- (dtucker) [platform.c] includes.h instead of defines.h so that we get
[openssh-git.git] / servconf.c
blob41c9c69649fd6e3b8596330674f1c7f8893930eb
1 /* $OpenBSD: servconf.c,v 1.212 2010/09/30 11:04:51 djm Exp $ */
2 /*
3 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
4 * All rights reserved
6 * As far as I am concerned, the code I have written for this software
7 * can be used freely for any purpose. Any derived versions of this
8 * software must be clearly marked as such, and if the derived work is
9 * incompatible with the protocol description in the RFC file, it must be
10 * called by a name other than "ssh" or "Secure Shell".
13 #include "includes.h"
15 #include <sys/types.h>
16 #include <sys/socket.h>
18 #include <netdb.h>
19 #include <pwd.h>
20 #include <stdio.h>
21 #include <stdlib.h>
22 #include <string.h>
23 #include <signal.h>
24 #include <unistd.h>
25 #include <stdarg.h>
26 #include <errno.h>
28 #include "openbsd-compat/sys-queue.h"
29 #include "xmalloc.h"
30 #include "ssh.h"
31 #include "log.h"
32 #include "buffer.h"
33 #include "servconf.h"
34 #include "compat.h"
35 #include "pathnames.h"
36 #include "misc.h"
37 #include "cipher.h"
38 #include "key.h"
39 #include "kex.h"
40 #include "mac.h"
41 #include "match.h"
42 #include "channels.h"
43 #include "groupaccess.h"
45 static void add_listen_addr(ServerOptions *, char *, int);
46 static void add_one_listen_addr(ServerOptions *, char *, int);
48 /* Use of privilege separation or not */
49 extern int use_privsep;
50 extern Buffer cfg;
52 /* Initializes the server options to their default values. */
54 void
55 initialize_server_options(ServerOptions *options)
57 memset(options, 0, sizeof(*options));
59 /* Portable-specific options */
60 options->use_pam = -1;
62 /* Standard Options */
63 options->num_ports = 0;
64 options->ports_from_cmdline = 0;
65 options->listen_addrs = NULL;
66 options->address_family = -1;
67 options->num_host_key_files = 0;
68 options->num_host_cert_files = 0;
69 options->pid_file = NULL;
70 options->server_key_bits = -1;
71 options->login_grace_time = -1;
72 options->key_regeneration_time = -1;
73 options->permit_root_login = PERMIT_NOT_SET;
74 options->ignore_rhosts = -1;
75 options->ignore_user_known_hosts = -1;
76 options->print_motd = -1;
77 options->print_lastlog = -1;
78 options->x11_forwarding = -1;
79 options->x11_display_offset = -1;
80 options->x11_use_localhost = -1;
81 options->xauth_location = NULL;
82 options->strict_modes = -1;
83 options->tcp_keep_alive = -1;
84 options->log_facility = SYSLOG_FACILITY_NOT_SET;
85 options->log_level = SYSLOG_LEVEL_NOT_SET;
86 options->rhosts_rsa_authentication = -1;
87 options->hostbased_authentication = -1;
88 options->hostbased_uses_name_from_packet_only = -1;
89 options->rsa_authentication = -1;
90 options->pubkey_authentication = -1;
91 options->kerberos_authentication = -1;
92 options->kerberos_or_local_passwd = -1;
93 options->kerberos_ticket_cleanup = -1;
94 options->kerberos_get_afs_token = -1;
95 options->gss_authentication=-1;
96 options->gss_cleanup_creds = -1;
97 options->password_authentication = -1;
98 options->kbd_interactive_authentication = -1;
99 options->challenge_response_authentication = -1;
100 options->permit_empty_passwd = -1;
101 options->permit_user_env = -1;
102 options->use_login = -1;
103 options->compression = -1;
104 options->allow_tcp_forwarding = -1;
105 options->allow_agent_forwarding = -1;
106 options->num_allow_users = 0;
107 options->num_deny_users = 0;
108 options->num_allow_groups = 0;
109 options->num_deny_groups = 0;
110 options->ciphers = NULL;
111 options->macs = NULL;
112 options->kex_algorithms = NULL;
113 options->protocol = SSH_PROTO_UNKNOWN;
114 options->gateway_ports = -1;
115 options->num_subsystems = 0;
116 options->max_startups_begin = -1;
117 options->max_startups_rate = -1;
118 options->max_startups = -1;
119 options->max_authtries = -1;
120 options->max_sessions = -1;
121 options->banner = NULL;
122 options->use_dns = -1;
123 options->client_alive_interval = -1;
124 options->client_alive_count_max = -1;
125 options->authorized_keys_file = NULL;
126 options->authorized_keys_file2 = NULL;
127 options->num_accept_env = 0;
128 options->permit_tun = -1;
129 options->num_permitted_opens = -1;
130 options->adm_forced_command = NULL;
131 options->chroot_directory = NULL;
132 options->zero_knowledge_password_authentication = -1;
133 options->revoked_keys_file = NULL;
134 options->trusted_user_ca_keys = NULL;
135 options->authorized_principals_file = NULL;
138 void
139 fill_default_server_options(ServerOptions *options)
141 /* Portable-specific options */
142 if (options->use_pam == -1)
143 options->use_pam = 0;
145 /* Standard Options */
146 if (options->protocol == SSH_PROTO_UNKNOWN)
147 options->protocol = SSH_PROTO_2;
148 if (options->num_host_key_files == 0) {
149 /* fill default hostkeys for protocols */
150 if (options->protocol & SSH_PROTO_1)
151 options->host_key_files[options->num_host_key_files++] =
152 _PATH_HOST_KEY_FILE;
153 if (options->protocol & SSH_PROTO_2) {
154 options->host_key_files[options->num_host_key_files++] =
155 _PATH_HOST_RSA_KEY_FILE;
156 options->host_key_files[options->num_host_key_files++] =
157 _PATH_HOST_DSA_KEY_FILE;
158 options->host_key_files[options->num_host_key_files++] =
159 _PATH_HOST_ECDSA_KEY_FILE;
162 /* No certificates by default */
163 if (options->num_ports == 0)
164 options->ports[options->num_ports++] = SSH_DEFAULT_PORT;
165 if (options->listen_addrs == NULL)
166 add_listen_addr(options, NULL, 0);
167 if (options->pid_file == NULL)
168 options->pid_file = _PATH_SSH_DAEMON_PID_FILE;
169 if (options->server_key_bits == -1)
170 options->server_key_bits = 1024;
171 if (options->login_grace_time == -1)
172 options->login_grace_time = 120;
173 if (options->key_regeneration_time == -1)
174 options->key_regeneration_time = 3600;
175 if (options->permit_root_login == PERMIT_NOT_SET)
176 options->permit_root_login = PERMIT_YES;
177 if (options->ignore_rhosts == -1)
178 options->ignore_rhosts = 1;
179 if (options->ignore_user_known_hosts == -1)
180 options->ignore_user_known_hosts = 0;
181 if (options->print_motd == -1)
182 options->print_motd = 1;
183 if (options->print_lastlog == -1)
184 options->print_lastlog = 1;
185 if (options->x11_forwarding == -1)
186 options->x11_forwarding = 0;
187 if (options->x11_display_offset == -1)
188 options->x11_display_offset = 10;
189 if (options->x11_use_localhost == -1)
190 options->x11_use_localhost = 1;
191 if (options->xauth_location == NULL)
192 options->xauth_location = _PATH_XAUTH;
193 if (options->strict_modes == -1)
194 options->strict_modes = 1;
195 if (options->tcp_keep_alive == -1)
196 options->tcp_keep_alive = 1;
197 if (options->log_facility == SYSLOG_FACILITY_NOT_SET)
198 options->log_facility = SYSLOG_FACILITY_AUTH;
199 if (options->log_level == SYSLOG_LEVEL_NOT_SET)
200 options->log_level = SYSLOG_LEVEL_INFO;
201 if (options->rhosts_rsa_authentication == -1)
202 options->rhosts_rsa_authentication = 0;
203 if (options->hostbased_authentication == -1)
