search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
- (dtucker) [configure.ac openbsd-compat/Makefile.in
[openssh-git.git] / servconf.c
blob986a5b92f692eaf9433881ca0ff3e2f2d0c8e292
1 /* $OpenBSD: servconf.c,v 1.209 2010/06/22 04:22:59 djm Exp $ */
2 /*
3 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
4 * All rights reserved
5 *
6 * As far as I am concerned, the code I have written for this software
7 * can be used freely for any purpose. Any derived versions of this
8 * software must be clearly marked as such, and if the derived work is
9 * incompatible with the protocol description in the RFC file, it must be
10 * called by a name other than "ssh" or "Secure Shell".
11 */
12
13 #include "includes.h"
14
15 #include <sys/types.h>
16 #include <sys/socket.h>
17
18 #include <netdb.h>
19 #include <pwd.h>
20 #include <stdio.h>
21 #include <stdlib.h>
22 #include <string.h>
23 #include <signal.h>
24 #include <unistd.h>
25 #include <stdarg.h>
26 #include <errno.h>
27
28 #include "openbsd-compat/sys-queue.h"
29 #include "xmalloc.h"
30 #include "ssh.h"
31 #include "log.h"
32 #include "buffer.h"
33 #include "servconf.h"
34 #include "compat.h"
35 #include "pathnames.h"
36 #include "misc.h"
37 #include "cipher.h"
38 #include "key.h"
39 #include "kex.h"
40 #include "mac.h"
41 #include "match.h"
42 #include "channels.h"
43 #include "groupaccess.h"
44
45 static void add_listen_addr(ServerOptions *, char *, int);
46 static void add_one_listen_addr(ServerOptions *, char *, int);
47
48 /* Use of privilege separation or not */
49 extern int use_privsep;
50 extern Buffer cfg;
51
52 /* Initializes the server options to their default values. */
53
54 void
55 initialize_server_options(ServerOptions *options)
56 {
57 memset(options, 0, sizeof(*options));
58
59 /* Portable-specific options */
60 options->use_pam = -1;
61
62 /* Standard Options */
63 options->num_ports = 0;
64 options->ports_from_cmdline = 0;
65 options->listen_addrs = NULL;
66 options->address_family = -1;
67 options->num_host_key_files = 0;
68 options->num_host_cert_files = 0;
69 options->pid_file = NULL;
70 options->server_key_bits = -1;
71 options->login_grace_time = -1;
72 options->key_regeneration_time = -1;
73 options->permit_root_login = PERMIT_NOT_SET;
74 options->ignore_rhosts = -1;
75 options->ignore_user_known_hosts = -1;
76 options->print_motd = -1;
77 options->print_lastlog = -1;
78 options->x11_forwarding = -1;
79 options->x11_display_offset = -1;
80 options->x11_use_localhost = -1;
81 options->xauth_location = NULL;
82 options->strict_modes = -1;
83 options->tcp_keep_alive = -1;
84 options->log_facility = SYSLOG_FACILITY_NOT_SET;
85 options->log_level = SYSLOG_LEVEL_NOT_SET;
86 options->rhosts_rsa_authentication = -1;
87 options->hostbased_authentication = -1;
88 options->hostbased_uses_name_from_packet_only = -1;
89 options->rsa_authentication = -1;
90 options->pubkey_authentication = -1;
91 options->kerberos_authentication = -1;
92 options->kerberos_or_local_passwd = -1;
93 options->kerberos_ticket_cleanup = -1;
94 options->kerberos_get_afs_token = -1;
95 options->gss_authentication=-1;
96 options->gss_cleanup_creds = -1;
97 options->password_authentication = -1;
98 options->kbd_interactive_authentication = -1;
99 options->challenge_response_authentication = -1;
100 options->permit_empty_passwd = -1;
101 options->permit_user_env = -1;
102 options->use_login = -1;
103 options->compression = -1;
104 options->allow_tcp_forwarding = -1;
105 options->allow_agent_forwarding = -1;
106 options->num_allow_users = 0;
107 options->num_deny_users = 0;
108 options->num_allow_groups = 0;
109 options->num_deny_groups = 0;
110 options->ciphers = NULL;
111 options->macs = NULL;
112 options->protocol = SSH_PROTO_UNKNOWN;
113 options->gateway_ports = -1;
114 options->num_subsystems = 0;
115 options->max_startups_begin = -1;
116 options->max_startups_rate = -1;
117 options->max_startups = -1;
118 options->max_authtries = -1;
119 options->max_sessions = -1;
120 options->banner = NULL;
121 options->use_dns = -1;
122 options->client_alive_interval = -1;
123 options->client_alive_count_max = -1;
124 options->authorized_keys_file = NULL;
125 options->authorized_keys_file2 = NULL;
126 options->num_accept_env = 0;
127 options->permit_tun = -1;
128 options->num_permitted_opens = -1;
129 options->adm_forced_command = NULL;
130 options->chroot_directory = NULL;
131 options->zero_knowledge_password_authentication = -1;
132 options->revoked_keys_file = NULL;
133 options->trusted_user_ca_keys = NULL;
134 options->authorized_principals_file = NULL;
135 }
136
137 void
138 fill_default_server_options(ServerOptions *options)
139 {
140 /* Portable-specific options */
141 if (options->use_pam == -1)
142 options->use_pam = 0;
143
144 /* Standard Options */
145 if (options->protocol == SSH_PROTO_UNKNOWN)
146 options->protocol = SSH_PROTO_2;
147 if (options->num_host_key_files == 0) {
148 /* fill default hostkeys for protocols */
149 if (options->protocol & SSH_PROTO_1)
150 options->host_key_files[options->num_host_key_files++] =
151 _PATH_HOST_KEY_FILE;
152 if (options->protocol & SSH_PROTO_2) {
153 options->host_key_files[options->num_host_key_files++] =
154 _PATH_HOST_RSA_KEY_FILE;
155 options->host_key_files[options->num_host_key_files++] =
156 _PATH_HOST_DSA_KEY_FILE;
157 }
158 }
159 /* No certificates by default */
160 if (options->num_ports == 0)
161 options->ports[options->num_ports++] = SSH_DEFAULT_PORT;
162 if (options->listen_addrs == NULL)
163 add_listen_addr(options, NULL, 0);
164 if (options->pid_file == NULL)
165 options->pid_file = _PATH_SSH_DAEMON_PID_FILE;
166 if (options->server_key_bits == -1)
167 options->server_key_bits = 1024;
168 if (options->login_grace_time == -1)
169 options->login_grace_time = 120;
170 if (options->key_regeneration_time == -1)
171 options->key_regeneration_time = 3600;
172 if (options->permit_root_login == PERMIT_NOT_SET)
173 options->permit_root_login = PERMIT_YES;
174 if (options->ignore_rhosts == -1)
175 options->ignore_rhosts = 1;
176 if (options->ignore_user_known_hosts == -1)
177 options->ignore_user_known_hosts = 0;
178 if (options->print_motd == -1)
179 options->print_motd = 1;
180 if (options->print_lastlog == -1)
181 options->print_lastlog = 1;
182 if (options->x11_forwarding == -1)
183 options->x11_forwarding = 0;
184 if (options->x11_display_offset == -1)
185 options->x11_display_offset = 10;
186 if (options->x11_use_localhost == -1)
187 options->x11_use_localhost = 1;
188 if (options->xauth_location == NULL)
189 options->xauth_location = _PATH_XAUTH;
190 if (options->strict_modes == -1)
191 options->strict_modes = 1;
192 if (options->tcp_keep_alive == -1)
193 options->tcp_keep_alive = 1;
194 if (options->log_facility == SYSLOG_FACILITY_NOT_SET)
195 options->log_facility = SYSLOG_FACILITY_AUTH;
196 if (options->log_level == SYSLOG_LEVEL_NOT_SET)
197 options->log_level = SYSLOG_LEVEL_INFO;
198 if (options->rhosts_rsa_authentication == -1)
199 options->rhosts_rsa_authentication = 0;
200 if (options->hostbased_authentication == -1)
201 options->hostbased_authentication = 0;
202 if (options->hostbased_uses_name_from_packet_only == -1)
203 options->hostbased_uses_name_from_packet_only = 0;
