search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
- djm@cvs.openbsd.org 2010/01/13 03:48:13
[openssh-git.git] / servconf.c
blob09296c9cfa3a0a4456833374ceeb33b0d58f2aaf
1 /* $OpenBSD: servconf.c,v 1.202 2010/01/13 03:48:12 djm Exp $ */
2 /*
3 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
4 * All rights reserved
5 *
6 * As far as I am concerned, the code I have written for this software
7 * can be used freely for any purpose. Any derived versions of this
8 * software must be clearly marked as such, and if the derived work is
9 * incompatible with the protocol description in the RFC file, it must be
10 * called by a name other than "ssh" or "Secure Shell".
11 */
12
13 #include "includes.h"
14
15 #include <sys/types.h>
16 #include <sys/socket.h>
17
18 #include <netdb.h>
19 #include <pwd.h>
20 #include <stdio.h>
21 #include <stdlib.h>
22 #include <string.h>
23 #include <signal.h>
24 #include <unistd.h>
25 #include <stdarg.h>
26 #include <errno.h>
27
28 #include "openbsd-compat/sys-queue.h"
29 #include "xmalloc.h"
30 #include "ssh.h"
31 #include "log.h"
32 #include "buffer.h"
33 #include "servconf.h"
34 #include "compat.h"
35 #include "pathnames.h"
36 #include "misc.h"
37 #include "cipher.h"
38 #include "key.h"
39 #include "kex.h"
40 #include "mac.h"
41 #include "match.h"
42 #include "channels.h"
43 #include "groupaccess.h"
44
45 static void add_listen_addr(ServerOptions *, char *, int);
46 static void add_one_listen_addr(ServerOptions *, char *, int);
47
48 /* Use of privilege separation or not */
49 extern int use_privsep;
50 extern Buffer cfg;
51
52 /* Initializes the server options to their default values. */
53
54 void
55 initialize_server_options(ServerOptions *options)
56 {
57 memset(options, 0, sizeof(*options));
58
59 /* Portable-specific options */
60 options->use_pam = -1;
61
62 /* Standard Options */
63 options->num_ports = 0;
64 options->ports_from_cmdline = 0;
65 options->listen_addrs = NULL;
66 options->address_family = -1;
67 options->num_host_key_files = 0;
68 options->pid_file = NULL;
69 options->server_key_bits = -1;
70 options->login_grace_time = -1;
71 options->key_regeneration_time = -1;
72 options->permit_root_login = PERMIT_NOT_SET;
73 options->ignore_rhosts = -1;
74 options->ignore_user_known_hosts = -1;
75 options->print_motd = -1;
76 options->print_lastlog = -1;
77 options->x11_forwarding = -1;
78 options->x11_display_offset = -1;
79 options->x11_use_localhost = -1;
80 options->xauth_location = NULL;
81 options->strict_modes = -1;
82 options->tcp_keep_alive = -1;
83 options->log_facility = SYSLOG_FACILITY_NOT_SET;
84 options->log_level = SYSLOG_LEVEL_NOT_SET;
85 options->rhosts_rsa_authentication = -1;
86 options->hostbased_authentication = -1;
87 options->hostbased_uses_name_from_packet_only = -1;
88 options->rsa_authentication = -1;
89 options->pubkey_authentication = -1;
90 options->kerberos_authentication = -1;
91 options->kerberos_or_local_passwd = -1;
92 options->kerberos_ticket_cleanup = -1;
93 options->kerberos_get_afs_token = -1;
94 options->gss_authentication=-1;
95 options->gss_cleanup_creds = -1;
96 options->password_authentication = -1;
97 options->kbd_interactive_authentication = -1;
98 options->challenge_response_authentication = -1;
99 options->permit_empty_passwd = -1;
100 options->permit_user_env = -1;
101 options->use_login = -1;
102 options->compression = -1;
103 options->allow_tcp_forwarding = -1;
104 options->allow_agent_forwarding = -1;
105 options->num_allow_users = 0;
106 options->num_deny_users = 0;
107 options->num_allow_groups = 0;
108 options->num_deny_groups = 0;
109 options->ciphers = NULL;
110 options->macs = NULL;
111 options->protocol = SSH_PROTO_UNKNOWN;
112 options->gateway_ports = -1;
113 options->num_subsystems = 0;
114 options->max_startups_begin = -1;
115 options->max_startups_rate = -1;
116 options->max_startups = -1;
117 options->max_authtries = -1;
118 options->max_sessions = -1;
119 options->banner = NULL;
120 options->use_dns = -1;
121 options->client_alive_interval = -1;
122 options->client_alive_count_max = -1;
123 options->authorized_keys_file = NULL;
124 options->authorized_keys_file2 = NULL;
125 options->num_accept_env = 0;
126 options->permit_tun = -1;
127 options->num_permitted_opens = -1;
128 options->adm_forced_command = NULL;
129 options->chroot_directory = NULL;
130 options->zero_knowledge_password_authentication = -1;
131 }
132
133 void
134 fill_default_server_options(ServerOptions *options)
135 {
136 /* Portable-specific options */
137 if (options->use_pam == -1)
138 options->use_pam = 0;
139
140 /* Standard Options */
141 if (options->protocol == SSH_PROTO_UNKNOWN)
142 options->protocol = SSH_PROTO_2;
143 if (options->num_host_key_files == 0) {
144 /* fill default hostkeys for protocols */
145 if (options->protocol & SSH_PROTO_1)
146 options->host_key_files[options->num_host_key_files++] =
147 _PATH_HOST_KEY_FILE;
148 if (options->protocol & SSH_PROTO_2) {
149 options->host_key_files[options->num_host_key_files++] =
150 _PATH_HOST_RSA_KEY_FILE;
151 options->host_key_files[options->num_host_key_files++] =
152 _PATH_HOST_DSA_KEY_FILE;
153 }
154 }
155 if (options->num_ports == 0)
156 options->ports[options->num_ports++] = SSH_DEFAULT_PORT;
157 if (options->listen_addrs == NULL)
158 add_listen_addr(options, NULL, 0);
159 if (options->pid_file == NULL)
160 options->pid_file = _PATH_SSH_DAEMON_PID_FILE;
161 if (options->server_key_bits == -1)
162 options->server_key_bits = 1024;
163 if (options->login_grace_time == -1)
164 options->login_grace_time = 120;
165 if (options->key_regeneration_time == -1)
166 options->key_regeneration_time = 3600;
167 if (options->permit_root_login == PERMIT_NOT_SET)
168 options->permit_root_login = PERMIT_YES;
169 if (options->ignore_rhosts == -1)
170 options->ignore_rhosts = 1;
171 if (options->ignore_user_known_hosts == -1)
172 options->ignore_user_known_hosts = 0;
173 if (options->print_motd == -1)
174 options->print_motd = 1;
175 if (options->print_lastlog == -1)
176 options->print_lastlog = 1;
177 if (options->x11_forwarding == -1)
178 options->x11_forwarding = 0;
179 if (options->x11_display_offset == -1)
180 options->x11_display_offset = 10;
181 if (options->x11_use_localhost == -1)
182 options->x11_use_localhost = 1;
183 if (options->xauth_location == NULL)
184 options->xauth_location = _PATH_XAUTH;
185 if (options->strict_modes == -1)
186 options->strict_modes = 1;
187 if (options->tcp_keep_alive == -1)
188 options->tcp_keep_alive = 1;
189 if (options->log_facility == SYSLOG_FACILITY_NOT_SET)
190 options->log_facility = SYSLOG_FACILITY_AUTH;
191 if (options->log_level == SYSLOG_LEVEL_NOT_SET)
192 options->log_level = SYSLOG_LEVEL_INFO;
193 if (options->rhosts_rsa_authentication == -1)
194 options->rhosts_rsa_authentication = 0;
195 if (options->hostbased_authentication == -1)
196 options->hostbased_authentication = 0;
197 if (options->hostbased_uses_name_from_packet_only == -1)
