|\| arg[0] > '9')
				471	fatal("%.200s line %d: Bad number.", filename, linenum);
				472	value = strtol(arg, &endofnumber, 10);
				473	if (arg == endofnumber)
				474	fatal("%.200s line %d: Bad number.", filename, linenum);
				475	switch (toupper(*endofnumber)) {
				476	case 'K':
				477	value *= 1<<10;
				478	break;
				479	case 'M':
				480	value *= 1<<20;
				481	break;
				482	case 'G':
				483	value *= 1<<30;
				484	break;
				485	}
				486	if (activep && intptr == -1)
				487	*intptr = value;
				488	break;
				489
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	490	case oIdentityFile:
Damien Miller	be484b5	2000-07-15 14:14:16 +1000	[diff] [blame]	491	arg = strdelim(&s);
Damien Miller	3702396	2000-07-11 17:31:38 +1000	[diff] [blame]	492	if (!arg \|\| *arg == '\0')
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	493	fatal("%.200s line %d: Missing argument.", filename, linenum);
				494	if (*activep) {
Damien Miller	0bc1bd8	2000-11-13 22:57:25 +1100	[diff] [blame]	495	intptr = &options->num_identity_files;
Damien Miller	eba71ba	2000-04-29 23:57:08 +1000	[diff] [blame]	496	if (*intptr >= SSH_MAX_IDENTITY_FILES)
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	497	fatal("%.200s line %d: Too many identity files specified (max %d).",
Damien Miller	9f0f5c6	2001-12-21 14:45:46 +1100	[diff] [blame]	498	filename, linenum, SSH_MAX_IDENTITY_FILES);
Damien Miller	0bc1bd8	2000-11-13 22:57:25 +1100	[diff] [blame]	499	charptr = &options->identity_files[*intptr];
Damien Miller	3702396	2000-07-11 17:31:38 +1000	[diff] [blame]	500	*charptr = xstrdup(arg);
Damien Miller	eba71ba	2000-04-29 23:57:08 +1000	[diff] [blame]	501	intptr = intptr + 1;
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	502	}
				503	break;
				504
Damien Miller	d3a1857	2000-06-07 19:55:44 +1000	[diff] [blame]	505	case oXAuthLocation:
				506	charptr=&options->xauth_location;
				507	goto parse_string;
				508
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	509	case oUser:
				510	charptr = &options->user;
				511	parse_string:
Damien Miller	be484b5	2000-07-15 14:14:16 +1000	[diff] [blame]	512	arg = strdelim(&s);
Damien Miller	3702396	2000-07-11 17:31:38 +1000	[diff] [blame]	513	if (!arg \|\| *arg == '\0')
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	514	fatal("%.200s line %d: Missing argument.", filename, linenum);
				515	if (activep && charptr == NULL)
Damien Miller	3702396	2000-07-11 17:31:38 +1000	[diff] [blame]	516	*charptr = xstrdup(arg);
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	517	break;
				518
				519	case oGlobalKnownHostsFile:
				520	charptr = &options->system_hostfile;
				521	goto parse_string;
				522
				523	case oUserKnownHostsFile:
				524	charptr = &options->user_hostfile;
				525	goto parse_string;
				526
Damien Miller	eba71ba	2000-04-29 23:57:08 +1000	[diff] [blame]	527	case oGlobalKnownHostsFile2:
				528	charptr = &options->system_hostfile2;
				529	goto parse_string;
				530
				531	case oUserKnownHostsFile2:
				532	charptr = &options->user_hostfile2;
				533	goto parse_string;
				534
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	535	case oHostName:
				536	charptr = &options->hostname;
				537	goto parse_string;
				538
Ben Lindstrom	4dccfa5	2000-12-28 16:40:05 +0000	[diff] [blame]	539	case oHostKeyAlias:
				540	charptr = &options->host_key_alias;
				541	goto parse_string;
				542
Ben Lindstrom	b9be60a	2001-03-11 01:49:19 +0000	[diff] [blame]	543	case oPreferredAuthentications:
				544	charptr = &options->preferred_authentications;
				545	goto parse_string;
				546
Ben Lindstrom	e0f8804	2001-04-30 13:06:24 +0000	[diff] [blame]	547	case oBindAddress:
				548	charptr = &options->bind_address;
				549	goto parse_string;
				550
Ben Lindstrom	ae996bf	2001-08-06 21:27:53 +0000	[diff] [blame]	551	case oSmartcardDevice:
Ben Lindstrom	f7db3bb	2001-08-06 21:35:51 +0000	[diff] [blame]	552	charptr = &options->smartcard_device;
				553	goto parse_string;
Ben Lindstrom	ae996bf	2001-08-06 21:27:53 +0000	[diff] [blame]	554
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	555	case oProxyCommand:
Darren Tucker	a99c1b7	2003-06-28 12:40:12 +1000	[diff] [blame]	556	if (s == NULL)
				557	fatal("%.200s line %d: Missing argument.", filename, linenum);
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	558	charptr = &options->proxy_command;
Damien Miller	61f08ac	2003-02-24 11:56:27 +1100	[diff] [blame]	559	len = strspn(s, WHITESPACE "=");
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	560	if (activep && charptr == NULL)
Damien Miller	61f08ac	2003-02-24 11:56:27 +1100	[diff] [blame]	561	*charptr = xstrdup(s + len);
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	562	return 0;
				563
				564	case oPort:
				565	intptr = &options->port;
				566	parse_int:
Damien Miller	be484b5	2000-07-15 14:14:16 +1000	[diff] [blame]	567	arg = strdelim(&s);
Damien Miller	3702396	2000-07-11 17:31:38 +1000	[diff] [blame]	568	if (!arg \|\| *arg == '\0')
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	569	fatal("%.200s line %d: Missing argument.", filename, linenum);
Damien Miller	3702396	2000-07-11 17:31:38 +1000	[diff] [blame]	570	if (arg[0] < '0' \|\| arg[0] > '9')
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	571	fatal("%.200s line %d: Bad number.", filename, linenum);
Damien Miller	5428f64	1999-11-25 11:54:57 +1100	[diff] [blame]	572
				573	/* Octal, decimal, or hex format? */
Damien Miller	3702396	2000-07-11 17:31:38 +1000	[diff] [blame]	574	value = strtol(arg, &endofnumber, 0);