204 if (options->rsa_authentication == -1)
205 options->rsa_authentication = 1;
206 if (options->pubkey_authentication == -1)
207 options->pubkey_authentication = 1;
208 if (options->kerberos_authentication == -1)
209 options->kerberos_authentication = 0;
210 if (options->kerberos_or_local_passwd == -1)
211 options->kerberos_or_local_passwd = 1;
212 if (options->kerberos_ticket_cleanup == -1)
213 options->kerberos_ticket_cleanup = 1;
214 if (options->kerberos_get_afs_token == -1)
215 options->kerberos_get_afs_token = 0;
216 if (options->gss_authentication == -1)
217 options->gss_authentication = 0;
218 if (options->gss_cleanup_creds == -1)
219 options->gss_cleanup_creds = 1;
220 if (options->password_authentication == -1)
221 options->password_authentication = 1;
222 if (options->kbd_interactive_authentication == -1)
223 options->kbd_interactive_authentication = 0;
224 if (options->challenge_response_authentication == -1)
225 options->challenge_response_authentication = 1;
226 if (options->permit_empty_passwd == -1)
227 options->permit_empty_passwd = 0;
228 if (options->permit_user_env == -1)
229 options->permit_user_env = 0;
230 if (options->use_login == -1)
231 options->use_login = 0;
232 if (options->compression == -1)
233 options->compression = COMP_DELAYED;
234 if (options->allow_tcp_forwarding == -1)
235 options->allow_tcp_forwarding = 1;
236 if (options->allow_agent_forwarding == -1)
237 options->allow_agent_forwarding = 1;
238 if (options->gateway_ports == -1)
239 options->gateway_ports = 0;
240 if (options->max_startups == -1)
241 options->max_startups = 10;
242 if (options->max_startups_rate == -1)
243 options->max_startups_rate = 100; /* 100% */
244 if (options->max_startups_begin == -1)
245 options->max_startups_begin = options->max_startups;
246 if (options->max_authtries == -1)
247 options->max_authtries = DEFAULT_AUTH_FAIL_MAX;
248 if (options->max_sessions == -1)
249 options->max_sessions = DEFAULT_SESSIONS_MAX;
250 if (options->use_dns == -1)
251 options->use_dns = 1;
252 if (options->client_alive_interval == -1)
253 options->client_alive_interval = 0;
254 if (options->client_alive_count_max == -1)
255 options->client_alive_count_max = 3;
256 if (options->authorized_keys_file2 == NULL) {
257 /* authorized_keys_file2 falls back to authorized_keys_file */
258 if (options->authorized_keys_file != NULL)
259 options->authorized_keys_file2 = options->authorized_keys_file;
260 else
261 options->authorized_keys_file2 = _PATH_SSH_USER_PERMITTED_KEYS2;
262 }
263 if (options->authorized_keys_file == NULL)
264 options->authorized_keys_file = _PATH_SSH_USER_PERMITTED_KEYS;
265 if (options->permit_tun == -1)
266 options->permit_tun = SSH_TUNMODE_NO;
267 if (options->zero_knowledge_password_authentication == -1)
268 options->zero_knowledge_password_authentication = 0;
269
270 /* Turn privilege separation on by default */
271 if (use_privsep == -1)
272 use_privsep = 1;
273
274 #ifndef HAVE_MMAP
275 if (use_privsep && options->compression == 1) {
276 error("This platform does not support both privilege "
277 "separation and compression");
278 error("Compression disabled");
279 options->compression = 0;
280 }
281 #endif
282
283 }
284
285 /* Keyword tokens. */
286 typedef enum {
287 sBadOption, /* == unknown option */
288 /* Portable-specific options */
289 sUsePAM,
290 /* Standard Options */
291 sPort, sHostKeyFile, sServerKeyBits, sLoginGraceTime, sKeyRegenerationTime,
292 sPermitRootLogin, sLogFacility, sLogLevel,
293 sRhostsRSAAuthentication, sRSAAuthentication,
294 sKerberosAuthentication, sKerberosOrLocalPasswd, sKerberosTicketCleanup,
295 sKerberosGetAFSToken,
296 sKerberosTgtPassing, sChallengeResponseAuthentication,
297 sPasswordAuthentication, sKbdInteractiveAuthentication,
298 sListenAddress, sAddressFamily,
299 sPrintMotd, sPrintLastLog, sIgnoreRhosts,
300 sX11Forwarding, sX11DisplayOffset, sX11UseLocalhost,
301 sStrictModes, sEmptyPasswd, sTCPKeepAlive,
302 sPermitUserEnvironment, sUseLogin, sAllowTcpForwarding, sCompression,
303 sAllowUsers, sDenyUsers, sAllowGroups, sDenyGroups,
304 sIgnoreUserKnownHosts, sCiphers, sMacs, sProtocol, sPidFile,
305 sGatewayPorts, sPubkeyAuthentication, sXAuthLocation, sSubsystem,
306 sMaxStartups, sMaxAuthTries, sMaxSessions,
307 sBanner, sUseDNS, sHostbasedAuthentication,
308 sHostbasedUsesNameFromPacketOnly, sClientAliveInterval,
309 sClientAliveCountMax, sAuthorizedKeysFile, sAuthorizedKeysFile2,
310 sGssAuthentication, sGssCleanupCreds, sAcceptEnv, sPermitTunnel,
311 sMatch, sPermitOpen, sForceCommand, sChrootDirectory,
312 sUsePrivilegeSeparation, sAllowAgentForwarding,
313 sZeroKnowledgePasswordAuthentication, sHostCertificate,
314 sRevokedKeys, sTrustedUserCAKeys, sAuthorizedPrincipalsFile,
315 sDeprecated, sUnsupported
316 } ServerOpCodes;
317
318 #define SSHCFG_GLOBAL 0x01 /* allowed in main section of sshd_config */
319 #define SSHCFG_MATCH 0x02 /* allowed inside a Match section */
320 #define SSHCFG_ALL (SSHCFG_GLOBAL|SSHCFG_MATCH)
321
322 /* Textual representation of the tokens. */
323 static struct {
324 const char *name;
325 ServerOpCodes opcode;
326 u_int flags;
327 } keywords[] = {
328 /* Portable-specific options */
329 #ifdef USE_PAM
330 { "usepam", sUsePAM, SSHCFG_GLOBAL },
331 #else
332 { "usepam", sUnsupported, SSHCFG_GLOBAL },
333 #endif
334 { "pamauthenticationviakbdint", sDeprecated, SSHCFG_GLOBAL },
335 /* Standard Options */
336 { "port", sPort, SSHCFG_GLOBAL },
337 { "hostkey", sHostKeyFile, SSHCFG_GLOBAL },
338 { "hostdsakey", sHostKeyFile, SSHCFG_GLOBAL }, /* alias */
339 { "pidfile", sPidFile, SSHCFG_GLOBAL },
340 { "serverkeybits", sServerKeyBits, SSHCFG_GLOBAL },
341 { "logingracetime", sLoginGraceTime, SSHCFG_GLOBAL },
342 { "keyregenerationinterval", sKeyRegenerationTime, SSHCFG_GLOBAL },
343 { "permitrootlogin", sPermitRootLogin, SSHCFG_ALL },
344 { "syslogfacility", sLogFacility, SSHCFG_GLOBAL },
345 { "loglevel", sLogLevel, SSHCFG_GLOBAL },
346 { "rhostsauthentication", sDeprecated, SSHCFG_GLOBAL },
347 { "rhostsrsaauthentication", sRhostsRSAAuthentication, SSHCFG_ALL },
348 { "hostbasedauthentication", sHostbasedAuthentication, SSHCFG_ALL },
349 { "hostbasedusesnamefrompacketonly", sHostbasedUsesNameFromPacketOnly, SSHCFG_ALL },
350 { "rsaauthentication", sRSAAuthentication, SSHCFG_ALL },
351 { "pubkeyauthentication", sPubkeyAuthentication, SSHCFG_ALL },
352 { "dsaauthentication", sPubkeyAuthentication, SSHCFG_GLOBAL }, /* alias */
353 #ifdef KRB5
354 { "kerberosauthentication", sKerberosAuthentication, SSHCFG_ALL },
355 { "kerberosorlocalpasswd", sKerberosOrLocalPasswd, SSHCFG_GLOBAL },
356 { "kerberosticketcleanup", sKerberosTicketCleanup, SSHCFG_GLOBAL },
357 #ifdef USE_AFS
358 { "kerberosgetafstoken", sKerberosGetAFSToken, SSHCFG_GLOBAL },
359 #else
360 { "kerberosgetafstoken", sUnsupported, SSHCFG_GLOBAL },
361 #endif
362 #else
363 { "kerberosauthentication", sUnsupported, SSHCFG_ALL },
364 { "kerberosorlocalpasswd", sUnsupported, SSHCFG_GLOBAL },
365 { "kerberosticketcleanup", sUnsupported, SSHCFG_GLOBAL },
366 { "kerberosgetafstoken", sUnsupported, SSHCFG_GLOBAL },
367 #endif
368 { "kerberostgtpassing", sUnsupported, SSHCFG_GLOBAL },
369 { "afstokenpassing", sUnsupported, SSHCFG_GLOBAL },