198 options->hostbased_uses_name_from_packet_only = 0;
199 if (options->rsa_authentication == -1)
200 options->rsa_authentication = 1;
201 if (options->pubkey_authentication == -1)
202 options->pubkey_authentication = 1;
203 if (options->kerberos_authentication == -1)
204 options->kerberos_authentication = 0;
205 if (options->kerberos_or_local_passwd == -1)
206 options->kerberos_or_local_passwd = 1;
207 if (options->kerberos_ticket_cleanup == -1)
208 options->kerberos_ticket_cleanup = 1;
209 if (options->kerberos_get_afs_token == -1)
210 options->kerberos_get_afs_token = 0;
211 if (options->gss_authentication == -1)
212 options->gss_authentication = 0;
213 if (options->gss_cleanup_creds == -1)
214 options->gss_cleanup_creds = 1;
215 if (options->password_authentication == -1)
216 options->password_authentication = 1;
217 if (options->kbd_interactive_authentication == -1)
218 options->kbd_interactive_authentication = 0;
219 if (options->challenge_response_authentication == -1)
220 options->challenge_response_authentication = 1;
221 if (options->permit_empty_passwd == -1)
222 options->permit_empty_passwd = 0;
223 if (options->permit_user_env == -1)
224 options->permit_user_env = 0;
225 if (options->use_login == -1)
226 options->use_login = 0;
227 if (options->compression == -1)
228 options->compression = COMP_DELAYED;
229 if (options->allow_tcp_forwarding == -1)
230 options->allow_tcp_forwarding = 1;
231 if (options->allow_agent_forwarding == -1)
232 options->allow_agent_forwarding = 1;
233 if (options->gateway_ports == -1)
234 options->gateway_ports = 0;
235 if (options->max_startups == -1)
236 options->max_startups = 10;
237 if (options->max_startups_rate == -1)
238 options->max_startups_rate = 100; /* 100% */
239 if (options->max_startups_begin == -1)
240 options->max_startups_begin = options->max_startups;
241 if (options->max_authtries == -1)
242 options->max_authtries = DEFAULT_AUTH_FAIL_MAX;
243 if (options->max_sessions == -1)
244 options->max_sessions = DEFAULT_SESSIONS_MAX;
245 if (options->use_dns == -1)
246 options->use_dns = 1;
247 if (options->client_alive_interval == -1)
248 options->client_alive_interval = 0;
249 if (options->client_alive_count_max == -1)
250 options->client_alive_count_max = 3;
251 if (options->authorized_keys_file2 == NULL) {
252 /* authorized_keys_file2 falls back to authorized_keys_file */
253 if (options->authorized_keys_file != NULL)
254 options->authorized_keys_file2 = options->authorized_keys_file;
255 else
256 options->authorized_keys_file2 = _PATH_SSH_USER_PERMITTED_KEYS2;
257 }
258 if (options->authorized_keys_file == NULL)
259 options->authorized_keys_file = _PATH_SSH_USER_PERMITTED_KEYS;
260 if (options->permit_tun == -1)
261 options->permit_tun = SSH_TUNMODE_NO;
262 if (options->zero_knowledge_password_authentication == -1)
263 options->zero_knowledge_password_authentication = 0;
264
265 /* Turn privilege separation on by default */
266 if (use_privsep == -1)
267 use_privsep = 1;
268
269 #ifndef HAVE_MMAP
270 if (use_privsep && options->compression == 1) {
271 error("This platform does not support both privilege "
272 "separation and compression");
273 error("Compression disabled");
274 options->compression = 0;
275 }
276 #endif
277
278 }
279
280 /* Keyword tokens. */
281 typedef enum {
282 sBadOption, /* == unknown option */
283 /* Portable-specific options */
284 sUsePAM,
285 /* Standard Options */
286 sPort, sHostKeyFile, sServerKeyBits, sLoginGraceTime, sKeyRegenerationTime,
287 sPermitRootLogin, sLogFacility, sLogLevel,
288 sRhostsRSAAuthentication, sRSAAuthentication,
289 sKerberosAuthentication, sKerberosOrLocalPasswd, sKerberosTicketCleanup,
290 sKerberosGetAFSToken,
291 sKerberosTgtPassing, sChallengeResponseAuthentication,
292 sPasswordAuthentication, sKbdInteractiveAuthentication,
293 sListenAddress, sAddressFamily,
294 sPrintMotd, sPrintLastLog, sIgnoreRhosts,
295 sX11Forwarding, sX11DisplayOffset, sX11UseLocalhost,
296 sStrictModes, sEmptyPasswd, sTCPKeepAlive,
297 sPermitUserEnvironment, sUseLogin, sAllowTcpForwarding, sCompression,
298 sAllowUsers, sDenyUsers, sAllowGroups, sDenyGroups,
299 sIgnoreUserKnownHosts, sCiphers, sMacs, sProtocol, sPidFile,
300 sGatewayPorts, sPubkeyAuthentication, sXAuthLocation, sSubsystem,
301 sMaxStartups, sMaxAuthTries, sMaxSessions,
302 sBanner, sUseDNS, sHostbasedAuthentication,
303 sHostbasedUsesNameFromPacketOnly, sClientAliveInterval,
304 sClientAliveCountMax, sAuthorizedKeysFile, sAuthorizedKeysFile2,
305 sGssAuthentication, sGssCleanupCreds, sAcceptEnv, sPermitTunnel,
306 sMatch, sPermitOpen, sForceCommand, sChrootDirectory,
307 sUsePrivilegeSeparation, sAllowAgentForwarding,
308 sZeroKnowledgePasswordAuthentication,
309 sDeprecated, sUnsupported
310 } ServerOpCodes;
311
312 #define SSHCFG_GLOBAL 0x01 /* allowed in main section of sshd_config */
313 #define SSHCFG_MATCH 0x02 /* allowed inside a Match section */
314 #define SSHCFG_ALL (SSHCFG_GLOBAL|SSHCFG_MATCH)
315
316 /* Textual representation of the tokens. */
317 static struct {
318 const char *name;
319 ServerOpCodes opcode;
320 u_int flags;
321 } keywords[] = {
322 /* Portable-specific options */
323 #ifdef USE_PAM
324 { "usepam", sUsePAM, SSHCFG_GLOBAL },
325 #else
326 { "usepam", sUnsupported, SSHCFG_GLOBAL },
327 #endif
328 { "pamauthenticationviakbdint", sDeprecated, SSHCFG_GLOBAL },
329 /* Standard Options */
330 { "port", sPort, SSHCFG_GLOBAL },
331 { "hostkey", sHostKeyFile, SSHCFG_GLOBAL },
332 { "hostdsakey", sHostKeyFile, SSHCFG_GLOBAL }, /* alias */
333 { "pidfile", sPidFile, SSHCFG_GLOBAL },
334 { "serverkeybits", sServerKeyBits, SSHCFG_GLOBAL },
335 { "logingracetime", sLoginGraceTime, SSHCFG_GLOBAL },
336 { "keyregenerationinterval", sKeyRegenerationTime, SSHCFG_GLOBAL },
337 { "permitrootlogin", sPermitRootLogin, SSHCFG_ALL },
338 { "syslogfacility", sLogFacility, SSHCFG_GLOBAL },
339 { "loglevel", sLogLevel, SSHCFG_GLOBAL },
340 { "rhostsauthentication", sDeprecated, SSHCFG_GLOBAL },
341 { "rhostsrsaauthentication", sRhostsRSAAuthentication, SSHCFG_ALL },
342 { "hostbasedauthentication", sHostbasedAuthentication, SSHCFG_ALL },
343 { "hostbasedusesnamefrompacketonly", sHostbasedUsesNameFromPacketOnly, SSHCFG_GLOBAL },
344 { "rsaauthentication", sRSAAuthentication, SSHCFG_ALL },
345 { "pubkeyauthentication", sPubkeyAuthentication, SSHCFG_ALL },
346 { "dsaauthentication", sPubkeyAuthentication, SSHCFG_GLOBAL }, /* alias */
347 #ifdef KRB5
348 { "kerberosauthentication", sKerberosAuthentication, SSHCFG_ALL },
349 { "kerberosorlocalpasswd", sKerberosOrLocalPasswd, SSHCFG_GLOBAL },
350 { "kerberosticketcleanup", sKerberosTicketCleanup, SSHCFG_GLOBAL },
351 #ifdef USE_AFS
352 { "kerberosgetafstoken", sKerberosGetAFSToken, SSHCFG_GLOBAL },
353 #else
354 { "kerberosgetafstoken", sUnsupported, SSHCFG_GLOBAL },
355 #endif
356 #else
357 { "kerberosauthentication", sUnsupported, SSHCFG_ALL },
358 { "kerberosorlocalpasswd", sUnsupported, SSHCFG_GLOBAL },
