Blame - servconf.c - platform/external/openssh

blob: 544bb340ea8b4b5f973e0c8a8ee995b679b95054 [file] [log] [blame]

Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	1	/*
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	2	* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
				3	* All rights reserved
Damien Miller	4af5130	2000-04-16 11:18:38 +1000	[diff] [blame]	4	*
Damien Miller	e4340be	2000-09-16 13:29:08 +1100	[diff] [blame]	5	* As far as I am concerned, the code I have written for this software
				6	* can be used freely for any purpose. Any derived versions of this
				7	* software must be clearly marked as such, and if the derived work is
				8	* incompatible with the protocol description in the RFC file, it must be
				9	* called by a name other than "ssh" or "Secure Shell".
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	10	*/
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	11
				12	#include "includes.h"
Ben Lindstrom	db65e8f	2001-01-19 04:26:52 +0000	[diff] [blame^]	13	RCSID("$OpenBSD: servconf.c,v 1.58 2001/01/18 16:20:22 markus Exp $");
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	14
				15	#include "ssh.h"
				16	#include "servconf.h"
				17	#include "xmalloc.h"
Damien Miller	7892879	2000-04-12 20:17:38 +1000	[diff] [blame]	18	#include "compat.h"
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	19
Damien Miller	34132e5	2000-01-14 15:45:46 +1100	[diff] [blame]	20	/* add listen address */
				21	void add_listen_addr(ServerOptions options, char addr);
				22
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	23	/* Initializes the server options to their default values. */
				24
Damien Miller	4af5130	2000-04-16 11:18:38 +1000	[diff] [blame]	25	void
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	26	initialize_server_options(ServerOptions *options)
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	27	{
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	28	memset(options, 0, sizeof(*options));
Damien Miller	34132e5	2000-01-14 15:45:46 +1100	[diff] [blame]	29	options->num_ports = 0;
				30	options->ports_from_cmdline = 0;
				31	options->listen_addrs = NULL;
Damien Miller	0bc1bd8	2000-11-13 22:57:25 +1100	[diff] [blame]	32	options->num_host_key_files = 0;
Damien Miller	6f83b8e	2000-05-02 09:23:45 +1000	[diff] [blame]	33	options->pid_file = NULL;
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	34	options->server_key_bits = -1;
				35	options->login_grace_time = -1;
				36	options->key_regeneration_time = -1;
				37	options->permit_root_login = -1;
				38	options->ignore_rhosts = -1;
				39	options->ignore_user_known_hosts = -1;
				40	options->print_motd = -1;
				41	options->check_mail = -1;
				42	options->x11_forwarding = -1;
				43	options->x11_display_offset = -1;
Damien Miller	d3a1857	2000-06-07 19:55:44 +1000	[diff] [blame]	44	options->xauth_location = NULL;
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	45	options->strict_modes = -1;
				46	options->keepalives = -1;
				47	options->log_facility = (SyslogFacility) - 1;
				48	options->log_level = (LogLevel) - 1;
				49	options->rhosts_authentication = -1;
				50	options->rhosts_rsa_authentication = -1;
				51	options->rsa_authentication = -1;
Damien Miller	0bc1bd8	2000-11-13 22:57:25 +1100	[diff] [blame]	52	options->pubkey_authentication = -1;
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	53	#ifdef KRB4
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	54	options->kerberos_authentication = -1;
				55	options->kerberos_or_local_passwd = -1;
				56	options->kerberos_ticket_cleanup = -1;
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	57	#endif
				58	#ifdef AFS
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	59	options->kerberos_tgt_passing = -1;
				60	options->afs_token_passing = -1;
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	61	#endif
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	62	options->password_authentication = -1;
Damien Miller	874d77b	2000-10-14 16:23:11 +1100	[diff] [blame]	63	options->kbd_interactive_authentication = -1;
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	64	#ifdef SKEY
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	65	options->skey_authentication = -1;
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	66	#endif
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	67	options->permit_empty_passwd = -1;
				68	options->use_login = -1;
Damien Miller	50a41ed	2000-10-16 12:14:42 +1100	[diff] [blame]	69	options->allow_tcp_forwarding = -1;
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	70	options->num_allow_users = 0;
				71	options->num_deny_users = 0;
				72	options->num_allow_groups = 0;
				73	options->num_deny_groups = 0;
Damien Miller	7892879	2000-04-12 20:17:38 +1000	[diff] [blame]	74	options->ciphers = NULL;
				75	options->protocol = SSH_PROTO_UNKNOWN;
Damien Miller	e247cc4	2000-05-07 12:03:14 +1000	[diff] [blame]	76	options->gateway_ports = -1;
Damien Miller	f6d9e22	2000-06-18 14:50:44 +1000	[diff] [blame]	77	options->num_subsystems = 0;
Damien Miller	942da03	2000-08-18 13:59:06 +1000	[diff] [blame]	78	options->max_startups_begin = -1;
				79	options->max_startups_rate = -1;
Damien Miller	3702396	2000-07-11 17:31:38 +1000	[diff] [blame]	80	options->max_startups = -1;
Ben Lindstrom	48bd7c1	2001-01-09 00:35:42 +0000	[diff] [blame]	81	options->banner = NULL;
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	82	}
				83
Damien Miller	4af5130	2000-04-16 11:18:38 +1000	[diff] [blame]	84	void
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	85	fill_default_server_options(ServerOptions *options)
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	86	{
Damien Miller	0bc1bd8	2000-11-13 22:57:25 +1100	[diff] [blame]	87	if (options->protocol == SSH_PROTO_UNKNOWN)
				88	options->protocol = SSH_PROTO_1\|SSH_PROTO_2;
