search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
- (djm) [servconf.c ssh-add.c ssh-keygen.c] don't look for ECDSA keys on
[openssh-git.git] / servconf.c
blob4e5fd2f048cd90dca1ee5025cc272726c665ed72
1 /* $OpenBSD: servconf.c,v 1.212 2010/09/30 11:04:51 djm Exp $ */
2 /*
3 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
4 * All rights reserved
5 *
6 * As far as I am concerned, the code I have written for this software
7 * can be used freely for any purpose. Any derived versions of this
8 * software must be clearly marked as such, and if the derived work is
9 * incompatible with the protocol description in the RFC file, it must be
10 * called by a name other than "ssh" or "Secure Shell".
11 */
12
13 #include "includes.h"
14
15 #include <sys/types.h>
16 #include <sys/socket.h>
17
18 #include <netdb.h>
19 #include <pwd.h>
20 #include <stdio.h>
21 #include <stdlib.h>
22 #include <string.h>
23 #include <signal.h>
24 #include <unistd.h>
25 #include <stdarg.h>
26 #include <errno.h>
27
28 #include "openbsd-compat/sys-queue.h"
29 #include "xmalloc.h"
30 #include "ssh.h"
31 #include "log.h"
32 #include "buffer.h"
33 #include "servconf.h"
34 #include "compat.h"
35 #include "pathnames.h"
36 #include "misc.h"
37 #include "cipher.h"
38 #include "key.h"
39 #include "kex.h"
40 #include "mac.h"
41 #include "match.h"
42 #include "channels.h"
43 #include "groupaccess.h"
44
45 static void add_listen_addr(ServerOptions *, char *, int);
46 static void add_one_listen_addr(ServerOptions *, char *, int);
47
48 /* Use of privilege separation or not */
49 extern int use_privsep;
50 extern Buffer cfg;
51
52 /* Initializes the server options to their default values. */
53
54 void
55 initialize_server_options(ServerOptions *options)
56 {
57 memset(options, 0, sizeof(*options));
58
59 /* Portable-specific options */
60 options->use_pam = -1;
61
62 /* Standard Options */
63 options->num_ports = 0;
64 options->ports_from_cmdline = 0;
65 options->listen_addrs = NULL;
66 options->address_family = -1;
67 options->num_host_key_files = 0;
68 options->num_host_cert_files = 0;
69 options->pid_file = NULL;
70 options->server_key_bits = -1;
71 options->login_grace_time = -1;
72 options->key_regeneration_time = -1;
73 options->permit_root_login = PERMIT_NOT_SET;
74 options->ignore_rhosts = -1;
75 options->ignore_user_known_hosts = -1;
76 options->print_motd = -1;
77 options->print_lastlog = -1;
78 options->x11_forwarding = -1;
79 options->x11_display_offset = -1;
80 options->x11_use_localhost = -1;
81 options->xauth_location = NULL;
82 options->strict_modes = -1;
83 options->tcp_keep_alive = -1;
84 options->log_facility = SYSLOG_FACILITY_NOT_SET;
85 options->log_level = SYSLOG_LEVEL_NOT_SET;
86 options->rhosts_rsa_authentication = -1;
87 options->hostbased_authentication = -1;
88 options->hostbased_uses_name_from_packet_only = -1;
89 options->rsa_authentication = -1;
90 options->pubkey_authentication = -1;
91 options->kerberos_authentication = -1;
92 options->kerberos_or_local_passwd = -1;
93 options->kerberos_ticket_cleanup = -1;
94 options->kerberos_get_afs_token = -1;
95 options->gss_authentication=-1;
96 options->gss_cleanup_creds = -1;
97 options->password_authentication = -1;
98 options->kbd_interactive_authentication = -1;
99 options->challenge_response_authentication = -1;
100 options->permit_empty_passwd = -1;
101 options->permit_user_env = -1;
102 options->use_login = -1;
103 options->compression = -1;
104 options->allow_tcp_forwarding = -1;
105 options->allow_agent_forwarding = -1;
106 options->num_allow_users = 0;
107 options->num_deny_users = 0;
108 options->num_allow_groups = 0;
109 options->num_deny_groups = 0;
110 options->ciphers = NULL;
111 options->macs = NULL;
112 options->kex_algorithms = NULL;
113 options->protocol = SSH_PROTO_UNKNOWN;
114 options->gateway_ports = -1;
115 options->num_subsystems = 0;
116 options->max_startups_begin = -1;
117 options->max_startups_rate = -1;
118 options->max_startups = -1;
119 options->max_authtries = -1;
120 options->max_sessions = -1;
121 options->banner = NULL;
122 options->use_dns = -1;
123 options->client_alive_interval = -1;
124 options->client_alive_count_max = -1;
125 options->authorized_keys_file = NULL;
126 options->authorized_keys_file2 = NULL;
127 options->num_accept_env = 0;
128 options->permit_tun = -1;
129 options->num_permitted_opens = -1;
130 options->adm_forced_command = NULL;
131 options->chroot_directory = NULL;
132 options->zero_knowledge_password_authentication = -1;
133 options->revoked_keys_file = NULL;
134 options->trusted_user_ca_keys = NULL;
135 options->authorized_principals_file = NULL;
136 }
137
138 void
139 fill_default_server_options(ServerOptions *options)
140 {
141 /* Portable-specific options */
142 if (options->use_pam == -1)
143 options->use_pam = 0;
144
145 /* Standard Options */
146 if (options->protocol == SSH_PROTO_UNKNOWN)
147 options->protocol = SSH_PROTO_2;
148 if (options->num_host_key_files == 0) {
149 /* fill default hostkeys for protocols */
150 if (options->protocol & SSH_PROTO_1)
151 options->host_key_files[options->num_host_key_files++] =
152 _PATH_HOST_KEY_FILE;
153 if (options->protocol & SSH_PROTO_2) {
154 options->host_key_files[options->num_host_key_files++] =
155 _PATH_HOST_RSA_KEY_FILE;
156 options->host_key_files[options->num_host_key_files++] =
157 _PATH_HOST_DSA_KEY_FILE;
158 #ifdef OPENSSL_HAS_ECC
159 options->host_key_files[options->num_host_key_files++] =
160 _PATH_HOST_ECDSA_KEY_FILE;
161 #endif
162 }
163 }
164 /* No certificates by default */
165 if (options->num_ports == 0)
166 options->ports[options->num_ports++] = SSH_DEFAULT_PORT;
167 if (options->listen_addrs == NULL)
168 add_listen_addr(options, NULL, 0);
169 if (options->pid_file == NULL)
170 options->pid_file = _PATH_SSH_DAEMON_PID_FILE;
171 if (options->server_key_bits == -1)
172 options->server_key_bits = 1024;
173 if (options->login_grace_time == -1)
174 options->login_grace_time = 120;
175 if (options->key_regeneration_time == -1)
176 options->key_regeneration_time = 3600;
177 if (options->permit_root_login == PERMIT_NOT_SET)
178 options->permit_root_login = PERMIT_YES;
179 if (options->ignore_rhosts == -1)
180 options->ignore_rhosts = 1;
181 if (options->ignore_user_known_hosts == -1)
182 options->ignore_user_known_hosts = 0;
183 if (options->print_motd == -1)
184 options->print_motd = 1;
185 if (options->print_lastlog == -1)
186 options->print_lastlog = 1;
187 if (options->x11_forwarding == -1)
188 options->x11_forwarding = 0;
189 if (options->x11_display_offset == -1)
190 options->x11_display_offset = 10;
191 if (options->x11_use_localhost == -1)
192 options->x11_use_localhost = 1;
193 if (options->xauth_location == NULL)
194 options->xauth_location = _PATH_XAUTH;
195 if (options->strict_modes == -1)
196 options->strict_modes = 1;
197 if (options->tcp_keep_alive == -1)
198 options->tcp_keep_alive = 1;
199 if (options->log_facility == SYSLOG_FACILITY_NOT_SET)
200 options->log_facility = SYSLOG_FACILITY_AUTH;
201 if (options->log_level == SYSLOG_LEVEL_NOT_SET)
202 options->log_level = SYSLOG_LEVEL_INFO;
203 if (options->rhosts_rsa_authentication == -1)
204 options->rhosts_rsa_authentication = 0;
205 if (options->hostbased_authentication == -1)
206 options->hostbased_authentication = 0;