204 options->hostbased_authentication = 0;
205 if (options->hostbased_uses_name_from_packet_only == -1)
206 options->hostbased_uses_name_from_packet_only = 0;
207 if (options->rsa_authentication == -1)
208 options->rsa_authentication = 1;
209 if (options->pubkey_authentication == -1)
210 options->pubkey_authentication = 1;
211 if (options->kerberos_authentication == -1)
212 options->kerberos_authentication = 0;
213 if (options->kerberos_or_local_passwd == -1)
214 options->kerberos_or_local_passwd = 1;
215 if (options->kerberos_ticket_cleanup == -1)
216 options->kerberos_ticket_cleanup = 1;
217 if (options->kerberos_get_afs_token == -1)
218 options->kerberos_get_afs_token = 0;
219 if (options->gss_authentication == -1)
220 options->gss_authentication = 0;
221 if (options->gss_cleanup_creds == -1)
222 options->gss_cleanup_creds = 1;
223 if (options->password_authentication == -1)
224 options->password_authentication = 1;
225 if (options->kbd_interactive_authentication == -1)
226 options->kbd_interactive_authentication = 0;
227 if (options->challenge_response_authentication == -1)
228 options->challenge_response_authentication = 1;
229 if (options->permit_empty_passwd == -1)
230 options->permit_empty_passwd = 0;
231 if (options->permit_user_env == -1)
232 options->permit_user_env = 0;
233 if (options->use_login == -1)
234 options->use_login = 0;
235 if (options->compression == -1)
236 options->compression = COMP_DELAYED;
237 if (options->allow_tcp_forwarding == -1)
238 options->allow_tcp_forwarding = 1;
239 if (options->allow_agent_forwarding == -1)
240 options->allow_agent_forwarding = 1;
241 if (options->gateway_ports == -1)
242 options->gateway_ports = 0;
243 if (options->max_startups == -1)
244 options->max_startups = 10;
245 if (options->max_startups_rate == -1)
246 options->max_startups_rate = 100; /* 100% */
247 if (options->max_startups_begin == -1)
248 options->max_startups_begin = options->max_startups;
249 if (options->max_authtries == -1)
250 options->max_authtries = DEFAULT_AUTH_FAIL_MAX;
251 if (options->max_sessions == -1)
252 options->max_sessions = DEFAULT_SESSIONS_MAX;
253 if (options->use_dns == -1)
254 options->use_dns = 1;
255 if (options->client_alive_interval == -1)
256 options->client_alive_interval = 0;
257 if (options->client_alive_count_max == -1)
258 options->client_alive_count_max = 3;
259 if (options->authorized_keys_file2 == NULL) {
260 /* authorized_keys_file2 falls back to authorized_keys_file */
261 if (options->authorized_keys_file != NULL)
262 options->authorized_keys_file2 = xstrdup(options->authorized_keys_file);
263 else
264 options->authorized_keys_file2 = xstrdup(_PATH_SSH_USER_PERMITTED_KEYS2);
266 if (options->authorized_keys_file == NULL)
267 options->authorized_keys_file = xstrdup(_PATH_SSH_USER_PERMITTED_KEYS);
268 if (options->permit_tun == -1)
269 options->permit_tun = SSH_TUNMODE_NO;
270 if (options->zero_knowledge_password_authentication == -1)
271 options->zero_knowledge_password_authentication = 0;
273 /* Turn privilege separation on by default */
274 if (use_privsep == -1)
275 use_privsep = 1;
277 #ifndef HAVE_MMAP
278 if (use_privsep && options->compression == 1) {
279 error("This platform does not support both privilege "
280 "separation and compression");
281 error("Compression disabled");
282 options->compression = 0;
284 #endif
288 /* Keyword tokens. */
289 typedef enum {
290 sBadOption, /* == unknown option */
291 /* Portable-specific options */
292 sUsePAM,
293 /* Standard Options */
294 sPort, sHostKeyFile, sServerKeyBits, sLoginGraceTime, sKeyRegenerationTime,
295 sPermitRootLogin, sLogFacility, sLogLevel,
296 sRhostsRSAAuthentication, sRSAAuthentication,
297 sKerberosAuthentication, sKerberosOrLocalPasswd, sKerberosTicketCleanup,
298 sKerberosGetAFSToken,
299 sKerberosTgtPassing, sChallengeResponseAuthentication,
300 sPasswordAuthentication, sKbdInteractiveAuthentication,
301 sListenAddress, sAddressFamily,
302 sPrintMotd, sPrintLastLog, sIgnoreRhosts,
303 sX11Forwarding, sX11DisplayOffset, sX11UseLocalhost,
304 sStrictModes, sEmptyPasswd, sTCPKeepAlive,
305 sPermitUserEnvironment, sUseLogin, sAllowTcpForwarding, sCompression,
306 sAllowUsers, sDenyUsers, sAllowGroups, sDenyGroups,
307 sIgnoreUserKnownHosts, sCiphers, sMacs, sProtocol, sPidFile,
308 sGatewayPorts, sPubkeyAuthentication, sXAuthLocation, sSubsystem,
309 sMaxStartups, sMaxAuthTries, sMaxSessions,
310 sBanner, sUseDNS, sHostbasedAuthentication,
311 sHostbasedUsesNameFromPacketOnly, sClientAliveInterval,
312 sClientAliveCountMax, sAuthorizedKeysFile, sAuthorizedKeysFile2,
313 sGssAuthentication, sGssCleanupCreds, sAcceptEnv, sPermitTunnel,
314 sMatch, sPermitOpen, sForceCommand, sChrootDirectory,
315 sUsePrivilegeSeparation, sAllowAgentForwarding,
316 sZeroKnowledgePasswordAuthentication, sHostCertificate,
317 sRevokedKeys, sTrustedUserCAKeys, sAuthorizedPrincipalsFile,
318 sKexAlgorithms,
319 sDeprecated, sUnsupported
320 } ServerOpCodes;
322 #define SSHCFG_GLOBAL 0x01 /* allowed in main section of sshd_config */
323 #define SSHCFG_MATCH 0x02 /* allowed inside a Match section */
324 #define SSHCFG_ALL (SSHCFG_GLOBAL|SSHCFG_MATCH)
326 /* Textual representation of the tokens. */
327 static struct {
328 const char *name;
329 ServerOpCodes opcode;
330 u_int flags;
331 } keywords[] = {
332 /* Portable-specific options */
333 #ifdef USE_PAM
334 { "usepam", sUsePAM, SSHCFG_GLOBAL },
335 #else
336 { "usepam", sUnsupported, SSHCFG_GLOBAL },
337 #endif
338 { "pamauthenticationviakbdint", sDeprecated, SSHCFG_GLOBAL },
339 /* Standard Options */
340 { "port", sPort, SSHCFG_GLOBAL },
341 { "hostkey", sHostKeyFile, SSHCFG_GLOBAL },
342 { "hostdsakey", sHostKeyFile, SSHCFG_GLOBAL }, /* alias */
343 { "pidfile", sPidFile, SSHCFG_GLOBAL },
344 { "serverkeybits", sServerKeyBits, SSHCFG_GLOBAL },
345 { "logingracetime", sLoginGraceTime, SSHCFG_GLOBAL },
346 { "keyregenerationinterval", sKeyRegenerationTime, SSHCFG_GLOBAL },
347 { "permitrootlogin", sPermitRootLogin, SSHCFG_ALL },
348 { "syslogfacility", sLogFacility, SSHCFG_GLOBAL },
349 { "loglevel", sLogLevel, SSHCFG_GLOBAL },
350 { "rhostsauthentication", sDeprecated, SSHCFG_GLOBAL },
351 { "rhostsrsaauthentication", sRhostsRSAAuthentication, SSHCFG_ALL },
352 { "hostbasedauthentication", sHostbasedAuthentication, SSHCFG_ALL },
353 { "hostbasedusesnamefrompacketonly", sHostbasedUsesNameFromPacketOnly, SSHCFG_ALL },
354 { "rsaauthentication", sRSAAuthentication, SSHCFG_ALL },
355 { "pubkeyauthentication", sPubkeyAuthentication, SSHCFG_ALL },
356 { "dsaauthentication", sPubkeyAuthentication, SSHCFG_GLOBAL }, /* alias */
357 #ifdef KRB5
358 { "kerberosauthentication", sKerberosAuthentication, SSHCFG_ALL },
359 { "kerberosorlocalpasswd", sKerberosOrLocalPasswd, SSHCFG_GLOBAL },
360 { "kerberosticketcleanup", sKerberosTicketCleanup, SSHCFG_GLOBAL },
361 #ifdef USE_AFS
362 { "kerberosgetafstoken", sKerberosGetAFSToken, SSHCFG_GLOBAL },
363 #else
364 { "kerberosgetafstoken", sUnsupported, SSHCFG_GLOBAL },
365 #endif
366 #else
367 { "kerberosauthentication", sUnsupported, SSHCFG_ALL },