				89	if (options->num_host_key_files == 0) {
				90	/* fill default hostkeys for protocols */
				91	if (options->protocol & SSH_PROTO_1)
				92	options->host_key_files[options->num_host_key_files++] = HOST_KEY_FILE;
				93	if (options->protocol & SSH_PROTO_2)
				94	options->host_key_files[options->num_host_key_files++] = HOST_DSA_KEY_FILE;
				95	}
Damien Miller	34132e5	2000-01-14 15:45:46 +1100	[diff] [blame]	96	if (options->num_ports == 0)
				97	options->ports[options->num_ports++] = SSH_DEFAULT_PORT;
				98	if (options->listen_addrs == NULL)
				99	add_listen_addr(options, NULL);
Damien Miller	6f83b8e	2000-05-02 09:23:45 +1000	[diff] [blame]	100	if (options->pid_file == NULL)
				101	options->pid_file = SSH_DAEMON_PID_FILE;
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	102	if (options->server_key_bits == -1)
				103	options->server_key_bits = 768;
				104	if (options->login_grace_time == -1)
				105	options->login_grace_time = 600;
				106	if (options->key_regeneration_time == -1)
				107	options->key_regeneration_time = 3600;
				108	if (options->permit_root_login == -1)
				109	options->permit_root_login = 1; /* yes */
				110	if (options->ignore_rhosts == -1)
Damien Miller	98c7ad6	2000-03-09 21:27:49 +1100	[diff] [blame]	111	options->ignore_rhosts = 1;
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	112	if (options->ignore_user_known_hosts == -1)
				113	options->ignore_user_known_hosts = 0;
				114	if (options->check_mail == -1)
				115	options->check_mail = 0;
				116	if (options->print_motd == -1)
				117	options->print_motd = 1;
				118	if (options->x11_forwarding == -1)
Damien Miller	98c7ad6	2000-03-09 21:27:49 +1100	[diff] [blame]	119	options->x11_forwarding = 0;
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	120	if (options->x11_display_offset == -1)
Damien Miller	98c7ad6	2000-03-09 21:27:49 +1100	[diff] [blame]	121	options->x11_display_offset = 10;
Damien Miller	d3a1857	2000-06-07 19:55:44 +1000	[diff] [blame]	122	#ifdef XAUTH_PATH
				123	if (options->xauth_location == NULL)
				124	options->xauth_location = XAUTH_PATH;
				125	#endif /* XAUTH_PATH */
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	126	if (options->strict_modes == -1)
				127	options->strict_modes = 1;
				128	if (options->keepalives == -1)
				129	options->keepalives = 1;
				130	if (options->log_facility == (SyslogFacility) (-1))
				131	options->log_facility = SYSLOG_FACILITY_AUTH;
				132	if (options->log_level == (LogLevel) (-1))
Ben Lindstrom	db65e8f	2001-01-19 04:26:52 +0000	[diff] [blame^]	133	options->log_level = SYSLOG_LEVEL_INFO;
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	134	if (options->rhosts_authentication == -1)
				135	options->rhosts_authentication = 0;
				136	if (options->rhosts_rsa_authentication == -1)
Damien Miller	98c7ad6	2000-03-09 21:27:49 +1100	[diff] [blame]	137	options->rhosts_rsa_authentication = 0;
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	138	if (options->rsa_authentication == -1)
				139	options->rsa_authentication = 1;
Damien Miller	0bc1bd8	2000-11-13 22:57:25 +1100	[diff] [blame]	140	if (options->pubkey_authentication == -1)
				141	options->pubkey_authentication = 1;
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	142	#ifdef KRB4
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	143	if (options->kerberos_authentication == -1)
				144	options->kerberos_authentication = (access(KEYFILE, R_OK) == 0);
				145	if (options->kerberos_or_local_passwd == -1)
				146	options->kerberos_or_local_passwd = 1;
				147	if (options->kerberos_ticket_cleanup == -1)
				148	options->kerberos_ticket_cleanup = 1;
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	149	#endif /* KRB4 */
				150	#ifdef AFS
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	151	if (options->kerberos_tgt_passing == -1)
				152	options->kerberos_tgt_passing = 0;
				153	if (options->afs_token_passing == -1)
				154	options->afs_token_passing = k_hasafs();
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	155	#endif /* AFS */
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	156	if (options->password_authentication == -1)
				157	options->password_authentication = 1;
Damien Miller	874d77b	2000-10-14 16:23:11 +1100	[diff] [blame]	158	if (options->kbd_interactive_authentication == -1)
				159	options->kbd_interactive_authentication = 0;
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	160	#ifdef SKEY
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	161	if (options->skey_authentication == -1)
				162	options->skey_authentication = 1;
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	163	#endif
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	164	if (options->permit_empty_passwd == -1)
Damien Miller	98c7ad6	2000-03-09 21:27:49 +1100	[diff] [blame]	165	options->permit_empty_passwd = 0;
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	166	if (options->use_login == -1)
				167	options->use_login = 0;
Damien Miller	50a41ed	2000-10-16 12:14:42 +1100	[diff] [blame]	168	if (options->allow_tcp_forwarding == -1)
				169	options->allow_tcp_forwarding = 1;
Damien Miller	e247cc4	2000-05-07 12:03:14 +1000	[diff] [blame]	170	if (options->gateway_ports == -1)
				171	options->gateway_ports = 0;
Damien Miller	3702396	2000-07-11 17:31:38 +1000	[diff] [blame]	172	if (options->max_startups == -1)
				173	options->max_startups = 10;
Damien Miller	942da03	2000-08-18 13:59:06 +1000	[diff] [blame]	174	if (options->max_startups_rate == -1)
				175	options->max_startups_rate = 100; /* 100% */
				176	if (options->max_startups_begin == -1)
				177	options->max_startups_begin = options->max_startups;
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	178	}
				179
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	180	/* Keyword tokens. */
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	181	typedef enum {