207 if (options->hostbased_uses_name_from_packet_only == -1)
208 options->hostbased_uses_name_from_packet_only = 0;
209 if (options->rsa_authentication == -1)
210 options->rsa_authentication = 1;
211 if (options->pubkey_authentication == -1)
212 options->pubkey_authentication = 1;
213 if (options->kerberos_authentication == -1)
214 options->kerberos_authentication = 0;
215 if (options->kerberos_or_local_passwd == -1)
216 options->kerberos_or_local_passwd = 1;
217 if (options->kerberos_ticket_cleanup == -1)
218 options->kerberos_ticket_cleanup = 1;
219 if (options->kerberos_get_afs_token == -1)
220 options->kerberos_get_afs_token = 0;
221 if (options->gss_authentication == -1)
222 options->gss_authentication = 0;
223 if (options->gss_cleanup_creds == -1)
224 options->gss_cleanup_creds = 1;
225 if (options->password_authentication == -1)
226 options->password_authentication = 1;
227 if (options->kbd_interactive_authentication == -1)
228 options->kbd_interactive_authentication = 0;
229 if (options->challenge_response_authentication == -1)
230 options->challenge_response_authentication = 1;
231 if (options->permit_empty_passwd == -1)
232 options->permit_empty_passwd = 0;
233 if (options->permit_user_env == -1)
234 options->permit_user_env = 0;
235 if (options->use_login == -1)
236 options->use_login = 0;
237 if (options->compression == -1)
238 options->compression = COMP_DELAYED;
239 if (options->allow_tcp_forwarding == -1)
240 options->allow_tcp_forwarding = 1;
241 if (options->allow_agent_forwarding == -1)
242 options->allow_agent_forwarding = 1;
243 if (options->gateway_ports == -1)
244 options->gateway_ports = 0;
245 if (options->max_startups == -1)
246 options->max_startups = 10;
247 if (options->max_startups_rate == -1)
248 options->max_startups_rate = 100; /* 100% */
249 if (options->max_startups_begin == -1)
250 options->max_startups_begin = options->max_startups;
251 if (options->max_authtries == -1)
252 options->max_authtries = DEFAULT_AUTH_FAIL_MAX;
253 if (options->max_sessions == -1)
254 options->max_sessions = DEFAULT_SESSIONS_MAX;
255 if (options->use_dns == -1)
256 options->use_dns = 1;
257 if (options->client_alive_interval == -1)
258 options->client_alive_interval = 0;
259 if (options->client_alive_count_max == -1)
260 options->client_alive_count_max = 3;
261 if (options->authorized_keys_file2 == NULL) {
262 /* authorized_keys_file2 falls back to authorized_keys_file */
263 if (options->authorized_keys_file != NULL)
264 options->authorized_keys_file2 = xstrdup(options->authorized_keys_file);
265 else
266 options->authorized_keys_file2 = xstrdup(_PATH_SSH_USER_PERMITTED_KEYS2);
267 }
268 if (options->authorized_keys_file == NULL)
269 options->authorized_keys_file = xstrdup(_PATH_SSH_USER_PERMITTED_KEYS);
270 if (options->permit_tun == -1)
271 options->permit_tun = SSH_TUNMODE_NO;
272 if (options->zero_knowledge_password_authentication == -1)
273 options->zero_knowledge_password_authentication = 0;
274
275 /* Turn privilege separation on by default */
276 if (use_privsep == -1)
277 use_privsep = 1;
278
279 #ifndef HAVE_MMAP
280 if (use_privsep && options->compression == 1) {
281 error("This platform does not support both privilege "
282 "separation and compression");
283 error("Compression disabled");
284 options->compression = 0;
285 }
286 #endif
287
288 }
289
290 /* Keyword tokens. */
291 typedef enum {
292 sBadOption, /* == unknown option */
293 /* Portable-specific options */
294 sUsePAM,
295 /* Standard Options */
296 sPort, sHostKeyFile, sServerKeyBits, sLoginGraceTime, sKeyRegenerationTime,
297 sPermitRootLogin, sLogFacility, sLogLevel,
298 sRhostsRSAAuthentication, sRSAAuthentication,
299 sKerberosAuthentication, sKerberosOrLocalPasswd, sKerberosTicketCleanup,
300 sKerberosGetAFSToken,
301 sKerberosTgtPassing, sChallengeResponseAuthentication,
302 sPasswordAuthentication, sKbdInteractiveAuthentication,
303 sListenAddress, sAddressFamily,
304 sPrintMotd, sPrintLastLog, sIgnoreRhosts,
305 sX11Forwarding, sX11DisplayOffset, sX11UseLocalhost,
306 sStrictModes, sEmptyPasswd, sTCPKeepAlive,
307 sPermitUserEnvironment, sUseLogin, sAllowTcpForwarding, sCompression,
308 sAllowUsers, sDenyUsers, sAllowGroups, sDenyGroups,
309 sIgnoreUserKnownHosts, sCiphers, sMacs, sProtocol, sPidFile,
310 sGatewayPorts, sPubkeyAuthentication, sXAuthLocation, sSubsystem,
311 sMaxStartups, sMaxAuthTries, sMaxSessions,
312 sBanner, sUseDNS, sHostbasedAuthentication,
313 sHostbasedUsesNameFromPacketOnly, sClientAliveInterval,
314 sClientAliveCountMax, sAuthorizedKeysFile, sAuthorizedKeysFile2,
315 sGssAuthentication, sGssCleanupCreds, sAcceptEnv, sPermitTunnel,
316 sMatch, sPermitOpen, sForceCommand, sChrootDirectory,
317 sUsePrivilegeSeparation, sAllowAgentForwarding,
318 sZeroKnowledgePasswordAuthentication, sHostCertificate,
319 sRevokedKeys, sTrustedUserCAKeys, sAuthorizedPrincipalsFile,
320 sKexAlgorithms,
321 sDeprecated, sUnsupported
322 } ServerOpCodes;
323
324 #define SSHCFG_GLOBAL 0x01 /* allowed in main section of sshd_config */
325 #define SSHCFG_MATCH 0x02 /* allowed inside a Match section */
326 #define SSHCFG_ALL (SSHCFG_GLOBAL|SSHCFG_MATCH)
327
328 /* Textual representation of the tokens. */
329 static struct {
330 const char *name;
331 ServerOpCodes opcode;
332 u_int flags;
333 } keywords[] = {
334 /* Portable-specific options */
335 #ifdef USE_PAM
336 { "usepam", sUsePAM, SSHCFG_GLOBAL },
337 #else
338 { "usepam", sUnsupported, SSHCFG_GLOBAL },
339 #endif
340 { "pamauthenticationviakbdint", sDeprecated, SSHCFG_GLOBAL },
341 /* Standard Options */
342 { "port", sPort, SSHCFG_GLOBAL },
343 { "hostkey", sHostKeyFile, SSHCFG_GLOBAL },
344 { "hostdsakey", sHostKeyFile, SSHCFG_GLOBAL }, /* alias */
345 { "pidfile", sPidFile, SSHCFG_GLOBAL },
346 { "serverkeybits", sServerKeyBits, SSHCFG_GLOBAL },
347 { "logingracetime", sLoginGraceTime, SSHCFG_GLOBAL },
348 { "keyregenerationinterval", sKeyRegenerationTime, SSHCFG_GLOBAL },
349 { "permitrootlogin", sPermitRootLogin, SSHCFG_ALL },
350 { "syslogfacility", sLogFacility, SSHCFG_GLOBAL },
351 { "loglevel", sLogLevel, SSHCFG_GLOBAL },
352 { "rhostsauthentication", sDeprecated, SSHCFG_GLOBAL },
353 { "rhostsrsaauthentication", sRhostsRSAAuthentication, SSHCFG_ALL },
354 { "hostbasedauthentication", sHostbasedAuthentication, SSHCFG_ALL },
355 { "hostbasedusesnamefrompacketonly", sHostbasedUsesNameFromPacketOnly, SSHCFG_ALL },
356 { "rsaauthentication", sRSAAuthentication, SSHCFG_ALL },
357 { "pubkeyauthentication", sPubkeyAuthentication, SSHCFG_ALL },
358 { "dsaauthentication", sPubkeyAuthentication, SSHCFG_GLOBAL }, /* alias */
359 #ifdef KRB5
360 { "kerberosauthentication", sKerberosAuthentication, SSHCFG_ALL },
361 { "kerberosorlocalpasswd", sKerberosOrLocalPasswd, SSHCFG_GLOBAL },
362 { "kerberosticketcleanup", sKerberosTicketCleanup, SSHCFG_GLOBAL },
363 #ifdef USE_AFS
364 { "kerberosgetafstoken", sKerberosGetAFSToken, SSHCFG_GLOBAL },
365 #else
366 { "kerberosgetafstoken", sUnsupported, SSHCFG_GLOBAL },
367 #endif
368 #else
369 { "kerberosauthentication", sUnsupported, SSHCFG_ALL },
370 { "kerberosorlocalpasswd", sUnsupported, SSHCFG_GLOBAL },
371 { "kerberosticketcleanup", sUnsupported, SSHCFG_GLOBAL },
372 { "kerberosgetafstoken", sUnsupported, SSHCFG_GLOBAL },
373 #endif
374 { "kerberostgtpassing", sUnsupported, SSHCFG_GLOBAL },
