1 /* $NetBSD: servconf.c,v 1.12 2013/03/29 16:19:45 christos Exp $ */ 2 /* $OpenBSD: servconf.c,v 1.234 2013/02/06 00:20:42 dtucker Exp $ */ 3 /* 4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland 5 * All rights reserved 6 * 7 * As far as I am concerned, the code I have written for this software 8 * can be used freely for any purpose. Any derived versions of this 9 * software must be clearly marked as such, and if the derived work is 10 * incompatible with the protocol description in the RFC file, it must be 11 * called by a name other than "ssh" or "Secure Shell". 12 */ 13 14 #include "includes.h" 15 __RCSID("$NetBSD: servconf.c,v 1.12 2013/03/29 16:19:45 christos Exp $"); 16 #include <sys/types.h> 17 #include <sys/socket.h> 18 #include <sys/queue.h> 19 #include <sys/param.h> 20 21 #include <netinet/in.h> 22 #include <netinet/in_systm.h> 23 #include <netinet/ip.h> 24 25 #include <netdb.h> 26 #include <pwd.h> 27 #include <stdio.h> 28 #include <stdlib.h> 29 #include <string.h> 30 #include <signal.h> 31 #include <unistd.h> 32 #include <stdarg.h> 33 #include <errno.h> 34 #include <time.h> 35 36 #ifdef KRB4 37 #include <krb.h> 38 #ifdef AFS 39 #include <kafs.h> 40 #endif /* AFS */ 41 #endif /* KRB4 */ 42 43 #include "xmalloc.h" 44 #include "ssh.h" 45 #include "log.h" 46 #include "buffer.h" 47 #include "servconf.h" 48 #include "compat.h" 49 #include "pathnames.h" 50 #include "misc.h" 51 #include "cipher.h" 52 #include "key.h" 53 #include "kex.h" 54 #include "mac.h" 55 #include "match.h" 56 #include "channels.h" 57 #include "groupaccess.h" 58 #include "canohost.h" 59 #include "packet.h" 60 #include "hostfile.h" 61 #include "auth.h" 62 63 #ifdef WITH_LDAP_PUBKEY 64 #include "ldapauth.h" 65 #endif 66 67 static void add_listen_addr(ServerOptions *, char *, int); 68 static void add_one_listen_addr(ServerOptions *, char *, int); 69 70 /* Use of privilege separation or not */ 71 extern int use_privsep; 72 extern Buffer cfg; 73 74 /* Initializes the server options to their default values. */ 75 76 void 77 initialize_server_options(ServerOptions *options) 78 { 79 memset(options, 0, sizeof(*options)); 80 81 /* Portable-specific options */ 82 options->use_pam = -1; 83 84 /* Standard Options */ 85 options->num_ports = 0; 86 options->ports_from_cmdline = 0; 87 options->listen_addrs = NULL; 88 options->address_family = -1; 89 options->num_host_key_files = 0; 90 options->num_host_cert_files = 0; 91 options->pid_file = NULL; 92 options->server_key_bits = -1; 93 options->login_grace_time = -1; 94 options->key_regeneration_time = -1; 95 options->permit_root_login = PERMIT_NOT_SET; 96 options->ignore_rhosts = -1; 97 options->ignore_root_rhosts = -1; 98 options->ignore_user_known_hosts = -1; 99 options->print_motd = -1; 100 options->print_lastlog = -1; 101 options->x11_forwarding = -1; 102 options->x11_display_offset = -1; 103 options->x11_use_localhost = -1; 104 options->xauth_location = NULL; 105 options->strict_modes = -1; 106 options->tcp_keep_alive = -1; 107 options->log_facility = SYSLOG_FACILITY_NOT_SET; 108 options->log_level = SYSLOG_LEVEL_NOT_SET; 109 options->rhosts_rsa_authentication = -1; 110 options->hostbased_authentication = -1; 111 options->hostbased_uses_name_from_packet_only = -1; 112 options->rsa_authentication = -1; 113 options->pubkey_authentication = -1; 114 options->kerberos_authentication = -1; 115 options->kerberos_or_local_passwd = -1; 116 options->kerberos_ticket_cleanup = -1; 117 #if defined(AFS) || defined(KRB5) 118 options->kerberos_tgt_passing = -1; 119 #endif 120 #ifdef AFS 121 options->afs_token_passing = -1; 122 #endif 123 options->kerberos_get_afs_token = -1; 124 options->gss_authentication=-1; 125 options->gss_cleanup_creds = -1; 126 options->password_authentication = -1; 127 options->kbd_interactive_authentication = -1; 128 options->challenge_response_authentication = -1; 129 options->permit_empty_passwd = -1; 130 options->permit_user_env = -1; 131 options->use_login = -1; 132 options->compression = -1; 133 options->allow_tcp_forwarding = -1; 134 options->allow_agent_forwarding = -1; 135 options->num_allow_users = 0; 136 options->num_deny_users = 0; 137 options->num_allow_groups = 0; 138 options->num_deny_groups = 0; 139 options->ciphers = NULL; 140 #ifdef WITH_LDAP_PUBKEY 141 /* XXX dirty */ 142 options->lpk.ld = NULL; 143 options->lpk.on = -1; 144 options->lpk.servers = NULL; 145 options->lpk.u_basedn = NULL; 146 options->lpk.g_basedn = NULL; 147 options->lpk.binddn = NULL; 148 options->lpk.bindpw = NULL; 149 options->lpk.sgroup = NULL; 150 options->lpk.filter = NULL; 151 options->lpk.fgroup = NULL; 152 options->lpk.l_conf = NULL; 153 options->lpk.tls = -1; 154 options->lpk.b_timeout.tv_sec = -1; 155 options->lpk.s_timeout.tv_sec = -1; 156 options->lpk.flags = FLAG_EMPTY; 157 options->lpk.pub_key_attr = NULL; 158 #endif 159 options->macs = NULL; 160 options->kex_algorithms = NULL; 161 options->protocol = SSH_PROTO_UNKNOWN; 162 options->gateway_ports = -1; 163 options->num_subsystems = 0; 164 options->max_startups_begin = -1; 165 options->max_startups_rate = -1; 166 options->max_startups = -1; 167 options->max_authtries = -1; 168 options->max_sessions = -1; 169 options->banner = NULL; 170 options->use_dns = -1; 171 options->client_alive_interval = -1; 172 options->client_alive_count_max = -1; 173 options->num_authkeys_files = 0; 174 options->num_accept_env = 0; 175 options->permit_tun = -1; 176 options->num_permitted_opens = -1; 177 options->adm_forced_command = NULL; 178 options->chroot_directory = NULL; 179 options->authorized_keys_command = NULL; 180 options->authorized_keys_command_user = NULL; 181 options->zero_knowledge_password_authentication = -1; 182 options->ip_qos_interactive = -1; 183 options->ip_qos_bulk = -1; 184 options->revoked_keys_file = NULL; 185 options->trusted_user_ca_keys = NULL; 186 options->authorized_principals_file = NULL; 187 options->ip_qos_interactive = -1; 188 options->ip_qos_bulk = -1; 189 options->version_addendum = NULL; 190 options->none_enabled = -1; 191 options->tcp_rcv_buf_poll = -1; 192 options->hpn_disabled = -1; 193 options->hpn_buffer_size = -1; 194 } 195 196 void 197 fill_default_server_options(ServerOptions *options) 198 { 199 /* needed for hpn socket tests */ 200 int sock; 201 int socksize; 202 socklen_t socksizelen = sizeof(int); 203 204 /* Portable-specific options */ 205 if (options->use_pam == -1) 206 options->use_pam = 0; 207 208 /* Standard Options */ 209 if (options->protocol == SSH_PROTO_UNKNOWN) 210 options->protocol = SSH_PROTO_2; 211 if (options->num_host_key_files == 0) { 212 /* fill default hostkeys for protocols */ 213 if (options->protocol & SSH_PROTO_1) 214 options->host_key_files[options->num_host_key_files++] = 215 __UNCONST(_PATH_HOST_KEY_FILE); 216 if (options->protocol & SSH_PROTO_2) { 217 options->host_key_files[options->num_host_key_files++] = 218 __UNCONST(_PATH_HOST_RSA_KEY_FILE); 219 options->host_key_files[options->num_host_key_files++] = 220 __UNCONST(_PATH_HOST_DSA_KEY_FILE); 221 options->host_key_files[options->num_host_key_files++] = 222 __UNCONST(_PATH_HOST_ECDSA_KEY_FILE); 223 } 224 } 225 /* No certificates by default */ 226 if (options->num_ports == 0) 227 options->ports[options->num_ports++] = SSH_DEFAULT_PORT; 228 if (options->listen_addrs == NULL) 229 add_listen_addr(options, NULL, 0); 230 if (options->pid_file == NULL) 231 options->pid_file = __UNCONST(_PATH_SSH_DAEMON_PID_FILE); 232 if (options->server_key_bits == -1) 233 options->server_key_bits = 1024; 234 if (options->login_grace_time == -1) 235 options->login_grace_time = 120; 236 if (options->key_regeneration_time == -1) 237 options->key_regeneration_time = 3600; 238 if (options->permit_root_login == PERMIT_NOT_SET) 239 options->permit_root_login = PERMIT_NO; 240 if (options->ignore_rhosts == -1) 241 options->ignore_rhosts = 1; 242 if (options->ignore_root_rhosts == -1) 243 options->ignore_root_rhosts = options->ignore_rhosts; 244 if (options->ignore_user_known_hosts == -1) 245 options->ignore_user_known_hosts = 0; 246 if (options->print_motd == -1) 247 options->print_motd = 1; 248 if (options->print_lastlog == -1) 249 options->print_lastlog = 1; 250 if (options->x11_forwarding == -1) 251 options->x11_forwarding = 0; 252 if (options->x11_display_offset == -1) 253 options->x11_display_offset = 10; 254 if (options->x11_use_localhost == -1) 255 options->x11_use_localhost = 1; 256 if (options->xauth_location == NULL) 257 options->xauth_location = __UNCONST(_PATH_XAUTH); 258 if (options->strict_modes == -1) 259 options->strict_modes = 1; 260 if (options->tcp_keep_alive == -1) 261 options->tcp_keep_alive = 1; 262 if (options->log_facility == SYSLOG_FACILITY_NOT_SET) 263 options->log_facility = SYSLOG_FACILITY_AUTH; 264 if (options->log_level == SYSLOG_LEVEL_NOT_SET) 265 options->log_level = SYSLOG_LEVEL_INFO; 266 if (options->rhosts_rsa_authentication == -1) 267 options->rhosts_rsa_authentication = 0; 268 if (options->hostbased_authentication == -1) 269 options->hostbased_authentication = 0; 270 if (options->hostbased_uses_name_from_packet_only == -1) 271 options->hostbased_uses_name_from_packet_only = 0; 272 if (options->rsa_authentication == -1) 273 options->rsa_authentication = 1; 274 if (options->pubkey_authentication == -1) 275 options->pubkey_authentication = 1; 276 if (options->kerberos_authentication == -1) 277 options->kerberos_authentication = 0; 278 if (options->kerberos_or_local_passwd == -1) 279 options->kerberos_or_local_passwd = 1; 280 if (options->kerberos_ticket_cleanup == -1) 281 options->kerberos_ticket_cleanup = 1; 282 #if defined(AFS) || defined(KRB5) 283 if (options->kerberos_tgt_passing == -1) 284 options->kerberos_tgt_passing = 0; 285 #endif 