				182	sBadOption, /* == unknown option */
				183	sPort, sHostKeyFile, sServerKeyBits, sLoginGraceTime, sKeyRegenerationTime,
				184	sPermitRootLogin, sLogFacility, sLogLevel,
				185	sRhostsAuthentication, sRhostsRSAAuthentication, sRSAAuthentication,
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	186	#ifdef KRB4
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	187	sKerberosAuthentication, sKerberosOrLocalPasswd, sKerberosTicketCleanup,
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	188	#endif
				189	#ifdef AFS
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	190	sKerberosTgtPassing, sAFSTokenPassing,
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	191	#endif
				192	#ifdef SKEY
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	193	sSkeyAuthentication,
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	194	#endif
Damien Miller	874d77b	2000-10-14 16:23:11 +1100	[diff] [blame]	195	sPasswordAuthentication, sKbdInteractiveAuthentication, sListenAddress,
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	196	sPrintMotd, sIgnoreRhosts, sX11Forwarding, sX11DisplayOffset,
				197	sStrictModes, sEmptyPasswd, sRandomSeedFile, sKeepAlives, sCheckMail,
Damien Miller	50a41ed	2000-10-16 12:14:42 +1100	[diff] [blame]	198	sUseLogin, sAllowTcpForwarding,
				199	sAllowUsers, sDenyUsers, sAllowGroups, sDenyGroups,
Damien Miller	0bc1bd8	2000-11-13 22:57:25 +1100	[diff] [blame]	200	sIgnoreUserKnownHosts, sCiphers, sProtocol, sPidFile,
				201	sGatewayPorts, sPubkeyAuthentication, sXAuthLocation, sSubsystem, sMaxStartups,
Ben Lindstrom	48bd7c1	2001-01-09 00:35:42 +0000	[diff] [blame]	202	sBanner
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	203	} ServerOpCodes;
				204
				205	/* Textual representation of the tokens. */
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	206	static struct {
				207	const char *name;
				208	ServerOpCodes opcode;
				209	} keywords[] = {
				210	{ "port", sPort },
				211	{ "hostkey", sHostKeyFile },
Damien Miller	0bc1bd8	2000-11-13 22:57:25 +1100	[diff] [blame]	212	{ "hostdsakey", sHostKeyFile }, /* alias */
Damien Miller	6f83b8e	2000-05-02 09:23:45 +1000	[diff] [blame]	213	{ "pidfile", sPidFile },
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	214	{ "serverkeybits", sServerKeyBits },
				215	{ "logingracetime", sLoginGraceTime },
				216	{ "keyregenerationinterval", sKeyRegenerationTime },
				217	{ "permitrootlogin", sPermitRootLogin },
				218	{ "syslogfacility", sLogFacility },
				219	{ "loglevel", sLogLevel },
				220	{ "rhostsauthentication", sRhostsAuthentication },
				221	{ "rhostsrsaauthentication", sRhostsRSAAuthentication },
				222	{ "rsaauthentication", sRSAAuthentication },
Damien Miller	0bc1bd8	2000-11-13 22:57:25 +1100	[diff] [blame]	223	{ "pubkeyauthentication", sPubkeyAuthentication },
				224	{ "dsaauthentication", sPubkeyAuthentication }, /* alias */
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	225	#ifdef KRB4
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	226	{ "kerberosauthentication", sKerberosAuthentication },
				227	{ "kerberosorlocalpasswd", sKerberosOrLocalPasswd },
				228	{ "kerberosticketcleanup", sKerberosTicketCleanup },
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	229	#endif
				230	#ifdef AFS
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	231	{ "kerberostgtpassing", sKerberosTgtPassing },
				232	{ "afstokenpassing", sAFSTokenPassing },
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	233	#endif
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	234	{ "passwordauthentication", sPasswordAuthentication },
Damien Miller	874d77b	2000-10-14 16:23:11 +1100	[diff] [blame]	235	{ "kbdinteractiveauthentication", sKbdInteractiveAuthentication },
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	236	#ifdef SKEY
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	237	{ "skeyauthentication", sSkeyAuthentication },
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	238	#endif
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	239	{ "checkmail", sCheckMail },
				240	{ "listenaddress", sListenAddress },
				241	{ "printmotd", sPrintMotd },
				242	{ "ignorerhosts", sIgnoreRhosts },
				243	{ "ignoreuserknownhosts", sIgnoreUserKnownHosts },
				244	{ "x11forwarding", sX11Forwarding },
				245	{ "x11displayoffset", sX11DisplayOffset },
Damien Miller	d3a1857	2000-06-07 19:55:44 +1000	[diff] [blame]	246	{ "xauthlocation", sXAuthLocation },
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	247	{ "strictmodes", sStrictModes },
				248	{ "permitemptypasswords", sEmptyPasswd },
				249	{ "uselogin", sUseLogin },
				250	{ "randomseed", sRandomSeedFile },
				251	{ "keepalive", sKeepAlives },
Damien Miller	50a41ed	2000-10-16 12:14:42 +1100	[diff] [blame]	252	{ "allowtcpforwarding", sAllowTcpForwarding },
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	253	{ "allowusers", sAllowUsers },
				254	{ "denyusers", sDenyUsers },
				255	{ "allowgroups", sAllowGroups },
				256	{ "denygroups", sDenyGroups },
Damien Miller	7892879	2000-04-12 20:17:38 +1000	[diff] [blame]	257	{ "ciphers", sCiphers },
				258	{ "protocol", sProtocol },
Damien Miller	e247cc4	2000-05-07 12:03:14 +1000	[diff] [blame]	259	{ "gatewayports", sGatewayPorts },
Damien Miller	f6d9e22	2000-06-18 14:50:44 +1000	[diff] [blame]	260	{ "subsystem", sSubsystem },
Damien Miller	3702396	2000-07-11 17:31:38 +1000	[diff] [blame]	261	{ "maxstartups", sMaxStartups },
Ben Lindstrom	48bd7c1	2001-01-09 00:35:42 +0000	[diff] [blame]	262	{ "banner", sBanner },
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	263	{ NULL, 0 }
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	264	};
				265
Damien Miller	5428f64	1999-11-25 11:54:57 +1100	[diff] [blame]	266	/*
				267	* Returns the number of the token pointed to by cp of length len. Never
				268	* returns if the token is not known.