370 #ifdef GSSAPI
371 { "gssapiauthentication", sGssAuthentication, SSHCFG_ALL },
372 { "gssapicleanupcredentials", sGssCleanupCreds, SSHCFG_GLOBAL },
373 #else
374 { "gssapiauthentication", sUnsupported, SSHCFG_ALL },
375 { "gssapicleanupcredentials", sUnsupported, SSHCFG_GLOBAL },
376 #endif
377 { "passwordauthentication", sPasswordAuthentication, SSHCFG_ALL },
378 { "kbdinteractiveauthentication", sKbdInteractiveAuthentication, SSHCFG_ALL },
379 { "challengeresponseauthentication", sChallengeResponseAuthentication, SSHCFG_GLOBAL },
380 { "skeyauthentication", sChallengeResponseAuthentication, SSHCFG_GLOBAL }, /* alias */
381 #ifdef JPAKE
382 { "zeroknowledgepasswordauthentication", sZeroKnowledgePasswordAuthentication, SSHCFG_ALL },
383 #else
384 { "zeroknowledgepasswordauthentication", sUnsupported, SSHCFG_ALL },
385 #endif
386 { "checkmail", sDeprecated, SSHCFG_GLOBAL },
387 { "listenaddress", sListenAddress, SSHCFG_GLOBAL },
388 { "addressfamily", sAddressFamily, SSHCFG_GLOBAL },
389 { "printmotd", sPrintMotd, SSHCFG_GLOBAL },
390 { "printlastlog", sPrintLastLog, SSHCFG_GLOBAL },
391 { "ignorerhosts", sIgnoreRhosts, SSHCFG_GLOBAL },
392 { "ignoreuserknownhosts", sIgnoreUserKnownHosts, SSHCFG_GLOBAL },
393 { "x11forwarding", sX11Forwarding, SSHCFG_ALL },
394 { "x11displayoffset", sX11DisplayOffset, SSHCFG_ALL },
395 { "x11uselocalhost", sX11UseLocalhost, SSHCFG_ALL },
396 { "xauthlocation", sXAuthLocation, SSHCFG_GLOBAL },
397 { "strictmodes", sStrictModes, SSHCFG_GLOBAL },
398 { "permitemptypasswords", sEmptyPasswd, SSHCFG_ALL },
399 { "permituserenvironment", sPermitUserEnvironment, SSHCFG_GLOBAL },
400 { "uselogin", sUseLogin, SSHCFG_GLOBAL },
401 { "compression", sCompression, SSHCFG_GLOBAL },
402 { "tcpkeepalive", sTCPKeepAlive, SSHCFG_GLOBAL },
403 { "keepalive", sTCPKeepAlive, SSHCFG_GLOBAL }, /* obsolete alias */
404 { "allowtcpforwarding", sAllowTcpForwarding, SSHCFG_ALL },
405 { "allowagentforwarding", sAllowAgentForwarding, SSHCFG_ALL },
406 { "allowusers", sAllowUsers, SSHCFG_GLOBAL },
407 { "denyusers", sDenyUsers, SSHCFG_GLOBAL },
408 { "allowgroups", sAllowGroups, SSHCFG_GLOBAL },
409 { "denygroups", sDenyGroups, SSHCFG_GLOBAL },
410 { "ciphers", sCiphers, SSHCFG_GLOBAL },
411 { "macs", sMacs, SSHCFG_GLOBAL },
412 { "protocol", sProtocol, SSHCFG_GLOBAL },
413 { "gatewayports", sGatewayPorts, SSHCFG_ALL },
414 { "subsystem", sSubsystem, SSHCFG_GLOBAL },
415 { "maxstartups", sMaxStartups, SSHCFG_GLOBAL },
416 { "maxauthtries", sMaxAuthTries, SSHCFG_ALL },
417 { "maxsessions", sMaxSessions, SSHCFG_ALL },
418 { "banner", sBanner, SSHCFG_ALL },
419 { "usedns", sUseDNS, SSHCFG_GLOBAL },
420 { "verifyreversemapping", sDeprecated, SSHCFG_GLOBAL },
421 { "reversemappingcheck", sDeprecated, SSHCFG_GLOBAL },
422 { "clientaliveinterval", sClientAliveInterval, SSHCFG_GLOBAL },
423 { "clientalivecountmax", sClientAliveCountMax, SSHCFG_GLOBAL },
424 { "authorizedkeysfile", sAuthorizedKeysFile, SSHCFG_ALL },
425 { "authorizedkeysfile2", sAuthorizedKeysFile2, SSHCFG_ALL },
426 { "useprivilegeseparation", sUsePrivilegeSeparation, SSHCFG_GLOBAL},
427 { "acceptenv", sAcceptEnv, SSHCFG_GLOBAL },
428 { "permittunnel", sPermitTunnel, SSHCFG_ALL },
429 { "match", sMatch, SSHCFG_ALL },
430 { "permitopen", sPermitOpen, SSHCFG_ALL },
431 { "forcecommand", sForceCommand, SSHCFG_ALL },
432 { "chrootdirectory", sChrootDirectory, SSHCFG_ALL },
433 { "hostcertificate", sHostCertificate, SSHCFG_GLOBAL },
434 { "revokedkeys", sRevokedKeys, SSHCFG_ALL },
435 { "trustedusercakeys", sTrustedUserCAKeys, SSHCFG_ALL },
436 { "authorizedprincipalsfile", sAuthorizedPrincipalsFile, SSHCFG_ALL },
437 { NULL, sBadOption, 0 }
438 };
439
440 static struct {
441 int val;
442 char *text;
443 } tunmode_desc[] = {
444 { SSH_TUNMODE_NO, "no" },
445 { SSH_TUNMODE_POINTOPOINT, "point-to-point" },
446 { SSH_TUNMODE_ETHERNET, "ethernet" },
447 { SSH_TUNMODE_YES, "yes" },
448 { -1, NULL }
449 };
450
451 /*
452 * Returns the number of the token pointed to by cp or sBadOption.
453 */
454
455 static ServerOpCodes
456 parse_token(const char *cp, const char *filename,
457 int linenum, u_int *flags)
458 {
459 u_int i;
460
461 for (i = 0; keywords[i].name; i++)
462 if (strcasecmp(cp, keywords[i].name) == 0) {
463 *flags = keywords[i].flags;
464 return keywords[i].opcode;
465 }
466
467 error("%s: line %d: Bad configuration option: %s",
468 filename, linenum, cp);
469 return sBadOption;
470 }
471
472 char *
473 derelativise_path(const char *path)
474 {
475 char *expanded, *ret, cwd[MAXPATHLEN];
476
477 expanded = tilde_expand_filename(path, getuid());
478 if (*expanded == '/')
479 return expanded;
480 if (getcwd(cwd, sizeof(cwd)) == NULL)
481 fatal("%s: getcwd: %s", __func__, strerror(errno));
482 xasprintf(&ret, "%s/%s", cwd, expanded);
483 xfree(expanded);
484 return ret;
485 }
486
487 static void
488 add_listen_addr(ServerOptions *options, char *addr, int port)
489 {
490 u_int i;
491
492 if (options->num_ports == 0)
493 options->ports[options->num_ports++] = SSH_DEFAULT_PORT;
494 if (options->address_family == -1)
495 options->address_family = AF_UNSPEC;
496 if (port == 0)
497 for (i = 0; i < options->num_ports; i++)
498 add_one_listen_addr(options, addr, options->ports[i]);
499 else
500 add_one_listen_addr(options, addr, port);
501 }
502
503 static void
504 add_one_listen_addr(ServerOptions *options, char *addr, int port)
505 {
506 struct addrinfo hints, *ai, *aitop;
507 char strport[NI_MAXSERV];
508 int gaierr;
509
510 memset(&hints, 0, sizeof(hints));
511 hints.ai_family = options->address_family;
512 hints.ai_socktype = SOCK_STREAM;
513 hints.ai_flags = (addr == NULL) ? AI_PASSIVE : 0;
514 snprintf(strport, sizeof strport, "%d", port);
515 if ((gaierr = getaddrinfo(addr, strport, &hints, &aitop)) != 0)
516 fatal("bad addr or host: %s (%s)",
517 addr ? addr : "<NULL>",
518 ssh_gai_strerror(gaierr));
519 for (ai = aitop; ai->ai_next; ai = ai->ai_next)
520 ;
521 ai->ai_next = options->listen_addrs;
522 options->listen_addrs = aitop;
523 }
524
525 /*
526 * The strategy for the Match blocks is that the config file is parsed twice.
527 *
528 * The first time is at startup. activep is initialized to 1 and the
529 * directives in the global context are processed and acted on. Hitting a
530 * Match directive unsets activep and the directives inside the block are
531 * checked for syntax only.
532 *
533 * The second time is after a connection has been established but before
534 * authentication. activep is initialized to 2 and global config directives
535 * are ignored since they have already been processed. If the criteria in a
536 * Match block is met, activep is set and the subsequent directives
537 * processed and actioned until EOF or another Match block unsets it. Any
538 * options set are copied into the main server config.
539 *
540 * Potential additions/improvements:
541 * - Add Match support for pre-kex directives, eg Protocol, Ciphers.
542 *
543 * - Add a Tag directive (idea from David Leonard) ala pf, eg:
544 * Match Address 192.168.0.*
545 * Tag trusted
546 * Match Group wheel
547 * Tag trusted
548 * Match Tag trusted
549 * AllowTcpForwarding yes
550 * GatewayPorts clientspecified
551 * [...]