375 { "afstokenpassing", sUnsupported, SSHCFG_GLOBAL },
376 #ifdef GSSAPI
377 { "gssapiauthentication", sGssAuthentication, SSHCFG_ALL },
378 { "gssapicleanupcredentials", sGssCleanupCreds, SSHCFG_GLOBAL },
379 #else
380 { "gssapiauthentication", sUnsupported, SSHCFG_ALL },
381 { "gssapicleanupcredentials", sUnsupported, SSHCFG_GLOBAL },
382 #endif
383 { "passwordauthentication", sPasswordAuthentication, SSHCFG_ALL },
384 { "kbdinteractiveauthentication", sKbdInteractiveAuthentication, SSHCFG_ALL },
385 { "challengeresponseauthentication", sChallengeResponseAuthentication, SSHCFG_GLOBAL },
386 { "skeyauthentication", sChallengeResponseAuthentication, SSHCFG_GLOBAL }, /* alias */
387 #ifdef JPAKE
388 { "zeroknowledgepasswordauthentication", sZeroKnowledgePasswordAuthentication, SSHCFG_ALL },
389 #else
390 { "zeroknowledgepasswordauthentication", sUnsupported, SSHCFG_ALL },
391 #endif
392 { "checkmail", sDeprecated, SSHCFG_GLOBAL },
393 { "listenaddress", sListenAddress, SSHCFG_GLOBAL },
394 { "addressfamily", sAddressFamily, SSHCFG_GLOBAL },
395 { "printmotd", sPrintMotd, SSHCFG_GLOBAL },
396 { "printlastlog", sPrintLastLog, SSHCFG_GLOBAL },
397 { "ignorerhosts", sIgnoreRhosts, SSHCFG_GLOBAL },
398 { "ignoreuserknownhosts", sIgnoreUserKnownHosts, SSHCFG_GLOBAL },
399 { "x11forwarding", sX11Forwarding, SSHCFG_ALL },
400 { "x11displayoffset", sX11DisplayOffset, SSHCFG_ALL },
401 { "x11uselocalhost", sX11UseLocalhost, SSHCFG_ALL },
402 { "xauthlocation", sXAuthLocation, SSHCFG_GLOBAL },
403 { "strictmodes", sStrictModes, SSHCFG_GLOBAL },
404 { "permitemptypasswords", sEmptyPasswd, SSHCFG_ALL },
405 { "permituserenvironment", sPermitUserEnvironment, SSHCFG_GLOBAL },
406 { "uselogin", sUseLogin, SSHCFG_GLOBAL },
407 { "compression", sCompression, SSHCFG_GLOBAL },
408 { "tcpkeepalive", sTCPKeepAlive, SSHCFG_GLOBAL },
409 { "keepalive", sTCPKeepAlive, SSHCFG_GLOBAL }, /* obsolete alias */
410 { "allowtcpforwarding", sAllowTcpForwarding, SSHCFG_ALL },
411 { "allowagentforwarding", sAllowAgentForwarding, SSHCFG_ALL },
412 { "allowusers", sAllowUsers, SSHCFG_GLOBAL },
413 { "denyusers", sDenyUsers, SSHCFG_GLOBAL },
414 { "allowgroups", sAllowGroups, SSHCFG_GLOBAL },
415 { "denygroups", sDenyGroups, SSHCFG_GLOBAL },
416 { "ciphers", sCiphers, SSHCFG_GLOBAL },
417 { "macs", sMacs, SSHCFG_GLOBAL },
418 { "protocol", sProtocol, SSHCFG_GLOBAL },
419 { "gatewayports", sGatewayPorts, SSHCFG_ALL },
420 { "subsystem", sSubsystem, SSHCFG_GLOBAL },
421 { "maxstartups", sMaxStartups, SSHCFG_GLOBAL },
422 { "maxauthtries", sMaxAuthTries, SSHCFG_ALL },
423 { "maxsessions", sMaxSessions, SSHCFG_ALL },
424 { "banner", sBanner, SSHCFG_ALL },
425 { "usedns", sUseDNS, SSHCFG_GLOBAL },
426 { "verifyreversemapping", sDeprecated, SSHCFG_GLOBAL },
427 { "reversemappingcheck", sDeprecated, SSHCFG_GLOBAL },
428 { "clientaliveinterval", sClientAliveInterval, SSHCFG_GLOBAL },
429 { "clientalivecountmax", sClientAliveCountMax, SSHCFG_GLOBAL },
430 { "authorizedkeysfile", sAuthorizedKeysFile, SSHCFG_ALL },
431 { "authorizedkeysfile2", sAuthorizedKeysFile2, SSHCFG_ALL },
432 { "useprivilegeseparation", sUsePrivilegeSeparation, SSHCFG_GLOBAL},
433 { "acceptenv", sAcceptEnv, SSHCFG_GLOBAL },
434 { "permittunnel", sPermitTunnel, SSHCFG_ALL },
435 { "match", sMatch, SSHCFG_ALL },
436 { "permitopen", sPermitOpen, SSHCFG_ALL },
437 { "forcecommand", sForceCommand, SSHCFG_ALL },
438 { "chrootdirectory", sChrootDirectory, SSHCFG_ALL },
439 { "hostcertificate", sHostCertificate, SSHCFG_GLOBAL },
440 { "revokedkeys", sRevokedKeys, SSHCFG_ALL },
441 { "trustedusercakeys", sTrustedUserCAKeys, SSHCFG_ALL },
442 { "authorizedprincipalsfile", sAuthorizedPrincipalsFile, SSHCFG_ALL },
443 { "kexalgorithms", sKexAlgorithms, SSHCFG_GLOBAL },
444 { NULL, sBadOption, 0 }
445 };
446
447 static struct {
448 int val;
449 char *text;
450 } tunmode_desc[] = {
451 { SSH_TUNMODE_NO, "no" },
452 { SSH_TUNMODE_POINTOPOINT, "point-to-point" },
453 { SSH_TUNMODE_ETHERNET, "ethernet" },
454 { SSH_TUNMODE_YES, "yes" },
455 { -1, NULL }
456 };
457
458 /*
459 * Returns the number of the token pointed to by cp or sBadOption.
460 */
461
462 static ServerOpCodes
463 parse_token(const char *cp, const char *filename,
464 int linenum, u_int *flags)
465 {
466 u_int i;
467
468 for (i = 0; keywords[i].name; i++)
469 if (strcasecmp(cp, keywords[i].name) == 0) {
470 *flags = keywords[i].flags;
471 return keywords[i].opcode;
472 }
473
474 error("%s: line %d: Bad configuration option: %s",
475 filename, linenum, cp);
476 return sBadOption;
477 }
478
479 char *
480 derelativise_path(const char *path)
481 {
482 char *expanded, *ret, cwd[MAXPATHLEN];
483
484 expanded = tilde_expand_filename(path, getuid());
485 if (*expanded == '/')
486 return expanded;
487 if (getcwd(cwd, sizeof(cwd)) == NULL)
488 fatal("%s: getcwd: %s", __func__, strerror(errno));
489 xasprintf(&ret, "%s/%s", cwd, expanded);
490 xfree(expanded);
491 return ret;
492 }
493
494 static void
495 add_listen_addr(ServerOptions *options, char *addr, int port)
496 {
497 u_int i;
498
499 if (options->num_ports == 0)
500 options->ports[options->num_ports++] = SSH_DEFAULT_PORT;
501 if (options->address_family == -1)
502 options->address_family = AF_UNSPEC;
503 if (port == 0)
504 for (i = 0; i < options->num_ports; i++)
505 add_one_listen_addr(options, addr, options->ports[i]);
506 else
507 add_one_listen_addr(options, addr, port);
508 }
509
510 static void
511 add_one_listen_addr(ServerOptions *options, char *addr, int port)
512 {
513 struct addrinfo hints, *ai, *aitop;
514 char strport[NI_MAXSERV];
515 int gaierr;
516
517 memset(&hints, 0, sizeof(hints));
518 hints.ai_family = options->address_family;
519 hints.ai_socktype = SOCK_STREAM;
520 hints.ai_flags = (addr == NULL) ? AI_PASSIVE : 0;
521 snprintf(strport, sizeof strport, "%d", port);
522 if ((gaierr = getaddrinfo(addr, strport, &hints, &aitop)) != 0)
523 fatal("bad addr or host: %s (%s)",
524 addr ? addr : "<NULL>",
525 ssh_gai_strerror(gaierr));
526 for (ai = aitop; ai->ai_next; ai = ai->ai_next)
527 ;
528 ai->ai_next = options->listen_addrs;
529 options->listen_addrs = aitop;
530 }
531
532 /*
533 * The strategy for the Match blocks is that the config file is parsed twice.
534 *
535 * The first time is at startup. activep is initialized to 1 and the
536 * directives in the global context are processed and acted on. Hitting a
537 * Match directive unsets activep and the directives inside the block are
538 * checked for syntax only.
539 *
540 * The second time is after a connection has been established but before
541 * authentication. activep is initialized to 2 and global config directives
542 * are ignored since they have already been processed. If the criteria in a
543 * Match block is met, activep is set and the subsequent directives
544 * processed and actioned until EOF or another Match block unsets it. Any
545 * options set are copied into the main server config.
546 *
547 * Potential additions/improvements:
548 * - Add Match support for pre-kex directives, eg Protocol, Ciphers.
549 *
550 * - Add a Tag directive (idea from David Leonard) ala pf, eg:
551 * Match Address 192.168.0.*
552 * Tag trusted
553 * Match Group wheel
554 * Tag trusted
555 * Match Tag trusted
556 * AllowTcpForwarding yes
557 * GatewayPorts clientspecified
558 * [...]