				269	*/
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	270
Damien Miller	4af5130	2000-04-16 11:18:38 +1000	[diff] [blame]	271	static ServerOpCodes
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	272	parse_token(const char cp, const char filename,
				273	int linenum)
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	274	{
Ben Lindstrom	46c1622	2000-12-22 01:43:59 +0000	[diff] [blame]	275	u_int i;
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	276
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	277	for (i = 0; keywords[i].name; i++)
Damien Miller	5428f64	1999-11-25 11:54:57 +1100	[diff] [blame]	278	if (strcasecmp(cp, keywords[i].name) == 0)
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	279	return keywords[i].opcode;
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	280
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	281	fprintf(stderr, "%s: line %d: Bad configuration option: %s\n",
				282	filename, linenum, cp);
				283	return sBadOption;
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	284	}
				285
Damien Miller	34132e5	2000-01-14 15:45:46 +1100	[diff] [blame]	286	/*
				287	* add listen address
				288	*/
Damien Miller	4af5130	2000-04-16 11:18:38 +1000	[diff] [blame]	289	void
Damien Miller	34132e5	2000-01-14 15:45:46 +1100	[diff] [blame]	290	add_listen_addr(ServerOptions options, char addr)
				291	{
				292	extern int IPv4or6;
				293	struct addrinfo hints, ai, aitop;
				294	char strport[NI_MAXSERV];
				295	int gaierr;
				296	int i;
				297
				298	if (options->num_ports == 0)
				299	options->ports[options->num_ports++] = SSH_DEFAULT_PORT;
				300	for (i = 0; i < options->num_ports; i++) {
				301	memset(&hints, 0, sizeof(hints));
				302	hints.ai_family = IPv4or6;
				303	hints.ai_socktype = SOCK_STREAM;
				304	hints.ai_flags = (addr == NULL) ? AI_PASSIVE : 0;
				305	snprintf(strport, sizeof strport, "%d", options->ports[i]);
				306	if ((gaierr = getaddrinfo(addr, strport, &hints, &aitop)) != 0)
				307	fatal("bad addr or host: %s (%s)\n",
				308	addr ? addr : "<NULL>",
				309	gai_strerror(gaierr));
				310	for (ai = aitop; ai->ai_next; ai = ai->ai_next)
				311	;
				312	ai->ai_next = options->listen_addrs;
				313	options->listen_addrs = aitop;
				314	}
				315	}
				316
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	317	/* Reads the server configuration file. */
				318
Damien Miller	4af5130	2000-04-16 11:18:38 +1000	[diff] [blame]	319	void
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	320	read_server_config(ServerOptions options, const char filename)
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	321	{
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	322	FILE *f;
				323	char line[1024];
Damien Miller	3702396	2000-07-11 17:31:38 +1000	[diff] [blame]	324	char cp, charptr, arg;
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	325	int linenum, *intptr, value;
				326	int bad_options = 0;
				327	ServerOpCodes opcode;
Damien Miller	f6d9e22	2000-06-18 14:50:44 +1000	[diff] [blame]	328	int i;
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	329
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	330	f = fopen(filename, "r");
				331	if (!f) {
				332	perror(filename);
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	333	exit(1);
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	334	}
				335	linenum = 0;
				336	while (fgets(line, sizeof(line), f)) {
				337	linenum++;
Damien Miller	be484b5	2000-07-15 14:14:16 +1000	[diff] [blame]	338	cp = line;
				339	arg = strdelim(&cp);
				340	/* Ignore leading whitespace */
				341	if (*arg == '\0')
				342	arg = strdelim(&cp);
				343	if (!arg \|\| arg == '#')
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	344	continue;
Damien Miller	0bc1bd8	2000-11-13 22:57:25 +1100	[diff] [blame]	345	intptr = NULL;
				346	charptr = NULL;
Damien Miller	3702396	2000-07-11 17:31:38 +1000	[diff] [blame]	347	opcode = parse_token(arg, filename, linenum);
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	348	switch (opcode) {
				349	case sBadOption:
				350	bad_options++;
				351	continue;
				352	case sPort:
Damien Miller	34132e5	2000-01-14 15:45:46 +1100	[diff] [blame]	353	/* ignore ports from configfile if cmdline specifies ports */
				354	if (options->ports_from_cmdline)
				355	continue;
				356	if (options->listen_addrs != NULL)
				357	fatal("%s line %d: ports must be specified before "
				358	"ListenAdress.\n", filename, linenum);
				359	if (options->num_ports >= MAX_PORTS)
				360	fatal("%s line %d: too many ports.\n",
Damien Miller	4af5130	2000-04-16 11:18:38 +1000	[diff] [blame]	361	filename, linenum);
Damien Miller	be484b5	2000-07-15 14:14:16 +1000	[diff] [blame]	362	arg = strdelim(&cp);
Damien Miller	3702396	2000-07-11 17:31:38 +1000	[diff] [blame]	363	if (!arg \|\| *arg == '\0')
Damien Miller	34132e5	2000-01-14 15:45:46 +1100	[diff] [blame]	364	fatal("%s line %d: missing port number.\n",
				365	filename, linenum);