368 { "kerberosorlocalpasswd", sUnsupported, SSHCFG_GLOBAL },
369 { "kerberosticketcleanup", sUnsupported, SSHCFG_GLOBAL },
370 { "kerberosgetafstoken", sUnsupported, SSHCFG_GLOBAL },
371 #endif
372 { "kerberostgtpassing", sUnsupported, SSHCFG_GLOBAL },
373 { "afstokenpassing", sUnsupported, SSHCFG_GLOBAL },
374 #ifdef GSSAPI
375 { "gssapiauthentication", sGssAuthentication, SSHCFG_ALL },
376 { "gssapicleanupcredentials", sGssCleanupCreds, SSHCFG_GLOBAL },
377 #else
378 { "gssapiauthentication", sUnsupported, SSHCFG_ALL },
379 { "gssapicleanupcredentials", sUnsupported, SSHCFG_GLOBAL },
380 #endif
381 { "passwordauthentication", sPasswordAuthentication, SSHCFG_ALL },
382 { "kbdinteractiveauthentication", sKbdInteractiveAuthentication, SSHCFG_ALL },
383 { "challengeresponseauthentication", sChallengeResponseAuthentication, SSHCFG_GLOBAL },
384 { "skeyauthentication", sChallengeResponseAuthentication, SSHCFG_GLOBAL }, /* alias */
385 #ifdef JPAKE
386 { "zeroknowledgepasswordauthentication", sZeroKnowledgePasswordAuthentication, SSHCFG_ALL },
387 #else
388 { "zeroknowledgepasswordauthentication", sUnsupported, SSHCFG_ALL },
389 #endif
390 { "checkmail", sDeprecated, SSHCFG_GLOBAL },
391 { "listenaddress", sListenAddress, SSHCFG_GLOBAL },
392 { "addressfamily", sAddressFamily, SSHCFG_GLOBAL },
393 { "printmotd", sPrintMotd, SSHCFG_GLOBAL },
394 { "printlastlog", sPrintLastLog, SSHCFG_GLOBAL },
395 { "ignorerhosts", sIgnoreRhosts, SSHCFG_GLOBAL },
396 { "ignoreuserknownhosts", sIgnoreUserKnownHosts, SSHCFG_GLOBAL },
397 { "x11forwarding", sX11Forwarding, SSHCFG_ALL },
398 { "x11displayoffset", sX11DisplayOffset, SSHCFG_ALL },
399 { "x11uselocalhost", sX11UseLocalhost, SSHCFG_ALL },
400 { "xauthlocation", sXAuthLocation, SSHCFG_GLOBAL },
401 { "strictmodes", sStrictModes, SSHCFG_GLOBAL },
402 { "permitemptypasswords", sEmptyPasswd, SSHCFG_ALL },
403 { "permituserenvironment", sPermitUserEnvironment, SSHCFG_GLOBAL },
404 { "uselogin", sUseLogin, SSHCFG_GLOBAL },
405 { "compression", sCompression, SSHCFG_GLOBAL },
406 { "tcpkeepalive", sTCPKeepAlive, SSHCFG_GLOBAL },
407 { "keepalive", sTCPKeepAlive, SSHCFG_GLOBAL }, /* obsolete alias */
408 { "allowtcpforwarding", sAllowTcpForwarding, SSHCFG_ALL },
409 { "allowagentforwarding", sAllowAgentForwarding, SSHCFG_ALL },
410 { "allowusers", sAllowUsers, SSHCFG_GLOBAL },
411 { "denyusers", sDenyUsers, SSHCFG_GLOBAL },
412 { "allowgroups", sAllowGroups, SSHCFG_GLOBAL },
413 { "denygroups", sDenyGroups, SSHCFG_GLOBAL },
414 { "ciphers", sCiphers, SSHCFG_GLOBAL },
415 { "macs", sMacs, SSHCFG_GLOBAL },
416 { "protocol", sProtocol, SSHCFG_GLOBAL },
417 { "gatewayports", sGatewayPorts, SSHCFG_ALL },
418 { "subsystem", sSubsystem, SSHCFG_GLOBAL },
419 { "maxstartups", sMaxStartups, SSHCFG_GLOBAL },
420 { "maxauthtries", sMaxAuthTries, SSHCFG_ALL },
421 { "maxsessions", sMaxSessions, SSHCFG_ALL },
422 { "banner", sBanner, SSHCFG_ALL },
423 { "usedns", sUseDNS, SSHCFG_GLOBAL },
424 { "verifyreversemapping", sDeprecated, SSHCFG_GLOBAL },
425 { "reversemappingcheck", sDeprecated, SSHCFG_GLOBAL },
426 { "clientaliveinterval", sClientAliveInterval, SSHCFG_GLOBAL },
427 { "clientalivecountmax", sClientAliveCountMax, SSHCFG_GLOBAL },
428 { "authorizedkeysfile", sAuthorizedKeysFile, SSHCFG_ALL },
429 { "authorizedkeysfile2", sAuthorizedKeysFile2, SSHCFG_ALL },
430 { "useprivilegeseparation", sUsePrivilegeSeparation, SSHCFG_GLOBAL},
431 { "acceptenv", sAcceptEnv, SSHCFG_GLOBAL },
432 { "permittunnel", sPermitTunnel, SSHCFG_ALL },
433 { "match", sMatch, SSHCFG_ALL },
434 { "permitopen", sPermitOpen, SSHCFG_ALL },
435 { "forcecommand", sForceCommand, SSHCFG_ALL },
436 { "chrootdirectory", sChrootDirectory, SSHCFG_ALL },
437 { "hostcertificate", sHostCertificate, SSHCFG_GLOBAL },
438 { "revokedkeys", sRevokedKeys, SSHCFG_ALL },
439 { "trustedusercakeys", sTrustedUserCAKeys, SSHCFG_ALL },
440 { "authorizedprincipalsfile", sAuthorizedPrincipalsFile, SSHCFG_ALL },
441 { "kexalgorithms", sKexAlgorithms, SSHCFG_GLOBAL },
442 { NULL, sBadOption, 0 }
445 static struct {
446 int val;
447 char *text;
448 } tunmode_desc[] = {
449 { SSH_TUNMODE_NO, "no" },
450 { SSH_TUNMODE_POINTOPOINT, "point-to-point" },
451 { SSH_TUNMODE_ETHERNET, "ethernet" },
452 { SSH_TUNMODE_YES, "yes" },
453 { -1, NULL }
457 * Returns the number of the token pointed to by cp or sBadOption.
460 static ServerOpCodes
461 parse_token(const char *cp, const char *filename,
462 int linenum, u_int *flags)
464 u_int i;
466 for (i = 0; keywords[i].name; i++)
467 if (strcasecmp(cp, keywords[i].name) == 0) {
468 *flags = keywords[i].flags;
469 return keywords[i].opcode;
472 error("%s: line %d: Bad configuration option: %s",
473 filename, linenum, cp);
474 return sBadOption;
477 char *
478 derelativise_path(const char *path)
480 char *expanded, *ret, cwd[MAXPATHLEN];
482 expanded = tilde_expand_filename(path, getuid());
483 if (*expanded == '/')
484 return expanded;
485 if (getcwd(cwd, sizeof(cwd)) == NULL)
486 fatal("%s: getcwd: %s", __func__, strerror(errno));
487 xasprintf(&ret, "%s/%s", cwd, expanded);
488 xfree(expanded);
489 return ret;
492 static void
493 add_listen_addr(ServerOptions *options, char *addr, int port)
495 u_int i;
497 if (options->num_ports == 0)
498 options->ports[options->num_ports++] = SSH_DEFAULT_PORT;
499 if (options->address_family == -1)
500 options->address_family = AF_UNSPEC;
501 if (port == 0)
502 for (i = 0; i < options->num_ports; i++)
503 add_one_listen_addr(options, addr, options->ports[i]);
504 else
505 add_one_listen_addr(options, addr, port);
508 static void
509 add_one_listen_addr(ServerOptions *options, char *addr, int port)
511 struct addrinfo hints, *ai, *aitop;
512 char strport[NI_MAXSERV];
513 int gaierr;
515 memset(&hints, 0, sizeof(hints));
516 hints.ai_family = options->address_family;
517 hints.ai_socktype = SOCK_STREAM;
518 hints.ai_flags = (addr == NULL) ? AI_PASSIVE : 0;
519 snprintf(strport, sizeof strport, "%d", port);
520 if ((gaierr = getaddrinfo(addr, strport, &hints, &aitop)) != 0)
521 fatal("bad addr or host: %s (%s)",
522 addr ? addr : "<NULL>",
523 ssh_gai_strerror(gaierr));
524 for (ai = aitop; ai->ai_next; ai = ai->ai_next)
526 ai->ai_next = options->listen_addrs;
527 options->listen_addrs = aitop;
531 * The strategy for the Match blocks is that the config file is parsed twice.
533 * The first time is at startup. activep is initialized to 1 and the
534 * directives in the global context are processed and acted on. Hitting a
535 * Match directive unsets activep and the directives inside the block are
536 * checked for syntax only.
538 * The second time is after a connection has been established but before
539 * authentication. activep is initialized to 2 and global config directives
540 * are ignored since they have already been processed. If the criteria in a
541 * Match block is met, activep is set and the subsequent directives
542 * processed and actioned until EOF or another Match block unsets it. Any
543 * options set are copied into the main server config.