559 *
560 * - Add a PermittedChannelRequests directive
561 * Match Group shell
562 * PermittedChannelRequests session,forwarded-tcpip
563 */
564
565 static int
566 match_cfg_line_group(const char *grps, int line, const char *user)
567 {
568 int result = 0;
569 struct passwd *pw;
570
571 if (user == NULL)
572 goto out;
573
574 if ((pw = getpwnam(user)) == NULL) {
575 debug("Can't match group at line %d because user %.100s does "
576 "not exist", line, user);
577 } else if (ga_init(pw->pw_name, pw->pw_gid) == 0) {
578 debug("Can't Match group because user %.100s not in any group "
579 "at line %d", user, line);
580 } else if (ga_match_pattern_list(grps) != 1) {
581 debug("user %.100s does not match group list %.100s at line %d",
582 user, grps, line);
583 } else {
584 debug("user %.100s matched group list %.100s at line %d", user,
585 grps, line);
586 result = 1;
587 }
588 out:
589 ga_free();
590 return result;
591 }
592
593 static int
594 match_cfg_line(char **condition, int line, const char *user, const char *host,
595 const char *address)
596 {
597 int result = 1;
598 char *arg, *attrib, *cp = *condition;
599 size_t len;
600
601 if (user == NULL)
602 debug3("checking syntax for 'Match %s'", cp);
603 else
604 debug3("checking match for '%s' user %s host %s addr %s", cp,
605 user ? user : "(null)", host ? host : "(null)",
606 address ? address : "(null)");
607
608 while ((attrib = strdelim(&cp)) && *attrib != '\0') {
609 if ((arg = strdelim(&cp)) == NULL || *arg == '\0') {
610 error("Missing Match criteria for %s", attrib);
611 return -1;
612 }
613 len = strlen(arg);
614 if (strcasecmp(attrib, "user") == 0) {
615 if (!user) {
616 result = 0;
617 continue;
618 }
619 if (match_pattern_list(user, arg, len, 0) != 1)
620 result = 0;
621 else
622 debug("user %.100s matched 'User %.100s' at "
623 "line %d", user, arg, line);
624 } else if (strcasecmp(attrib, "group") == 0) {
625 switch (match_cfg_line_group(arg, line, user)) {
626 case -1:
627 return -1;
628 case 0:
629 result = 0;
630 }
631 } else if (strcasecmp(attrib, "host") == 0) {
632 if (!host) {
633 result = 0;
634 continue;
635 }
636 if (match_hostname(host, arg, len) != 1)
637 result = 0;
638 else
639 debug("connection from %.100s matched 'Host "
640 "%.100s' at line %d", host, arg, line);
641 } else if (strcasecmp(attrib, "address") == 0) {
642 switch (addr_match_list(address, arg)) {
643 case 1:
644 debug("connection from %.100s matched 'Address "
645 "%.100s' at line %d", address, arg, line);
646 break;
647 case 0:
648 case -1:
649 result = 0;
650 break;
651 case -2:
652 return -1;
653 }
654 } else {
655 error("Unsupported Match attribute %s", attrib);
656 return -1;
657 }
658 }
659 if (user != NULL)
660 debug3("match %sfound", result ? "" : "not ");
661 *condition = cp;
662 return result;
663 }
664
665 #define WHITESPACE " \t\r\n"
666
667 int
668 process_server_config_line(ServerOptions *options, char *line,
669 const char *filename, int linenum, int *activep, const char *user,
670 const char *host, const char *address)
671 {
672 char *cp, **charptr, *arg, *p;
673 int cmdline = 0, *intptr, value, n;
674 SyslogFacility *log_facility_ptr;
675 LogLevel *log_level_ptr;
676 ServerOpCodes opcode;
677 int port;
678 u_int i, flags = 0;
679 size_t len;
680
681 cp = line;
682 if ((arg = strdelim(&cp)) == NULL)
683 return 0;
684 /* Ignore leading whitespace */
685 if (*arg == '\0')
686 arg = strdelim(&cp);
687 if (!arg || !*arg || *arg == '#')
688 return 0;
689 intptr = NULL;
690 charptr = NULL;
691 opcode = parse_token(arg, filename, linenum, &flags);
692
693 if (activep == NULL) { /* We are processing a command line directive */
694 cmdline = 1;
695 activep = &cmdline;
696 }
697 if (*activep && opcode != sMatch)
698 debug3("%s:%d setting %s %s", filename, linenum, arg, cp);
699 if (*activep == 0 && !(flags & SSHCFG_MATCH)) {
700 if (user == NULL) {
701 fatal("%s line %d: Directive '%s' is not allowed "
702 "within a Match block", filename, linenum, arg);
703 } else { /* this is a directive we have already processed */
704 while (arg)
705 arg = strdelim(&cp);
706 return 0;
707 }
708 }
709
710 switch (opcode) {
711 /* Portable-specific options */
712 case sUsePAM:
713 intptr = &options->use_pam;
714 goto parse_flag;
715
716 /* Standard Options */
717 case sBadOption:
718 return -1;
719 case sPort:
720 /* ignore ports from configfile if cmdline specifies ports */
721 if (options->ports_from_cmdline)
722 return 0;
723 if (options->listen_addrs != NULL)
724 fatal("%s line %d: ports must be specified before "
725 "ListenAddress.", filename, linenum);
726 if (options->num_ports >= MAX_PORTS)
727 fatal("%s line %d: too many ports.",
728 filename, linenum);
729 arg = strdelim(&cp);
730 if (!arg || *arg == '\0')
731 fatal("%s line %d: missing port number.",
732 filename, linenum);
733 options->ports[options->num_ports++] = a2port(arg);
734 if (options->ports[options->num_ports-1] <= 0)
735 fatal("%s line %d: Badly formatted port number.",
736 filename, linenum);
737 break;
738
739 case sServerKeyBits:
740 intptr = &options->server_key_bits;
741 parse_int:
742 arg = strdelim(&cp);
743 if (!arg || *arg == '\0')
744 fatal("%s line %d: missing integer value.",
745 filename, linenum);
746 value = atoi(arg);
747 if (*activep && *intptr == -1)
748 *intptr = value;
749 break;
750
751 case sLoginGraceTime:
752 intptr = &options->login_grace_time;
753 parse_time:
754 arg = strdelim(&cp);
755 if (!arg || *arg == '\0')
756 fatal("%s line %d: missing time value.",
757 filename, linenum);
758 if ((value = convtime(arg)) == -1)
759 fatal("%s line %d: invalid time value.",
760 filename, linenum);
761 if (*intptr == -1)
762 *intptr = value;
763 break;
764
765 case sKeyRegenerationTime:
766 intptr = &options->key_regeneration_time;
767 goto parse_time;
768
769 case sListenAddress:
770 arg = strdelim(&cp);
771 if (arg == NULL || *arg == '\0')
772 fatal("%s line %d: missing address",
773 filename, linenum);
774 /* check for bare IPv6 address: no "[]" and 2 or more ":" */
775 if (strchr(arg, '[') == NULL && (p = strchr(arg, ':')) != NULL
776 && strchr(p+1, ':') != NULL) {
777 add_listen_addr(options, arg, 0);
778 break;
779 }
780 p = hpdelim(&arg);
781 if (p == NULL)
782 fatal("%s line %d: bad address:port usage",
783 filename, linenum);
784 p = cleanhostname(p);
785 if (arg == NULL)
786 port = 0;
787 else if ((port = a2port(arg)) <= 0)
788 fatal("%s line %d: bad port number", filename, linenum);
789
790 add_listen_addr(options, p, port);
791
792 break;
793
794 case sAddressFamily:
795 arg = strdelim(&cp);
796 if (!arg || *arg == '\0')
797 fatal("%s line %d: missing address family.",
798 filename, linenum);
799 intptr = &options->address_family;
800 if (options->listen_addrs != NULL)
801 fatal("%s line %d: address family must be specified before "
802 "ListenAddress.", filename, linenum);
803 if (strcasecmp(arg, "inet") == 0)
804 value = AF_INET;
805 else if (strcasecmp(arg, "inet6") == 0)
806 value = AF_INET6;
807 else if (strcasecmp(arg, "any") == 0)
808 value = AF_UNSPEC;
809 else
810 fatal("%s line %d: unsupported address family \"%s\".",
811 filename, linenum, arg);
812 if (*intptr == -1)
813 *intptr = value;
814 break;
815