359 { "kerberosticketcleanup", sUnsupported, SSHCFG_GLOBAL },
360 { "kerberosgetafstoken", sUnsupported, SSHCFG_GLOBAL },
361 #endif
362 { "kerberostgtpassing", sUnsupported, SSHCFG_GLOBAL },
363 { "afstokenpassing", sUnsupported, SSHCFG_GLOBAL },
364 #ifdef GSSAPI
365 { "gssapiauthentication", sGssAuthentication, SSHCFG_ALL },
366 { "gssapicleanupcredentials", sGssCleanupCreds, SSHCFG_GLOBAL },
367 #else
368 { "gssapiauthentication", sUnsupported, SSHCFG_ALL },
369 { "gssapicleanupcredentials", sUnsupported, SSHCFG_GLOBAL },
370 #endif
371 { "passwordauthentication", sPasswordAuthentication, SSHCFG_ALL },
372 { "kbdinteractiveauthentication", sKbdInteractiveAuthentication, SSHCFG_ALL },
373 { "challengeresponseauthentication", sChallengeResponseAuthentication, SSHCFG_GLOBAL },
374 { "skeyauthentication", sChallengeResponseAuthentication, SSHCFG_GLOBAL }, /* alias */
375 #ifdef JPAKE
376 { "zeroknowledgepasswordauthentication", sZeroKnowledgePasswordAuthentication, SSHCFG_ALL },
377 #else
378 { "zeroknowledgepasswordauthentication", sUnsupported, SSHCFG_ALL },
379 #endif
380 { "checkmail", sDeprecated, SSHCFG_GLOBAL },
381 { "listenaddress", sListenAddress, SSHCFG_GLOBAL },
382 { "addressfamily", sAddressFamily, SSHCFG_GLOBAL },
383 { "printmotd", sPrintMotd, SSHCFG_GLOBAL },
384 { "printlastlog", sPrintLastLog, SSHCFG_GLOBAL },
385 { "ignorerhosts", sIgnoreRhosts, SSHCFG_GLOBAL },
386 { "ignoreuserknownhosts", sIgnoreUserKnownHosts, SSHCFG_GLOBAL },
387 { "x11forwarding", sX11Forwarding, SSHCFG_ALL },
388 { "x11displayoffset", sX11DisplayOffset, SSHCFG_ALL },
389 { "x11uselocalhost", sX11UseLocalhost, SSHCFG_ALL },
390 { "xauthlocation", sXAuthLocation, SSHCFG_GLOBAL },
391 { "strictmodes", sStrictModes, SSHCFG_GLOBAL },
392 { "permitemptypasswords", sEmptyPasswd, SSHCFG_ALL },
393 { "permituserenvironment", sPermitUserEnvironment, SSHCFG_GLOBAL },
394 { "uselogin", sUseLogin, SSHCFG_GLOBAL },
395 { "compression", sCompression, SSHCFG_GLOBAL },
396 { "tcpkeepalive", sTCPKeepAlive, SSHCFG_GLOBAL },
397 { "keepalive", sTCPKeepAlive, SSHCFG_GLOBAL }, /* obsolete alias */
398 { "allowtcpforwarding", sAllowTcpForwarding, SSHCFG_ALL },
399 { "allowagentforwarding", sAllowAgentForwarding, SSHCFG_ALL },
400 { "allowusers", sAllowUsers, SSHCFG_GLOBAL },
401 { "denyusers", sDenyUsers, SSHCFG_GLOBAL },
402 { "allowgroups", sAllowGroups, SSHCFG_GLOBAL },
403 { "denygroups", sDenyGroups, SSHCFG_GLOBAL },
404 { "ciphers", sCiphers, SSHCFG_GLOBAL },
405 { "macs", sMacs, SSHCFG_GLOBAL },
406 { "protocol", sProtocol, SSHCFG_GLOBAL },
407 { "gatewayports", sGatewayPorts, SSHCFG_ALL },
408 { "subsystem", sSubsystem, SSHCFG_GLOBAL },
409 { "maxstartups", sMaxStartups, SSHCFG_GLOBAL },
410 { "maxauthtries", sMaxAuthTries, SSHCFG_ALL },
411 { "maxsessions", sMaxSessions, SSHCFG_ALL },
412 { "banner", sBanner, SSHCFG_ALL },
413 { "usedns", sUseDNS, SSHCFG_GLOBAL },
414 { "verifyreversemapping", sDeprecated, SSHCFG_GLOBAL },
415 { "reversemappingcheck", sDeprecated, SSHCFG_GLOBAL },
416 { "clientaliveinterval", sClientAliveInterval, SSHCFG_GLOBAL },
417 { "clientalivecountmax", sClientAliveCountMax, SSHCFG_GLOBAL },
418 { "authorizedkeysfile", sAuthorizedKeysFile, SSHCFG_GLOBAL },
419 { "authorizedkeysfile2", sAuthorizedKeysFile2, SSHCFG_GLOBAL },
420 { "useprivilegeseparation", sUsePrivilegeSeparation, SSHCFG_GLOBAL},
421 { "acceptenv", sAcceptEnv, SSHCFG_GLOBAL },
422 { "permittunnel", sPermitTunnel, SSHCFG_GLOBAL },
423 { "match", sMatch, SSHCFG_ALL },
424 { "permitopen", sPermitOpen, SSHCFG_ALL },
425 { "forcecommand", sForceCommand, SSHCFG_ALL },
426 { "chrootdirectory", sChrootDirectory, SSHCFG_ALL },
427 { NULL, sBadOption, 0 }
428 };
429
430 static struct {
431 int val;
432 char *text;
433 } tunmode_desc[] = {
434 { SSH_TUNMODE_NO, "no" },
435 { SSH_TUNMODE_POINTOPOINT, "point-to-point" },
436 { SSH_TUNMODE_ETHERNET, "ethernet" },
437 { SSH_TUNMODE_YES, "yes" },
438 { -1, NULL }
439 };
440
441 /*
442 * Returns the number of the token pointed to by cp or sBadOption.
443 */
444
445 static ServerOpCodes
446 parse_token(const char *cp, const char *filename,
447 int linenum, u_int *flags)
448 {
449 u_int i;
450
451 for (i = 0; keywords[i].name; i++)
452 if (strcasecmp(cp, keywords[i].name) == 0) {
453 *flags = keywords[i].flags;
454 return keywords[i].opcode;
455 }
456
457 error("%s: line %d: Bad configuration option: %s",
458 filename, linenum, cp);
459 return sBadOption;
460 }
461
462 char *
463 derelativise_path(const char *path)
464 {
465 char *expanded, *ret, *cwd;
466
467 expanded = tilde_expand_filename(path, getuid());
468 if (*expanded == '/')
469 return expanded;
470 if ((cwd = getcwd(NULL, 0)) == NULL)
471 fatal("%s: getcwd: %s", __func__, strerror(errno));
472 xasprintf(&ret, "%s/%s", cwd, expanded);
473 xfree(cwd);
474 xfree(expanded);
475 return ret;
476 }
477
478 static void
479 add_listen_addr(ServerOptions *options, char *addr, int port)
480 {
481 u_int i;
482
483 if (options->num_ports == 0)
484 options->ports[options->num_ports++] = SSH_DEFAULT_PORT;
485 if (options->address_family == -1)
486 options->address_family = AF_UNSPEC;
487 if (port == 0)
488 for (i = 0; i < options->num_ports; i++)
489 add_one_listen_addr(options, addr, options->ports[i]);
490 else
491 add_one_listen_addr(options, addr, port);
492 }
493
494 static void
495 add_one_listen_addr(ServerOptions *options, char *addr, int port)
496 {
497 struct addrinfo hints, *ai, *aitop;
498 char strport[NI_MAXSERV];
499 int gaierr;
500
501 memset(&hints, 0, sizeof(hints));
502 hints.ai_family = options->address_family;
503 hints.ai_socktype = SOCK_STREAM;
504 hints.ai_flags = (addr == NULL) ? AI_PASSIVE : 0;
505 snprintf(strport, sizeof strport, "%d", port);
506 if ((gaierr = getaddrinfo(addr, strport, &hints, &aitop)) != 0)
507 fatal("bad addr or host: %s (%s)",
508 addr ? addr : "<NULL>",
509 ssh_gai_strerror(gaierr));
510 for (ai = aitop; ai->ai_next; ai = ai->ai_next)
511 ;
512 ai->ai_next = options->listen_addrs;
513 options->listen_addrs = aitop;
514 }
515
516 /*
517 * The strategy for the Match blocks is that the config file is parsed twice.
518 *
519 * The first time is at startup. activep is initialized to 1 and the
520 * directives in the global context are processed and acted on. Hitting a
521 * Match directive unsets activep and the directives inside the block are
522 * checked for syntax only.
523 *
524 * The second time is after a connection has been established but before
525 * authentication. activep is initialized to 2 and global config directives
526 * are ignored since they have already been processed. If the criteria in a
527 * Match block is met, activep is set and the subsequent directives
528 * processed and actioned until EOF or another Match block unsets it. Any
529 * options set are copied into the main server config.
530 *
531 * Potential additions/improvements:
532 * - Add Match support for pre-kex directives, eg Protocol, Ciphers.