				575	if (arg == endofnumber)
Damien Miller	5428f64	1999-11-25 11:54:57 +1100	[diff] [blame]	576	fatal("%.200s line %d: Bad number.", filename, linenum);
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	577	if (activep && intptr == -1)
				578	*intptr = value;
				579	break;
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	580
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	581	case oConnectionAttempts:
				582	intptr = &options->connection_attempts;
				583	goto parse_int;
Damien Miller	5ce662a	1999-11-11 17:57:39 +1100	[diff] [blame]	584
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	585	case oCipher:
				586	intptr = &options->cipher;
Damien Miller	be484b5	2000-07-15 14:14:16 +1000	[diff] [blame]	587	arg = strdelim(&s);
Damien Miller	3702396	2000-07-11 17:31:38 +1000	[diff] [blame]	588	if (!arg \|\| *arg == '\0')
Damien Miller	b1715dc	2000-05-30 13:44:51 +1000	[diff] [blame]	589	fatal("%.200s line %d: Missing argument.", filename, linenum);
Damien Miller	3702396	2000-07-11 17:31:38 +1000	[diff] [blame]	590	value = cipher_number(arg);
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	591	if (value == -1)
				592	fatal("%.200s line %d: Bad cipher '%s'.",
Damien Miller	9f0f5c6	2001-12-21 14:45:46 +1100	[diff] [blame]	593	filename, linenum, arg ? arg : "<NONE>");
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	594	if (activep && intptr == -1)
				595	*intptr = value;
				596	break;
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	597
Damien Miller	7892879	2000-04-12 20:17:38 +1000	[diff] [blame]	598	case oCiphers:
Damien Miller	be484b5	2000-07-15 14:14:16 +1000	[diff] [blame]	599	arg = strdelim(&s);
Damien Miller	3702396	2000-07-11 17:31:38 +1000	[diff] [blame]	600	if (!arg \|\| *arg == '\0')
Damien Miller	b1715dc	2000-05-30 13:44:51 +1000	[diff] [blame]	601	fatal("%.200s line %d: Missing argument.", filename, linenum);
Damien Miller	3702396	2000-07-11 17:31:38 +1000	[diff] [blame]	602	if (!ciphers_valid(arg))
Damien Miller	30c3d42	2000-05-09 11:02:59 +1000	[diff] [blame]	603	fatal("%.200s line %d: Bad SSH2 cipher spec '%s'.",
Damien Miller	9f0f5c6	2001-12-21 14:45:46 +1100	[diff] [blame]	604	filename, linenum, arg ? arg : "<NONE>");
Damien Miller	7892879	2000-04-12 20:17:38 +1000	[diff] [blame]	605	if (*activep && options->ciphers == NULL)
Damien Miller	3702396	2000-07-11 17:31:38 +1000	[diff] [blame]	606	options->ciphers = xstrdup(arg);
Damien Miller	7892879	2000-04-12 20:17:38 +1000	[diff] [blame]	607	break;
				608
Ben Lindstrom	06b33aa	2001-02-15 03:01:59 +0000	[diff] [blame]	609	case oMacs:
				610	arg = strdelim(&s);
				611	if (!arg \|\| *arg == '\0')
				612	fatal("%.200s line %d: Missing argument.", filename, linenum);
				613	if (!mac_valid(arg))
				614	fatal("%.200s line %d: Bad SSH2 Mac spec '%s'.",
Damien Miller	9f0f5c6	2001-12-21 14:45:46 +1100	[diff] [blame]	615	filename, linenum, arg ? arg : "<NONE>");
Ben Lindstrom	06b33aa	2001-02-15 03:01:59 +0000	[diff] [blame]	616	if (*activep && options->macs == NULL)
				617	options->macs = xstrdup(arg);
				618	break;
				619
Ben Lindstrom	982dbbc	2001-04-17 18:11:36 +0000	[diff] [blame]	620	case oHostKeyAlgorithms:
				621	arg = strdelim(&s);
				622	if (!arg \|\| *arg == '\0')
				623	fatal("%.200s line %d: Missing argument.", filename, linenum);
				624	if (!key_names_valid2(arg))
				625	fatal("%.200s line %d: Bad protocol 2 host key algorithms '%s'.",
Damien Miller	9f0f5c6	2001-12-21 14:45:46 +1100	[diff] [blame]	626	filename, linenum, arg ? arg : "<NONE>");
Ben Lindstrom	982dbbc	2001-04-17 18:11:36 +0000	[diff] [blame]	627	if (*activep && options->hostkeyalgorithms == NULL)
				628	options->hostkeyalgorithms = xstrdup(arg);
				629	break;
				630
Damien Miller	7892879	2000-04-12 20:17:38 +1000	[diff] [blame]	631	case oProtocol:
				632	intptr = &options->protocol;
Damien Miller	be484b5	2000-07-15 14:14:16 +1000	[diff] [blame]	633	arg = strdelim(&s);
Damien Miller	3702396	2000-07-11 17:31:38 +1000	[diff] [blame]	634	if (!arg \|\| *arg == '\0')
Damien Miller	b1715dc	2000-05-30 13:44:51 +1000	[diff] [blame]	635	fatal("%.200s line %d: Missing argument.", filename, linenum);
Damien Miller	3702396	2000-07-11 17:31:38 +1000	[diff] [blame]	636	value = proto_spec(arg);
Damien Miller	7892879	2000-04-12 20:17:38 +1000	[diff] [blame]	637	if (value == SSH_PROTO_UNKNOWN)
				638	fatal("%.200s line %d: Bad protocol spec '%s'.",
Damien Miller	9f0f5c6	2001-12-21 14:45:46 +1100	[diff] [blame]	639	filename, linenum, arg ? arg : "<NONE>");
Damien Miller	7892879	2000-04-12 20:17:38 +1000	[diff] [blame]	640	if (activep && intptr == SSH_PROTO_UNKNOWN)
				641	*intptr = value;
				642	break;
				643
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	644	case oLogLevel:
				645	intptr = (int *) &options->log_level;
Damien Miller	be484b5	2000-07-15 14:14:16 +1000	[diff] [blame]	646	arg = strdelim(&s);
Damien Miller	3702396	2000-07-11 17:31:38 +1000	[diff] [blame]	647	value = log_level_number(arg);
Damien Miller	fcd9320	2002-02-05 12:26:34 +1100	[diff] [blame]	648	if (value == SYSLOG_LEVEL_NOT_SET)
Ben Lindstrom	6df8ef4	2001-03-05 07:47:23 +0000	[diff] [blame]	649	fatal("%.200s line %d: unsupported log level '%s'",
Damien Miller	9f0f5c6	2001-12-21 14:45:46 +1100	[diff] [blame]	650	filename, linenum, arg ? arg : "<NONE>");
Damien Miller	fcd9320	2002-02-05 12:26:34 +1100	[diff] [blame]	651	if (activep && (LogLevel) intptr == SYSLOG_LEVEL_NOT_SET)
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	652	*intptr = (LogLevel) value;
				653	break;
				654