545 * Potential additions/improvements:
546 * - Add Match support for pre-kex directives, eg Protocol, Ciphers.
548 * - Add a Tag directive (idea from David Leonard) ala pf, eg:
549 * Match Address 192.168.0.*
550 * Tag trusted
551 * Match Group wheel
552 * Tag trusted
553 * Match Tag trusted
554 * AllowTcpForwarding yes
555 * GatewayPorts clientspecified
556 * [...]
558 * - Add a PermittedChannelRequests directive
559 * Match Group shell
560 * PermittedChannelRequests session,forwarded-tcpip
563 static int
564 match_cfg_line_group(const char *grps, int line, const char *user)
566 int result = 0;
567 struct passwd *pw;
569 if (user == NULL)
570 goto out;
572 if ((pw = getpwnam(user)) == NULL) {
573 debug("Can't match group at line %d because user %.100s does "
574 "not exist", line, user);
575 } else if (ga_init(pw->pw_name, pw->pw_gid) == 0) {
576 debug("Can't Match group because user %.100s not in any group "
577 "at line %d", user, line);
578 } else if (ga_match_pattern_list(grps) != 1) {
579 debug("user %.100s does not match group list %.100s at line %d",
580 user, grps, line);
581 } else {
582 debug("user %.100s matched group list %.100s at line %d", user,
583 grps, line);
584 result = 1;
586 out:
587 ga_free();
588 return result;
591 static int
592 match_cfg_line(char **condition, int line, const char *user, const char *host,
593 const char *address)
595 int result = 1;
596 char *arg, *attrib, *cp = *condition;
597 size_t len;
599 if (user == NULL)
600 debug3("checking syntax for 'Match %s'", cp);
601 else
602 debug3("checking match for '%s' user %s host %s addr %s", cp,
603 user ? user : "(null)", host ? host : "(null)",
604 address ? address : "(null)");
606 while ((attrib = strdelim(&cp)) && *attrib != '\0') {
607 if ((arg = strdelim(&cp)) == NULL || *arg == '\0') {
608 error("Missing Match criteria for %s", attrib);
609 return -1;
611 len = strlen(arg);
612 if (strcasecmp(attrib, "user") == 0) {
613 if (!user) {
614 result = 0;
615 continue;
617 if (match_pattern_list(user, arg, len, 0) != 1)
618 result = 0;
619 else
620 debug("user %.100s matched 'User %.100s' at "
621 "line %d", user, arg, line);
622 } else if (strcasecmp(attrib, "group") == 0) {
623 switch (match_cfg_line_group(arg, line, user)) {
624 case -1:
625 return -1;
626 case 0:
627 result = 0;
629 } else if (strcasecmp(attrib, "host") == 0) {
630 if (!host) {
631 result = 0;
632 continue;
634 if (match_hostname(host, arg, len) != 1)
635 result = 0;
636 else
637 debug("connection from %.100s matched 'Host "
638 "%.100s' at line %d", host, arg, line);
639 } else if (strcasecmp(attrib, "address") == 0) {
640 switch (addr_match_list(address, arg)) {
641 case 1:
642 debug("connection from %.100s matched 'Address "
643 "%.100s' at line %d", address, arg, line);
644 break;
645 case 0:
646 case -1:
647 result = 0;
648 break;
649 case -2:
650 return -1;
652 } else {
653 error("Unsupported Match attribute %s", attrib);
654 return -1;
657 if (user != NULL)
658 debug3("match %sfound", result ? "" : "not ");
659 *condition = cp;
660 return result;
663 #define WHITESPACE " \t\r\n"
666 process_server_config_line(ServerOptions *options, char *line,
667 const char *filename, int linenum, int *activep, const char *user,
668 const char *host, const char *address)
670 char *cp, **charptr, *arg, *p;
671 int cmdline = 0, *intptr, value, n;
672 SyslogFacility *log_facility_ptr;
673 LogLevel *log_level_ptr;
674 ServerOpCodes opcode;
675 int port;
676 u_int i, flags = 0;
677 size_t len;
679 cp = line;
680 if ((arg = strdelim(&cp)) == NULL)
681 return 0;
682 /* Ignore leading whitespace */
683 if (*arg == '\0')
684 arg = strdelim(&cp);
685 if (!arg || !*arg || *arg == '#')
686 return 0;
687 intptr = NULL;
688 charptr = NULL;
689 opcode = parse_token(arg, filename, linenum, &flags);
691 if (activep == NULL) { /* We are processing a command line directive */
692 cmdline = 1;
693 activep = &cmdline;
695 if (*activep && opcode != sMatch)
696 debug3("%s:%d setting %s %s", filename, linenum, arg, cp);
697 if (*activep == 0 && !(flags & SSHCFG_MATCH)) {
698 if (user == NULL) {
699 fatal("%s line %d: Directive '%s' is not allowed "
700 "within a Match block", filename, linenum, arg);
701 } else { /* this is a directive we have already processed */
702 while (arg)
703 arg = strdelim(&cp);
704 return 0;
708 switch (opcode) {
709 /* Portable-specific options */
710 case sUsePAM:
711 intptr = &options->use_pam;
712 goto parse_flag;
714 /* Standard Options */
715 case sBadOption:
716 return -1;
717 case sPort:
718 /* ignore ports from configfile if cmdline specifies ports */
719 if (options->ports_from_cmdline)
720 return 0;
721 if (options->listen_addrs != NULL)
722 fatal("%s line %d: ports must be specified before "
723 "ListenAddress.", filename, linenum);
724 if (options->num_ports >= MAX_PORTS)
725 fatal("%s line %d: too many ports.",
726 filename, linenum);
727 arg = strdelim(&cp);
728 if (!arg || *arg == '\0')
729 fatal("%s line %d: missing port number.",
730 filename, linenum);
731 options->ports[options->num_ports++] = a2port(arg);
732 if (options->ports[options->num_ports-1] <= 0)
733 fatal("%s line %d: Badly formatted port number.",
734 filename, linenum);
735 break;
737 case sServerKeyBits:
738 intptr = &options->server_key_bits;
739 parse_int:
740 arg = strdelim(&cp);
741 if (!arg || *arg == '\0')
742 fatal("%s line %d: missing integer value.",
743 filename, linenum);
744 value = atoi(arg);
745 if (*activep && *intptr == -1)
746 *intptr = value;
747 break;
749 case sLoginGraceTime:
750 intptr = &options->login_grace_time;
751 parse_time:
752 arg = strdelim(&cp);
753 if (!arg || *arg == '\0')
754 fatal("%s line %d: missing time value.",
755 filename, linenum);
756 if ((value = convtime(arg)) == -1)
757 fatal("%s line %d: invalid time value.",
758 filename, linenum);
759 if (*intptr == -1)
760 *intptr = value;
761 break;
763 case sKeyRegenerationTime:
764 intptr = &options->key_regeneration_time;
765 goto parse_time;
767 case sListenAddress:
768 arg = strdelim(&cp);
769 if (arg == NULL || *arg == '\0')
770 fatal("%s line %d: missing address",
771 filename, linenum);
772 /* check for bare IPv6 address: no "[]" and 2 or more ":" */
773 if (strchr(arg, '[') == NULL && (p = strchr(arg, ':')) != NULL
774 && strchr(p+1, ':') != NULL) {
775 add_listen_addr(options, arg, 0);
776 break;
778 p = hpdelim(&arg);
779 if (p == NULL)
780 fatal("%s line %d: bad address:port usage",
781 filename, linenum);
782 p = cleanhostname(p);
783 if (arg == NULL)
784 port = 0;
785 else if ((port = a2port(arg)) <= 0)
786 fatal("%s line %d: bad port number", filename, linenum);
788 add_listen_addr(options, p, port);
790 break;
792 case sAddressFamily:
793 arg = strdelim(&cp);
794 if (!arg || *arg == '\0')
795 fatal("%s line %d: missing address family.",
796 filename, linenum);
797 intptr = &options->address_family;
798 if (options->listen_addrs != NULL)
799 fatal("%s line %d: address family must be specified before "
800 "ListenAddress.", filename, linenum);
801 if (strcasecmp(arg, "inet") == 0)