552 *
553 * - Add a PermittedChannelRequests directive
554 * Match Group shell
555 * PermittedChannelRequests session,forwarded-tcpip
556 */
557
558 static int
559 match_cfg_line_group(const char *grps, int line, const char *user)
560 {
561 int result = 0;
562 struct passwd *pw;
563
564 if (user == NULL)
565 goto out;
566
567 if ((pw = getpwnam(user)) == NULL) {
568 debug("Can't match group at line %d because user %.100s does "
569 "not exist", line, user);
570 } else if (ga_init(pw->pw_name, pw->pw_gid) == 0) {
571 debug("Can't Match group because user %.100s not in any group "
572 "at line %d", user, line);
573 } else if (ga_match_pattern_list(grps) != 1) {
574 debug("user %.100s does not match group list %.100s at line %d",
575 user, grps, line);
576 } else {
577 debug("user %.100s matched group list %.100s at line %d", user,
578 grps, line);
579 result = 1;
580 }
581 out:
582 ga_free();
583 return result;
584 }
585
586 static int
587 match_cfg_line(char **condition, int line, const char *user, const char *host,
588 const char *address)
589 {
590 int result = 1;
591 char *arg, *attrib, *cp = *condition;
592 size_t len;
593
594 if (user == NULL)
595 debug3("checking syntax for 'Match %s'", cp);
596 else
597 debug3("checking match for '%s' user %s host %s addr %s", cp,
598 user ? user : "(null)", host ? host : "(null)",
599 address ? address : "(null)");
600
601 while ((attrib = strdelim(&cp)) && *attrib != '\0') {
602 if ((arg = strdelim(&cp)) == NULL || *arg == '\0') {
603 error("Missing Match criteria for %s", attrib);
604 return -1;
605 }
606 len = strlen(arg);
607 if (strcasecmp(attrib, "user") == 0) {
608 if (!user) {
609 result = 0;
610 continue;
611 }
612 if (match_pattern_list(user, arg, len, 0) != 1)
613 result = 0;
614 else
615 debug("user %.100s matched 'User %.100s' at "
616 "line %d", user, arg, line);
617 } else if (strcasecmp(attrib, "group") == 0) {
618 switch (match_cfg_line_group(arg, line, user)) {
619 case -1:
620 return -1;
621 case 0:
622 result = 0;
623 }
624 } else if (strcasecmp(attrib, "host") == 0) {
625 if (!host) {
626 result = 0;
627 continue;
628 }
629 if (match_hostname(host, arg, len) != 1)
630 result = 0;
631 else
632 debug("connection from %.100s matched 'Host "
633 "%.100s' at line %d", host, arg, line);
634 } else if (strcasecmp(attrib, "address") == 0) {
635 switch (addr_match_list(address, arg)) {
636 case 1:
637 debug("connection from %.100s matched 'Address "
638 "%.100s' at line %d", address, arg, line);
639 break;
640 case 0:
641 case -1:
642 result = 0;
643 break;
644 case -2:
645 return -1;
646 }
647 } else {
648 error("Unsupported Match attribute %s", attrib);
649 return -1;
650 }
651 }
652 if (user != NULL)
653 debug3("match %sfound", result ? "" : "not ");
654 *condition = cp;
655 return result;
656 }
657
658 #define WHITESPACE " \t\r\n"
659
660 int
661 process_server_config_line(ServerOptions *options, char *line,
662 const char *filename, int linenum, int *activep, const char *user,
663 const char *host, const char *address)
664 {
665 char *cp, **charptr, *arg, *p;
666 int cmdline = 0, *intptr, value, n;
667 SyslogFacility *log_facility_ptr;
668 LogLevel *log_level_ptr;
669 ServerOpCodes opcode;
670 int port;
671 u_int i, flags = 0;
672 size_t len;
673
674 cp = line;
675 if ((arg = strdelim(&cp)) == NULL)
676 return 0;
677 /* Ignore leading whitespace */
678 if (*arg == '\0')
679 arg = strdelim(&cp);
680 if (!arg || !*arg || *arg == '#')
681 return 0;
682 intptr = NULL;
683 charptr = NULL;
684 opcode = parse_token(arg, filename, linenum, &flags);
685
686 if (activep == NULL) { /* We are processing a command line directive */
687 cmdline = 1;
688 activep = &cmdline;
689 }
690 if (*activep && opcode != sMatch)
691 debug3("%s:%d setting %s %s", filename, linenum, arg, cp);
692 if (*activep == 0 && !(flags & SSHCFG_MATCH)) {
693 if (user == NULL) {
694 fatal("%s line %d: Directive '%s' is not allowed "
695 "within a Match block", filename, linenum, arg);
696 } else { /* this is a directive we have already processed */
697 while (arg)
698 arg = strdelim(&cp);
699 return 0;
700 }
701 }
702
703 switch (opcode) {
704 /* Portable-specific options */
705 case sUsePAM:
706 intptr = &options->use_pam;
707 goto parse_flag;
708
709 /* Standard Options */
710 case sBadOption:
711 return -1;
712 case sPort:
713 /* ignore ports from configfile if cmdline specifies ports */
714 if (options->ports_from_cmdline)
715 return 0;
716 if (options->listen_addrs != NULL)
717 fatal("%s line %d: ports must be specified before "
718 "ListenAddress.", filename, linenum);
719 if (options->num_ports >= MAX_PORTS)
720 fatal("%s line %d: too many ports.",
721 filename, linenum);
722 arg = strdelim(&cp);
723 if (!arg || *arg == '\0')
724 fatal("%s line %d: missing port number.",
725 filename, linenum);
726 options->ports[options->num_ports++] = a2port(arg);
727 if (options->ports[options->num_ports-1] <= 0)
728 fatal("%s line %d: Badly formatted port number.",
729 filename, linenum);
730 break;
731
732 case sServerKeyBits:
733 intptr = &options->server_key_bits;
734 parse_int:
735 arg = strdelim(&cp);
736 if (!arg || *arg == '\0')
737 fatal("%s line %d: missing integer value.",
738 filename, linenum);
739 value = atoi(arg);
740 if (*activep && *intptr == -1)
741 *intptr = value;
742 break;
743
744 case sLoginGraceTime:
745 intptr = &options->login_grace_time;
746 parse_time:
747 arg = strdelim(&cp);
748 if (!arg || *arg == '\0')
749 fatal("%s line %d: missing time value.",
750 filename, linenum);
751 if ((value = convtime(arg)) == -1)
752 fatal("%s line %d: invalid time value.",
753 filename, linenum);
754 if (*intptr == -1)
755 *intptr = value;
756 break;
757
758 case sKeyRegenerationTime:
759 intptr = &options->key_regeneration_time;
760 goto parse_time;
761
762 case sListenAddress:
763 arg = strdelim(&cp);
764 if (arg == NULL || *arg == '\0')
765 fatal("%s line %d: missing address",
766 filename, linenum);
767 /* check for bare IPv6 address: no "[]" and 2 or more ":" */
768 if (strchr(arg, '[') == NULL && (p = strchr(arg, ':')) != NULL
769 && strchr(p+1, ':') != NULL) {
770 add_listen_addr(options, arg, 0);
771 break;
772 }
773 p = hpdelim(&arg);
774 if (p == NULL)
775 fatal("%s line %d: bad address:port usage",
776 filename, linenum);
777 p = cleanhostname(p);
778 if (arg == NULL)
779 port = 0;
780 else if ((port = a2port(arg)) <= 0)
781 fatal("%s line %d: bad port number", filename, linenum);
782
783 add_listen_addr(options, p, port);
784
785 break;
786
787 case sAddressFamily:
788 arg = strdelim(&cp);
789 if (!arg || *arg == '\0')
790 fatal("%s line %d: missing address family.",
791 filename, linenum);
792 intptr = &options->address_family;
793 if (options->listen_addrs != NULL)
794 fatal("%s line %d: address family must be specified before "
795 "ListenAddress.", filename, linenum);
796 if (strcasecmp(arg, "inet") == 0)
797 value = AF_INET;
798 else if (strcasecmp(arg, "inet6") == 0)
799 value = AF_INET6;
800 else if (strcasecmp(arg, "any") == 0)
801 value = AF_UNSPEC;
802 else
803 fatal("%s line %d: unsupported address family \"%s\".",