533 *
534 * - Add a Tag directive (idea from David Leonard) ala pf, eg:
535 * Match Address 192.168.0.*
536 * Tag trusted
537 * Match Group wheel
538 * Tag trusted
539 * Match Tag trusted
540 * AllowTcpForwarding yes
541 * GatewayPorts clientspecified
542 * [...]
543 *
544 * - Add a PermittedChannelRequests directive
545 * Match Group shell
546 * PermittedChannelRequests session,forwarded-tcpip
547 */
548
549 static int
550 match_cfg_line_group(const char *grps, int line, const char *user)
551 {
552 int result = 0;
553 struct passwd *pw;
554
555 if (user == NULL)
556 goto out;
557
558 if ((pw = getpwnam(user)) == NULL) {
559 debug("Can't match group at line %d because user %.100s does "
560 "not exist", line, user);
561 } else if (ga_init(pw->pw_name, pw->pw_gid) == 0) {
562 debug("Can't Match group because user %.100s not in any group "
563 "at line %d", user, line);
564 } else if (ga_match_pattern_list(grps) != 1) {
565 debug("user %.100s does not match group list %.100s at line %d",
566 user, grps, line);
567 } else {
568 debug("user %.100s matched group list %.100s at line %d", user,
569 grps, line);
570 result = 1;
571 }
572 out:
573 ga_free();
574 return result;
575 }
576
577 static int
578 match_cfg_line(char **condition, int line, const char *user, const char *host,
579 const char *address)
580 {
581 int result = 1;
582 char *arg, *attrib, *cp = *condition;
583 size_t len;
584
585 if (user == NULL)
586 debug3("checking syntax for 'Match %s'", cp);
587 else
588 debug3("checking match for '%s' user %s host %s addr %s", cp,
589 user ? user : "(null)", host ? host : "(null)",
590 address ? address : "(null)");
591
592 while ((attrib = strdelim(&cp)) && *attrib != '\0') {
593 if ((arg = strdelim(&cp)) == NULL || *arg == '\0') {
594 error("Missing Match criteria for %s", attrib);
595 return -1;
596 }
597 len = strlen(arg);
598 if (strcasecmp(attrib, "user") == 0) {
599 if (!user) {
600 result = 0;
601 continue;
602 }
603 if (match_pattern_list(user, arg, len, 0) != 1)
604 result = 0;
605 else
606 debug("user %.100s matched 'User %.100s' at "
607 "line %d", user, arg, line);
608 } else if (strcasecmp(attrib, "group") == 0) {
609 switch (match_cfg_line_group(arg, line, user)) {
610 case -1:
611 return -1;
612 case 0:
613 result = 0;
614 }
615 } else if (strcasecmp(attrib, "host") == 0) {
616 if (!host) {
617 result = 0;
618 continue;
619 }
620 if (match_hostname(host, arg, len) != 1)
621 result = 0;
622 else
623 debug("connection from %.100s matched 'Host "
624 "%.100s' at line %d", host, arg, line);
625 } else if (strcasecmp(attrib, "address") == 0) {
626 switch (addr_match_list(address, arg)) {
627 case 1:
628 debug("connection from %.100s matched 'Address "
629 "%.100s' at line %d", address, arg, line);
630 break;
631 case 0:
632 case -1:
633 result = 0;
634 break;
635 case -2:
636 return -1;
637 }
638 } else {
639 error("Unsupported Match attribute %s", attrib);
640 return -1;
641 }
642 }
643 if (user != NULL)
644 debug3("match %sfound", result ? "" : "not ");
645 *condition = cp;
646 return result;
647 }
648
649 #define WHITESPACE " \t\r\n"
650
651 int
652 process_server_config_line(ServerOptions *options, char *line,
653 const char *filename, int linenum, int *activep, const char *user,
654 const char *host, const char *address)
655 {
656 char *cp, **charptr, *arg, *p;
657 int cmdline = 0, *intptr, value, n;
658 SyslogFacility *log_facility_ptr;
659 LogLevel *log_level_ptr;
660 ServerOpCodes opcode;
661 int port;
662 u_int i, flags = 0;
663 size_t len;
664
665 cp = line;
666 if ((arg = strdelim(&cp)) == NULL)
667 return 0;
668 /* Ignore leading whitespace */
669 if (*arg == '\0')
670 arg = strdelim(&cp);
671 if (!arg || !*arg || *arg == '#')
672 return 0;
673 intptr = NULL;
674 charptr = NULL;
675 opcode = parse_token(arg, filename, linenum, &flags);
676
677 if (activep == NULL) { /* We are processing a command line directive */
678 cmdline = 1;
679 activep = &cmdline;
680 }
681 if (*activep && opcode != sMatch)
682 debug3("%s:%d setting %s %s", filename, linenum, arg, cp);
683 if (*activep == 0 && !(flags & SSHCFG_MATCH)) {
684 if (user == NULL) {
685 fatal("%s line %d: Directive '%s' is not allowed "
686 "within a Match block", filename, linenum, arg);
687 } else { /* this is a directive we have already processed */
688 while (arg)
689 arg = strdelim(&cp);
690 return 0;
691 }
692 }
693
694 switch (opcode) {
695 /* Portable-specific options */
696 case sUsePAM:
697 intptr = &options->use_pam;
698 goto parse_flag;
699
700 /* Standard Options */
701 case sBadOption:
702 return -1;
703 case sPort:
704 /* ignore ports from configfile if cmdline specifies ports */
705 if (options->ports_from_cmdline)
706 return 0;
707 if (options->listen_addrs != NULL)
708 fatal("%s line %d: ports must be specified before "
709 "ListenAddress.", filename, linenum);
710 if (options->num_ports >= MAX_PORTS)
711 fatal("%s line %d: too many ports.",
712 filename, linenum);
713 arg = strdelim(&cp);
714 if (!arg || *arg == '\0')
715 fatal("%s line %d: missing port number.",
716 filename, linenum);
717 options->ports[options->num_ports++] = a2port(arg);
718 if (options->ports[options->num_ports-1] <= 0)
719 fatal("%s line %d: Badly formatted port number.",
720 filename, linenum);
721 break;
722
723 case sServerKeyBits:
724 intptr = &options->server_key_bits;
725 parse_int:
726 arg = strdelim(&cp);
727 if (!arg || *arg == '\0')
728 fatal("%s line %d: missing integer value.",
729 filename, linenum);
730 value = atoi(arg);
731 if (*activep && *intptr == -1)
732 *intptr = value;
733 break;
734
735 case sLoginGraceTime:
736 intptr = &options->login_grace_time;
737 parse_time:
738 arg = strdelim(&cp);
739 if (!arg || *arg == '\0')
740 fatal("%s line %d: missing time value.",
741 filename, linenum);
742 if ((value = convtime(arg)) == -1)
743 fatal("%s line %d: invalid time value.",
744 filename, linenum);
745 if (*intptr == -1)
746 *intptr = value;
747 break;
748
749 case sKeyRegenerationTime:
750 intptr = &options->key_regeneration_time;
751 goto parse_time;
752
753 case sListenAddress:
754 arg = strdelim(&cp);
755 if (arg == NULL || *arg == '\0')
756 fatal("%s line %d: missing address",
757 filename, linenum);
758 /* check for bare IPv6 address: no "[]" and 2 or more ":" */
759 if (strchr(arg, '[') == NULL && (p = strchr(arg, ':')) != NULL
760 && strchr(p+1, ':') != NULL) {
761 add_listen_addr(options, arg, 0);
762 break;