Damien Miller	3702396	2000-07-11 17:31:38 +1000	[diff] [blame]	366	options->ports[options->num_ports++] = atoi(arg);
Damien Miller	34132e5	2000-01-14 15:45:46 +1100	[diff] [blame]	367	break;
				368
				369	case sServerKeyBits:
				370	intptr = &options->server_key_bits;
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	371	parse_int:
Damien Miller	be484b5	2000-07-15 14:14:16 +1000	[diff] [blame]	372	arg = strdelim(&cp);
Damien Miller	3702396	2000-07-11 17:31:38 +1000	[diff] [blame]	373	if (!arg \|\| *arg == '\0') {
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	374	fprintf(stderr, "%s line %d: missing integer value.\n",
				375	filename, linenum);
				376	exit(1);
				377	}
Damien Miller	3702396	2000-07-11 17:31:38 +1000	[diff] [blame]	378	value = atoi(arg);
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	379	if (*intptr == -1)
				380	*intptr = value;
				381	break;
Damien Miller	3226509	1999-11-12 11:33:04 +1100	[diff] [blame]	382
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	383	case sLoginGraceTime:
				384	intptr = &options->login_grace_time;
				385	goto parse_int;
				386
				387	case sKeyRegenerationTime:
				388	intptr = &options->key_regeneration_time;
				389	goto parse_int;
				390
				391	case sListenAddress:
Damien Miller	be484b5	2000-07-15 14:14:16 +1000	[diff] [blame]	392	arg = strdelim(&cp);
Damien Miller	3702396	2000-07-11 17:31:38 +1000	[diff] [blame]	393	if (!arg \|\| *arg == '\0')
Damien Miller	34132e5	2000-01-14 15:45:46 +1100	[diff] [blame]	394	fatal("%s line %d: missing inet addr.\n",
				395	filename, linenum);
Damien Miller	3702396	2000-07-11 17:31:38 +1000	[diff] [blame]	396	add_listen_addr(options, arg);
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	397	break;
				398
				399	case sHostKeyFile:
Damien Miller	0bc1bd8	2000-11-13 22:57:25 +1100	[diff] [blame]	400	intptr = &options->num_host_key_files;
				401	if (*intptr >= MAX_HOSTKEYS) {
				402	fprintf(stderr, "%s line %d: to many host keys specified (max %d).\n",
				403	filename, linenum, MAX_HOSTKEYS);
				404	exit(1);
				405	}
				406	charptr = &options->host_key_files[*intptr];
Damien Miller	d3a1857	2000-06-07 19:55:44 +1000	[diff] [blame]	407	parse_filename:
Damien Miller	be484b5	2000-07-15 14:14:16 +1000	[diff] [blame]	408	arg = strdelim(&cp);
Damien Miller	3702396	2000-07-11 17:31:38 +1000	[diff] [blame]	409	if (!arg \|\| *arg == '\0') {
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	410	fprintf(stderr, "%s line %d: missing file name.\n",
Damien Miller	6f83b8e	2000-05-02 09:23:45 +1000	[diff] [blame]	411	filename, linenum);
				412	exit(1);
				413	}
Damien Miller	0bc1bd8	2000-11-13 22:57:25 +1100	[diff] [blame]	414	if (*charptr == NULL) {
Damien Miller	3702396	2000-07-11 17:31:38 +1000	[diff] [blame]	415	*charptr = tilde_expand_filename(arg, getuid());
Damien Miller	0bc1bd8	2000-11-13 22:57:25 +1100	[diff] [blame]	416	/* increase optional counter */
				417	if (intptr != NULL)
				418	intptr = intptr + 1;
				419	}
Damien Miller	6f83b8e	2000-05-02 09:23:45 +1000	[diff] [blame]	420	break;
				421
				422	case sPidFile:
				423	charptr = &options->pid_file;
Damien Miller	d3a1857	2000-06-07 19:55:44 +1000	[diff] [blame]	424	goto parse_filename;
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	425
				426	case sRandomSeedFile:
				427	fprintf(stderr, "%s line %d: \"randomseed\" option is obsolete.\n",
				428	filename, linenum);
Damien Miller	be484b5	2000-07-15 14:14:16 +1000	[diff] [blame]	429	arg = strdelim(&cp);
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	430	break;
				431
				432	case sPermitRootLogin:
				433	intptr = &options->permit_root_login;
Damien Miller	be484b5	2000-07-15 14:14:16 +1000	[diff] [blame]	434	arg = strdelim(&cp);
Damien Miller	3702396	2000-07-11 17:31:38 +1000	[diff] [blame]	435	if (!arg \|\| *arg == '\0') {
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	436	fprintf(stderr, "%s line %d: missing yes/without-password/no argument.\n",
				437	filename, linenum);
				438	exit(1);
				439	}
Damien Miller	3702396	2000-07-11 17:31:38 +1000	[diff] [blame]	440	if (strcmp(arg, "without-password") == 0)
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	441	value = 2;
Damien Miller	3702396	2000-07-11 17:31:38 +1000	[diff] [blame]	442	else if (strcmp(arg, "yes") == 0)
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	443	value = 1;
Damien Miller	3702396	2000-07-11 17:31:38 +1000	[diff] [blame]	444	else if (strcmp(arg, "no") == 0)
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	445	value = 0;
				446	else {
				447	fprintf(stderr, "%s line %d: Bad yes/without-password/no argument: %s\n",
Damien Miller	3702396	2000-07-11 17:31:38 +1000	[diff] [blame]	448	filename, linenum, arg);
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	449	exit(1);
				450	}
				451	if (*intptr == -1)
				452	*intptr = value;
				453	break;
				454
				455	case sIgnoreRhosts:
				456	intptr = &options->ignore_rhosts;
				457	parse_flag:
Damien Miller	be484b5	2000-07-15 14:14:16 +1000	[diff] [blame]	458	arg = strdelim(&cp);