Ben Lindstrom	62c25a4	2001-09-12 18:01:59 +0000	[diff] [blame]	655	case oLocalForward:
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	656	case oRemoteForward:
Damien Miller	be484b5	2000-07-15 14:14:16 +1000	[diff] [blame]	657	arg = strdelim(&s);
Damien Miller	f91ee4c	2005-03-01 21:24:33 +1100	[diff] [blame]	658	if (arg == NULL \|\| *arg == '\0')
Ben Lindstrom	62c25a4	2001-09-12 18:01:59 +0000	[diff] [blame]	659	fatal("%.200s line %d: Missing port argument.",
				660	filename, linenum);
Damien Miller	f91ee4c	2005-03-01 21:24:33 +1100	[diff] [blame]	661	arg2 = strdelim(&s);
				662	if (arg2 == NULL \|\| *arg2 == '\0')
				663	fatal("%.200s line %d: Missing target argument.",
Ben Lindstrom	62c25a4	2001-09-12 18:01:59 +0000	[diff] [blame]	664	filename, linenum);
Damien Miller	f91ee4c	2005-03-01 21:24:33 +1100	[diff] [blame]	665
				666	/* construct a string for parse_forward */
				667	snprintf(fwdarg, sizeof(fwdarg), "%s:%s", arg, arg2);
				668
				669	if (parse_forward(&fwd, fwdarg) == 0)
Ben Lindstrom	62c25a4	2001-09-12 18:01:59 +0000	[diff] [blame]	670	fatal("%.200s line %d: Bad forwarding specification.",
				671	filename, linenum);
Damien Miller	f91ee4c	2005-03-01 21:24:33 +1100	[diff] [blame]	672
Ben Lindstrom	62c25a4	2001-09-12 18:01:59 +0000	[diff] [blame]	673	if (*activep) {
				674	if (opcode == oLocalForward)
Damien Miller	f91ee4c	2005-03-01 21:24:33 +1100	[diff] [blame]	675	add_local_forward(options, &fwd);
Ben Lindstrom	62c25a4	2001-09-12 18:01:59 +0000	[diff] [blame]	676	else if (opcode == oRemoteForward)
Damien Miller	f91ee4c	2005-03-01 21:24:33 +1100	[diff] [blame]	677	add_remote_forward(options, &fwd);
Ben Lindstrom	62c25a4	2001-09-12 18:01:59 +0000	[diff] [blame]	678	}
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	679	break;
				680
Ben Lindstrom	3bb4f9d	2001-04-08 18:30:26 +0000	[diff] [blame]	681	case oDynamicForward:
				682	arg = strdelim(&s);
				683	if (!arg \|\| *arg == '\0')
				684	fatal("%.200s line %d: Missing port argument.",
				685	filename, linenum);
Damien Miller	f91ee4c	2005-03-01 21:24:33 +1100	[diff] [blame]	686	memset(&fwd, '\0', sizeof(fwd));
				687	fwd.connect_host = "socks";
				688	fwd.listen_host = hpdelim(&arg);
				689	if (fwd.listen_host == NULL \|\|
				690	strlen(fwd.listen_host) >= NI_MAXHOST)
				691	fatal("%.200s line %d: Bad forwarding specification.",
				692	filename, linenum);
				693	if (arg) {
				694	fwd.listen_port = a2port(arg);
				695	fwd.listen_host = cleanhostname(fwd.listen_host);
				696	} else {
				697	fwd.listen_port = a2port(fwd.listen_host);
				698	fwd.listen_host = "";
				699	}
				700	if (fwd.listen_port == 0)
Ben Lindstrom	3bb4f9d	2001-04-08 18:30:26 +0000	[diff] [blame]	701	fatal("%.200s line %d: Badly formatted port number.",
				702	filename, linenum);
Ben Lindstrom	525a093	2001-09-12 17:35:27 +0000	[diff] [blame]	703	if (*activep)
Damien Miller	f91ee4c	2005-03-01 21:24:33 +1100	[diff] [blame]	704	add_local_forward(options, &fwd);
Ben Lindstrom	5eabda3	2001-04-12 23:34:34 +0000	[diff] [blame]	705	break;
Ben Lindstrom	3bb4f9d	2001-04-08 18:30:26 +0000	[diff] [blame]	706
Ben Lindstrom	2b7a0e9	2001-09-20 00:57:55 +0000	[diff] [blame]	707	case oClearAllForwardings:
				708	intptr = &options->clear_forwardings;
				709	goto parse_flag;
				710
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	711	case oHost:
				712	*activep = 0;
Damien Miller	be484b5	2000-07-15 14:14:16 +1000	[diff] [blame]	713	while ((arg = strdelim(&s)) != NULL && *arg != '\0')
Damien Miller	3702396	2000-07-11 17:31:38 +1000	[diff] [blame]	714	if (match_pattern(host, arg)) {
				715	debug("Applying options for %.100s", arg);
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	716	*activep = 1;
				717	break;
				718	}
Damien Miller	be484b5	2000-07-15 14:14:16 +1000	[diff] [blame]	719	/* Avoid garbage check below, as strdelim is done. */
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	720	return 0;
				721
				722	case oEscapeChar:
				723	intptr = &options->escape_char;
Damien Miller	be484b5	2000-07-15 14:14:16 +1000	[diff] [blame]	724	arg = strdelim(&s);
Damien Miller	3702396	2000-07-11 17:31:38 +1000	[diff] [blame]	725	if (!arg \|\| *arg == '\0')
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	726	fatal("%.200s line %d: Missing argument.", filename, linenum);
Damien Miller	3702396	2000-07-11 17:31:38 +1000	[diff] [blame]	727	if (arg[0] == '^' && arg[2] == 0 &&
Ben Lindstrom	46c1622	2000-12-22 01:43:59 +0000	[diff] [blame]	728	(u_char) arg[1] >= 64 && (u_char) arg[1] < 128)
				729	value = (u_char) arg[1] & 31;
Damien Miller	3702396	2000-07-11 17:31:38 +1000	[diff] [blame]	730	else if (strlen(arg) == 1)
Ben Lindstrom	46c1622	2000-12-22 01:43:59 +0000	[diff] [blame]	731	value = (u_char) arg[0];
Damien Miller	3702396	2000-07-11 17:31:38 +1000	[diff] [blame]	732	else if (strcmp(arg, "none") == 0)
Ben Lindstrom	2b1f71b	2001-06-05 20:32:21 +0000	[diff] [blame]	733	value = SSH_ESCAPECHAR_NONE;
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	734	else {
				735	fatal("%.200s line %d: Bad escape character.",
Damien Miller	9f0f5c6	2001-12-21 14:45:46 +1100	[diff] [blame]	736	filename, linenum);
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	737	/* NOTREACHED */
				738	value = 0; /* Avoid compiler warning. */
				739	}
				740	if (activep && intptr == -1)
				741	*intptr = value;
				742	break;
				743
Damien Miller	20a8f97	2003-05-18 20:50:30 +1000	[diff] [blame]	744	case oAddressFamily:
				745	arg = strdelim(&s);
Damien Miller	17b23d8	2005-05-26 12:11:56 +1000	[diff] [blame]	746	if (!arg \|\| *arg == '\0')