763 }
764 p = hpdelim(&arg);
765 if (p == NULL)
766 fatal("%s line %d: bad address:port usage",
767 filename, linenum);
768 p = cleanhostname(p);
769 if (arg == NULL)
770 port = 0;
771 else if ((port = a2port(arg)) <= 0)
772 fatal("%s line %d: bad port number", filename, linenum);
773
774 add_listen_addr(options, p, port);
775
776 break;
777
778 case sAddressFamily:
779 arg = strdelim(&cp);
780 if (!arg || *arg == '\0')
781 fatal("%s line %d: missing address family.",
782 filename, linenum);
783 intptr = &options->address_family;
784 if (options->listen_addrs != NULL)
785 fatal("%s line %d: address family must be specified before "
786 "ListenAddress.", filename, linenum);
787 if (strcasecmp(arg, "inet") == 0)
788 value = AF_INET;
789 else if (strcasecmp(arg, "inet6") == 0)
790 value = AF_INET6;
791 else if (strcasecmp(arg, "any") == 0)
792 value = AF_UNSPEC;
793 else
794 fatal("%s line %d: unsupported address family \"%s\".",
795 filename, linenum, arg);
796 if (*intptr == -1)
797 *intptr = value;
798 break;
799
800 case sHostKeyFile:
801 intptr = &options->num_host_key_files;
802 if (*intptr >= MAX_HOSTKEYS)
803 fatal("%s line %d: too many host keys specified (max %d).",
804 filename, linenum, MAX_HOSTKEYS);
805 charptr = &options->host_key_files[*intptr];
806 parse_filename:
807 arg = strdelim(&cp);
808 if (!arg || *arg == '\0')
809 fatal("%s line %d: missing file name.",
810 filename, linenum);
811 if (*activep && *charptr == NULL) {
812 *charptr = derelativise_path(arg);
813 /* increase optional counter */
814 if (intptr != NULL)
815 *intptr = *intptr + 1;
816 }
817 break;
818
819 case sPidFile:
820 charptr = &options->pid_file;
821 goto parse_filename;
822
823 case sPermitRootLogin:
824 intptr = &options->permit_root_login;
825 arg = strdelim(&cp);
826 if (!arg || *arg == '\0')
827 fatal("%s line %d: missing yes/"
828 "without-password/forced-commands-only/no "
829 "argument.", filename, linenum);
830 value = 0; /* silence compiler */
831 if (strcmp(arg, "without-password") == 0)
832 value = PERMIT_NO_PASSWD;
833 else if (strcmp(arg, "forced-commands-only") == 0)
834 value = PERMIT_FORCED_ONLY;
835 else if (strcmp(arg, "yes") == 0)
836 value = PERMIT_YES;
837 else if (strcmp(arg, "no") == 0)
838 value = PERMIT_NO;
839 else
840 fatal("%s line %d: Bad yes/"
841 "without-password/forced-commands-only/no "
842 "argument: %s", filename, linenum, arg);
843 if (*activep && *intptr == -1)
844 *intptr = value;
845 break;
846
847 case sIgnoreRhosts:
848 intptr = &options->ignore_rhosts;
849 parse_flag:
850 arg = strdelim(&cp);
851 if (!arg || *arg == '\0')
852 fatal("%s line %d: missing yes/no argument.",
853 filename, linenum);
854 value = 0; /* silence compiler */
855 if (strcmp(arg, "yes") == 0)
856 value = 1;
857 else if (strcmp(arg, "no") == 0)
858 value = 0;
859 else
860 fatal("%s line %d: Bad yes/no argument: %s",
861 filename, linenum, arg);
862 if (*activep && *intptr == -1)
863 *intptr = value;
864 break;
865
866 case sIgnoreUserKnownHosts:
867 intptr = &options->ignore_user_known_hosts;
868 goto parse_flag;
869
870 case sRhostsRSAAuthentication:
871 intptr = &options->rhosts_rsa_authentication;
872 goto parse_flag;
873
874 case sHostbasedAuthentication:
875 intptr = &options->hostbased_authentication;
876 goto parse_flag;
877
878 case sHostbasedUsesNameFromPacketOnly:
879 intptr = &options->hostbased_uses_name_from_packet_only;
880 goto parse_flag;
881
882 case sRSAAuthentication:
883 intptr = &options->rsa_authentication;
884 goto parse_flag;
885
886 case sPubkeyAuthentication:
887 intptr = &options->pubkey_authentication;
888 goto parse_flag;
889
890 case sKerberosAuthentication:
891 intptr = &options->kerberos_authentication;
892 goto parse_flag;
893
894 case sKerberosOrLocalPasswd:
895 intptr = &options->kerberos_or_local_passwd;
896 goto parse_flag;
897
898 case sKerberosTicketCleanup:
899 intptr = &options->kerberos_ticket_cleanup;
900 goto parse_flag;
901
902 case sKerberosGetAFSToken:
903 intptr = &options->kerberos_get_afs_token;
904 goto parse_flag;
905
906 case sGssAuthentication:
907 intptr = &options->gss_authentication;
908 goto parse_flag;
909
910 case sGssCleanupCreds:
911 intptr = &options->gss_cleanup_creds;
912 goto parse_flag;
913
914 case sPasswordAuthentication:
915 intptr = &options->password_authentication;
916 goto parse_flag;
917
918 case sZeroKnowledgePasswordAuthentication:
919 intptr = &options->zero_knowledge_password_authentication;
920 goto parse_flag;
921
922 case sKbdInteractiveAuthentication:
923 intptr = &options->kbd_interactive_authentication;
924 goto parse_flag;
925
926 case sChallengeResponseAuthentication:
927 intptr = &options->challenge_response_authentication;
928 goto parse_flag;
929
930 case sPrintMotd:
931 intptr = &options->print_motd;
932 goto parse_flag;
933
934 case sPrintLastLog:
935 intptr = &options->print_lastlog;
936 goto parse_flag;
937
938 case sX11Forwarding:
939 intptr = &options->x11_forwarding;
940 goto parse_flag;
941
942 case sX11DisplayOffset:
943 intptr = &options->x11_display_offset;
944 goto parse_int;
945
946 case sX11UseLocalhost:
947 intptr = &options->x11_use_localhost;
948 goto parse_flag;
949
950 case sXAuthLocation:
951 charptr = &options->xauth_location;
952 goto parse_filename;
953
954 case sStrictModes:
955 intptr = &options->strict_modes;
956 goto parse_flag;
957
958 case sTCPKeepAlive:
959 intptr = &options->tcp_keep_alive;
960 goto parse_flag;
961
962 case sEmptyPasswd:
963 intptr = &options->permit_empty_passwd;
964 goto parse_flag;
965
966 case sPermitUserEnvironment:
967 intptr = &options->permit_user_env;
968 goto parse_flag;
969
970 case sUseLogin:
971 intptr = &options->use_login;
972 goto parse_flag;
973
974 case sCompression:
975 intptr = &options->compression;
976 arg = strdelim(&cp);
977 if (!arg || *arg == '\0')
978 fatal("%s line %d: missing yes/no/delayed "
979 "argument.", filename, linenum);
980 value = 0; /* silence compiler */
981 if (strcmp(arg, "delayed") == 0)
982 value = COMP_DELAYED;
983 else if (strcmp(arg, "yes") == 0)
984 value = COMP_ZLIB;
985 else if (strcmp(arg, "no") == 0)
986 value = COMP_NONE;
987 else
988 fatal("%s line %d: Bad yes/no/delayed "
989 "argument: %s", filename, linenum, arg);
990 if (*intptr == -1)
991 *intptr = value;
992 break;
993
994 case sGatewayPorts:
995 intptr = &options->gateway_ports;
996 arg = strdelim(&cp);
997 if (!arg || *arg == '\0')