Damien Miller	3702396	2000-07-11 17:31:38 +1000	[diff] [blame]	459	if (!arg \|\| *arg == '\0') {
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	460	fprintf(stderr, "%s line %d: missing yes/no argument.\n",
				461	filename, linenum);
				462	exit(1);
				463	}
Damien Miller	3702396	2000-07-11 17:31:38 +1000	[diff] [blame]	464	if (strcmp(arg, "yes") == 0)
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	465	value = 1;
Damien Miller	3702396	2000-07-11 17:31:38 +1000	[diff] [blame]	466	else if (strcmp(arg, "no") == 0)
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	467	value = 0;
				468	else {
				469	fprintf(stderr, "%s line %d: Bad yes/no argument: %s\n",
Damien Miller	3702396	2000-07-11 17:31:38 +1000	[diff] [blame]	470	filename, linenum, arg);
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	471	exit(1);
				472	}
				473	if (*intptr == -1)
				474	*intptr = value;
				475	break;
				476
				477	case sIgnoreUserKnownHosts:
				478	intptr = &options->ignore_user_known_hosts;
Damien Miller	98c7ad6	2000-03-09 21:27:49 +1100	[diff] [blame]	479	goto parse_flag;
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	480
				481	case sRhostsAuthentication:
				482	intptr = &options->rhosts_authentication;
				483	goto parse_flag;
				484
				485	case sRhostsRSAAuthentication:
				486	intptr = &options->rhosts_rsa_authentication;
				487	goto parse_flag;
				488
				489	case sRSAAuthentication:
				490	intptr = &options->rsa_authentication;
				491	goto parse_flag;
				492
Damien Miller	0bc1bd8	2000-11-13 22:57:25 +1100	[diff] [blame]	493	case sPubkeyAuthentication:
				494	intptr = &options->pubkey_authentication;
Damien Miller	e247cc4	2000-05-07 12:03:14 +1000	[diff] [blame]	495	goto parse_flag;
				496
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	497	#ifdef KRB4
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	498	case sKerberosAuthentication:
				499	intptr = &options->kerberos_authentication;
				500	goto parse_flag;
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	501
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	502	case sKerberosOrLocalPasswd:
				503	intptr = &options->kerberos_or_local_passwd;
				504	goto parse_flag;
				505
				506	case sKerberosTicketCleanup:
				507	intptr = &options->kerberos_ticket_cleanup;
				508	goto parse_flag;
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	509	#endif
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	510
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	511	#ifdef AFS
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	512	case sKerberosTgtPassing:
				513	intptr = &options->kerberos_tgt_passing;
				514	goto parse_flag;
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	515
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	516	case sAFSTokenPassing:
				517	intptr = &options->afs_token_passing;
				518	goto parse_flag;
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	519	#endif
				520
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	521	case sPasswordAuthentication:
				522	intptr = &options->password_authentication;
				523	goto parse_flag;
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	524
Damien Miller	874d77b	2000-10-14 16:23:11 +1100	[diff] [blame]	525	case sKbdInteractiveAuthentication:
				526	intptr = &options->kbd_interactive_authentication;
				527	goto parse_flag;
				528
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	529	case sCheckMail:
				530	intptr = &options->check_mail;
				531	goto parse_flag;
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	532
				533	#ifdef SKEY
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	534	case sSkeyAuthentication:
				535	intptr = &options->skey_authentication;
				536	goto parse_flag;
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	537	#endif
				538
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	539	case sPrintMotd:
				540	intptr = &options->print_motd;
				541	goto parse_flag;
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	542
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	543	case sX11Forwarding:
				544	intptr = &options->x11_forwarding;
				545	goto parse_flag;
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	546
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	547	case sX11DisplayOffset:
				548	intptr = &options->x11_display_offset;
				549	goto parse_int;
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	550
Damien Miller	d3a1857	2000-06-07 19:55:44 +1000	[diff] [blame]	551	case sXAuthLocation:
				552	charptr = &options->xauth_location;
				553	goto parse_filename;
				554
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	555	case sStrictModes:
				556	intptr = &options->strict_modes;
				557	goto parse_flag;
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	558
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	559	case sKeepAlives:
				560	intptr = &options->keepalives;
				561	goto parse_flag;
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	562