816 case sHostKeyFile:
817 intptr = &options->num_host_key_files;
818 if (*intptr >= MAX_HOSTKEYS)
819 fatal("%s line %d: too many host keys specified (max %d).",
820 filename, linenum, MAX_HOSTKEYS);
821 charptr = &options->host_key_files[*intptr];
822 parse_filename:
823 arg = strdelim(&cp);
824 if (!arg || *arg == '\0')
825 fatal("%s line %d: missing file name.",
826 filename, linenum);
827 if (*activep && *charptr == NULL) {
828 *charptr = derelativise_path(arg);
829 /* increase optional counter */
830 if (intptr != NULL)
831 *intptr = *intptr + 1;
832 }
833 break;
834
835 case sHostCertificate:
836 intptr = &options->num_host_cert_files;
837 if (*intptr >= MAX_HOSTKEYS)
838 fatal("%s line %d: too many host certificates "
839 "specified (max %d).", filename, linenum,
840 MAX_HOSTCERTS);
841 charptr = &options->host_cert_files[*intptr];
842 goto parse_filename;
843 break;
844
845 case sPidFile:
846 charptr = &options->pid_file;
847 goto parse_filename;
848
849 case sPermitRootLogin:
850 intptr = &options->permit_root_login;
851 arg = strdelim(&cp);
852 if (!arg || *arg == '\0')
853 fatal("%s line %d: missing yes/"
854 "without-password/forced-commands-only/no "
855 "argument.", filename, linenum);
856 value = 0; /* silence compiler */
857 if (strcmp(arg, "without-password") == 0)
858 value = PERMIT_NO_PASSWD;
859 else if (strcmp(arg, "forced-commands-only") == 0)
860 value = PERMIT_FORCED_ONLY;
861 else if (strcmp(arg, "yes") == 0)
862 value = PERMIT_YES;
863 else if (strcmp(arg, "no") == 0)
864 value = PERMIT_NO;
865 else
866 fatal("%s line %d: Bad yes/"
867 "without-password/forced-commands-only/no "
868 "argument: %s", filename, linenum, arg);
869 if (*activep && *intptr == -1)
870 *intptr = value;
871 break;
872
873 case sIgnoreRhosts:
874 intptr = &options->ignore_rhosts;
875 parse_flag:
876 arg = strdelim(&cp);
877 if (!arg || *arg == '\0')
878 fatal("%s line %d: missing yes/no argument.",
879 filename, linenum);
880 value = 0; /* silence compiler */
881 if (strcmp(arg, "yes") == 0)
882 value = 1;
883 else if (strcmp(arg, "no") == 0)
884 value = 0;
885 else
886 fatal("%s line %d: Bad yes/no argument: %s",
887 filename, linenum, arg);
888 if (*activep && *intptr == -1)
889 *intptr = value;
890 break;
891
892 case sIgnoreUserKnownHosts:
893 intptr = &options->ignore_user_known_hosts;
894 goto parse_flag;
895
896 case sRhostsRSAAuthentication:
897 intptr = &options->rhosts_rsa_authentication;
898 goto parse_flag;
899
900 case sHostbasedAuthentication:
901 intptr = &options->hostbased_authentication;
902 goto parse_flag;
903
904 case sHostbasedUsesNameFromPacketOnly:
905 intptr = &options->hostbased_uses_name_from_packet_only;
906 goto parse_flag;
907
908 case sRSAAuthentication:
909 intptr = &options->rsa_authentication;
910 goto parse_flag;
911
912 case sPubkeyAuthentication:
913 intptr = &options->pubkey_authentication;
914 goto parse_flag;
915
916 case sKerberosAuthentication:
917 intptr = &options->kerberos_authentication;
918 goto parse_flag;
919
920 case sKerberosOrLocalPasswd:
921 intptr = &options->kerberos_or_local_passwd;
922 goto parse_flag;
923
924 case sKerberosTicketCleanup:
925 intptr = &options->kerberos_ticket_cleanup;
926 goto parse_flag;
927
928 case sKerberosGetAFSToken:
929 intptr = &options->kerberos_get_afs_token;
930 goto parse_flag;
931
932 case sGssAuthentication:
933 intptr = &options->gss_authentication;
934 goto parse_flag;
935
936 case sGssCleanupCreds:
937 intptr = &options->gss_cleanup_creds;
938 goto parse_flag;
939
940 case sPasswordAuthentication:
941 intptr = &options->password_authentication;
942 goto parse_flag;
943
944 case sZeroKnowledgePasswordAuthentication:
945 intptr = &options->zero_knowledge_password_authentication;
946 goto parse_flag;
947
948 case sKbdInteractiveAuthentication:
949 intptr = &options->kbd_interactive_authentication;
950 goto parse_flag;
951
952 case sChallengeResponseAuthentication:
953 intptr = &options->challenge_response_authentication;
954 goto parse_flag;
955
956 case sPrintMotd:
957 intptr = &options->print_motd;
958 goto parse_flag;
959
960 case sPrintLastLog:
961 intptr = &options->print_lastlog;
962 goto parse_flag;
963
964 case sX11Forwarding:
965 intptr = &options->x11_forwarding;
966 goto parse_flag;
967
968 case sX11DisplayOffset:
969 intptr = &options->x11_display_offset;
970 goto parse_int;
971
972 case sX11UseLocalhost:
973 intptr = &options->x11_use_localhost;
974 goto parse_flag;
975
976 case sXAuthLocation:
977 charptr = &options->xauth_location;
978 goto parse_filename;
979
980 case sStrictModes:
981 intptr = &options->strict_modes;
982 goto parse_flag;
983
984 case sTCPKeepAlive:
985 intptr = &options->tcp_keep_alive;
986 goto parse_flag;
987
988 case sEmptyPasswd:
989 intptr = &options->permit_empty_passwd;
990 goto parse_flag;
991
992 case sPermitUserEnvironment:
993 intptr = &options->permit_user_env;
994 goto parse_flag;
995
996 case sUseLogin:
997 intptr = &options->use_login;
998 goto parse_flag;
999
1000 case sCompression:
1001 intptr = &options->compression;
1002 arg = strdelim(&cp);
1003 if (!arg || *arg == '\0')
1004 fatal("%s line %d: missing yes/no/delayed "
1005 "argument.", filename, linenum);
1006 value = 0; /* silence compiler */
1007 if (strcmp(arg, "delayed") == 0)
1008 value = COMP_DELAYED;
1009 else if (strcmp(arg, "yes") == 0)
1010 value = COMP_ZLIB;
1011 else if (strcmp(arg, "no") == 0)
1012 value = COMP_NONE;
1013 else
1014 fatal("%s line %d: Bad yes/no/delayed "
1015 "argument: %s", filename, linenum, arg);
1016 if (*intptr == -1)
1017 *intptr = value;
1018 break;
1019
1020 case sGatewayPorts:
1021 intptr = &options->gateway_ports;
1022 arg = strdelim(&cp);
1023 if (!arg || *arg == '\0')
1024 fatal("%s line %d: missing yes/no/clientspecified "
1025 "argument.", filename, linenum);
1026 value = 0; /* silence compiler */
1027 if (strcmp(arg, "clientspecified") == 0)
1028 value = 2;
1029 else if (strcmp(arg, "yes") == 0)
1030 value = 1;
1031 else if (strcmp(arg, "no") == 0)
1032 value = 0;
1033 else
1034 fatal("%s line %d: Bad yes/no/clientspecified "
1035 "argument: %s", filename, linenum, arg);
1036 if (*activep && *intptr == -1)
1037 *intptr = value;
1038 break;
1039
1040 case sUseDNS:
1041 intptr = &options->use_dns;
1042 goto parse_flag;
1043
1044 case sLogFacility:
1045 log_facility_ptr = &options->log_facility;
1046 arg = strdelim(&cp);
1047 value = log_facility_number(arg);
1048 if (value == SYSLOG_FACILITY_NOT_SET)
1049 fatal("%.200s line %d: unsupported log facility '%s'",
1050 filename, linenum, arg ? arg : "<NONE>");
1051 if (*log_facility_ptr == -1)
1052 *log_facility_ptr = (SyslogFacility) value;
1053 break;
1054
1055 case sLogLevel:
1056 log_level_ptr = &options->log_level;
1057 arg = strdelim(&cp);
1058 value = log_level_number(arg);
1059 if (value == SYSLOG_LEVEL_NOT_SET)
1060 fatal("%.200s line %d: unsupported log level '%s'",
1061 filename, linenum, arg ? arg : "<NONE>");
1062 if (*log_level_ptr == -1)
1063 *log_level_ptr = (LogLevel) value;
1064 break;
1065
1066 case sAllowTcpForwarding:
1067 intptr = &options->allow_tcp_forwarding;
1068 goto parse_flag;
1069
1070 case sAllowAgentForwarding:
1071 intptr = &options->allow_agent_forwarding;