998 fatal("%s line %d: missing yes/no/clientspecified "
999 "argument.", filename, linenum);
1000 value = 0; /* silence compiler */
1001 if (strcmp(arg, "clientspecified") == 0)
1002 value = 2;
1003 else if (strcmp(arg, "yes") == 0)
1004 value = 1;
1005 else if (strcmp(arg, "no") == 0)
1006 value = 0;
1007 else
1008 fatal("%s line %d: Bad yes/no/clientspecified "
1009 "argument: %s", filename, linenum, arg);
1010 if (*activep && *intptr == -1)
1011 *intptr = value;
1012 break;
1013
1014 case sUseDNS:
1015 intptr = &options->use_dns;
1016 goto parse_flag;
1017
1018 case sLogFacility:
1019 log_facility_ptr = &options->log_facility;
1020 arg = strdelim(&cp);
1021 value = log_facility_number(arg);
1022 if (value == SYSLOG_FACILITY_NOT_SET)
1023 fatal("%.200s line %d: unsupported log facility '%s'",
1024 filename, linenum, arg ? arg : "<NONE>");
1025 if (*log_facility_ptr == -1)
1026 *log_facility_ptr = (SyslogFacility) value;
1027 break;
1028
1029 case sLogLevel:
1030 log_level_ptr = &options->log_level;
1031 arg = strdelim(&cp);
1032 value = log_level_number(arg);
1033 if (value == SYSLOG_LEVEL_NOT_SET)
1034 fatal("%.200s line %d: unsupported log level '%s'",
1035 filename, linenum, arg ? arg : "<NONE>");
1036 if (*log_level_ptr == -1)
1037 *log_level_ptr = (LogLevel) value;
1038 break;
1039
1040 case sAllowTcpForwarding:
1041 intptr = &options->allow_tcp_forwarding;
1042 goto parse_flag;
1043
1044 case sAllowAgentForwarding:
1045 intptr = &options->allow_agent_forwarding;
1046 goto parse_flag;
1047
1048 case sUsePrivilegeSeparation:
1049 intptr = &use_privsep;
1050 goto parse_flag;
1051
1052 case sAllowUsers:
1053 while ((arg = strdelim(&cp)) && *arg != '\0') {
1054 if (options->num_allow_users >= MAX_ALLOW_USERS)
1055 fatal("%s line %d: too many allow users.",
1056 filename, linenum);
1057 options->allow_users[options->num_allow_users++] =
1058 xstrdup(arg);
1059 }
1060 break;
1061
1062 case sDenyUsers:
1063 while ((arg = strdelim(&cp)) && *arg != '\0') {
1064 if (options->num_deny_users >= MAX_DENY_USERS)
1065 fatal("%s line %d: too many deny users.",
1066 filename, linenum);
1067 options->deny_users[options->num_deny_users++] =
1068 xstrdup(arg);
1069 }
1070 break;
1071
1072 case sAllowGroups:
1073 while ((arg = strdelim(&cp)) && *arg != '\0') {
1074 if (options->num_allow_groups >= MAX_ALLOW_GROUPS)
1075 fatal("%s line %d: too many allow groups.",
1076 filename, linenum);
1077 options->allow_groups[options->num_allow_groups++] =
1078 xstrdup(arg);
1079 }
1080 break;
1081
1082 case sDenyGroups:
1083 while ((arg = strdelim(&cp)) && *arg != '\0') {
1084 if (options->num_deny_groups >= MAX_DENY_GROUPS)
1085 fatal("%s line %d: too many deny groups.",
1086 filename, linenum);
1087 options->deny_groups[options->num_deny_groups++] = xstrdup(arg);
1088 }
1089 break;
1090
1091 case sCiphers:
1092 arg = strdelim(&cp);
1093 if (!arg || *arg == '\0')
1094 fatal("%s line %d: Missing argument.", filename, linenum);
1095 if (!ciphers_valid(arg))
1096 fatal("%s line %d: Bad SSH2 cipher spec '%s'.",
1097 filename, linenum, arg ? arg : "<NONE>");
1098 if (options->ciphers == NULL)
1099 options->ciphers = xstrdup(arg);
1100 break;
1101
1102 case sMacs:
1103 arg = strdelim(&cp);
1104 if (!arg || *arg == '\0')
1105 fatal("%s line %d: Missing argument.", filename, linenum);
1106 if (!mac_valid(arg))
1107 fatal("%s line %d: Bad SSH2 mac spec '%s'.",
1108 filename, linenum, arg ? arg : "<NONE>");
1109 if (options->macs == NULL)
1110 options->macs = xstrdup(arg);
1111 break;
1112
1113 case sProtocol:
1114 intptr = &options->protocol;
1115 arg = strdelim(&cp);
1116 if (!arg || *arg == '\0')
1117 fatal("%s line %d: Missing argument.", filename, linenum);
1118 value = proto_spec(arg);
1119 if (value == SSH_PROTO_UNKNOWN)
1120 fatal("%s line %d: Bad protocol spec '%s'.",
1121 filename, linenum, arg ? arg : "<NONE>");
1122 if (*intptr == SSH_PROTO_UNKNOWN)
1123 *intptr = value;
1124 break;
1125
1126 case sSubsystem:
1127 if (options->num_subsystems >= MAX_SUBSYSTEMS) {
1128 fatal("%s line %d: too many subsystems defined.",
1129 filename, linenum);
1130 }
1131 arg = strdelim(&cp);
1132 if (!arg || *arg == '\0')
1133 fatal("%s line %d: Missing subsystem name.",
1134 filename, linenum);
1135 if (!*activep) {
1136 arg = strdelim(&cp);
1137 break;
1138 }
1139 for (i = 0; i < options->num_subsystems; i++)
1140 if (strcmp(arg, options->subsystem_name[i]) == 0)
1141 fatal("%s line %d: Subsystem '%s' already defined.",
1142 filename, linenum, arg);
1143 options->subsystem_name[options->num_subsystems] = xstrdup(arg);
1144 arg = strdelim(&cp);
1145 if (!arg || *arg == '\0')
1146 fatal("%s line %d: Missing subsystem command.",
1147 filename, linenum);
1148 options->subsystem_command[options->num_subsystems] = xstrdup(arg);
1149
1150 /* Collect arguments (separate to executable) */
1151 p = xstrdup(arg);
1152 len = strlen(p) + 1;
1153 while ((arg = strdelim(&cp)) != NULL && *arg != '\0') {
1154 len += 1 + strlen(arg);
1155 p = xrealloc(p, 1, len);
1156 strlcat(p, " ", len);
1157 strlcat(p, arg, len);
1158 }
1159 options->subsystem_args[options->num_subsystems] = p;
1160 options->num_subsystems++;
1161 break;
1162
1163 case sMaxStartups:
1164 arg = strdelim(&cp);
1165 if (!arg || *arg == '\0')
1166 fatal("%s line %d: Missing MaxStartups spec.",
1167 filename, linenum);
1168 if ((n = sscanf(arg, "%d:%d:%d",
1169 &options->max_startups_begin,
1170 &options->max_startups_rate,
1171 &options->max_startups)) == 3) {
1172 if (options->max_startups_begin >
1173 options->max_startups ||
1174 options->max_startups_rate > 100 ||
1175 options->max_startups_rate < 1)
1176 fatal("%s line %d: Illegal MaxStartups spec.",
1177 filename, linenum);
1178 } else if (n != 1)
1179 fatal("%s line %d: Illegal MaxStartups spec.",
1180 filename, linenum);
1181 else
1182 options->max_startups = options->max_startups_begin;
1183 break;
1184
1185 case sMaxAuthTries:
1186 intptr = &options->max_authtries;
1187 goto parse_int;
1188
1189 case sMaxSessions:
1190 intptr = &options->max_sessions;
1191 goto parse_int;
1192
1193 case sBanner:
1194 charptr = &options->banner;
1195 goto parse_filename;
1196
1197 /*
1198 * These options can contain %X options expanded at
1199 * connect time, so that you can specify paths like:
1200 *
1201 * AuthorizedKeysFile /etc/ssh_keys/%u
1202 */
1203 case sAuthorizedKeysFile:
1204 case sAuthorizedKeysFile2:
1205 charptr = (opcode == sAuthorizedKeysFile) ?