				747	fatal("%s line %d: missing address family.",
				748	filename, linenum);
Darren Tucker	0a4f04b	2003-07-03 20:37:47 +1000	[diff] [blame]	749	intptr = &options->address_family;
Damien Miller	20a8f97	2003-05-18 20:50:30 +1000	[diff] [blame]	750	if (strcasecmp(arg, "inet") == 0)
Darren Tucker	0a4f04b	2003-07-03 20:37:47 +1000	[diff] [blame]	751	value = AF_INET;
Damien Miller	20a8f97	2003-05-18 20:50:30 +1000	[diff] [blame]	752	else if (strcasecmp(arg, "inet6") == 0)
Darren Tucker	0a4f04b	2003-07-03 20:37:47 +1000	[diff] [blame]	753	value = AF_INET6;
Damien Miller	20a8f97	2003-05-18 20:50:30 +1000	[diff] [blame]	754	else if (strcasecmp(arg, "any") == 0)
Darren Tucker	0a4f04b	2003-07-03 20:37:47 +1000	[diff] [blame]	755	value = AF_UNSPEC;
Damien Miller	20a8f97	2003-05-18 20:50:30 +1000	[diff] [blame]	756	else
				757	fatal("Unsupported AddressFamily \"%s\"", arg);
Darren Tucker	0a4f04b	2003-07-03 20:37:47 +1000	[diff] [blame]	758	if (activep && intptr == -1)
				759	*intptr = value;
Damien Miller	20a8f97	2003-05-18 20:50:30 +1000	[diff] [blame]	760	break;
				761
Ben Lindstrom	b6df73b	2002-11-09 15:52:31 +0000	[diff] [blame]	762	case oEnableSSHKeysign:
				763	intptr = &options->enable_ssh_keysign;
				764	goto parse_flag;
				765
Damien Miller	bd394c3	2004-03-08 23:12:36 +1100	[diff] [blame]	766	case oIdentitiesOnly:
				767	intptr = &options->identities_only;
				768	goto parse_flag;
				769
Damien Miller	509b010	2003-12-17 16:33:10 +1100	[diff] [blame]	770	case oServerAliveInterval:
				771	intptr = &options->server_alive_interval;
				772	goto parse_time;
				773
				774	case oServerAliveCountMax:
				775	intptr = &options->server_alive_count_max;
				776	goto parse_int;
				777
Darren Tucker	46bc075	2004-05-02 22:11:30 +1000	[diff] [blame]	778	case oSendEnv:
				779	while ((arg = strdelim(&s)) != NULL && *arg != '\0') {
				780	if (strchr(arg, '=') != NULL)
				781	fatal("%s line %d: Invalid environment name.",
				782	filename, linenum);
Damien Miller	f8e7acc	2005-03-05 11:22:50 +1100	[diff] [blame]	783	if (!*activep)
				784	continue;
Darren Tucker	46bc075	2004-05-02 22:11:30 +1000	[diff] [blame]	785	if (options->num_send_env >= MAX_SEND_ENV)
				786	fatal("%s line %d: too many send env.",
				787	filename, linenum);
				788	options->send_env[options->num_send_env++] =
				789	xstrdup(arg);
				790	}
				791	break;
				792
Damien Miller	0e220db	2004-06-15 10:34:08 +1000	[diff] [blame]	793	case oControlPath:
				794	charptr = &options->control_path;
				795	goto parse_string;
				796
				797	case oControlMaster:
				798	intptr = &options->control_master;
Damien Miller	d14b1e7	2005-06-16 13:19:41 +1000	[diff] [blame]	799	arg = strdelim(&s);
				800	if (!arg \|\| *arg == '\0')
				801	fatal("%.200s line %d: Missing ControlMaster argument.",
				802	filename, linenum);
				803	value = 0; /* To avoid compiler warning... */
				804	if (strcmp(arg, "yes") == 0 \|\| strcmp(arg, "true") == 0)
				805	value = SSHCTL_MASTER_YES;
				806	else if (strcmp(arg, "no") == 0 \|\| strcmp(arg, "false") == 0)
				807	value = SSHCTL_MASTER_NO;
				808	else if (strcmp(arg, "auto") == 0)
				809	value = SSHCTL_MASTER_AUTO;
				810	else if (strcmp(arg, "ask") == 0)
				811	value = SSHCTL_MASTER_ASK;
				812	else if (strcmp(arg, "autoask") == 0)
				813	value = SSHCTL_MASTER_AUTO_ASK;
				814	else
				815	fatal("%.200s line %d: Bad ControlMaster argument.",
				816	filename, linenum);
				817	if (activep && intptr == -1)
				818	*intptr = value;
				819	break;
Damien Miller	0e220db	2004-06-15 10:34:08 +1000	[diff] [blame]	820
Damien Miller	e177615	2005-03-01 21:47:37 +1100	[diff] [blame]	821	case oHashKnownHosts:
				822	intptr = &options->hash_known_hosts;
				823	goto parse_flag;
				824
Ben Lindstrom	4daea86	2002-06-09 20:04:02 +0000	[diff] [blame]	825	case oDeprecated:
Ben Lindstrom	2e17b08	2002-06-09 20:13:27 +0000	[diff] [blame]	826	debug("%s line %d: Deprecated option \"%s\"",
Ben Lindstrom	4daea86	2002-06-09 20:04:02 +0000	[diff] [blame]	827	filename, linenum, keyword);
Ben Lindstrom	2e17b08	2002-06-09 20:13:27 +0000	[diff] [blame]	828	return 0;
Ben Lindstrom	4daea86	2002-06-09 20:04:02 +0000	[diff] [blame]	829
Damien Miller	f9b3feb	2003-05-16 11:38:32 +1000	[diff] [blame]	830	case oUnsupported:
				831	error("%s line %d: Unsupported option \"%s\"",
				832	filename, linenum, keyword);
				833	return 0;
				834
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	835	default:
				836	fatal("process_config_line: Unimplemented opcode %d", opcode);
				837	}
				838
				839	/* Check that there is no garbage at end of line. */
Ben Lindstrom	226cfa0	2001-01-22 05:34:40 +0000	[diff] [blame]	840	if ((arg = strdelim(&s)) != NULL && *arg != '\0') {
Damien Miller	3702396	2000-07-11 17:31:38 +1000	[diff] [blame]	841	fatal("%.200s line %d: garbage at end of line; \"%.200s\".",
Damien Miller	0dc1bef	2005-07-17 17:22:45 +1000	[diff] [blame]	842	filename, linenum, arg);
Damien Miller	3702396	2000-07-11 17:31:38 +1000	[diff] [blame]	843	}
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	844	return 0;
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	845	}
				846
				847
Damien Miller	5428f64	1999-11-25 11:54:57 +1100	[diff] [blame]	848	/*
				849	* Reads the config file and modifies the options accordingly. Options
				850	* should already be initialized before this call. This never returns if
Ben Lindstrom	edc0cf2	2001-09-12 18:32:20 +0000	[diff] [blame]	851	* there is an error. If the file does not exist, this returns 0.