802 value = AF_INET;
803 else if (strcasecmp(arg, "inet6") == 0)
804 value = AF_INET6;
805 else if (strcasecmp(arg, "any") == 0)
806 value = AF_UNSPEC;
807 else
808 fatal("%s line %d: unsupported address family \"%s\".",
809 filename, linenum, arg);
810 if (*intptr == -1)
811 *intptr = value;
812 break;
814 case sHostKeyFile:
815 intptr = &options->num_host_key_files;
816 if (*intptr >= MAX_HOSTKEYS)
817 fatal("%s line %d: too many host keys specified (max %d).",
818 filename, linenum, MAX_HOSTKEYS);
819 charptr = &options->host_key_files[*intptr];
820 parse_filename:
821 arg = strdelim(&cp);
822 if (!arg || *arg == '\0')
823 fatal("%s line %d: missing file name.",
824 filename, linenum);
825 if (*activep && *charptr == NULL) {
826 *charptr = derelativise_path(arg);
827 /* increase optional counter */
828 if (intptr != NULL)
829 *intptr = *intptr + 1;
831 break;
833 case sHostCertificate:
834 intptr = &options->num_host_cert_files;
835 if (*intptr >= MAX_HOSTKEYS)
836 fatal("%s line %d: too many host certificates "
837 "specified (max %d).", filename, linenum,
838 MAX_HOSTCERTS);
839 charptr = &options->host_cert_files[*intptr];
840 goto parse_filename;
841 break;
843 case sPidFile:
844 charptr = &options->pid_file;
845 goto parse_filename;
847 case sPermitRootLogin:
848 intptr = &options->permit_root_login;
849 arg = strdelim(&cp);
850 if (!arg || *arg == '\0')
851 fatal("%s line %d: missing yes/"
852 "without-password/forced-commands-only/no "
853 "argument.", filename, linenum);
854 value = 0; /* silence compiler */
855 if (strcmp(arg, "without-password") == 0)
856 value = PERMIT_NO_PASSWD;
857 else if (strcmp(arg, "forced-commands-only") == 0)
858 value = PERMIT_FORCED_ONLY;
859 else if (strcmp(arg, "yes") == 0)
860 value = PERMIT_YES;
861 else if (strcmp(arg, "no") == 0)
862 value = PERMIT_NO;
863 else
864 fatal("%s line %d: Bad yes/"
865 "without-password/forced-commands-only/no "
866 "argument: %s", filename, linenum, arg);
867 if (*activep && *intptr == -1)
868 *intptr = value;
869 break;
871 case sIgnoreRhosts:
872 intptr = &options->ignore_rhosts;
873 parse_flag:
874 arg = strdelim(&cp);
875 if (!arg || *arg == '\0')
876 fatal("%s line %d: missing yes/no argument.",
877 filename, linenum);
878 value = 0; /* silence compiler */
879 if (strcmp(arg, "yes") == 0)
880 value = 1;
881 else if (strcmp(arg, "no") == 0)
882 value = 0;
883 else
884 fatal("%s line %d: Bad yes/no argument: %s",
885 filename, linenum, arg);
886 if (*activep && *intptr == -1)
887 *intptr = value;
888 break;
890 case sIgnoreUserKnownHosts:
891 intptr = &options->ignore_user_known_hosts;
892 goto parse_flag;
894 case sRhostsRSAAuthentication:
895 intptr = &options->rhosts_rsa_authentication;
896 goto parse_flag;
898 case sHostbasedAuthentication:
899 intptr = &options->hostbased_authentication;
900 goto parse_flag;
902 case sHostbasedUsesNameFromPacketOnly:
903 intptr = &options->hostbased_uses_name_from_packet_only;
904 goto parse_flag;
906 case sRSAAuthentication:
907 intptr = &options->rsa_authentication;
908 goto parse_flag;
910 case sPubkeyAuthentication:
911 intptr = &options->pubkey_authentication;
912 goto parse_flag;
914 case sKerberosAuthentication:
915 intptr = &options->kerberos_authentication;
916 goto parse_flag;
918 case sKerberosOrLocalPasswd:
919 intptr = &options->kerberos_or_local_passwd;
920 goto parse_flag;
922 case sKerberosTicketCleanup:
923 intptr = &options->kerberos_ticket_cleanup;
924 goto parse_flag;
926 case sKerberosGetAFSToken:
927 intptr = &options->kerberos_get_afs_token;
928 goto parse_flag;
930 case sGssAuthentication:
931 intptr = &options->gss_authentication;
932 goto parse_flag;
934 case sGssCleanupCreds:
935 intptr = &options->gss_cleanup_creds;
936 goto parse_flag;
938 case sPasswordAuthentication:
939 intptr = &options->password_authentication;
940 goto parse_flag;
942 case sZeroKnowledgePasswordAuthentication:
943 intptr = &options->zero_knowledge_password_authentication;
944 goto parse_flag;
946 case sKbdInteractiveAuthentication:
947 intptr = &options->kbd_interactive_authentication;
948 goto parse_flag;
950 case sChallengeResponseAuthentication:
951 intptr = &options->challenge_response_authentication;
952 goto parse_flag;
954 case sPrintMotd:
955 intptr = &options->print_motd;
956 goto parse_flag;
958 case sPrintLastLog:
959 intptr = &options->print_lastlog;
960 goto parse_flag;
962 case sX11Forwarding:
963 intptr = &options->x11_forwarding;
964 goto parse_flag;
966 case sX11DisplayOffset:
967 intptr = &options->x11_display_offset;
968 goto parse_int;
970 case sX11UseLocalhost:
971 intptr = &options->x11_use_localhost;
972 goto parse_flag;
974 case sXAuthLocation:
975 charptr = &options->xauth_location;
976 goto parse_filename;
978 case sStrictModes:
979 intptr = &options->strict_modes;
980 goto parse_flag;
982 case sTCPKeepAlive:
983 intptr = &options->tcp_keep_alive;
984 goto parse_flag;
986 case sEmptyPasswd:
987 intptr = &options->permit_empty_passwd;
988 goto parse_flag;
990 case sPermitUserEnvironment:
991 intptr = &options->permit_user_env;
992 goto parse_flag;
994 case sUseLogin:
995 intptr = &options->use_login;
996 goto parse_flag;
998 case sCompression:
999 intptr = &options->compression;
1000 arg = strdelim(&cp);
1001 if (!arg || *arg == '\0')
1002 fatal("%s line %d: missing yes/no/delayed "
1003 "argument.", filename, linenum);
1004 value = 0; /* silence compiler */
1005 if (strcmp(arg, "delayed") == 0)
1006 value = COMP_DELAYED;
1007 else if (strcmp(arg, "yes") == 0)
1008 value = COMP_ZLIB;
1009 else if (strcmp(arg, "no") == 0)
1010 value = COMP_NONE;
1011 else
1012 fatal("%s line %d: Bad yes/no/delayed "
1013 "argument: %s", filename, linenum, arg);
1014 if (*intptr == -1)
1015 *intptr = value;
1016 break;
1018 case sGatewayPorts:
1019 intptr = &options->gateway_ports;
1020 arg = strdelim(&cp);
1021 if (!arg || *arg == '\0')
1022 fatal("%s line %d: missing yes/no/clientspecified "
1023 "argument.", filename, linenum);
1024 value = 0; /* silence compiler */
1025 if (strcmp(arg, "clientspecified") == 0)
1026 value = 2;
1027 else if (strcmp(arg, "yes") == 0)
1028 value = 1;
1029 else if (strcmp(arg, "no") == 0)
1030 value = 0;
1031 else
1032 fatal("%s line %d: Bad yes/no/clientspecified "
1033 "argument: %s", filename, linenum, arg);
1034 if (*activep && *intptr == -1)
1035 *intptr = value;
1036 break;
1038 case sUseDNS:
1039 intptr = &options->use_dns;
1040 goto parse_flag;
1042 case sLogFacility:
1043 log_facility_ptr = &options->log_facility;
1044 arg = strdelim(&cp);
1045 value = log_facility_number(arg);
1046 if (value == SYSLOG_FACILITY_NOT_SET)
1047 fatal("%.200s line %d: unsupported log facility '%s'",
1048 filename, linenum, arg ? arg : "<NONE>");
1049 if (*log_facility_ptr == -1)
1050 *log_facility_ptr = (SyslogFacility) value;
1051 break;
1053 case sLogLevel:
1054 log_level_ptr = &options->log_level;
1055 arg = strdelim(&cp);
1056 value = log_level_number(arg);
1057 if (value == SYSLOG_LEVEL_NOT_SET)
1058 fatal("%.200s line %d: unsupported log level '%s'",