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	563	case sEmptyPasswd:
				564	intptr = &options->permit_empty_passwd;
				565	goto parse_flag;
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	566
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	567	case sUseLogin:
				568	intptr = &options->use_login;
				569	goto parse_flag;
Damien Miller	5ce662a	1999-11-11 17:57:39 +1100	[diff] [blame]	570
Damien Miller	e247cc4	2000-05-07 12:03:14 +1000	[diff] [blame]	571	case sGatewayPorts:
				572	intptr = &options->gateway_ports;
				573	goto parse_flag;
				574
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	575	case sLogFacility:
				576	intptr = (int *) &options->log_facility;
Damien Miller	be484b5	2000-07-15 14:14:16 +1000	[diff] [blame]	577	arg = strdelim(&cp);
Damien Miller	3702396	2000-07-11 17:31:38 +1000	[diff] [blame]	578	value = log_facility_number(arg);
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	579	if (value == (SyslogFacility) - 1)
				580	fatal("%.200s line %d: unsupported log facility '%s'\n",
Damien Miller	3702396	2000-07-11 17:31:38 +1000	[diff] [blame]	581	filename, linenum, arg ? arg : "<NONE>");
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	582	if (*intptr == -1)
				583	*intptr = (SyslogFacility) value;
				584	break;
				585
				586	case sLogLevel:
				587	intptr = (int *) &options->log_level;
Damien Miller	be484b5	2000-07-15 14:14:16 +1000	[diff] [blame]	588	arg = strdelim(&cp);
Damien Miller	3702396	2000-07-11 17:31:38 +1000	[diff] [blame]	589	value = log_level_number(arg);
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	590	if (value == (LogLevel) - 1)
				591	fatal("%.200s line %d: unsupported log level '%s'\n",
Damien Miller	3702396	2000-07-11 17:31:38 +1000	[diff] [blame]	592	filename, linenum, arg ? arg : "<NONE>");
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	593	if (*intptr == -1)
				594	*intptr = (LogLevel) value;
				595	break;
				596
Damien Miller	50a41ed	2000-10-16 12:14:42 +1100	[diff] [blame]	597	case sAllowTcpForwarding:
				598	intptr = &options->allow_tcp_forwarding;
				599	goto parse_flag;
				600
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	601	case sAllowUsers:
Damien Miller	be484b5	2000-07-15 14:14:16 +1000	[diff] [blame]	602	while ((arg = strdelim(&cp)) && *arg != '\0') {
Damien Miller	7892879	2000-04-12 20:17:38 +1000	[diff] [blame]	603	if (options->num_allow_users >= MAX_ALLOW_USERS)
				604	fatal("%s line %d: too many allow users.\n",
				605	filename, linenum);
Damien Miller	3702396	2000-07-11 17:31:38 +1000	[diff] [blame]	606	options->allow_users[options->num_allow_users++] = xstrdup(arg);
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	607	}
				608	break;
				609
				610	case sDenyUsers:
Damien Miller	be484b5	2000-07-15 14:14:16 +1000	[diff] [blame]	611	while ((arg = strdelim(&cp)) && *arg != '\0') {
Damien Miller	7892879	2000-04-12 20:17:38 +1000	[diff] [blame]	612	if (options->num_deny_users >= MAX_DENY_USERS)
				613	fatal( "%s line %d: too many deny users.\n",
				614	filename, linenum);
Damien Miller	3702396	2000-07-11 17:31:38 +1000	[diff] [blame]	615	options->deny_users[options->num_deny_users++] = xstrdup(arg);
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	616	}
				617	break;
				618
				619	case sAllowGroups:
Damien Miller	be484b5	2000-07-15 14:14:16 +1000	[diff] [blame]	620	while ((arg = strdelim(&cp)) && *arg != '\0') {
Damien Miller	7892879	2000-04-12 20:17:38 +1000	[diff] [blame]	621	if (options->num_allow_groups >= MAX_ALLOW_GROUPS)
				622	fatal("%s line %d: too many allow groups.\n",
				623	filename, linenum);
Damien Miller	3702396	2000-07-11 17:31:38 +1000	[diff] [blame]	624	options->allow_groups[options->num_allow_groups++] = xstrdup(arg);
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	625	}
				626	break;
				627
				628	case sDenyGroups:
Damien Miller	be484b5	2000-07-15 14:14:16 +1000	[diff] [blame]	629	while ((arg = strdelim(&cp)) && *arg != '\0') {
Damien Miller	7892879	2000-04-12 20:17:38 +1000	[diff] [blame]	630	if (options->num_deny_groups >= MAX_DENY_GROUPS)
				631	fatal("%s line %d: too many deny groups.\n",
				632	filename, linenum);
Damien Miller	3702396	2000-07-11 17:31:38 +1000	[diff] [blame]	633	options->deny_groups[options->num_deny_groups++] = xstrdup(arg);
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	634	}
				635	break;
				636
Damien Miller	7892879	2000-04-12 20:17:38 +1000	[diff] [blame]	637	case sCiphers:
Damien Miller	be484b5	2000-07-15 14:14:16 +1000	[diff] [blame]	638	arg = strdelim(&cp);
Damien Miller	3702396	2000-07-11 17:31:38 +1000	[diff] [blame]	639	if (!arg \|\| *arg == '\0')
Damien Miller	b1715dc	2000-05-30 13:44:51 +1000	[diff] [blame]	640	fatal("%s line %d: Missing argument.", filename, linenum);
Damien Miller	3702396	2000-07-11 17:31:38 +1000	[diff] [blame]	641	if (!ciphers_valid(arg))
Damien Miller	30c3d42	2000-05-09 11:02:59 +1000	[diff] [blame]	642	fatal("%s line %d: Bad SSH2 cipher spec '%s'.",