1072 goto parse_flag;
1073
1074 case sUsePrivilegeSeparation:
1075 intptr = &use_privsep;
1076 goto parse_flag;
1077
1078 case sAllowUsers:
1079 while ((arg = strdelim(&cp)) && *arg != '\0') {
1080 if (options->num_allow_users >= MAX_ALLOW_USERS)
1081 fatal("%s line %d: too many allow users.",
1082 filename, linenum);
1083 options->allow_users[options->num_allow_users++] =
1084 xstrdup(arg);
1085 }
1086 break;
1087
1088 case sDenyUsers:
1089 while ((arg = strdelim(&cp)) && *arg != '\0') {
1090 if (options->num_deny_users >= MAX_DENY_USERS)
1091 fatal("%s line %d: too many deny users.",
1092 filename, linenum);
1093 options->deny_users[options->num_deny_users++] =
1094 xstrdup(arg);
1095 }
1096 break;
1097
1098 case sAllowGroups:
1099 while ((arg = strdelim(&cp)) && *arg != '\0') {
1100 if (options->num_allow_groups >= MAX_ALLOW_GROUPS)
1101 fatal("%s line %d: too many allow groups.",
1102 filename, linenum);
1103 options->allow_groups[options->num_allow_groups++] =
1104 xstrdup(arg);
1105 }
1106 break;
1107
1108 case sDenyGroups:
1109 while ((arg = strdelim(&cp)) && *arg != '\0') {
1110 if (options->num_deny_groups >= MAX_DENY_GROUPS)
1111 fatal("%s line %d: too many deny groups.",
1112 filename, linenum);
1113 options->deny_groups[options->num_deny_groups++] = xstrdup(arg);
1114 }
1115 break;
1116
1117 case sCiphers:
1118 arg = strdelim(&cp);
1119 if (!arg || *arg == '\0')
1120 fatal("%s line %d: Missing argument.", filename, linenum);
1121 if (!ciphers_valid(arg))
1122 fatal("%s line %d: Bad SSH2 cipher spec '%s'.",
1123 filename, linenum, arg ? arg : "<NONE>");
1124 if (options->ciphers == NULL)
1125 options->ciphers = xstrdup(arg);
1126 break;
1127
1128 case sMacs:
1129 arg = strdelim(&cp);
1130 if (!arg || *arg == '\0')
1131 fatal("%s line %d: Missing argument.", filename, linenum);
1132 if (!mac_valid(arg))
1133 fatal("%s line %d: Bad SSH2 mac spec '%s'.",
1134 filename, linenum, arg ? arg : "<NONE>");
1135 if (options->macs == NULL)
1136 options->macs = xstrdup(arg);
1137 break;
1138
1139 case sKexAlgorithms:
1140 arg = strdelim(&cp);
1141 if (!arg || *arg == '\0')
1142 fatal("%s line %d: Missing argument.",
1143 filename, linenum);
1144 if (!kex_names_valid(arg))
1145 fatal("%s line %d: Bad SSH2 KexAlgorithms '%s'.",
1146 filename, linenum, arg ? arg : "<NONE>");
1147 if (options->kex_algorithms == NULL)
1148 options->kex_algorithms = xstrdup(arg);
1149 break;
1150
1151 case sProtocol:
1152 intptr = &options->protocol;
1153 arg = strdelim(&cp);
1154 if (!arg || *arg == '\0')
1155 fatal("%s line %d: Missing argument.", filename, linenum);
1156 value = proto_spec(arg);
1157 if (value == SSH_PROTO_UNKNOWN)
1158 fatal("%s line %d: Bad protocol spec '%s'.",
1159 filename, linenum, arg ? arg : "<NONE>");
1160 if (*intptr == SSH_PROTO_UNKNOWN)
1161 *intptr = value;
1162 break;
1163
1164 case sSubsystem:
1165 if (options->num_subsystems >= MAX_SUBSYSTEMS) {
1166 fatal("%s line %d: too many subsystems defined.",
1167 filename, linenum);
1168 }
1169 arg = strdelim(&cp);
1170 if (!arg || *arg == '\0')
1171 fatal("%s line %d: Missing subsystem name.",
1172 filename, linenum);
1173 if (!*activep) {
1174 arg = strdelim(&cp);
1175 break;
1176 }
1177 for (i = 0; i < options->num_subsystems; i++)
1178 if (strcmp(arg, options->subsystem_name[i]) == 0)
1179 fatal("%s line %d: Subsystem '%s' already defined.",
1180 filename, linenum, arg);
1181 options->subsystem_name[options->num_subsystems] = xstrdup(arg);
1182 arg = strdelim(&cp);
1183 if (!arg || *arg == '\0')
1184 fatal("%s line %d: Missing subsystem command.",
1185 filename, linenum);
1186 options->subsystem_command[options->num_subsystems] = xstrdup(arg);
1187
1188 /* Collect arguments (separate to executable) */
1189 p = xstrdup(arg);
1190 len = strlen(p) + 1;
1191 while ((arg = strdelim(&cp)) != NULL && *arg != '\0') {
1192 len += 1 + strlen(arg);
1193 p = xrealloc(p, 1, len);
1194 strlcat(p, " ", len);
1195 strlcat(p, arg, len);
1196 }
1197 options->subsystem_args[options->num_subsystems] = p;
1198 options->num_subsystems++;
1199 break;
1200
1201 case sMaxStartups:
1202 arg = strdelim(&cp);
1203 if (!arg || *arg == '\0')
1204 fatal("%s line %d: Missing MaxStartups spec.",
1205 filename, linenum);
1206 if ((n = sscanf(arg, "%d:%d:%d",
1207 &options->max_startups_begin,
1208 &options->max_startups_rate,
1209 &options->max_startups)) == 3) {
1210 if (options->max_startups_begin >
1211 options->max_startups ||
1212 options->max_startups_rate > 100 ||
1213 options->max_startups_rate < 1)
1214 fatal("%s line %d: Illegal MaxStartups spec.",
1215 filename, linenum);
1216 } else if (n != 1)
1217 fatal("%s line %d: Illegal MaxStartups spec.",
1218 filename, linenum);
1219 else
1220 options->max_startups = options->max_startups_begin;
1221 break;
1222
1223 case sMaxAuthTries:
1224 intptr = &options->max_authtries;
1225 goto parse_int;
1226
1227 case sMaxSessions:
1228 intptr = &options->max_sessions;
1229 goto parse_int;
1230
1231 case sBanner:
1232 charptr = &options->banner;
1233 goto parse_filename;
1234
1235 /*
1236 * These options can contain %X options expanded at
1237 * connect time, so that you can specify paths like:
1238 *
1239 * AuthorizedKeysFile /etc/ssh_keys/%u
1240 */
1241 case sAuthorizedKeysFile:
1242 charptr = &options->authorized_keys_file;
1243 goto parse_tilde_filename;
1244 case sAuthorizedKeysFile2:
1245 charptr = &options->authorized_keys_file2;
1246 goto parse_tilde_filename;
1247 case sAuthorizedPrincipalsFile:
1248 charptr = &options->authorized_principals_file;
1249 parse_tilde_filename:
1250 arg = strdelim(&cp);
1251 if (!arg || *arg == '\0')
1252 fatal("%s line %d: missing file name.",
1253 filename, linenum);
1254 if (*activep && *charptr == NULL) {
1255 *charptr = tilde_expand_filename(arg, getuid());
1256 /* increase optional counter */
1257 if (intptr != NULL)
1258 *intptr = *intptr + 1;
1259 }
1260 break;
1261
1262 case sClientAliveInterval:
1263 intptr = &options->client_alive_interval;
1264 goto parse_time;
1265
1266 case sClientAliveCountMax:
1267 intptr = &options->client_alive_count_max;
1268 goto parse_int;
1269
1270 case sAcceptEnv:
1271 while ((arg = strdelim(&cp)) && *arg != '\0') {
1272 if (strchr(arg, '=') != NULL)
1273 fatal("%s line %d: Invalid environment name.",
1274 filename, linenum);
1275 if (options->num_accept_env >= MAX_ACCEPT_ENV)
1276 fatal("%s line %d: too many allow env.",
1277 filename, linenum);
1278 if (!*activep)
1279 break;
1280 options->accept_env[options->num_accept_env++] =
1281 xstrdup(arg);
1282 }
1283 break;
1284
1285 case sPermitTunnel:
1286 intptr = &options->permit_tun;
1287 arg = strdelim(&cp);
1288 if (!arg || *arg == '\0')
1289 fatal("%s line %d: Missing yes/point-to-point/"
1290 "ethernet/no argument.", filename, linenum);
1291 value = -1;
1292 for (i = 0; tunmode_desc[i].val != -1; i++)
1293 if (strcmp(tunmode_desc[i].text, arg) == 0) {
1294 value = tunmode_desc[i].val;
1295 break;
1296 }
1297 if (value == -1)
1298 fatal("%s line %d: Bad yes/point-to-point/ethernet/"
1299 "no argument: %s", filename, linenum, arg);
1300 if (*intptr == -1)
1301 *intptr = value;
1302 break;
1303
1304 case sMatch:
1305 if (cmdline)