1059 filename, linenum, arg ? arg : "<NONE>");
1060 if (*log_level_ptr == -1)
1061 *log_level_ptr = (LogLevel) value;
1062 break;
1064 case sAllowTcpForwarding:
1065 intptr = &options->allow_tcp_forwarding;
1066 goto parse_flag;
1068 case sAllowAgentForwarding:
1069 intptr = &options->allow_agent_forwarding;
1070 goto parse_flag;
1072 case sUsePrivilegeSeparation:
1073 intptr = &use_privsep;
1074 goto parse_flag;
1076 case sAllowUsers:
1077 while ((arg = strdelim(&cp)) && *arg != '\0') {
1078 if (options->num_allow_users >= MAX_ALLOW_USERS)
1079 fatal("%s line %d: too many allow users.",
1080 filename, linenum);
1081 options->allow_users[options->num_allow_users++] =
1082 xstrdup(arg);
1084 break;
1086 case sDenyUsers:
1087 while ((arg = strdelim(&cp)) && *arg != '\0') {
1088 if (options->num_deny_users >= MAX_DENY_USERS)
1089 fatal("%s line %d: too many deny users.",
1090 filename, linenum);
1091 options->deny_users[options->num_deny_users++] =
1092 xstrdup(arg);
1094 break;
1096 case sAllowGroups:
1097 while ((arg = strdelim(&cp)) && *arg != '\0') {
1098 if (options->num_allow_groups >= MAX_ALLOW_GROUPS)
1099 fatal("%s line %d: too many allow groups.",
1100 filename, linenum);
1101 options->allow_groups[options->num_allow_groups++] =
1102 xstrdup(arg);
1104 break;
1106 case sDenyGroups:
1107 while ((arg = strdelim(&cp)) && *arg != '\0') {
1108 if (options->num_deny_groups >= MAX_DENY_GROUPS)
1109 fatal("%s line %d: too many deny groups.",
1110 filename, linenum);
1111 options->deny_groups[options->num_deny_groups++] = xstrdup(arg);
1113 break;
1115 case sCiphers:
1116 arg = strdelim(&cp);
1117 if (!arg || *arg == '\0')
1118 fatal("%s line %d: Missing argument.", filename, linenum);
1119 if (!ciphers_valid(arg))
1120 fatal("%s line %d: Bad SSH2 cipher spec '%s'.",
1121 filename, linenum, arg ? arg : "<NONE>");
1122 if (options->ciphers == NULL)
1123 options->ciphers = xstrdup(arg);
1124 break;
1126 case sMacs:
1127 arg = strdelim(&cp);
1128 if (!arg || *arg == '\0')
1129 fatal("%s line %d: Missing argument.", filename, linenum);
1130 if (!mac_valid(arg))
1131 fatal("%s line %d: Bad SSH2 mac spec '%s'.",
1132 filename, linenum, arg ? arg : "<NONE>");
1133 if (options->macs == NULL)
1134 options->macs = xstrdup(arg);
1135 break;
1137 case sKexAlgorithms:
1138 arg = strdelim(&cp);
1139 if (!arg || *arg == '\0')
1140 fatal("%s line %d: Missing argument.",
1141 filename, linenum);
1142 if (!kex_names_valid(arg))
1143 fatal("%s line %d: Bad SSH2 KexAlgorithms '%s'.",
1144 filename, linenum, arg ? arg : "<NONE>");
1145 if (options->kex_algorithms == NULL)
1146 options->kex_algorithms = xstrdup(arg);
1147 break;
1149 case sProtocol:
1150 intptr = &options->protocol;
1151 arg = strdelim(&cp);
1152 if (!arg || *arg == '\0')
1153 fatal("%s line %d: Missing argument.", filename, linenum);
1154 value = proto_spec(arg);
1155 if (value == SSH_PROTO_UNKNOWN)
1156 fatal("%s line %d: Bad protocol spec '%s'.",
1157 filename, linenum, arg ? arg : "<NONE>");
1158 if (*intptr == SSH_PROTO_UNKNOWN)
1159 *intptr = value;
1160 break;
1162 case sSubsystem:
1163 if (options->num_subsystems >= MAX_SUBSYSTEMS) {
1164 fatal("%s line %d: too many subsystems defined.",
1165 filename, linenum);
1167 arg = strdelim(&cp);
1168 if (!arg || *arg == '\0')
1169 fatal("%s line %d: Missing subsystem name.",
1170 filename, linenum);
1171 if (!*activep) {
1172 arg = strdelim(&cp);
1173 break;
1175 for (i = 0; i < options->num_subsystems; i++)
1176 if (strcmp(arg, options->subsystem_name[i]) == 0)
1177 fatal("%s line %d: Subsystem '%s' already defined.",
1178 filename, linenum, arg);
1179 options->subsystem_name[options->num_subsystems] = xstrdup(arg);
1180 arg = strdelim(&cp);
1181 if (!arg || *arg == '\0')
1182 fatal("%s line %d: Missing subsystem command.",
1183 filename, linenum);
1184 options->subsystem_command[options->num_subsystems] = xstrdup(arg);
1186 /* Collect arguments (separate to executable) */
1187 p = xstrdup(arg);
1188 len = strlen(p) + 1;
1189 while ((arg = strdelim(&cp)) != NULL && *arg != '\0') {
1190 len += 1 + strlen(arg);
1191 p = xrealloc(p, 1, len);
1192 strlcat(p, " ", len);
1193 strlcat(p, arg, len);
1195 options->subsystem_args[options->num_subsystems] = p;
1196 options->num_subsystems++;
1197 break;
1199 case sMaxStartups:
1200 arg = strdelim(&cp);
1201 if (!arg || *arg == '\0')
1202 fatal("%s line %d: Missing MaxStartups spec.",
1203 filename, linenum);
1204 if ((n = sscanf(arg, "%d:%d:%d",
1205 &options->max_startups_begin,
1206 &options->max_startups_rate,
1207 &options->max_startups)) == 3) {
1208 if (options->max_startups_begin >
1209 options->max_startups ||
1210 options->max_startups_rate > 100 ||
1211 options->max_startups_rate < 1)
1212 fatal("%s line %d: Illegal MaxStartups spec.",
1213 filename, linenum);
1214 } else if (n != 1)
1215 fatal("%s line %d: Illegal MaxStartups spec.",
1216 filename, linenum);
1217 else
1218 options->max_startups = options->max_startups_begin;
1219 break;
1221 case sMaxAuthTries:
1222 intptr = &options->max_authtries;
1223 goto parse_int;
1225 case sMaxSessions:
1226 intptr = &options->max_sessions;
1227 goto parse_int;
1229 case sBanner:
1230 charptr = &options->banner;
1231 goto parse_filename;
1234 * These options can contain %X options expanded at
1235 * connect time, so that you can specify paths like:
1237 * AuthorizedKeysFile /etc/ssh_keys/%u
1239 case sAuthorizedKeysFile:
1240 charptr = &options->authorized_keys_file;
1241 goto parse_tilde_filename;
1242 case sAuthorizedKeysFile2:
1243 charptr = &options->authorized_keys_file2;
1244 goto parse_tilde_filename;
1245 case sAuthorizedPrincipalsFile:
1246 charptr = &options->authorized_principals_file;
1247 parse_tilde_filename:
1248 arg = strdelim(&cp);
1249 if (!arg || *arg == '\0')
1250 fatal("%s line %d: missing file name.",
1251 filename, linenum);
1252 if (*activep && *charptr == NULL) {
1253 *charptr = tilde_expand_filename(arg, getuid());
1254 /* increase optional counter */
1255 if (intptr != NULL)
1256 *intptr = *intptr + 1;
1258 break;
1260 case sClientAliveInterval:
1261 intptr = &options->client_alive_interval;
1262 goto parse_time;
1264 case sClientAliveCountMax:
1265 intptr = &options->client_alive_count_max;
1266 goto parse_int;
1268 case sAcceptEnv:
1269 while ((arg = strdelim(&cp)) && *arg != '\0') {
1270 if (strchr(arg, '=') != NULL)
1271 fatal("%s line %d: Invalid environment name.",
1272 filename, linenum);
1273 if (options->num_accept_env >= MAX_ACCEPT_ENV)
1274 fatal("%s line %d: too many allow env.",
1275 filename, linenum);
1276 if (!*activep)
1277 break;
1278 options->accept_env[options->num_accept_env++] =
1279 xstrdup(arg);
1281 break;
1283 case sPermitTunnel:
1284 intptr = &options->permit_tun;
1285 arg = strdelim(&cp);
1286 if (!arg || *arg == '\0')
1287 fatal("%s line %d: Missing yes/point-to-point/"
1288 "ethernet/no argument.", filename, linenum);
1289 value = -1;
1290 for (i = 0; tunmode_desc[i].val != -1; i++)
1291 if (strcmp(tunmode_desc[i].text, arg) == 0) {