1206 &options->authorized_keys_file :
1207 &options->authorized_keys_file2;
1208 goto parse_filename;
1209
1210 case sClientAliveInterval:
1211 intptr = &options->client_alive_interval;
1212 goto parse_time;
1213
1214 case sClientAliveCountMax:
1215 intptr = &options->client_alive_count_max;
1216 goto parse_int;
1217
1218 case sAcceptEnv:
1219 while ((arg = strdelim(&cp)) && *arg != '\0') {
1220 if (strchr(arg, '=') != NULL)
1221 fatal("%s line %d: Invalid environment name.",
1222 filename, linenum);
1223 if (options->num_accept_env >= MAX_ACCEPT_ENV)
1224 fatal("%s line %d: too many allow env.",
1225 filename, linenum);
1226 if (!*activep)
1227 break;
1228 options->accept_env[options->num_accept_env++] =
1229 xstrdup(arg);
1230 }
1231 break;
1232
1233 case sPermitTunnel:
1234 intptr = &options->permit_tun;
1235 arg = strdelim(&cp);
1236 if (!arg || *arg == '\0')
1237 fatal("%s line %d: Missing yes/point-to-point/"
1238 "ethernet/no argument.", filename, linenum);
1239 value = -1;
1240 for (i = 0; tunmode_desc[i].val != -1; i++)
1241 if (strcmp(tunmode_desc[i].text, arg) == 0) {
1242 value = tunmode_desc[i].val;
1243 break;
1244 }
1245 if (value == -1)
1246 fatal("%s line %d: Bad yes/point-to-point/ethernet/"
1247 "no argument: %s", filename, linenum, arg);
1248 if (*intptr == -1)
1249 *intptr = value;
1250 break;
1251
1252 case sMatch:
1253 if (cmdline)
1254 fatal("Match directive not supported as a command-line "
1255 "option");
1256 value = match_cfg_line(&cp, linenum, user, host, address);
1257 if (value < 0)
1258 fatal("%s line %d: Bad Match condition", filename,
1259 linenum);
1260 *activep = value;
1261 break;
1262
1263 case sPermitOpen:
1264 arg = strdelim(&cp);
1265 if (!arg || *arg == '\0')
1266 fatal("%s line %d: missing PermitOpen specification",
1267 filename, linenum);
1268 n = options->num_permitted_opens; /* modified later */
1269 if (strcmp(arg, "any") == 0) {
1270 if (*activep && n == -1) {
1271 channel_clear_adm_permitted_opens();
1272 options->num_permitted_opens = 0;
1273 }
1274 break;
1275 }
1276 if (*activep && n == -1)
1277 channel_clear_adm_permitted_opens();
1278 for (; arg != NULL && *arg != '\0'; arg = strdelim(&cp)) {
1279 p = hpdelim(&arg);
1280 if (p == NULL)
1281 fatal("%s line %d: missing host in PermitOpen",
1282 filename, linenum);
1283 p = cleanhostname(p);
1284 if (arg == NULL || (port = a2port(arg)) <= 0)
1285 fatal("%s line %d: bad port number in "
1286 "PermitOpen", filename, linenum);
1287 if (*activep && n == -1)
1288 options->num_permitted_opens =
1289 channel_add_adm_permitted_opens(p, port);
1290 }
1291 break;
1292
1293 case sForceCommand:
1294 if (cp == NULL)
1295 fatal("%.200s line %d: Missing argument.", filename,
1296 linenum);
1297 len = strspn(cp, WHITESPACE);
1298 if (*activep && options->adm_forced_command == NULL)
1299 options->adm_forced_command = xstrdup(cp + len);
1300 return 0;
1301
1302 case sChrootDirectory:
1303 charptr = &options->chroot_directory;
1304
1305 arg = strdelim(&cp);
1306 if (!arg || *arg == '\0')
1307 fatal("%s line %d: missing file name.",
1308 filename, linenum);
1309 if (*activep && *charptr == NULL)
1310 *charptr = xstrdup(arg);
1311 break;
1312
1313 case sDeprecated:
1314 logit("%s line %d: Deprecated option %s",
1315 filename, linenum, arg);
1316 while (arg)
1317 arg = strdelim(&cp);
1318 break;
1319
1320 case sUnsupported:
1321 logit("%s line %d: Unsupported option %s",
1322 filename, linenum, arg);
1323 while (arg)
1324 arg = strdelim(&cp);
1325 break;
1326
1327 default:
1328 fatal("%s line %d: Missing handler for opcode %s (%d)",
1329 filename, linenum, arg, opcode);
1330 }
1331 if ((arg = strdelim(&cp)) != NULL && *arg != '\0')
1332 fatal("%s line %d: garbage at end of line; \"%.200s\".",
1333 filename, linenum, arg);
1334 return 0;
1335 }
1336
1337 /* Reads the server configuration file. */
1338
1339 void
1340 load_server_config(const char *filename, Buffer *conf)
1341 {
1342 char line[1024], *cp;
1343 FILE *f;
1344
1345 debug2("%s: filename %s", __func__, filename);
1346 if ((f = fopen(filename, "r")) == NULL) {
1347 perror(filename);
1348 exit(1);
1349 }
1350 buffer_clear(conf);
1351 while (fgets(line, sizeof(line), f)) {
1352 /*
1353 * Trim out comments and strip whitespace
1354 * NB - preserve newlines, they are needed to reproduce
1355 * line numbers later for error messages
1356 */
1357 if ((cp = strchr(line, '#')) != NULL)
1358 memcpy(cp, "\n", 2);
1359 cp = line + strspn(line, " \t\r");
1360
1361 buffer_append(conf, cp, strlen(cp));
1362 }
1363 buffer_append(conf, "\0", 1);
1364 fclose(f);
1365 debug2("%s: done config len = %d", __func__, buffer_len(conf));
1366 }
1367
1368 void
1369 parse_server_match_config(ServerOptions *options, const char *user,
1370 const char *host, const char *address)
1371 {
1372 ServerOptions mo;
1373
1374 initialize_server_options(&mo);
1375 parse_server_config(&mo, "reprocess config", &cfg, user, host, address);
1376 copy_set_server_options(options, &mo, 0);
1377 }
1378
1379 /* Helper macros */
1380 #define M_CP_INTOPT(n) do {\
1381 if (src->n != -1) \
1382 dst->n = src->n; \
1383 } while (0)
1384 #define M_CP_STROPT(n) do {\
1385 if (src->n != NULL) { \
1386 if (dst->n != NULL) \
1387 xfree(dst->n); \
1388 dst->n = src->n; \
1389 } \
1390 } while(0)
1391
1392 /*
1393 * Copy any supported values that are set.
1394 *
1395 * If the preauth flag is set, we do not bother copying the string or
1396 * array values that are not used pre-authentication, because any that we
1397 * do use must be explictly sent in mm_getpwnamallow().
1398 */
1399 void
1400 copy_set_server_options(ServerOptions *dst, ServerOptions *src, int preauth)
1401 {
1402 M_CP_INTOPT(password_authentication);
1403 M_CP_INTOPT(gss_authentication);
1404 M_CP_INTOPT(rsa_authentication);
1405 M_CP_INTOPT(pubkey_authentication);
1406 M_CP_INTOPT(kerberos_authentication);
1407 M_CP_INTOPT(hostbased_authentication);
1408 M_CP_INTOPT(kbd_interactive_authentication);
1409 M_CP_INTOPT(zero_knowledge_password_authentication);
1410 M_CP_INTOPT(permit_root_login);
1411 M_CP_INTOPT(permit_empty_passwd);
1412
1413 M_CP_INTOPT(allow_tcp_forwarding);
1414 M_CP_INTOPT(allow_agent_forwarding);
1415 M_CP_INTOPT(gateway_ports);
1416 M_CP_INTOPT(x11_display_offset);
1417 M_CP_INTOPT(x11_forwarding);
1418 M_CP_INTOPT(x11_use_localhost);
1419 M_CP_INTOPT(max_sessions);
1420 M_CP_INTOPT(max_authtries);
1421
1422 M_CP_STROPT(banner);
1423 if (preauth)
1424 return;
1425 M_CP_STROPT(adm_forced_command);
1426 M_CP_STROPT(chroot_directory);
1427 }
1428
1429 #undef M_CP_INTOPT
1430 #undef M_CP_STROPT
1431
1432 void
1433 parse_server_config(ServerOptions *options, const char *filename, Buffer *conf,
1434 const char *user, const char *host, const char *address)
1435 {
1436 int active, linenum, bad_options = 0;
1437 char *cp, *obuf, *cbuf;
1438
1439 debug2("%s: config %s len %d", __func__, filename, buffer_len(conf));
1440
1441 obuf = cbuf = xstrdup(buffer_ptr(conf));
1442 active = user ? 0 : 1;
1443 linenum = 1;
1444 while ((cp = strsep(&cbuf, "\n")) != NULL) {
1445 if (process_server_config_line(options, cp, filename,
1446 linenum++, &active, user, host, address) != 0)
1447 bad_options++;
1448 }
1449 xfree(obuf);
1450 if (bad_options > 0)
1451 fatal("%s: terminating, %d bad configuration options",
1452 filename, bad_options);
1453 }
1454
1455 static const char *
1456 fmt_intarg(ServerOpCodes code, int val)
1457 {
1458 if (code == sAddressFamily) {
1459 switch (val) {
1460 case AF_INET:
1461 return "inet";
1462 case AF_INET6:
1463 return "inet6";
1464 case AF_UNSPEC:
1465 return "any";
1466 default:
1467 return "UNKNOWN";
1468 }
1469 }
1470 if (code == sPermitRootLogin) {
1471 switch (val) {
1472 case PERMIT_NO_PASSWD:
1473 return "without-password";
1474 case PERMIT_FORCED_ONLY:
1475 return "forced-commands-only";
1476 case PERMIT_YES:
1477 return "yes";
1478 }
1479 }
1480 if (code == sProtocol) {
1481 switch (val) {
1482 case SSH_PROTO_1:
1483 return "1";
1484 case SSH_PROTO_2:
1485 return "2";
1486 case (SSH_PROTO_1|SSH_PROTO_2):
1487 return "2,1";
1488 default:
1489 return "UNKNOWN";
1490 }
1491 }
1492 if (code == sGatewayPorts && val == 2)
1493 return "clientspecified";
1494 if (code == sCompression && val == COMP_DELAYED)
1495 return "delayed";
1496 switch (val) {
1497 case -1:
1498 return "unset";
1499 case 0:
1500 return "no";
1501 case 1:
1502 return "yes";
1503 }
1504 return "UNKNOWN";
1505 }
1506
1507 static const char *
1508 lookup_opcode_name(ServerOpCodes code)
1509 {
1510 u_int i;
1511
1512 for (i = 0; keywords[i].name != NULL; i++)
1513 if (keywords[i].opcode == code)
1514 return(keywords[i].name);
1515 return "UNKNOWN";
1516 }
1517
1518 static void
1519 dump_cfg_int(ServerOpCodes code, int val)
1520 {
1521 printf("%s %d\n", lookup_opcode_name(code), val);
1522 }
1523
1524 static void
1525 dump_cfg_fmtint(ServerOpCodes code, int val)
1526 {
1527 printf("%s %s\n", lookup_opcode_name(code), fmt_intarg(code, val));
1528 }
1529
1530 static void
1531 dump_cfg_string(ServerOpCodes code, const char *val)
1532 {
1533 if (val == NULL)
1534 return;
1535 printf("%s %s\n", lookup_opcode_name(code), val);
1536 }
1537
1538 static void
1539 dump_cfg_strarray(ServerOpCodes code, u_int count, char **vals)
1540 {
1541 u_int i;
1542
1543 for (i = 0; i < count; i++)
1544 printf("%s %s\n", lookup_opcode_name(code), vals[i]);
1545 }
1546
1547 void
1548 dump_config(ServerOptions *o)
1549 {
1550 u_int i;
1551 int ret;
1552 struct addrinfo *ai;
1553 char addr[NI_MAXHOST], port[NI_MAXSERV], *s = NULL;
1554
1555 /* these are usually at the top of the config */
1556 for (i = 0; i < o->num_ports; i++)
1557 printf("port %d\n", o->ports[i]);
1558 dump_cfg_fmtint(sProtocol, o->protocol);
1559 dump_cfg_fmtint(sAddressFamily, o->address_family);
1560
1561 /* ListenAddress must be after Port */
1562 for (ai = o->listen_addrs; ai; ai = ai->ai_next) {
1563 if ((ret = getnameinfo(ai->ai_addr, ai->ai_addrlen, addr,
1564 sizeof(addr), port, sizeof(port),
1565 NI_NUMERICHOST|NI_NUMERICSERV)) != 0) {
1566 error("getnameinfo failed: %.100s",
1567 (ret != EAI_SYSTEM) ? gai_strerror(ret) :
1568 strerror(errno));
1569 } else {
1570 if (ai->ai_family == AF_INET6)
1571 printf("listenaddress [%s]:%s\n", addr, port);
1572 else
1573 printf("listenaddress %s:%s\n", addr, port);
1574 }
1575 }
1576
1577 /* integer arguments */
1578 #ifdef USE_PAM
1579 dump_cfg_int(sUsePAM, o->use_pam);
1580 #endif
1581 dump_cfg_int(sServerKeyBits, o->server_key_bits);
1582 dump_cfg_int(sLoginGraceTime, o->login_grace_time);
1583 dump_cfg_int(sKeyRegenerationTime, o->key_regeneration_time);
1584 dump_cfg_int(sX11DisplayOffset, o->x11_display_offset);
1585 dump_cfg_int(sMaxAuthTries, o->max_authtries);
1586 dump_cfg_int(sMaxSessions, o->max_sessions);
1587 dump_cfg_int(sClientAliveInterval, o->client_alive_interval);
1588 dump_cfg_int(sClientAliveCountMax, o->client_alive_count_max);
1589
1590 /* formatted integer arguments */
1591 dump_cfg_fmtint(sPermitRootLogin, o->permit_root_login);
1592 dump_cfg_fmtint(sIgnoreRhosts, o->ignore_rhosts);
1593 dump_cfg_fmtint(sIgnoreUserKnownHosts, o->ignore_user_known_hosts);
1594 dump_cfg_fmtint(sRhostsRSAAuthentication, o->rhosts_rsa_authentication);
1595 dump_cfg_fmtint(sHostbasedAuthentication, o->hostbased_authentication);
1596 dump_cfg_fmtint(sHostbasedUsesNameFromPacketOnly,
1597 o->hostbased_uses_name_from_packet_only);
1598 dump_cfg_fmtint(sRSAAuthentication, o->rsa_authentication);
1599 dump_cfg_fmtint(sPubkeyAuthentication, o->pubkey_authentication);
1600 #ifdef KRB5
1601 dump_cfg_fmtint(sKerberosAuthentication, o->kerberos_authentication);
1602 dump_cfg_fmtint(sKerberosOrLocalPasswd, o->kerberos_or_local_passwd);
1603 dump_cfg_fmtint(sKerberosTicketCleanup, o->kerberos_ticket_cleanup);
1604 # ifdef USE_AFS
1605 dump_cfg_fmtint(sKerberosGetAFSToken, o->kerberos_get_afs_token);
1606 # endif
1607 #endif
1608 #ifdef GSSAPI
1609 dump_cfg_fmtint(sGssAuthentication, o->gss_authentication);
1610 dump_cfg_fmtint(sGssCleanupCreds, o->gss_cleanup_creds);
1611 #endif
1612 #ifdef JPAKE
1613 dump_cfg_fmtint(sZeroKnowledgePasswordAuthentication,
1614 o->zero_knowledge_password_authentication);
1615 #endif
1616 dump_cfg_fmtint(sPasswordAuthentication, o->password_authentication);
1617 dump_cfg_fmtint(sKbdInteractiveAuthentication,
1618 o->kbd_interactive_authentication);
1619 dump_cfg_fmtint(sChallengeResponseAuthentication,
1620 o->challenge_response_authentication);
1621 dump_cfg_fmtint(sPrintMotd, o->print_motd);
1622 dump_cfg_fmtint(sPrintLastLog, o->print_lastlog);
1623 dump_cfg_fmtint(sX11Forwarding, o->x11_forwarding);
1624 dump_cfg_fmtint(sX11UseLocalhost, o->x11_use_localhost);
1625 dump_cfg_fmtint(sStrictModes, o->strict_modes);
1626 dump_cfg_fmtint(sTCPKeepAlive, o->tcp_keep_alive);
1627 dump_cfg_fmtint(sEmptyPasswd, o->permit_empty_passwd);
1628 dump_cfg_fmtint(sPermitUserEnvironment, o->permit_user_env);
1629 dump_cfg_fmtint(sUseLogin, o->use_login);
1630 dump_cfg_fmtint(sCompression, o->compression);
1631 dump_cfg_fmtint(sGatewayPorts, o->gateway_ports);
1632 dump_cfg_fmtint(sUseDNS, o->use_dns);
1633 dump_cfg_fmtint(sAllowTcpForwarding, o->allow_tcp_forwarding);
1634 dump_cfg_fmtint(sUsePrivilegeSeparation, use_privsep);
1635
1636 /* string arguments */
1637 dump_cfg_string(sPidFile, o->pid_file);
1638 dump_cfg_string(sXAuthLocation, o->xauth_location);
1639 dump_cfg_string(sCiphers, o->ciphers);
1640 dump_cfg_string(sMacs, o->macs);
1641 dump_cfg_string(sBanner, o->banner);
1642 dump_cfg_string(sAuthorizedKeysFile, o->authorized_keys_file);
1643 dump_cfg_string(sAuthorizedKeysFile2, o->authorized_keys_file2);
1644 dump_cfg_string(sForceCommand, o->adm_forced_command);
1645 dump_cfg_string(sChrootDirectory, o->chroot_directory);
1646
1647 /* string arguments requiring a lookup */
1648 dump_cfg_string(sLogLevel, log_level_name(o->log_level));
1649 dump_cfg_string(sLogFacility, log_facility_name(o->log_facility));
1650
1651 /* string array arguments */
1652 dump_cfg_strarray(sHostKeyFile, o->num_host_key_files,
1653 o->host_key_files);
1654 dump_cfg_strarray(sAllowUsers, o->num_allow_users, o->allow_users);
1655 dump_cfg_strarray(sDenyUsers, o->num_deny_users, o->deny_users);
1656 dump_cfg_strarray(sAllowGroups, o->num_allow_groups, o->allow_groups);
1657 dump_cfg_strarray(sDenyGroups, o->num_deny_groups, o->deny_groups);
1658 dump_cfg_strarray(sAcceptEnv, o->num_accept_env, o->accept_env);
1659
1660 /* other arguments */
1661 for (i = 0; i < o->num_subsystems; i++)
1662 printf("subsystem %s %s\n", o->subsystem_name[i],
1663 o->subsystem_args[i]);
1664
1665 printf("maxstartups %d:%d:%d\n", o->max_startups_begin,
1666 o->max_startups_rate, o->max_startups);
1667
1668 for (i = 0; tunmode_desc[i].val != -1; i++)
1669 if (tunmode_desc[i].val == o->permit_tun) {
1670 s = tunmode_desc[i].text;
1671 break;
1672 }
1673 dump_cfg_string(sPermitTunnel, s);
1674
1675 channel_print_adm_permitted_opens();
1676 }
A clone of openssh git repository