Damien Miller	5428f64	1999-11-25 11:54:57 +1100	[diff] [blame]	852	*/
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	853
Ben Lindstrom	edc0cf2	2001-09-12 18:32:20 +0000	[diff] [blame]	854	int
Darren Tucker	fc95970	2004-07-17 16:12:08 +1000	[diff] [blame]	855	read_config_file(const char filename, const char host, Options *options,
Damien Miller	57a4476	2004-04-20 20:11:57 +1000	[diff] [blame]	856	int checkperm)
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	857	{
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	858	FILE *f;
				859	char line[1024];
				860	int active, linenum;
				861	int bad_options = 0;
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	862
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	863	/* Open the file. */
Damien Miller	57a4476	2004-04-20 20:11:57 +1000	[diff] [blame]	864	if ((f = fopen(filename, "r")) == NULL)
Ben Lindstrom	edc0cf2	2001-09-12 18:32:20 +0000	[diff] [blame]	865	return 0;
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	866
Damien Miller	57a4476	2004-04-20 20:11:57 +1000	[diff] [blame]	867	if (checkperm) {
				868	struct stat sb;
Darren Tucker	fc95970	2004-07-17 16:12:08 +1000	[diff] [blame]	869
Damien Miller	3379385	2004-06-15 10:27:55 +1000	[diff] [blame]	870	if (fstat(fileno(f), &sb) == -1)
Damien Miller	57a4476	2004-04-20 20:11:57 +1000	[diff] [blame]	871	fatal("fstat %s: %s", filename, strerror(errno));
Damien Miller	57a4476	2004-04-20 20:11:57 +1000	[diff] [blame]	872	if (((sb.st_uid != 0 && sb.st_uid != getuid()) \|\|
Damien Miller	3379385	2004-06-15 10:27:55 +1000	[diff] [blame]	873	(sb.st_mode & 022) != 0))
Damien Miller	57a4476	2004-04-20 20:11:57 +1000	[diff] [blame]	874	fatal("Bad owner or permissions on %s", filename);
Damien Miller	57a4476	2004-04-20 20:11:57 +1000	[diff] [blame]	875	}
				876
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	877	debug("Reading configuration data %.200s", filename);
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	878
Damien Miller	5428f64	1999-11-25 11:54:57 +1100	[diff] [blame]	879	/*
				880	* Mark that we are now processing the options. This flag is turned
				881	* on/off by Host specifications.
				882	*/
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	883	active = 1;
				884	linenum = 0;
				885	while (fgets(line, sizeof(line), f)) {
				886	/* Update line number counter. */
				887	linenum++;
				888	if (process_config_line(options, host, line, filename, linenum, &active) != 0)
				889	bad_options++;
				890	}
				891	fclose(f);
				892	if (bad_options > 0)
Ben Lindstrom	6df8ef4	2001-03-05 07:47:23 +0000	[diff] [blame]	893	fatal("%s: terminating, %d bad configuration options",
Damien Miller	9f0f5c6	2001-12-21 14:45:46 +1100	[diff] [blame]	894	filename, bad_options);
Ben Lindstrom	edc0cf2	2001-09-12 18:32:20 +0000	[diff] [blame]	895	return 1;
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	896	}
				897
Damien Miller	5428f64	1999-11-25 11:54:57 +1100	[diff] [blame]	898	/*
				899	* Initializes options to special values that indicate that they have not yet
				900	* been set. Read_config_file will only set options with this value. Options
				901	* are processed in the following order: command line, user config file,
				902	* system config file. Last, fill_default_options is called.