1292 value = tunmode_desc[i].val;
1293 break;
1295 if (value == -1)
1296 fatal("%s line %d: Bad yes/point-to-point/ethernet/"
1297 "no argument: %s", filename, linenum, arg);
1298 if (*intptr == -1)
1299 *intptr = value;
1300 break;
1302 case sMatch:
1303 if (cmdline)
1304 fatal("Match directive not supported as a command-line "
1305 "option");
1306 value = match_cfg_line(&cp, linenum, user, host, address);
1307 if (value < 0)
1308 fatal("%s line %d: Bad Match condition", filename,
1309 linenum);
1310 *activep = value;
1311 break;
1313 case sPermitOpen:
1314 arg = strdelim(&cp);
1315 if (!arg || *arg == '\0')
1316 fatal("%s line %d: missing PermitOpen specification",
1317 filename, linenum);
1318 n = options->num_permitted_opens; /* modified later */
1319 if (strcmp(arg, "any") == 0) {
1320 if (*activep && n == -1) {
1321 channel_clear_adm_permitted_opens();
1322 options->num_permitted_opens = 0;
1324 break;
1326 if (*activep && n == -1)
1327 channel_clear_adm_permitted_opens();
1328 for (; arg != NULL && *arg != '\0'; arg = strdelim(&cp)) {
1329 p = hpdelim(&arg);
1330 if (p == NULL)
1331 fatal("%s line %d: missing host in PermitOpen",
1332 filename, linenum);
1333 p = cleanhostname(p);
1334 if (arg == NULL || (port = a2port(arg)) <= 0)
1335 fatal("%s line %d: bad port number in "
1336 "PermitOpen", filename, linenum);
1337 if (*activep && n == -1)
1338 options->num_permitted_opens =
1339 channel_add_adm_permitted_opens(p, port);
1341 break;
1343 case sForceCommand:
1344 if (cp == NULL)
1345 fatal("%.200s line %d: Missing argument.", filename,
1346 linenum);
1347 len = strspn(cp, WHITESPACE);
1348 if (*activep && options->adm_forced_command == NULL)
1349 options->adm_forced_command = xstrdup(cp + len);
1350 return 0;
1352 case sChrootDirectory:
1353 charptr = &options->chroot_directory;
1355 arg = strdelim(&cp);
1356 if (!arg || *arg == '\0')
1357 fatal("%s line %d: missing file name.",
1358 filename, linenum);
1359 if (*activep && *charptr == NULL)
1360 *charptr = xstrdup(arg);
1361 break;
1363 case sTrustedUserCAKeys:
1364 charptr = &options->trusted_user_ca_keys;
1365 goto parse_filename;
1367 case sRevokedKeys:
1368 charptr = &options->revoked_keys_file;
1369 goto parse_filename;
1371 case sDeprecated:
1372 logit("%s line %d: Deprecated option %s",
1373 filename, linenum, arg);
1374 while (arg)
1375 arg = strdelim(&cp);
1376 break;
1378 case sUnsupported:
1379 logit("%s line %d: Unsupported option %s",
1380 filename, linenum, arg);
1381 while (arg)
1382 arg = strdelim(&cp);
1383 break;
1385 default:
1386 fatal("%s line %d: Missing handler for opcode %s (%d)",
1387 filename, linenum, arg, opcode);
1389 if ((arg = strdelim(&cp)) != NULL && *arg != '\0')
1390 fatal("%s line %d: garbage at end of line; \"%.200s\".",
1391 filename, linenum, arg);
1392 return 0;
1395 /* Reads the server configuration file. */
1397 void
1398 load_server_config(const char *filename, Buffer *conf)
1400 char line[1024], *cp;
1401 FILE *f;
1403 debug2("%s: filename %s", __func__, filename);
1404 if ((f = fopen(filename, "r")) == NULL) {
1405 perror(filename);
1406 exit(1);
1408 buffer_clear(conf);
1409 while (fgets(line, sizeof(line), f)) {
1411 * Trim out comments and strip whitespace
1412 * NB - preserve newlines, they are needed to reproduce
1413 * line numbers later for error messages
1415 if ((cp = strchr(line, '#')) != NULL)
1416 memcpy(cp, "\n", 2);
1417 cp = line + strspn(line, " \t\r");
1419 buffer_append(conf, cp, strlen(cp));
1421 buffer_append(conf, "\0", 1);
1422 fclose(f);
1423 debug2("%s: done config len = %d", __func__, buffer_len(conf));
1426 void
1427 parse_server_match_config(ServerOptions *options, const char *user,
1428 const char *host, const char *address)
1430 ServerOptions mo;
1432 initialize_server_options(&mo);
1433 parse_server_config(&mo, "reprocess config", &cfg, user, host, address);
1434 copy_set_server_options(options, &mo, 0);
1437 /* Helper macros */
1438 #define M_CP_INTOPT(n) do {\
1439 if (src->n != -1) \
1440 dst->n = src->n; \
1441 } while (0)
1442 #define M_CP_STROPT(n) do {\
1443 if (src->n != NULL) { \
1444 if (dst->n != NULL) \
1445 xfree(dst->n); \
1446 dst->n = src->n; \
1448 } while(0)
1451 * Copy any supported values that are set.
1453 * If the preauth flag is set, we do not bother copying the string or
1454 * array values that are not used pre-authentication, because any that we
1455 * do use must be explictly sent in mm_getpwnamallow().
1457 void
1458 copy_set_server_options(ServerOptions *dst, ServerOptions *src, int preauth)
1460 M_CP_INTOPT(password_authentication);
1461 M_CP_INTOPT(gss_authentication);
1462 M_CP_INTOPT(rsa_authentication);
1463 M_CP_INTOPT(pubkey_authentication);
1464 M_CP_INTOPT(kerberos_authentication);
1465 M_CP_INTOPT(hostbased_authentication);
1466 M_CP_INTOPT(hostbased_uses_name_from_packet_only);
1467 M_CP_INTOPT(kbd_interactive_authentication);
1468 M_CP_INTOPT(zero_knowledge_password_authentication);
1469 M_CP_INTOPT(permit_root_login);
1470 M_CP_INTOPT(permit_empty_passwd);
1472 M_CP_INTOPT(allow_tcp_forwarding);
1473 M_CP_INTOPT(allow_agent_forwarding);
1474 M_CP_INTOPT(permit_tun);
1475 M_CP_INTOPT(gateway_ports);
1476 M_CP_INTOPT(x11_display_offset);
1477 M_CP_INTOPT(x11_forwarding);
1478 M_CP_INTOPT(x11_use_localhost);
1479 M_CP_INTOPT(max_sessions);
1480 M_CP_INTOPT(max_authtries);
1482 M_CP_STROPT(banner);
1483 if (preauth)
1484 return;
1485 M_CP_STROPT(adm_forced_command);
1486 M_CP_STROPT(chroot_directory);
1487 M_CP_STROPT(trusted_user_ca_keys);
1488 M_CP_STROPT(revoked_keys_file);
1489 M_CP_STROPT(authorized_keys_file);
1490 M_CP_STROPT(authorized_keys_file2);
1491 M_CP_STROPT(authorized_principals_file);
1494 #undef M_CP_INTOPT
1495 #undef M_CP_STROPT
1497 void
1498 parse_server_config(ServerOptions *options, const char *filename, Buffer *conf,
1499 const char *user, const char *host, const char *address)
1501 int active, linenum, bad_options = 0;
1502 char *cp, *obuf, *cbuf;
1504 debug2("%s: config %s len %d", __func__, filename, buffer_len(conf));
1506 obuf = cbuf = xstrdup(buffer_ptr(conf));
1507 active = user ? 0 : 1;
1508 linenum = 1;
1509 while ((cp = strsep(&cbuf, "\n")) != NULL) {
1510 if (process_server_config_line(options, cp, filename,
1511 linenum++, &active, user, host, address) != 0)
1512 bad_options++;
1514 xfree(obuf);
1515 if (bad_options > 0)
1516 fatal("%s: terminating, %d bad configuration options",
1517 filename, bad_options);
1520 static const char *
1521 fmt_intarg(ServerOpCodes code, int val)
1523 if (code == sAddressFamily) {
1524 switch (val) {
1525 case AF_INET:
1526 return "inet";
1527 case AF_INET6:
1528 return "inet6";
1529 case AF_UNSPEC:
1530 return "any";
1531 default:
1532 return "UNKNOWN";
1535 if (code == sPermitRootLogin) {
1536 switch (val) {
1537 case PERMIT_NO_PASSWD:
1538 return "without-password";
1539 case PERMIT_FORCED_ONLY:
1540 return "forced-commands-only";
1541 case PERMIT_YES:
1542 return "yes";
1545 if (code == sProtocol) {
1546 switch (val) {
1547 case SSH_PROTO_1:
1548 return "1";