804 filename, linenum, arg);
805 if (*intptr == -1)
806 *intptr = value;
807 break;
808
809 case sHostKeyFile:
810 intptr = &options->num_host_key_files;
811 if (*intptr >= MAX_HOSTKEYS)
812 fatal("%s line %d: too many host keys specified (max %d).",
813 filename, linenum, MAX_HOSTKEYS);
814 charptr = &options->host_key_files[*intptr];
815 parse_filename:
816 arg = strdelim(&cp);
817 if (!arg || *arg == '\0')
818 fatal("%s line %d: missing file name.",
819 filename, linenum);
820 if (*activep && *charptr == NULL) {
821 *charptr = derelativise_path(arg);
822 /* increase optional counter */
823 if (intptr != NULL)
824 *intptr = *intptr + 1;
825 }
826 break;
827
828 case sHostCertificate:
829 intptr = &options->num_host_cert_files;
830 if (*intptr >= MAX_HOSTKEYS)
831 fatal("%s line %d: too many host certificates "
832 "specified (max %d).", filename, linenum,
833 MAX_HOSTCERTS);
834 charptr = &options->host_cert_files[*intptr];
835 goto parse_filename;
836 break;
837
838 case sPidFile:
839 charptr = &options->pid_file;
840 goto parse_filename;
841
842 case sPermitRootLogin:
843 intptr = &options->permit_root_login;
844 arg = strdelim(&cp);
845 if (!arg || *arg == '\0')
846 fatal("%s line %d: missing yes/"
847 "without-password/forced-commands-only/no "
848 "argument.", filename, linenum);
849 value = 0; /* silence compiler */
850 if (strcmp(arg, "without-password") == 0)
851 value = PERMIT_NO_PASSWD;
852 else if (strcmp(arg, "forced-commands-only") == 0)
853 value = PERMIT_FORCED_ONLY;
854 else if (strcmp(arg, "yes") == 0)
855 value = PERMIT_YES;
856 else if (strcmp(arg, "no") == 0)
857 value = PERMIT_NO;
858 else
859 fatal("%s line %d: Bad yes/"
860 "without-password/forced-commands-only/no "
861 "argument: %s", filename, linenum, arg);
862 if (*activep && *intptr == -1)
863 *intptr = value;
864 break;
865
866 case sIgnoreRhosts:
867 intptr = &options->ignore_rhosts;
868 parse_flag:
869 arg = strdelim(&cp);
870 if (!arg || *arg == '\0')
871 fatal("%s line %d: missing yes/no argument.",
872 filename, linenum);
873 value = 0; /* silence compiler */
874 if (strcmp(arg, "yes") == 0)
875 value = 1;
876 else if (strcmp(arg, "no") == 0)
877 value = 0;
878 else
879 fatal("%s line %d: Bad yes/no argument: %s",
880 filename, linenum, arg);
881 if (*activep && *intptr == -1)
882 *intptr = value;
883 break;
884
885 case sIgnoreUserKnownHosts:
886 intptr = &options->ignore_user_known_hosts;
887 goto parse_flag;
888
889 case sRhostsRSAAuthentication:
890 intptr = &options->rhosts_rsa_authentication;
891 goto parse_flag;
892
893 case sHostbasedAuthentication:
894 intptr = &options->hostbased_authentication;
895 goto parse_flag;
896
897 case sHostbasedUsesNameFromPacketOnly:
898 intptr = &options->hostbased_uses_name_from_packet_only;
899 goto parse_flag;
900
901 case sRSAAuthentication:
902 intptr = &options->rsa_authentication;
903 goto parse_flag;
904
905 case sPubkeyAuthentication:
906 intptr = &options->pubkey_authentication;
907 goto parse_flag;
908
909 case sKerberosAuthentication:
910 intptr = &options->kerberos_authentication;
911 goto parse_flag;
912
913 case sKerberosOrLocalPasswd:
914 intptr = &options->kerberos_or_local_passwd;
915 goto parse_flag;
916
917 case sKerberosTicketCleanup:
918 intptr = &options->kerberos_ticket_cleanup;
919 goto parse_flag;
920
921 case sKerberosGetAFSToken:
922 intptr = &options->kerberos_get_afs_token;
923 goto parse_flag;
924
925 case sGssAuthentication:
926 intptr = &options->gss_authentication;
927 goto parse_flag;
928
929 case sGssCleanupCreds:
930 intptr = &options->gss_cleanup_creds;
931 goto parse_flag;
932
933 case sPasswordAuthentication:
934 intptr = &options->password_authentication;
935 goto parse_flag;
936
937 case sZeroKnowledgePasswordAuthentication:
938 intptr = &options->zero_knowledge_password_authentication;
939 goto parse_flag;
940
941 case sKbdInteractiveAuthentication:
942 intptr = &options->kbd_interactive_authentication;
943 goto parse_flag;
944
945 case sChallengeResponseAuthentication:
946 intptr = &options->challenge_response_authentication;
947 goto parse_flag;
948
949 case sPrintMotd:
950 intptr = &options->print_motd;
951 goto parse_flag;
952
953 case sPrintLastLog:
954 intptr = &options->print_lastlog;
955 goto parse_flag;
956
957 case sX11Forwarding:
958 intptr = &options->x11_forwarding;
959 goto parse_flag;
960
961 case sX11DisplayOffset:
962 intptr = &options->x11_display_offset;
963 goto parse_int;
964
965 case sX11UseLocalhost:
966 intptr = &options->x11_use_localhost;
967 goto parse_flag;
968
969 case sXAuthLocation:
970 charptr = &options->xauth_location;
971 goto parse_filename;
972
973 case sStrictModes:
974 intptr = &options->strict_modes;
975 goto parse_flag;
976
977 case sTCPKeepAlive:
978 intptr = &options->tcp_keep_alive;
979 goto parse_flag;
980
981 case sEmptyPasswd:
982 intptr = &options->permit_empty_passwd;
983 goto parse_flag;
984
985 case sPermitUserEnvironment:
986 intptr = &options->permit_user_env;
987 goto parse_flag;
988
989 case sUseLogin:
990 intptr = &options->use_login;
991 goto parse_flag;
992
993 case sCompression:
994 intptr = &options->compression;
995 arg = strdelim(&cp);
996 if (!arg || *arg == '\0')
997 fatal("%s line %d: missing yes/no/delayed "
998 "argument.", filename, linenum);
999 value = 0; /* silence compiler */
1000 if (strcmp(arg, "delayed") == 0)
1001 value = COMP_DELAYED;
1002 else if (strcmp(arg, "yes") == 0)
1003 value = COMP_ZLIB;
1004 else if (strcmp(arg, "no") == 0)
1005 value = COMP_NONE;
1006 else
1007 fatal("%s line %d: Bad yes/no/delayed "
1008 "argument: %s", filename, linenum, arg);
1009 if (*intptr == -1)
1010 *intptr = value;
1011 break;
1012
1013 case sGatewayPorts:
1014 intptr = &options->gateway_ports;
1015 arg = strdelim(&cp);
1016 if (!arg || *arg == '\0')
1017 fatal("%s line %d: missing yes/no/clientspecified "
1018 "argument.", filename, linenum);
1019 value = 0; /* silence compiler */
1020 if (strcmp(arg, "clientspecified") == 0)
1021 value = 2;
1022 else if (strcmp(arg, "yes") == 0)
1023 value = 1;
1024 else if (strcmp(arg, "no") == 0)
1025 value = 0;
1026 else
1027 fatal("%s line %d: Bad yes/no/clientspecified "
1028 "argument: %s", filename, linenum, arg);
1029 if (*activep && *intptr == -1)
1030 *intptr = value;
1031 break;
1032
1033 case sUseDNS:
1034 intptr = &options->use_dns;
1035 goto parse_flag;
1036
1037 case sLogFacility:
1038 log_facility_ptr = &options->log_facility;
1039 arg = strdelim(&cp);
1040 value = log_facility_number(arg);
1041 if (value == SYSLOG_FACILITY_NOT_SET)
1042 fatal("%.200s line %d: unsupported log facility '%s'",
1043 filename, linenum, arg ? arg : "<NONE>");
1044 if (*log_facility_ptr == -1)
1045 *log_facility_ptr = (SyslogFacility) value;
1046 break;
1047
1048 case sLogLevel:
1049 log_level_ptr = &options->log_level;
1050 arg = strdelim(&cp);
1051 value = log_level_number(arg);
1052 if (value == SYSLOG_LEVEL_NOT_SET)
1053 fatal("%.200s line %d: unsupported log level '%s'",
1054 filename, linenum, arg ? arg : "<NONE>");
1055 if (*log_level_ptr == -1)
1056 *log_level_ptr = (LogLevel) value;
1057 break;
1058
1059 case sAllowTcpForwarding:
1060 intptr = &options->allow_tcp_forwarding;
1061 goto parse_flag;
1062
1063 case sAllowAgentForwarding:
1064 intptr = &options->allow_agent_forwarding;
1065 goto parse_flag;
1066
1067 case sUsePrivilegeSeparation:
1068 intptr = &use_privsep;
1069 goto parse_flag;
1070
1071 case sAllowUsers:
1072 while ((arg = strdelim(&cp)) && *arg != '\0') {
1073 if (options->num_allow_users >= MAX_ALLOW_USERS)
1074 fatal("%s line %d: too many allow users.",
1075 filename, linenum);
1076 options->allow_users[options->num_allow_users++] =
1077 xstrdup(arg);
1078 }
1079 break;
1080
1081 case sDenyUsers:
1082 while ((arg = strdelim(&cp)) && *arg != '\0') {
1083 if (options->num_deny_users >= MAX_DENY_USERS)
1084 fatal("%s line %d: too many deny users.",
1085 filename, linenum);
1086 options->deny_users[options->num_deny_users++] =
1087 xstrdup(arg);
1088 }
1089 break;
1090
1091 case sAllowGroups:
1092 while ((arg = strdelim(&cp)) && *arg != '\0') {
1093 if (options->num_allow_groups >= MAX_ALLOW_GROUPS)
1094 fatal("%s line %d: too many allow groups.",
1095 filename, linenum);
1096 options->allow_groups[options->num_allow_groups++] =
1097 xstrdup(arg);
1098 }
1099 break;
1100
1101 case sDenyGroups:
1102 while ((arg = strdelim(&cp)) && *arg != '\0') {
1103 if (options->num_deny_groups >= MAX_DENY_GROUPS)
1104 fatal("%s line %d: too many deny groups.",
1105 filename, linenum);
1106 options->deny_groups[options->num_deny_groups++] = xstrdup(arg);
1107 }
1108 break;
1109
1110 case sCiphers:
1111 arg = strdelim(&cp);
1112 if (!arg || *arg == '\0')
1113 fatal("%s line %d: Missing argument.", filename, linenum);
1114 if (!ciphers_valid(arg))
1115 fatal("%s line %d: Bad SSH2 cipher spec '%s'.",
1116 filename, linenum, arg ? arg : "<NONE>");
1117 if (options->ciphers == NULL)
1118 options->ciphers = xstrdup(arg);
1119 break;
1120
1121 case sMacs:
1122 arg = strdelim(&cp);
1123 if (!arg || *arg == '\0')
1124 fatal("%s line %d: Missing argument.", filename, linenum);
1125 if (!mac_valid(arg))
1126 fatal("%s line %d: Bad SSH2 mac spec '%s'.",
1127 filename, linenum, arg ? arg : "<NONE>");
1128 if (options->macs == NULL)
1129 options->macs = xstrdup(arg);
1130 break;
1131
1132 case sProtocol:
1133 intptr = &options->protocol;
1134 arg = strdelim(&cp);
1135 if (!arg || *arg == '\0')
1136 fatal("%s line %d: Missing argument.", filename, linenum);
1137 value = proto_spec(arg);
1138 if (value == SSH_PROTO_UNKNOWN)
1139 fatal("%s line %d: Bad protocol spec '%s'.",
1140 filename, linenum, arg ? arg : "<NONE>");
1141 if (*intptr == SSH_PROTO_UNKNOWN)
1142 *intptr = value;
1143 break;
1144
1145 case sSubsystem:
1146 if (options->num_subsystems >= MAX_SUBSYSTEMS) {
1147 fatal("%s line %d: too many subsystems defined.",
1148 filename, linenum);
1149 }
1150 arg = strdelim(&cp);
1151 if (!arg || *arg == '\0')
1152 fatal("%s line %d: Missing subsystem name.",
1153 filename, linenum);
1154 if (!*activep) {
1155 arg = strdelim(&cp);
1156 break;
1157 }
1158 for (i = 0; i < options->num_subsystems; i++)
1159 if (strcmp(arg, options->subsystem_name[i]) == 0)
1160 fatal("%s line %d: Subsystem '%s' already defined.",
1161 filename, linenum, arg);
1162 options->subsystem_name[options->num_subsystems] = xstrdup(arg);
1163 arg = strdelim(&cp);
1164 if (!arg || *arg == '\0')
1165 fatal("%s line %d: Missing subsystem command.",
1166 filename, linenum);
1167 options->subsystem_command[options->num_subsystems] = xstrdup(arg);
1168
1169 /* Collect arguments (separate to executable) */
1170 p = xstrdup(arg);
1171 len = strlen(p) + 1;
1172 while ((arg = strdelim(&cp)) != NULL && *arg != '\0') {
1173 len += 1 + strlen(arg);
1174 p = xrealloc(p, 1, len);
1175 strlcat(p, " ", len);
1176 strlcat(p, arg, len);
1177 }
1178 options->subsystem_args[options->num_subsystems] = p;
1179 options->num_subsystems++;
1180 break;
1181
1182 case sMaxStartups:
1183 arg = strdelim(&cp);
1184 if (!arg || *arg == '\0')
1185 fatal("%s line %d: Missing MaxStartups spec.",
1186 filename, linenum);
1187 if ((n = sscanf(arg, "%d:%d:%d",
1188 &options->max_startups_begin,
1189 &options->max_startups_rate,
1190 &options->max_startups)) == 3) {
1191 if (options->max_startups_begin >
1192 options->max_startups ||
1193 options->max_startups_rate > 100 ||
1194 options->max_startups_rate < 1)
1195 fatal("%s line %d: Illegal MaxStartups spec.",
1196 filename, linenum);
1197 } else if (n != 1)
1198 fatal("%s line %d: Illegal MaxStartups spec.",
1199 filename, linenum);
1200 else
1201 options->max_startups = options->max_startups_begin;
1202 break;
1203
1204 case sMaxAuthTries:
1205 intptr = &options->max_authtries;
1206 goto parse_int;
1207
1208 case sMaxSessions:
1209 intptr = &options->max_sessions;
1210 goto parse_int;
1211
1212 case sBanner:
1213 charptr = &options->banner;
1214 goto parse_filename;
1215
1216 /*
1217 * These options can contain %X options expanded at
1218 * connect time, so that you can specify paths like:
1219 *
1220 * AuthorizedKeysFile /etc/ssh_keys/%u
1221 */
1222 case sAuthorizedKeysFile:
1223 charptr = &options->authorized_keys_file;
1224 goto parse_tilde_filename;
1225 case sAuthorizedKeysFile2:
1226 charptr = &options->authorized_keys_file2;
1227 goto parse_tilde_filename;
1228 case sAuthorizedPrincipalsFile:
1229 charptr = &options->authorized_principals_file;
1230 parse_tilde_filename:
1231 arg = strdelim(&cp);
1232 if (!arg || *arg == '\0')
1233 fatal("%s line %d: missing file name.",
1234 filename, linenum);
1235 if (*activep && *charptr == NULL) {
1236 *charptr = tilde_expand_filename(arg, getuid());
1237 /* increase optional counter */
1238 if (intptr != NULL)
1239 *intptr = *intptr + 1;
1240 }
1241 break;
1242
1243 case sClientAliveInterval:
1244 intptr = &options->client_alive_interval;
1245 goto parse_time;
1246
1247 case sClientAliveCountMax:
1248 intptr = &options->client_alive_count_max;
1249 goto parse_int;
1250
1251 case sAcceptEnv:
1252 while ((arg = strdelim(&cp)) && *arg != '\0') {
1253 if (strchr(arg, '=') != NULL)
1254 fatal("%s line %d: Invalid environment name.",
1255 filename, linenum);
1256 if (options->num_accept_env >= MAX_ACCEPT_ENV)
1257 fatal("%s line %d: too many allow env.",
1258 filename, linenum);
1259 if (!*activep)
1260 break;
1261 options->accept_env[options->num_accept_env++] =
1262 xstrdup(arg);
1263 }
1264 break;
1265
1266 case sPermitTunnel:
1267 intptr = &options->permit_tun;
1268 arg = strdelim(&cp);
1269 if (!arg || *arg == '\0')
1270 fatal("%s line %d: Missing yes/point-to-point/"
1271 "ethernet/no argument.", filename, linenum);
1272 value = -1;
1273 for (i = 0; tunmode_desc[i].val != -1; i++)
1274 if (strcmp(tunmode_desc[i].text, arg) == 0) {
1275 value = tunmode_desc[i].val;
1276 break;
1277 }
1278 if (value == -1)
1279 fatal("%s line %d: Bad yes/point-to-point/ethernet/"
1280 "no argument: %s", filename, linenum, arg);
1281 if (*intptr == -1)
1282 *intptr = value;
1283 break;
1284
1285 case sMatch:
1286 if (cmdline)
1287 fatal("Match directive not supported as a command-line "
1288 "option");
1289 value = match_cfg_line(&cp, linenum, user, host, address);
1290 if (value < 0)