				903	*/
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	904
Damien Miller	4af5130	2000-04-16 11:18:38 +1000	[diff] [blame]	905	void
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	906	initialize_options(Options * options)
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	907	{
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	908	memset(options, 'X', sizeof(*options));
				909	options->forward_agent = -1;
				910	options->forward_x11 = -1;
Darren Tucker	0a118da	2003-10-15 15:54:32 +1000	[diff] [blame]	911	options->forward_x11_trusted = -1;
Damien Miller	d3a1857	2000-06-07 19:55:44 +1000	[diff] [blame]	912	options->xauth_location = NULL;
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	913	options->gateway_ports = -1;
				914	options->use_privileged_port = -1;
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	915	options->rsa_authentication = -1;
Damien Miller	0bc1bd8	2000-11-13 22:57:25 +1100	[diff] [blame]	916	options->pubkey_authentication = -1;
Ben Lindstrom	551ea37	2001-06-05 18:56:16 +0000	[diff] [blame]	917	options->challenge_response_authentication = -1;
Darren Tucker	0efd155	2003-08-26 11:49:55 +1000	[diff] [blame]	918	options->gss_authentication = -1;
				919	options->gss_deleg_creds = -1;
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	920	options->password_authentication = -1;
Damien Miller	874d77b	2000-10-14 16:23:11 +1100	[diff] [blame]	921	options->kbd_interactive_authentication = -1;
				922	options->kbd_interactive_devices = NULL;
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	923	options->rhosts_rsa_authentication = -1;
Ben Lindstrom	5eabda3	2001-04-12 23:34:34 +0000	[diff] [blame]	924	options->hostbased_authentication = -1;
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	925	options->batch_mode = -1;
				926	options->check_host_ip = -1;
				927	options->strict_host_key_checking = -1;
				928	options->compression = -1;
Damien Miller	12c150e	2003-12-17 16:31:10 +1100	[diff] [blame]	929	options->tcp_keep_alive = -1;
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	930	options->compression_level = -1;
				931	options->port = -1;
Darren Tucker	0a4f04b	2003-07-03 20:37:47 +1000	[diff] [blame]	932	options->address_family = -1;
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	933	options->connection_attempts = -1;
Damien Miller	b78d5eb	2003-05-16 11:39:04 +1000	[diff] [blame]	934	options->connection_timeout = -1;
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	935	options->number_of_password_prompts = -1;
				936	options->cipher = -1;
Damien Miller	7892879	2000-04-12 20:17:38 +1000	[diff] [blame]	937	options->ciphers = NULL;
Ben Lindstrom	06b33aa	2001-02-15 03:01:59 +0000	[diff] [blame]	938	options->macs = NULL;
Ben Lindstrom	982dbbc	2001-04-17 18:11:36 +0000	[diff] [blame]	939	options->hostkeyalgorithms = NULL;
Damien Miller	7892879	2000-04-12 20:17:38 +1000	[diff] [blame]	940	options->protocol = SSH_PROTO_UNKNOWN;
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	941	options->num_identity_files = 0;
				942	options->hostname = NULL;
Ben Lindstrom	4dccfa5	2000-12-28 16:40:05 +0000	[diff] [blame]	943	options->host_key_alias = NULL;
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	944	options->proxy_command = NULL;
				945	options->user = NULL;
				946	options->escape_char = -1;
				947	options->system_hostfile = NULL;
				948	options->user_hostfile = NULL;
Damien Miller	eba71ba	2000-04-29 23:57:08 +1000	[diff] [blame]	949	options->system_hostfile2 = NULL;
				950	options->user_hostfile2 = NULL;
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	951	options->num_local_forwards = 0;
				952	options->num_remote_forwards = 0;
Ben Lindstrom	2b7a0e9	2001-09-20 00:57:55 +0000	[diff] [blame]	953	options->clear_forwardings = -1;
Damien Miller	fcd9320	2002-02-05 12:26:34 +1100	[diff] [blame]	954	options->log_level = SYSLOG_LEVEL_NOT_SET;
Ben Lindstrom	b9be60a	2001-03-11 01:49:19 +0000	[diff] [blame]	955	options->preferred_authentications = NULL;
Ben Lindstrom	e0f8804	2001-04-30 13:06:24 +0000	[diff] [blame]	956	options->bind_address = NULL;
Ben Lindstrom	f7db3bb	2001-08-06 21:35:51 +0000	[diff] [blame]	957	options->smartcard_device = NULL;
Ben Lindstrom	b6df73b	2002-11-09 15:52:31 +0000	[diff] [blame]	958	options->enable_ssh_keysign = - 1;
Ben Lindstrom	3cecc9a	2001-10-03 17:39:38 +0000	[diff] [blame]	959	options->no_host_authentication_for_localhost = - 1;
Damien Miller	bd394c3	2004-03-08 23:12:36 +1100	[diff] [blame]	960	options->identities_only = - 1;
Damien Miller	a5539d2	2003-04-09 20:50:06 +1000	[diff] [blame]	961	options->rekey_limit = - 1;
Damien Miller	37876e9	2003-05-15 10:19:46 +1000	[diff] [blame]	962	options->verify_host_key_dns = -1;
Damien Miller	509b010	2003-12-17 16:33:10 +1100	[diff] [blame]	963	options->server_alive_interval = -1;
				964	options->server_alive_count_max = -1;
Darren Tucker	46bc075	2004-05-02 22:11:30 +1000	[diff] [blame]	965	options->num_send_env = 0;
Damien Miller	0e220db	2004-06-15 10:34:08 +1000	[diff] [blame]	966	options->control_path = NULL;
				967	options->control_master = -1;
Damien Miller	e177615	2005-03-01 21:47:37 +1100	[diff] [blame]	968	options->hash_known_hosts = -1;
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	969	}
				970
Damien Miller	5428f64	1999-11-25 11:54:57 +1100	[diff] [blame]	971	/*
				972	* Called after processing other sources of option data, this fills those
				973	* options for which no value has been specified with their default values.