1549 case SSH_PROTO_2:
1550 return "2";
1551 case (SSH_PROTO_1|SSH_PROTO_2):
1552 return "2,1";
1553 default:
1554 return "UNKNOWN";
1557 if (code == sGatewayPorts && val == 2)
1558 return "clientspecified";
1559 if (code == sCompression && val == COMP_DELAYED)
1560 return "delayed";
1561 switch (val) {
1562 case -1:
1563 return "unset";
1564 case 0:
1565 return "no";
1566 case 1:
1567 return "yes";
1569 return "UNKNOWN";
1572 static const char *
1573 lookup_opcode_name(ServerOpCodes code)
1575 u_int i;
1577 for (i = 0; keywords[i].name != NULL; i++)
1578 if (keywords[i].opcode == code)
1579 return(keywords[i].name);
1580 return "UNKNOWN";
1583 static void
1584 dump_cfg_int(ServerOpCodes code, int val)
1586 printf("%s %d\n", lookup_opcode_name(code), val);
1589 static void
1590 dump_cfg_fmtint(ServerOpCodes code, int val)
1592 printf("%s %s\n", lookup_opcode_name(code), fmt_intarg(code, val));
1595 static void
1596 dump_cfg_string(ServerOpCodes code, const char *val)
1598 if (val == NULL)
1599 return;
1600 printf("%s %s\n", lookup_opcode_name(code), val);
1603 static void
1604 dump_cfg_strarray(ServerOpCodes code, u_int count, char **vals)
1606 u_int i;
1608 for (i = 0; i < count; i++)
1609 printf("%s %s\n", lookup_opcode_name(code), vals[i]);
1612 void
1613 dump_config(ServerOptions *o)
1615 u_int i;
1616 int ret;
1617 struct addrinfo *ai;
1618 char addr[NI_MAXHOST], port[NI_MAXSERV], *s = NULL;
1620 /* these are usually at the top of the config */
1621 for (i = 0; i < o->num_ports; i++)
1622 printf("port %d\n", o->ports[i]);
1623 dump_cfg_fmtint(sProtocol, o->protocol);
1624 dump_cfg_fmtint(sAddressFamily, o->address_family);
1626 /* ListenAddress must be after Port */
1627 for (ai = o->listen_addrs; ai; ai = ai->ai_next) {
1628 if ((ret = getnameinfo(ai->ai_addr, ai->ai_addrlen, addr,
1629 sizeof(addr), port, sizeof(port),
1630 NI_NUMERICHOST|NI_NUMERICSERV)) != 0) {
1631 error("getnameinfo failed: %.100s",
1632 (ret != EAI_SYSTEM) ? gai_strerror(ret) :
1633 strerror(errno));
1634 } else {
1635 if (ai->ai_family == AF_INET6)
1636 printf("listenaddress [%s]:%s\n", addr, port);
1637 else
1638 printf("listenaddress %s:%s\n", addr, port);
1642 /* integer arguments */
1643 #ifdef USE_PAM
1644 dump_cfg_int(sUsePAM, o->use_pam);
1645 #endif
1646 dump_cfg_int(sServerKeyBits, o->server_key_bits);
1647 dump_cfg_int(sLoginGraceTime, o->login_grace_time);
1648 dump_cfg_int(sKeyRegenerationTime, o->key_regeneration_time);
1649 dump_cfg_int(sX11DisplayOffset, o->x11_display_offset);
1650 dump_cfg_int(sMaxAuthTries, o->max_authtries);
1651 dump_cfg_int(sMaxSessions, o->max_sessions);
1652 dump_cfg_int(sClientAliveInterval, o->client_alive_interval);
1653 dump_cfg_int(sClientAliveCountMax, o->client_alive_count_max);
1655 /* formatted integer arguments */
1656 dump_cfg_fmtint(sPermitRootLogin, o->permit_root_login);
1657 dump_cfg_fmtint(sIgnoreRhosts, o->ignore_rhosts);
1658 dump_cfg_fmtint(sIgnoreUserKnownHosts, o->ignore_user_known_hosts);
1659 dump_cfg_fmtint(sRhostsRSAAuthentication, o->rhosts_rsa_authentication);
1660 dump_cfg_fmtint(sHostbasedAuthentication, o->hostbased_authentication);
1661 dump_cfg_fmtint(sHostbasedUsesNameFromPacketOnly,
1662 o->hostbased_uses_name_from_packet_only);
1663 dump_cfg_fmtint(sRSAAuthentication, o->rsa_authentication);
1664 dump_cfg_fmtint(sPubkeyAuthentication, o->pubkey_authentication);
1665 #ifdef KRB5
1666 dump_cfg_fmtint(sKerberosAuthentication, o->kerberos_authentication);
1667 dump_cfg_fmtint(sKerberosOrLocalPasswd, o->kerberos_or_local_passwd);
1668 dump_cfg_fmtint(sKerberosTicketCleanup, o->kerberos_ticket_cleanup);
1669 # ifdef USE_AFS
1670 dump_cfg_fmtint(sKerberosGetAFSToken, o->kerberos_get_afs_token);
1671 # endif
1672 #endif
1673 #ifdef GSSAPI
1674 dump_cfg_fmtint(sGssAuthentication, o->gss_authentication);
1675 dump_cfg_fmtint(sGssCleanupCreds, o->gss_cleanup_creds);
1676 #endif
1677 #ifdef JPAKE
1678 dump_cfg_fmtint(sZeroKnowledgePasswordAuthentication,
1679 o->zero_knowledge_password_authentication);
1680 #endif
1681 dump_cfg_fmtint(sPasswordAuthentication, o->password_authentication);
1682 dump_cfg_fmtint(sKbdInteractiveAuthentication,
1683 o->kbd_interactive_authentication);
1684 dump_cfg_fmtint(sChallengeResponseAuthentication,
1685 o->challenge_response_authentication);
1686 dump_cfg_fmtint(sPrintMotd, o->print_motd);
1687 dump_cfg_fmtint(sPrintLastLog, o->print_lastlog);
1688 dump_cfg_fmtint(sX11Forwarding, o->x11_forwarding);
1689 dump_cfg_fmtint(sX11UseLocalhost, o->x11_use_localhost);
1690 dump_cfg_fmtint(sStrictModes, o->strict_modes);
1691 dump_cfg_fmtint(sTCPKeepAlive, o->tcp_keep_alive);
1692 dump_cfg_fmtint(sEmptyPasswd, o->permit_empty_passwd);
1693 dump_cfg_fmtint(sPermitUserEnvironment, o->permit_user_env);
1694 dump_cfg_fmtint(sUseLogin, o->use_login);
1695 dump_cfg_fmtint(sCompression, o->compression);
1696 dump_cfg_fmtint(sGatewayPorts, o->gateway_ports);
1697 dump_cfg_fmtint(sUseDNS, o->use_dns);
1698 dump_cfg_fmtint(sAllowTcpForwarding, o->allow_tcp_forwarding);
1699 dump_cfg_fmtint(sUsePrivilegeSeparation, use_privsep);
1701 /* string arguments */
1702 dump_cfg_string(sPidFile, o->pid_file);
1703 dump_cfg_string(sXAuthLocation, o->xauth_location);
1704 dump_cfg_string(sCiphers, o->ciphers);
1705 dump_cfg_string(sMacs, o->macs);
1706 dump_cfg_string(sBanner, o->banner);
1707 dump_cfg_string(sAuthorizedKeysFile, o->authorized_keys_file);
1708 dump_cfg_string(sAuthorizedKeysFile2, o->authorized_keys_file2);
1709 dump_cfg_string(sForceCommand, o->adm_forced_command);
1710 dump_cfg_string(sChrootDirectory, o->chroot_directory);
1711 dump_cfg_string(sTrustedUserCAKeys, o->trusted_user_ca_keys);
1712 dump_cfg_string(sRevokedKeys, o->revoked_keys_file);
1713 dump_cfg_string(sAuthorizedPrincipalsFile,
1714 o->authorized_principals_file);
1716 /* string arguments requiring a lookup */
1717 dump_cfg_string(sLogLevel, log_level_name(o->log_level));
1718 dump_cfg_string(sLogFacility, log_facility_name(o->log_facility));
1720 /* string array arguments */
1721 dump_cfg_strarray(sHostKeyFile, o->num_host_key_files,
1722 o->host_key_files);
1723 dump_cfg_strarray(sHostKeyFile, o->num_host_cert_files,
1724 o->host_cert_files);
1725 dump_cfg_strarray(sAllowUsers, o->num_allow_users, o->allow_users);
1726 dump_cfg_strarray(sDenyUsers, o->num_deny_users, o->deny_users);
1727 dump_cfg_strarray(sAllowGroups, o->num_allow_groups, o->allow_groups);
1728 dump_cfg_strarray(sDenyGroups, o->num_deny_groups, o->deny_groups);
1729 dump_cfg_strarray(sAcceptEnv, o->num_accept_env, o->accept_env);
1731 /* other arguments */
1732 for (i = 0; i < o->num_subsystems; i++)
1733 printf("subsystem %s %s\n", o->subsystem_name[i],
1734 o->subsystem_args[i]);
1736 printf("maxstartups %d:%d:%d\n", o->max_startups_begin,
1737 o->max_startups_rate, o->max_startups);
1739 for (i = 0; tunmode_desc[i].val != -1; i++)
1740 if (tunmode_desc[i].val == o->permit_tun) {
1741 s = tunmode_desc[i].text;
1742 break;
1744 dump_cfg_string(sPermitTunnel, s);
1746 channel_print_adm_permitted_opens();