1291 fatal("%s line %d: Bad Match condition", filename,
1292 linenum);
1293 *activep = value;
1294 break;
1295
1296 case sPermitOpen:
1297 arg = strdelim(&cp);
1298 if (!arg || *arg == '\0')
1299 fatal("%s line %d: missing PermitOpen specification",
1300 filename, linenum);
1301 n = options->num_permitted_opens; /* modified later */
1302 if (strcmp(arg, "any") == 0) {
1303 if (*activep && n == -1) {
1304 channel_clear_adm_permitted_opens();
1305 options->num_permitted_opens = 0;
1306 }
1307 break;
1308 }
1309 if (*activep && n == -1)
1310 channel_clear_adm_permitted_opens();
1311 for (; arg != NULL && *arg != '\0'; arg = strdelim(&cp)) {
1312 p = hpdelim(&arg);
1313 if (p == NULL)
1314 fatal("%s line %d: missing host in PermitOpen",
1315 filename, linenum);
1316 p = cleanhostname(p);
1317 if (arg == NULL || (port = a2port(arg)) <= 0)
1318 fatal("%s line %d: bad port number in "
1319 "PermitOpen", filename, linenum);
1320 if (*activep && n == -1)
1321 options->num_permitted_opens =
1322 channel_add_adm_permitted_opens(p, port);
1323 }
1324 break;
1325
1326 case sForceCommand:
1327 if (cp == NULL)
1328 fatal("%.200s line %d: Missing argument.", filename,
1329 linenum);
1330 len = strspn(cp, WHITESPACE);
1331 if (*activep && options->adm_forced_command == NULL)
1332 options->adm_forced_command = xstrdup(cp + len);
1333 return 0;
1334
1335 case sChrootDirectory:
1336 charptr = &options->chroot_directory;
1337
1338 arg = strdelim(&cp);
1339 if (!arg || *arg == '\0')
1340 fatal("%s line %d: missing file name.",
1341 filename, linenum);
1342 if (*activep && *charptr == NULL)
1343 *charptr = xstrdup(arg);
1344 break;
1345
1346 case sTrustedUserCAKeys:
1347 charptr = &options->trusted_user_ca_keys;
1348 goto parse_filename;
1349
1350 case sRevokedKeys:
1351 charptr = &options->revoked_keys_file;
1352 goto parse_filename;
1353
1354 case sDeprecated:
1355 logit("%s line %d: Deprecated option %s",
1356 filename, linenum, arg);
1357 while (arg)
1358 arg = strdelim(&cp);
1359 break;
1360
1361 case sUnsupported:
1362 logit("%s line %d: Unsupported option %s",
1363 filename, linenum, arg);
1364 while (arg)
1365 arg = strdelim(&cp);
1366 break;
1367
1368 default:
1369 fatal("%s line %d: Missing handler for opcode %s (%d)",
1370 filename, linenum, arg, opcode);
1371 }
1372 if ((arg = strdelim(&cp)) != NULL && *arg != '\0')
1373 fatal("%s line %d: garbage at end of line; \"%.200s\".",
1374 filename, linenum, arg);
1375 return 0;
1376 }
1377
1378 /* Reads the server configuration file. */
1379
1380 void
1381 load_server_config(const char *filename, Buffer *conf)
1382 {
1383 char line[1024], *cp;
1384 FILE *f;
1385
1386 debug2("%s: filename %s", __func__, filename);
1387 if ((f = fopen(filename, "r")) == NULL) {
1388 perror(filename);
1389 exit(1);
1390 }
1391 buffer_clear(conf);
1392 while (fgets(line, sizeof(line), f)) {
1393 /*
1394 * Trim out comments and strip whitespace
1395 * NB - preserve newlines, they are needed to reproduce
1396 * line numbers later for error messages
1397 */
1398 if ((cp = strchr(line, '#')) != NULL)
1399 memcpy(cp, "\n", 2);
1400 cp = line + strspn(line, " \t\r");
1401
1402 buffer_append(conf, cp, strlen(cp));
1403 }
1404 buffer_append(conf, "\0", 1);
1405 fclose(f);
1406 debug2("%s: done config len = %d", __func__, buffer_len(conf));
1407 }
1408
1409 void
1410 parse_server_match_config(ServerOptions *options, const char *user,
1411 const char *host, const char *address)
1412 {
1413 ServerOptions mo;
1414
1415 initialize_server_options(&mo);
1416 parse_server_config(&mo, "reprocess config", &cfg, user, host, address);
1417 copy_set_server_options(options, &mo, 0);
1418 }
1419
1420 /* Helper macros */
1421 #define M_CP_INTOPT(n) do {\
1422 if (src->n != -1) \
1423 dst->n = src->n; \
1424 } while (0)
1425 #define M_CP_STROPT(n) do {\
1426 if (src->n != NULL) { \
1427 if (dst->n != NULL) \
1428 xfree(dst->n); \
1429 dst->n = src->n; \
1430 } \
1431 } while(0)
1432
1433 /*
1434 * Copy any supported values that are set.
1435 *
1436 * If the preauth flag is set, we do not bother copying the string or
1437 * array values that are not used pre-authentication, because any that we
1438 * do use must be explictly sent in mm_getpwnamallow().
1439 */
1440 void
1441 copy_set_server_options(ServerOptions *dst, ServerOptions *src, int preauth)
1442 {
1443 M_CP_INTOPT(password_authentication);
1444 M_CP_INTOPT(gss_authentication);
1445 M_CP_INTOPT(rsa_authentication);
1446 M_CP_INTOPT(pubkey_authentication);
1447 M_CP_INTOPT(kerberos_authentication);
1448 M_CP_INTOPT(hostbased_authentication);
1449 M_CP_INTOPT(hostbased_uses_name_from_packet_only);
1450 M_CP_INTOPT(kbd_interactive_authentication);
1451 M_CP_INTOPT(zero_knowledge_password_authentication);
1452 M_CP_INTOPT(permit_root_login);
1453 M_CP_INTOPT(permit_empty_passwd);
1454
1455 M_CP_INTOPT(allow_tcp_forwarding);
1456 M_CP_INTOPT(allow_agent_forwarding);
1457 M_CP_INTOPT(permit_tun);
1458 M_CP_INTOPT(gateway_ports);
1459 M_CP_INTOPT(x11_display_offset);
1460 M_CP_INTOPT(x11_forwarding);
1461 M_CP_INTOPT(x11_use_localhost);
1462 M_CP_INTOPT(max_sessions);
1463 M_CP_INTOPT(max_authtries);
1464
1465 M_CP_STROPT(banner);
1466 if (preauth)
1467 return;
1468 M_CP_STROPT(adm_forced_command);
1469 M_CP_STROPT(chroot_directory);
1470 M_CP_STROPT(trusted_user_ca_keys);
1471 M_CP_STROPT(revoked_keys_file);
1472 M_CP_STROPT(authorized_keys_file);
1473 M_CP_STROPT(authorized_keys_file2);
1474 M_CP_STROPT(authorized_principals_file);
1475 }
1476
1477 #undef M_CP_INTOPT
1478 #undef M_CP_STROPT
1479
1480 void
1481 parse_server_config(ServerOptions *options, const char *filename, Buffer *conf,
1482 const char *user, const char *host, const char *address)
1483 {
1484 int active, linenum, bad_options = 0;
1485 char *cp, *obuf, *cbuf;
1486
1487 debug2("%s: config %s len %d", __func__, filename, buffer_len(conf));
1488
1489 obuf = cbuf = xstrdup(buffer_ptr(conf));
1490 active = user ? 0 : 1;
1491 linenum = 1;
1492 while ((cp = strsep(&cbuf, "\n")) != NULL) {
1493 if (process_server_config_line(options, cp, filename,
1494 linenum++, &active, user, host, address) != 0)
1495 bad_options++;
1496 }
1497 xfree(obuf);
1498 if (bad_options > 0)
1499 fatal("%s: terminating, %d bad configuration options",
1500 filename, bad_options);
1501 }
1502
1503 static const char *
1504 fmt_intarg(ServerOpCodes code, int val)
1505 {
1506 if (code == sAddressFamily) {
1507 switch (val) {
1508 case AF_INET:
1509 return "inet";
1510 case AF_INET6:
1511 return "inet6";
1512 case AF_UNSPEC:
1513 return "any";
1514 default:
1515 return "UNKNOWN";
1516 }
1517 }
1518 if (code == sPermitRootLogin) {
1519 switch (val) {
1520 case PERMIT_NO_PASSWD:
1521 return "without-password";
1522 case PERMIT_FORCED_ONLY:
1523 return "forced-commands-only";
1524 case PERMIT_YES:
1525 return "yes";
1526 }
1527 }
1528 if (code == sProtocol) {
1529 switch (val) {
1530 case SSH_PROTO_1:
1531 return "1";
1532 case SSH_PROTO_2:
1533 return "2";
1534 case (SSH_PROTO_1|SSH_PROTO_2):
1535 return "2,1";
1536 default:
1537 return "UNKNOWN";
1538 }
1539 }
1540 if (code == sGatewayPorts && val == 2)