Damien Miller	3702396	2000-07-11 17:31:38 +1000	[diff] [blame]	643	filename, linenum, arg ? arg : "<NONE>");
Damien Miller	7892879	2000-04-12 20:17:38 +1000	[diff] [blame]	644	if (options->ciphers == NULL)
Damien Miller	3702396	2000-07-11 17:31:38 +1000	[diff] [blame]	645	options->ciphers = xstrdup(arg);
Damien Miller	7892879	2000-04-12 20:17:38 +1000	[diff] [blame]	646	break;
				647
				648	case sProtocol:
				649	intptr = &options->protocol;
Damien Miller	be484b5	2000-07-15 14:14:16 +1000	[diff] [blame]	650	arg = strdelim(&cp);
Damien Miller	3702396	2000-07-11 17:31:38 +1000	[diff] [blame]	651	if (!arg \|\| *arg == '\0')
Damien Miller	b1715dc	2000-05-30 13:44:51 +1000	[diff] [blame]	652	fatal("%s line %d: Missing argument.", filename, linenum);
Damien Miller	3702396	2000-07-11 17:31:38 +1000	[diff] [blame]	653	value = proto_spec(arg);
Damien Miller	7892879	2000-04-12 20:17:38 +1000	[diff] [blame]	654	if (value == SSH_PROTO_UNKNOWN)
				655	fatal("%s line %d: Bad protocol spec '%s'.",
Damien Miller	3702396	2000-07-11 17:31:38 +1000	[diff] [blame]	656	filename, linenum, arg ? arg : "<NONE>");
Damien Miller	7892879	2000-04-12 20:17:38 +1000	[diff] [blame]	657	if (*intptr == SSH_PROTO_UNKNOWN)
				658	*intptr = value;
				659	break;
				660
Damien Miller	f6d9e22	2000-06-18 14:50:44 +1000	[diff] [blame]	661	case sSubsystem:
				662	if(options->num_subsystems >= MAX_SUBSYSTEMS) {
				663	fatal("%s line %d: too many subsystems defined.",
				664	filename, linenum);
				665	}
Damien Miller	be484b5	2000-07-15 14:14:16 +1000	[diff] [blame]	666	arg = strdelim(&cp);
Damien Miller	3702396	2000-07-11 17:31:38 +1000	[diff] [blame]	667	if (!arg \|\| *arg == '\0')
Damien Miller	f6d9e22	2000-06-18 14:50:44 +1000	[diff] [blame]	668	fatal("%s line %d: Missing subsystem name.",
				669	filename, linenum);
				670	for (i = 0; i < options->num_subsystems; i++)
Damien Miller	3702396	2000-07-11 17:31:38 +1000	[diff] [blame]	671	if(strcmp(arg, options->subsystem_name[i]) == 0)
Damien Miller	f6d9e22	2000-06-18 14:50:44 +1000	[diff] [blame]	672	fatal("%s line %d: Subsystem '%s' already defined.",
Damien Miller	3702396	2000-07-11 17:31:38 +1000	[diff] [blame]	673	filename, linenum, arg);
				674	options->subsystem_name[options->num_subsystems] = xstrdup(arg);
Damien Miller	be484b5	2000-07-15 14:14:16 +1000	[diff] [blame]	675	arg = strdelim(&cp);
Damien Miller	3702396	2000-07-11 17:31:38 +1000	[diff] [blame]	676	if (!arg \|\| *arg == '\0')
Damien Miller	f6d9e22	2000-06-18 14:50:44 +1000	[diff] [blame]	677	fatal("%s line %d: Missing subsystem command.",
				678	filename, linenum);
Damien Miller	3702396	2000-07-11 17:31:38 +1000	[diff] [blame]	679	options->subsystem_command[options->num_subsystems] = xstrdup(arg);
Damien Miller	f6d9e22	2000-06-18 14:50:44 +1000	[diff] [blame]	680	options->num_subsystems++;
				681	break;
				682
Damien Miller	3702396	2000-07-11 17:31:38 +1000	[diff] [blame]	683	case sMaxStartups:
Damien Miller	942da03	2000-08-18 13:59:06 +1000	[diff] [blame]	684	arg = strdelim(&cp);
				685	if (!arg \|\| *arg == '\0')
				686	fatal("%s line %d: Missing MaxStartups spec.",
				687	filename, linenum);
				688	if (sscanf(arg, "%d:%d:%d",
				689	&options->max_startups_begin,
				690	&options->max_startups_rate,
				691	&options->max_startups) == 3) {
				692	if (options->max_startups_begin >
				693	options->max_startups \|\|
				694	options->max_startups_rate > 100 \|\|
				695	options->max_startups_rate < 1)
				696	fatal("%s line %d: Illegal MaxStartups spec.",
				697	filename, linenum);
				698	break;
				699	}
Damien Miller	3702396	2000-07-11 17:31:38 +1000	[diff] [blame]	700	intptr = &options->max_startups;
				701	goto parse_int;
				702
Ben Lindstrom	48bd7c1	2001-01-09 00:35:42 +0000	[diff] [blame]	703	case sBanner:
				704	charptr = &options->banner;
				705	goto parse_filename;
				706
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	707	default:
				708	fprintf(stderr, "%s line %d: Missing handler for opcode %s (%d)\n",
Damien Miller	3702396	2000-07-11 17:31:38 +1000	[diff] [blame]	709	filename, linenum, arg, opcode);
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	710	exit(1);
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	711	}
Damien Miller	be484b5	2000-07-15 14:14:16 +1000	[diff] [blame]	712	if ((arg = strdelim(&cp)) != NULL && *arg != '\0') {
Damien Miller	3702396	2000-07-11 17:31:38 +1000	[diff] [blame]	713	fprintf(stderr,
				714	"%s line %d: garbage at end of line; \"%.200s\".\n",
				715	filename, linenum, arg);
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	716	exit(1);
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	717	}
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	718	}
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	719	fclose(f);
				720	if (bad_options > 0) {
				721	fprintf(stderr, "%s: terminating, %d bad configuration options\n",
				722	filename, bad_options);
				723	exit(1);
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	724	}
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	725	}