1306 fatal("Match directive not supported as a command-line "
1307 "option");
1308 value = match_cfg_line(&cp, linenum, user, host, address);
1309 if (value < 0)
1310 fatal("%s line %d: Bad Match condition", filename,
1311 linenum);
1312 *activep = value;
1313 break;
1314
1315 case sPermitOpen:
1316 arg = strdelim(&cp);
1317 if (!arg || *arg == '\0')
1318 fatal("%s line %d: missing PermitOpen specification",
1319 filename, linenum);
1320 n = options->num_permitted_opens; /* modified later */
1321 if (strcmp(arg, "any") == 0) {
1322 if (*activep && n == -1) {
1323 channel_clear_adm_permitted_opens();
1324 options->num_permitted_opens = 0;
1325 }
1326 break;
1327 }
1328 if (*activep && n == -1)
1329 channel_clear_adm_permitted_opens();
1330 for (; arg != NULL && *arg != '\0'; arg = strdelim(&cp)) {
1331 p = hpdelim(&arg);
1332 if (p == NULL)
1333 fatal("%s line %d: missing host in PermitOpen",
1334 filename, linenum);
1335 p = cleanhostname(p);
1336 if (arg == NULL || (port = a2port(arg)) <= 0)
1337 fatal("%s line %d: bad port number in "
1338 "PermitOpen", filename, linenum);
1339 if (*activep && n == -1)
1340 options->num_permitted_opens =
1341 channel_add_adm_permitted_opens(p, port);
1342 }
1343 break;
1344
1345 case sForceCommand:
1346 if (cp == NULL)
1347 fatal("%.200s line %d: Missing argument.", filename,
1348 linenum);
1349 len = strspn(cp, WHITESPACE);
1350 if (*activep && options->adm_forced_command == NULL)
1351 options->adm_forced_command = xstrdup(cp + len);
1352 return 0;
1353
1354 case sChrootDirectory:
1355 charptr = &options->chroot_directory;
1356
1357 arg = strdelim(&cp);
1358 if (!arg || *arg == '\0')
1359 fatal("%s line %d: missing file name.",
1360 filename, linenum);
1361 if (*activep && *charptr == NULL)
1362 *charptr = xstrdup(arg);
1363 break;
1364
1365 case sTrustedUserCAKeys:
1366 charptr = &options->trusted_user_ca_keys;
1367 goto parse_filename;
1368
1369 case sRevokedKeys:
1370 charptr = &options->revoked_keys_file;
1371 goto parse_filename;
1372
1373 case sDeprecated:
1374 logit("%s line %d: Deprecated option %s",
1375 filename, linenum, arg);
1376 while (arg)
1377 arg = strdelim(&cp);
1378 break;
1379
1380 case sUnsupported:
1381 logit("%s line %d: Unsupported option %s",
1382 filename, linenum, arg);
1383 while (arg)
1384 arg = strdelim(&cp);
1385 break;
1386
1387 default:
1388 fatal("%s line %d: Missing handler for opcode %s (%d)",
1389 filename, linenum, arg, opcode);
1390 }
1391 if ((arg = strdelim(&cp)) != NULL && *arg != '\0')
1392 fatal("%s line %d: garbage at end of line; \"%.200s\".",
1393 filename, linenum, arg);
1394 return 0;
1395 }
1396
1397 /* Reads the server configuration file. */
1398
1399 void
1400 load_server_config(const char *filename, Buffer *conf)
1401 {
1402 char line[1024], *cp;
1403 FILE *f;
1404
1405 debug2("%s: filename %s", __func__, filename);
1406 if ((f = fopen(filename, "r")) == NULL) {
1407 perror(filename);
1408 exit(1);
1409 }
1410 buffer_clear(conf);
1411 while (fgets(line, sizeof(line), f)) {
1412 /*
1413 * Trim out comments and strip whitespace
1414 * NB - preserve newlines, they are needed to reproduce
1415 * line numbers later for error messages
1416 */
1417 if ((cp = strchr(line, '#')) != NULL)
1418 memcpy(cp, "\n", 2);
1419 cp = line + strspn(line, " \t\r");
1420
1421 buffer_append(conf, cp, strlen(cp));
1422 }
1423 buffer_append(conf, "\0", 1);
1424 fclose(f);
1425 debug2("%s: done config len = %d", __func__, buffer_len(conf));
1426 }
1427
1428 void
1429 parse_server_match_config(ServerOptions *options, const char *user,
1430 const char *host, const char *address)
1431 {
1432 ServerOptions mo;
1433
1434 initialize_server_options(&mo);
1435 parse_server_config(&mo, "reprocess config", &cfg, user, host, address);
1436 copy_set_server_options(options, &mo, 0);
1437 }
1438
1439 /* Helper macros */
1440 #define M_CP_INTOPT(n) do {\
1441 if (src->n != -1) \
1442 dst->n = src->n; \
1443 } while (0)
1444 #define M_CP_STROPT(n) do {\
1445 if (src->n != NULL) { \
1446 if (dst->n != NULL) \
1447 xfree(dst->n); \
1448 dst->n = src->n; \
1449 } \
1450 } while(0)
1451
1452 /*
1453 * Copy any supported values that are set.
1454 *
1455 * If the preauth flag is set, we do not bother copying the string or
1456 * array values that are not used pre-authentication, because any that we
1457 * do use must be explictly sent in mm_getpwnamallow().
1458 */
1459 void
1460 copy_set_server_options(ServerOptions *dst, ServerOptions *src, int preauth)
1461 {
1462 M_CP_INTOPT(password_authentication);
1463 M_CP_INTOPT(gss_authentication);
1464 M_CP_INTOPT(rsa_authentication);
1465 M_CP_INTOPT(pubkey_authentication);
1466 M_CP_INTOPT(kerberos_authentication);
1467 M_CP_INTOPT(hostbased_authentication);
1468 M_CP_INTOPT(hostbased_uses_name_from_packet_only);
1469 M_CP_INTOPT(kbd_interactive_authentication);
1470 M_CP_INTOPT(zero_knowledge_password_authentication);
1471 M_CP_INTOPT(permit_root_login);
1472 M_CP_INTOPT(permit_empty_passwd);
1473
1474 M_CP_INTOPT(allow_tcp_forwarding);
1475 M_CP_INTOPT(allow_agent_forwarding);
1476 M_CP_INTOPT(permit_tun);
1477 M_CP_INTOPT(gateway_ports);
1478 M_CP_INTOPT(x11_display_offset);
1479 M_CP_INTOPT(x11_forwarding);
1480 M_CP_INTOPT(x11_use_localhost);
1481 M_CP_INTOPT(max_sessions);
1482 M_CP_INTOPT(max_authtries);
1483
1484 M_CP_STROPT(banner);
1485 if (preauth)
1486 return;
1487 M_CP_STROPT(adm_forced_command);
1488 M_CP_STROPT(chroot_directory);
1489 M_CP_STROPT(trusted_user_ca_keys);
1490 M_CP_STROPT(revoked_keys_file);
1491 M_CP_STROPT(authorized_keys_file);
1492 M_CP_STROPT(authorized_keys_file2);
1493 M_CP_STROPT(authorized_principals_file);
1494 }
1495
1496 #undef M_CP_INTOPT
1497 #undef M_CP_STROPT
1498
1499 void
1500 parse_server_config(ServerOptions *options, const char *filename, Buffer *conf,
1501 const char *user, const char *host, const char *address)
1502 {
1503 int active, linenum, bad_options = 0;
1504 char *cp, *obuf, *cbuf;
1505
1506 debug2("%s: config %s len %d", __func__, filename, buffer_len(conf));
1507
1508 obuf = cbuf = xstrdup(buffer_ptr(conf));
1509 active = user ? 0 : 1;
1510 linenum = 1;
1511 while ((cp = strsep(&cbuf, "\n")) != NULL) {
1512 if (process_server_config_line(options, cp, filename,
1513 linenum++, &active, user, host, address) != 0)
1514 bad_options++;
1515 }
1516 xfree(obuf);
1517 if (bad_options > 0)
1518 fatal("%s: terminating, %d bad configuration options",
1519 filename, bad_options);
1520 }
1521
1522 static const char *
1523 fmt_intarg(ServerOpCodes code, int val)
1524 {
1525 if (code == sAddressFamily) {
1526 switch (val) {
1527 case AF_INET:
1528 return "inet";
1529 case AF_INET6:
1530 return "inet6";
1531 case AF_UNSPEC:
1532 return "any";
1533 default:
1534 return "UNKNOWN";
1535 }
1536 }
1537 if (code == sPermitRootLogin) {
1538 switch (val) {
1539 case PERMIT_NO_PASSWD:
1540 return "without-password";
1541 case PERMIT_FORCED_ONLY:
1542 return "forced-commands-only";
1543 case PERMIT_YES:
1544 return "yes";
1545 }
1546 }
1547 if (code == sProtocol) {
1548 switch (val) {
1549 case SSH_PROTO_1:
1550 return "1";
1551 case SSH_PROTO_2:
1552 return "2";
1553 case (SSH_PROTO_1|SSH_PROTO_2):
1554 return "2,1";
1555 default:
1556 return "UNKNOWN";
1557 }
1558 }
1559 if (code == sGatewayPorts && val == 2)
1560 return "clientspecified";
1561 if (code == sCompression && val == COMP_DELAYED)
1562 return "delayed";
1563 switch (val) {
1564 case -1:
1565 return "unset";
1566 case 0:
1567 return "no";
1568 case 1:
1569 return "yes";
1570 }
1571 return "UNKNOWN";
1572 }
1573
1574 static const char *
1575 lookup_opcode_name(ServerOpCodes code)
1576 {
1577 u_int i;
1578
1579 for (i = 0; keywords[i].name != NULL; i++)
1580 if (keywords[i].opcode == code)
1581 return(keywords[i].name);
1582 return "UNKNOWN";
1583 }
1584
1585 static void
1586 dump_cfg_int(ServerOpCodes code, int val)
1587 {
1588 printf("%s %d\n", lookup_opcode_name(code), val);
1589 }
1590
1591 static void
1592 dump_cfg_fmtint(ServerOpCodes code, int val)
1593 {
1594 printf("%s %s\n", lookup_opcode_name(code), fmt_intarg(code, val));
1595 }
1596
1597 static void
1598 dump_cfg_string(ServerOpCodes code, const char *val)
1599 {
1600 if (val == NULL)
1601 return;
1602 printf("%s %s\n", lookup_opcode_name(code), val);
1603 }
1604
1605 static void
1606 dump_cfg_strarray(ServerOpCodes code, u_int count, char **vals)
1607 {
1608 u_int i;
1609
1610 for (i = 0; i < count; i++)
1611 printf("%s %s\n", lookup_opcode_name(code), vals[i]);
1612 }
1613
1614 void
1615 dump_config(ServerOptions *o)
1616 {
1617 u_int i;
1618 int ret;
1619 struct addrinfo *ai;
1620 char addr[NI_MAXHOST], port[NI_MAXSERV], *s = NULL;
1621
1622 /* these are usually at the top of the config */
1623 for (i = 0; i < o->num_ports; i++)
1624 printf("port %d\n", o->ports[i]);
1625 dump_cfg_fmtint(sProtocol, o->protocol);
1626 dump_cfg_fmtint(sAddressFamily, o->address_family);
1627
1628 /* ListenAddress must be after Port */
1629 for (ai = o->listen_addrs; ai; ai = ai->ai_next) {
1630 if ((ret = getnameinfo(ai->ai_addr, ai->ai_addrlen, addr,
1631 sizeof(addr), port, sizeof(port),
1632 NI_NUMERICHOST|NI_NUMERICSERV)) != 0) {
1633 error("getnameinfo failed: %.100s",
1634 (ret != EAI_SYSTEM) ? gai_strerror(ret) :
1635 strerror(errno));
1636 } else {
1637 if (ai->ai_family == AF_INET6)
1638 printf("listenaddress [%s]:%s\n", addr, port);
1639 else
1640 printf("listenaddress %s:%s\n", addr, port);
1641 }
1642 }
1643
1644 /* integer arguments */
1645 #ifdef USE_PAM
1646 dump_cfg_int(sUsePAM, o->use_pam);
1647 #endif
1648 dump_cfg_int(sServerKeyBits, o->server_key_bits);
1649 dump_cfg_int(sLoginGraceTime, o->login_grace_time);
1650 dump_cfg_int(sKeyRegenerationTime, o->key_regeneration_time);
1651 dump_cfg_int(sX11DisplayOffset, o->x11_display_offset);
1652 dump_cfg_int(sMaxAuthTries, o->max_authtries);
1653 dump_cfg_int(sMaxSessions, o->max_sessions);
1654 dump_cfg_int(sClientAliveInterval, o->client_alive_interval);
1655 dump_cfg_int(sClientAliveCountMax, o->client_alive_count_max);
1656
1657 /* formatted integer arguments */
1658 dump_cfg_fmtint(sPermitRootLogin, o->permit_root_login);
1659 dump_cfg_fmtint(sIgnoreRhosts, o->ignore_rhosts);
1660 dump_cfg_fmtint(sIgnoreUserKnownHosts, o->ignore_user_known_hosts);
1661 dump_cfg_fmtint(sRhostsRSAAuthentication, o->rhosts_rsa_authentication);
1662 dump_cfg_fmtint(sHostbasedAuthentication, o->hostbased_authentication);
1663 dump_cfg_fmtint(sHostbasedUsesNameFromPacketOnly,
1664 o->hostbased_uses_name_from_packet_only);
1665 dump_cfg_fmtint(sRSAAuthentication, o->rsa_authentication);
1666 dump_cfg_fmtint(sPubkeyAuthentication, o->pubkey_authentication);
1667 #ifdef KRB5
1668 dump_cfg_fmtint(sKerberosAuthentication, o->kerberos_authentication);
1669 dump_cfg_fmtint(sKerberosOrLocalPasswd, o->kerberos_or_local_passwd);
1670 dump_cfg_fmtint(sKerberosTicketCleanup, o->kerberos_ticket_cleanup);
1671 # ifdef USE_AFS
1672 dump_cfg_fmtint(sKerberosGetAFSToken, o->kerberos_get_afs_token);
1673 # endif
1674 #endif
1675 #ifdef GSSAPI
1676 dump_cfg_fmtint(sGssAuthentication, o->gss_authentication);
1677 dump_cfg_fmtint(sGssCleanupCreds, o->gss_cleanup_creds);
1678 #endif
1679 #ifdef JPAKE
1680 dump_cfg_fmtint(sZeroKnowledgePasswordAuthentication,
1681 o->zero_knowledge_password_authentication);
1682 #endif
1683 dump_cfg_fmtint(sPasswordAuthentication, o->password_authentication);
1684 dump_cfg_fmtint(sKbdInteractiveAuthentication,
1685 o->kbd_interactive_authentication);
1686 dump_cfg_fmtint(sChallengeResponseAuthentication,
1687 o->challenge_response_authentication);
1688 dump_cfg_fmtint(sPrintMotd, o->print_motd);
1689 dump_cfg_fmtint(sPrintLastLog, o->print_lastlog);
1690 dump_cfg_fmtint(sX11Forwarding, o->x11_forwarding);
1691 dump_cfg_fmtint(sX11UseLocalhost, o->x11_use_localhost);
1692 dump_cfg_fmtint(sStrictModes, o->strict_modes);
1693 dump_cfg_fmtint(sTCPKeepAlive, o->tcp_keep_alive);
1694 dump_cfg_fmtint(sEmptyPasswd, o->permit_empty_passwd);
1695 dump_cfg_fmtint(sPermitUserEnvironment, o->permit_user_env);
1696 dump_cfg_fmtint(sUseLogin, o->use_login);
1697 dump_cfg_fmtint(sCompression, o->compression);
1698 dump_cfg_fmtint(sGatewayPorts, o->gateway_ports);
1699 dump_cfg_fmtint(sUseDNS, o->use_dns);
1700 dump_cfg_fmtint(sAllowTcpForwarding, o->allow_tcp_forwarding);
1701 dump_cfg_fmtint(sUsePrivilegeSeparation, use_privsep);
1702
1703 /* string arguments */
1704 dump_cfg_string(sPidFile, o->pid_file);
1705 dump_cfg_string(sXAuthLocation, o->xauth_location);
1706 dump_cfg_string(sCiphers, o->ciphers);
1707 dump_cfg_string(sMacs, o->macs);
1708 dump_cfg_string(sBanner, o->banner);
1709 dump_cfg_string(sAuthorizedKeysFile, o->authorized_keys_file);
1710 dump_cfg_string(sAuthorizedKeysFile2, o->authorized_keys_file2);
1711 dump_cfg_string(sForceCommand, o->adm_forced_command);
1712 dump_cfg_string(sChrootDirectory, o->chroot_directory);
1713 dump_cfg_string(sTrustedUserCAKeys, o->trusted_user_ca_keys);
1714 dump_cfg_string(sRevokedKeys, o->revoked_keys_file);
1715 dump_cfg_string(sAuthorizedPrincipalsFile,
1716 o->authorized_principals_file);
1717
1718 /* string arguments requiring a lookup */
1719 dump_cfg_string(sLogLevel, log_level_name(o->log_level));
1720 dump_cfg_string(sLogFacility, log_facility_name(o->log_facility));
1721
1722 /* string array arguments */
1723 dump_cfg_strarray(sHostKeyFile, o->num_host_key_files,
1724 o->host_key_files);
1725 dump_cfg_strarray(sHostKeyFile, o->num_host_cert_files,
1726 o->host_cert_files);
1727 dump_cfg_strarray(sAllowUsers, o->num_allow_users, o->allow_users);
1728 dump_cfg_strarray(sDenyUsers, o->num_deny_users, o->deny_users);
1729 dump_cfg_strarray(sAllowGroups, o->num_allow_groups, o->allow_groups);
1730 dump_cfg_strarray(sDenyGroups, o->num_deny_groups, o->deny_groups);
1731 dump_cfg_strarray(sAcceptEnv, o->num_accept_env, o->accept_env);
1732
1733 /* other arguments */
1734 for (i = 0; i < o->num_subsystems; i++)
1735 printf("subsystem %s %s\n", o->subsystem_name[i],
1736 o->subsystem_args[i]);
1737
1738 printf("maxstartups %d:%d:%d\n", o->max_startups_begin,
1739 o->max_startups_rate, o->max_startups);
1740
1741 for (i = 0; tunmode_desc[i].val != -1; i++)
1742 if (tunmode_desc[i].val == o->permit_tun) {
1743 s = tunmode_desc[i].text;
1744 break;
1745 }
1746 dump_cfg_string(sPermitTunnel, s);
1747
1748 channel_print_adm_permitted_opens();
1749 }
A clone of openssh git repository