1541 return "clientspecified";
1542 if (code == sCompression && val == COMP_DELAYED)
1543 return "delayed";
1544 switch (val) {
1545 case -1:
1546 return "unset";
1547 case 0:
1548 return "no";
1549 case 1:
1550 return "yes";
1551 }
1552 return "UNKNOWN";
1553 }
1554
1555 static const char *
1556 lookup_opcode_name(ServerOpCodes code)
1557 {
1558 u_int i;
1559
1560 for (i = 0; keywords[i].name != NULL; i++)
1561 if (keywords[i].opcode == code)
1562 return(keywords[i].name);
1563 return "UNKNOWN";
1564 }
1565
1566 static void
1567 dump_cfg_int(ServerOpCodes code, int val)
1568 {
1569 printf("%s %d\n", lookup_opcode_name(code), val);
1570 }
1571
1572 static void
1573 dump_cfg_fmtint(ServerOpCodes code, int val)
1574 {
1575 printf("%s %s\n", lookup_opcode_name(code), fmt_intarg(code, val));
1576 }
1577
1578 static void
1579 dump_cfg_string(ServerOpCodes code, const char *val)
1580 {
1581 if (val == NULL)
1582 return;
1583 printf("%s %s\n", lookup_opcode_name(code), val);
1584 }
1585
1586 static void
1587 dump_cfg_strarray(ServerOpCodes code, u_int count, char **vals)
1588 {
1589 u_int i;
1590
1591 for (i = 0; i < count; i++)
1592 printf("%s %s\n", lookup_opcode_name(code), vals[i]);
1593 }
1594
1595 void
1596 dump_config(ServerOptions *o)
1597 {
1598 u_int i;
1599 int ret;
1600 struct addrinfo *ai;
1601 char addr[NI_MAXHOST], port[NI_MAXSERV], *s = NULL;
1602
1603 /* these are usually at the top of the config */
1604 for (i = 0; i < o->num_ports; i++)
1605 printf("port %d\n", o->ports[i]);
1606 dump_cfg_fmtint(sProtocol, o->protocol);
1607 dump_cfg_fmtint(sAddressFamily, o->address_family);
1608
1609 /* ListenAddress must be after Port */
1610 for (ai = o->listen_addrs; ai; ai = ai->ai_next) {
1611 if ((ret = getnameinfo(ai->ai_addr, ai->ai_addrlen, addr,
1612 sizeof(addr), port, sizeof(port),
1613 NI_NUMERICHOST|NI_NUMERICSERV)) != 0) {
1614 error("getnameinfo failed: %.100s",
1615 (ret != EAI_SYSTEM) ? gai_strerror(ret) :
1616 strerror(errno));
1617 } else {
1618 if (ai->ai_family == AF_INET6)
1619 printf("listenaddress [%s]:%s\n", addr, port);
1620 else
1621 printf("listenaddress %s:%s\n", addr, port);
1622 }
1623 }
1624
1625 /* integer arguments */
1626 #ifdef USE_PAM
1627 dump_cfg_int(sUsePAM, o->use_pam);
1628 #endif
1629 dump_cfg_int(sServerKeyBits, o->server_key_bits);
1630 dump_cfg_int(sLoginGraceTime, o->login_grace_time);
1631 dump_cfg_int(sKeyRegenerationTime, o->key_regeneration_time);
1632 dump_cfg_int(sX11DisplayOffset, o->x11_display_offset);
1633 dump_cfg_int(sMaxAuthTries, o->max_authtries);
1634 dump_cfg_int(sMaxSessions, o->max_sessions);
1635 dump_cfg_int(sClientAliveInterval, o->client_alive_interval);
1636 dump_cfg_int(sClientAliveCountMax, o->client_alive_count_max);
1637
1638 /* formatted integer arguments */
1639 dump_cfg_fmtint(sPermitRootLogin, o->permit_root_login);
1640 dump_cfg_fmtint(sIgnoreRhosts, o->ignore_rhosts);
1641 dump_cfg_fmtint(sIgnoreUserKnownHosts, o->ignore_user_known_hosts);
1642 dump_cfg_fmtint(sRhostsRSAAuthentication, o->rhosts_rsa_authentication);
1643 dump_cfg_fmtint(sHostbasedAuthentication, o->hostbased_authentication);
1644 dump_cfg_fmtint(sHostbasedUsesNameFromPacketOnly,
1645 o->hostbased_uses_name_from_packet_only);
1646 dump_cfg_fmtint(sRSAAuthentication, o->rsa_authentication);
1647 dump_cfg_fmtint(sPubkeyAuthentication, o->pubkey_authentication);
1648 #ifdef KRB5
1649 dump_cfg_fmtint(sKerberosAuthentication, o->kerberos_authentication);
1650 dump_cfg_fmtint(sKerberosOrLocalPasswd, o->kerberos_or_local_passwd);
1651 dump_cfg_fmtint(sKerberosTicketCleanup, o->kerberos_ticket_cleanup);
1652 # ifdef USE_AFS
1653 dump_cfg_fmtint(sKerberosGetAFSToken, o->kerberos_get_afs_token);
1654 # endif
1655 #endif
1656 #ifdef GSSAPI
1657 dump_cfg_fmtint(sGssAuthentication, o->gss_authentication);
1658 dump_cfg_fmtint(sGssCleanupCreds, o->gss_cleanup_creds);
1659 #endif
1660 #ifdef JPAKE
1661 dump_cfg_fmtint(sZeroKnowledgePasswordAuthentication,
1662 o->zero_knowledge_password_authentication);
1663 #endif
1664 dump_cfg_fmtint(sPasswordAuthentication, o->password_authentication);
1665 dump_cfg_fmtint(sKbdInteractiveAuthentication,
1666 o->kbd_interactive_authentication);
1667 dump_cfg_fmtint(sChallengeResponseAuthentication,
1668 o->challenge_response_authentication);
1669 dump_cfg_fmtint(sPrintMotd, o->print_motd);
1670 dump_cfg_fmtint(sPrintLastLog, o->print_lastlog);
1671 dump_cfg_fmtint(sX11Forwarding, o->x11_forwarding);
1672 dump_cfg_fmtint(sX11UseLocalhost, o->x11_use_localhost);
1673 dump_cfg_fmtint(sStrictModes, o->strict_modes);
1674 dump_cfg_fmtint(sTCPKeepAlive, o->tcp_keep_alive);
1675 dump_cfg_fmtint(sEmptyPasswd, o->permit_empty_passwd);
1676 dump_cfg_fmtint(sPermitUserEnvironment, o->permit_user_env);
1677 dump_cfg_fmtint(sUseLogin, o->use_login);
1678 dump_cfg_fmtint(sCompression, o->compression);
1679 dump_cfg_fmtint(sGatewayPorts, o->gateway_ports);
1680 dump_cfg_fmtint(sUseDNS, o->use_dns);
1681 dump_cfg_fmtint(sAllowTcpForwarding, o->allow_tcp_forwarding);
1682 dump_cfg_fmtint(sUsePrivilegeSeparation, use_privsep);
1683
1684 /* string arguments */
1685 dump_cfg_string(sPidFile, o->pid_file);
1686 dump_cfg_string(sXAuthLocation, o->xauth_location);
1687 dump_cfg_string(sCiphers, o->ciphers);
1688 dump_cfg_string(sMacs, o->macs);
1689 dump_cfg_string(sBanner, o->banner);
1690 dump_cfg_string(sAuthorizedKeysFile, o->authorized_keys_file);
1691 dump_cfg_string(sAuthorizedKeysFile2, o->authorized_keys_file2);
1692 dump_cfg_string(sForceCommand, o->adm_forced_command);
1693 dump_cfg_string(sChrootDirectory, o->chroot_directory);
1694 dump_cfg_string(sTrustedUserCAKeys, o->trusted_user_ca_keys);
1695 dump_cfg_string(sRevokedKeys, o->revoked_keys_file);
1696 dump_cfg_string(sAuthorizedPrincipalsFile,
1697 o->authorized_principals_file);
1698
1699 /* string arguments requiring a lookup */
1700 dump_cfg_string(sLogLevel, log_level_name(o->log_level));
1701 dump_cfg_string(sLogFacility, log_facility_name(o->log_facility));
1702
1703 /* string array arguments */
1704 dump_cfg_strarray(sHostKeyFile, o->num_host_key_files,
1705 o->host_key_files);
1706 dump_cfg_strarray(sHostKeyFile, o->num_host_cert_files,
1707 o->host_cert_files);
1708 dump_cfg_strarray(sAllowUsers, o->num_allow_users, o->allow_users);
1709 dump_cfg_strarray(sDenyUsers, o->num_deny_users, o->deny_users);
1710 dump_cfg_strarray(sAllowGroups, o->num_allow_groups, o->allow_groups);
1711 dump_cfg_strarray(sDenyGroups, o->num_deny_groups, o->deny_groups);
1712 dump_cfg_strarray(sAcceptEnv, o->num_accept_env, o->accept_env);
1713
1714 /* other arguments */
1715 for (i = 0; i < o->num_subsystems; i++)
1716 printf("subsystem %s %s\n", o->subsystem_name[i],
1717 o->subsystem_args[i]);
1718
1719 printf("maxstartups %d:%d:%d\n", o->max_startups_begin,
1720 o->max_startups_rate, o->max_startups);
1721
1722 for (i = 0; tunmode_desc[i].val != -1; i++)
1723 if (tunmode_desc[i].val == o->permit_tun) {
1724 s = tunmode_desc[i].text;
1725 break;
1726 }
1727 dump_cfg_string(sPermitTunnel, s);
1728
1729 channel_print_adm_permitted_opens();
1730 }
A clone of openssh git repository