				974	*/
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	975
Damien Miller	4af5130	2000-04-16 11:18:38 +1000	[diff] [blame]	976	void
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	977	fill_default_options(Options * options)
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	978	{
Ben Lindstrom	4f7a64a	2001-02-10 22:50:09 +0000	[diff] [blame]	979	int len;
				980
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	981	if (options->forward_agent == -1)
Damien Miller	b1715dc	2000-05-30 13:44:51 +1000	[diff] [blame]	982	options->forward_agent = 0;
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	983	if (options->forward_x11 == -1)
Damien Miller	98c7ad6	2000-03-09 21:27:49 +1100	[diff] [blame]	984	options->forward_x11 = 0;
Darren Tucker	0a118da	2003-10-15 15:54:32 +1000	[diff] [blame]	985	if (options->forward_x11_trusted == -1)
				986	options->forward_x11_trusted = 0;
Damien Miller	d3a1857	2000-06-07 19:55:44 +1000	[diff] [blame]	987	if (options->xauth_location == NULL)
Ben Lindstrom	1bf11f6	2001-06-09 01:48:01 +0000	[diff] [blame]	988	options->xauth_location = _PATH_XAUTH;
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	989	if (options->gateway_ports == -1)
				990	options->gateway_ports = 0;
				991	if (options->use_privileged_port == -1)
Ben Lindstrom	cebc858	2001-03-08 03:39:10 +0000	[diff] [blame]	992	options->use_privileged_port = 0;
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	993	if (options->rsa_authentication == -1)
				994	options->rsa_authentication = 1;
Damien Miller	0bc1bd8	2000-11-13 22:57:25 +1100	[diff] [blame]	995	if (options->pubkey_authentication == -1)
				996	options->pubkey_authentication = 1;
Ben Lindstrom	551ea37	2001-06-05 18:56:16 +0000	[diff] [blame]	997	if (options->challenge_response_authentication == -1)
Ben Lindstrom	0076d75	2001-08-06 20:53:26 +0000	[diff] [blame]	998	options->challenge_response_authentication = 1;
Darren Tucker	0efd155	2003-08-26 11:49:55 +1000	[diff] [blame]	999	if (options->gss_authentication == -1)
Darren Tucker	a044f47	2003-10-15 15:52:03 +1000	[diff] [blame]	1000	options->gss_authentication = 0;
Darren Tucker	0efd155	2003-08-26 11:49:55 +1000	[diff] [blame]	1001	if (options->gss_deleg_creds == -1)
				1002	options->gss_deleg_creds = 0;
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	1003	if (options->password_authentication == -1)
				1004	options->password_authentication = 1;
Damien Miller	874d77b	2000-10-14 16:23:11 +1100	[diff] [blame]	1005	if (options->kbd_interactive_authentication == -1)
Ben Lindstrom	95fb2dd	2001-01-23 03:12:10 +0000	[diff] [blame]	1006	options->kbd_interactive_authentication = 1;
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	1007	if (options->rhosts_rsa_authentication == -1)
Ben Lindstrom	2bf8276	2002-06-11 15:53:05 +0000	[diff] [blame]	1008	options->rhosts_rsa_authentication = 0;
Ben Lindstrom	5eabda3	2001-04-12 23:34:34 +0000	[diff] [blame]	1009	if (options->hostbased_authentication == -1)
				1010	options->hostbased_authentication = 0;
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	1011	if (options->batch_mode == -1)
				1012	options->batch_mode = 0;
				1013	if (options->check_host_ip == -1)
				1014	options->check_host_ip = 1;
				1015	if (options->strict_host_key_checking == -1)
				1016	options->strict_host_key_checking = 2; /* 2 is default */
				1017	if (options->compression == -1)
				1018	options->compression = 0;
Damien Miller	12c150e	2003-12-17 16:31:10 +1100	[diff] [blame]	1019	if (options->tcp_keep_alive == -1)
				1020	options->tcp_keep_alive = 1;
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	1021	if (options->compression_level == -1)
				1022	options->compression_level = 6;
				1023	if (options->port == -1)
				1024	options->port = 0; /* Filled in ssh_connect. */
Darren Tucker	0a4f04b	2003-07-03 20:37:47 +1000	[diff] [blame]	1025	if (options->address_family == -1)
				1026	options->address_family = AF_UNSPEC;
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	1027	if (options->connection_attempts == -1)
Ben Lindstrom	f9cedb9	2001-08-06 21:07:11 +0000	[diff] [blame]	1028	options->connection_attempts = 1;
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	1029	if (options->number_of_password_prompts == -1)
				1030	options->number_of_password_prompts = 3;
				1031	/* Selected in ssh_login(). */
				1032	if (options->cipher == -1)
				1033	options->cipher = SSH_CIPHER_NOT_SET;
Damien Miller	30c3d42	2000-05-09 11:02:59 +1000	[diff] [blame]	1034	/* options->ciphers, default set in myproposals.h */
Ben Lindstrom	06b33aa	2001-02-15 03:01:59 +0000	[diff] [blame]	1035	/* options->macs, default set in myproposals.h */
Ben Lindstrom	982dbbc	2001-04-17 18:11:36 +0000	[diff] [blame]	1036	/* options->hostkeyalgorithms, default set in myproposals.h */
Damien Miller	7892879	2000-04-12 20:17:38 +1000	[diff] [blame]	1037	if (options->protocol == SSH_PROTO_UNKNOWN)
Ben Lindstrom	6b77643	2001-03-22 01:24:04 +0000	[diff] [blame]	1038	options->protocol = SSH_PROTO_1\|SSH_PROTO_2;
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	1039	if (options->num_identity_files == 0) {
Damien Miller	0bc1bd8	2000-11-13 22:57:25 +1100	[diff] [blame]	1040	if (options->protocol & SSH_PROTO_1) {
Ben Lindstrom	4f7a64a	2001-02-10 22:50:09 +0000	[diff] [blame]	1041	len = 2 + strlen(_PATH_SSH_CLIENT_IDENTITY) + 1;
Damien Miller	0bc1bd8	2000-11-13 22:57:25 +1100	[diff] [blame]	1042	options->identity_files[options->num_identity_files] =
Ben Lindstrom	4f7a64a	2001-02-10 22:50:09 +0000	[diff] [blame]	1043	xmalloc(len);
				1044	snprintf(options->identity_files[options->num_identity_files++],
				1045	len, "~/%.100s", _PATH_SSH_CLIENT_IDENTITY);
Damien Miller	0bc1bd8	2000-11-13 22:57:25 +1100	[diff] [blame]	1046	}
				1047	if (options->protocol & SSH_PROTO_2) {
Ben Lindstrom	b00d4fb	2001-03-05 06:03:03 +0000	[diff] [blame]	1048	len = 2 + strlen(_PATH_SSH_CLIENT_ID_RSA) + 1;
				1049	options->identity_files[options->num_identity_files] =
				1050	xmalloc(len);
				1051	snprintf(options->identity_files[options->num_identity_files++],
				1052	len, "~/%.100s", _PATH_SSH_CLIENT_ID_RSA);
				1053
Ben Lindstrom	4f7a64a	2001-02-10 22:50:09 +0000	[diff] [blame]	1054	len = 2 + strlen(_PATH_SSH_CLIENT_ID_DSA) + 1;
Damien Miller	0bc1bd8	2000-11-13 22:57:25 +1100	[diff] [blame]	1055	options->identity_files[options->num_identity_files] =
Ben Lindstrom	4f7a64a	2001-02-10 22:50:09 +0000	[diff] [blame]	1056	xmalloc(len);
				1057	snprintf(options->identity_files[options->num_identity_files++],
				1058	len, "~/%.100s", _PATH_SSH_CLIENT_ID_DSA);
Damien Miller	0bc1bd8	2000-11-13 22:57:25 +1100	[diff] [blame]	1059	}
Damien Miller	eba71ba	2000-04-29 23:57:08 +1000	[diff] [blame]	1060	}
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	1061	if (options->escape_char == -1)
				1062	options->escape_char = '~';
				1063	if (options->system_hostfile == NULL)
Ben Lindstrom	226cfa0	2001-01-22 05:34:40 +0000	[diff] [blame]	1064	options->system_hostfile = _PATH_SSH_SYSTEM_HOSTFILE;
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	1065	if (options->user_hostfile == NULL)
Ben Lindstrom	226cfa0	2001-01-22 05:34:40 +0000	[diff] [blame]	1066	options->user_hostfile = _PATH_SSH_USER_HOSTFILE;
Damien Miller	eba71ba	2000-04-29 23:57:08 +1000	[diff] [blame]	1067	if (options->system_hostfile2 == NULL)
Ben Lindstrom	226cfa0	2001-01-22 05:34:40 +0000	[diff] [blame]	1068	options->system_hostfile2 = _PATH_SSH_SYSTEM_HOSTFILE2;
Damien Miller	eba71ba	2000-04-29 23:57:08 +1000	[diff] [blame]	1069	if (options->user_hostfile2 == NULL)
Ben Lindstrom	226cfa0	2001-01-22 05:34:40 +0000	[diff] [blame]	1070	options->user_hostfile2 = _PATH_SSH_USER_HOSTFILE2;
Damien Miller	fcd9320	2002-02-05 12:26:34 +1100	[diff] [blame]	1071	if (options->log_level == SYSLOG_LEVEL_NOT_SET)
Ben Lindstrom	db65e8f	2001-01-19 04:26:52 +0000	[diff] [blame]	1072	options->log_level = SYSLOG_LEVEL_INFO;
Ben Lindstrom	2b7a0e9	2001-09-20 00:57:55 +0000	[diff] [blame]	1073	if (options->clear_forwardings == 1)
				1074	clear_forwardings(options);
Ben Lindstrom	3cecc9a	2001-10-03 17:39:38 +0000	[diff] [blame]	1075	if (options->no_host_authentication_for_localhost == - 1)
				1076	options->no_host_authentication_for_localhost = 0;
Damien Miller	bd394c3	2004-03-08 23:12:36 +1100	[diff] [blame]	1077	if (options->identities_only == -1)
				1078	options->identities_only = 0;
Ben Lindstrom	b6df73b	2002-11-09 15:52:31 +0000	[diff] [blame]	1079	if (options->enable_ssh_keysign == -1)
				1080	options->enable_ssh_keysign = 0;
Damien Miller	a5539d2	2003-04-09 20:50:06 +1000	[diff] [blame]	1081	if (options->rekey_limit == -1)
				1082	options->rekey_limit = 0;
Damien Miller	37876e9	2003-05-15 10:19:46 +1000	[diff] [blame]	1083	if (options->verify_host_key_dns == -1)
				1084	options->verify_host_key_dns = 0;
Damien Miller	509b010	2003-12-17 16:33:10 +1100	[diff] [blame]	1085	if (options->server_alive_interval == -1)
				1086	options->server_alive_interval = 0;
				1087	if (options->server_alive_count_max == -1)
				1088	options->server_alive_count_max = 3;
Damien Miller	0e220db	2004-06-15 10:34:08 +1000	[diff] [blame]	1089	if (options->control_master == -1)
				1090	options->control_master = 0;
Damien Miller	e177615	2005-03-01 21:47:37 +1100	[diff] [blame]	1091	if (options->hash_known_hosts == -1)
				1092	options->hash_known_hosts = 0;
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	1093	/* options->proxy_command should not be set by default */
				1094	/* options->user will be set in the main program if appropriate */
				1095	/* options->hostname will be set in the main program if appropriate */
Ben Lindstrom	4dccfa5	2000-12-28 16:40:05 +0000	[diff] [blame]	1096	/* options->host_key_alias should not be set by default */
Ben Lindstrom	b9be60a	2001-03-11 01:49:19 +0000	[diff] [blame]	1097	/* options->preferred_authentications will be set in ssh */
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	1098	}
Damien Miller	f91ee4c	2005-03-01 21:24:33 +1100	[diff] [blame]	1099
				1100	/*
				1101	* parse_forward
				1102	* parses a string containing a port forwarding specification of the form:
				1103	* [listenhost:]listenport:connecthost:connectport
				1104	* returns number of arguments parsed or zero on error
				1105	*/
				1106	int
				1107	parse_forward(Forward fwd, const char fwdspec)
				1108	{
				1109	int i;
				1110	char p, cp, *fwdarg[4];
				1111
				1112	memset(fwd, '\0', sizeof(*fwd));
				1113
				1114	cp = p = xstrdup(fwdspec);
				1115
				1116	/* skip leading spaces */
				1117	while (cp && isspace(cp))
				1118	cp++;
				1119
				1120	for (i = 0; i < 4; ++i)
				1121	if ((fwdarg[i] = hpdelim(&cp)) == NULL)
				1122	break;
				1123
				1124	/* Check for trailing garbage in 4-arg case*/
				1125	if (cp != NULL)
				1126	i = 0; /* failure */
				1127
				1128	switch (i) {
				1129	case 3:
				1130	fwd->listen_host = NULL;
				1131	fwd->listen_port = a2port(fwdarg[0]);
				1132	fwd->connect_host = xstrdup(cleanhostname(fwdarg[1]));
				1133	fwd->connect_port = a2port(fwdarg[2]);
				1134	break;
				1135
				1136	case 4:
				1137	fwd->listen_host = xstrdup(cleanhostname(fwdarg[0]));
				1138	fwd->listen_port = a2port(fwdarg[1]);
				1139	fwd->connect_host = xstrdup(cleanhostname(fwdarg[2]));
				1140	fwd->connect_port = a2port(fwdarg[3]);
				1141	break;
				1142	default:
				1143	i = 0; /* failure */
				1144	}
				1145
				1146	xfree(p);
				1147
				1148	if (fwd->listen_port == 0 && fwd->connect_port == 0)
				1149	goto fail_free;
				1150
				1151	if (fwd->connect_host != NULL &&
				1152	strlen(fwd->connect_host) >= NI_MAXHOST)
				1153	goto fail_free;
				1154
				1155	return (i);
				1156
				1157	fail_free:
				1158	if (fwd->connect_host != NULL)
				1159	xfree(fwd->connect_host);
				1160	if (fwd->listen_host != NULL)
				1161	xfree(fwd->listen_host);
				1162	return (0);
				1163	}