286 #ifdef AFS 287 if (options->afs_token_passing == -1) 288 options->afs_token_passing = 0; 289 #endif 290 if (options->kerberos_get_afs_token == -1) 291 options->kerberos_get_afs_token = 0; 292 if (options->gss_authentication == -1) 293 options->gss_authentication = 0; 294 if (options->gss_cleanup_creds == -1) 295 options->gss_cleanup_creds = 1; 296 if (options->password_authentication == -1) 297 options->password_authentication = 1; 298 if (options->kbd_interactive_authentication == -1) 299 options->kbd_interactive_authentication = 0; 300 if (options->challenge_response_authentication == -1) 301 options->challenge_response_authentication = 1; 302 if (options->permit_empty_passwd == -1) 303 options->permit_empty_passwd = 0; 304 if (options->permit_user_env == -1) 305 options->permit_user_env = 0; 306 if (options->use_login == -1) 307 options->use_login = 0; 308 if (options->compression == -1) 309 options->compression = COMP_DELAYED; 310 if (options->allow_tcp_forwarding == -1) 311 options->allow_tcp_forwarding = FORWARD_ALLOW; 312 if (options->allow_agent_forwarding == -1) 313 options->allow_agent_forwarding = 1; 314 if (options->gateway_ports == -1) 315 options->gateway_ports = 0; 316 if (options->max_startups == -1) 317 options->max_startups = 100; 318 if (options->max_startups_rate == -1) 319 options->max_startups_rate = 30; /* 30% */ 320 if (options->max_startups_begin == -1) 321 options->max_startups_begin = 10; 322 if (options->max_authtries == -1) 323 options->max_authtries = DEFAULT_AUTH_FAIL_MAX; 324 if (options->max_sessions == -1) 325 options->max_sessions = DEFAULT_SESSIONS_MAX; 326 if (options->use_dns == -1) 327 options->use_dns = 1; 328 if (options->client_alive_interval == -1) 329 options->client_alive_interval = 0; 330 if (options->client_alive_count_max == -1) 331 options->client_alive_count_max = 3; 332 if (options->num_authkeys_files == 0) { 333 options->authorized_keys_files[options->num_authkeys_files++] = 334 xstrdup(_PATH_SSH_USER_PERMITTED_KEYS); 335 options->authorized_keys_files[options->num_authkeys_files++] = 336 xstrdup(_PATH_SSH_USER_PERMITTED_KEYS2); 337 } 338 if (options->permit_tun == -1) 339 options->permit_tun = SSH_TUNMODE_NO; 340 if (options->zero_knowledge_password_authentication == -1) 341 options->zero_knowledge_password_authentication = 0; 342 if (options->ip_qos_interactive == -1) 343 options->ip_qos_interactive = IPTOS_LOWDELAY; 344 if (options->ip_qos_bulk == -1) 345 options->ip_qos_bulk = IPTOS_THROUGHPUT; 346 if (options->version_addendum == NULL) 347 options->version_addendum = xstrdup(""); 348 349 if (options->hpn_disabled == -1) 350 options->hpn_disabled = 0; 351 352 if (options->hpn_buffer_size == -1) { 353 /* option not explicitly set. Now we have to figure out */ 354 /* what value to use */ 355 if (options->hpn_disabled == 1) { 356 options->hpn_buffer_size = CHAN_SES_WINDOW_DEFAULT; 357 } else { 358 /* get the current RCV size and set it to that */ 359 /*create a socket but don't connect it */ 360 /* we use that the get the rcv socket size */ 361 sock = socket(AF_INET, SOCK_STREAM, 0); 362 getsockopt(sock, SOL_SOCKET, SO_RCVBUF, 363 &socksize, &socksizelen); 364 close(sock); 365 options->hpn_buffer_size = socksize; 366 debug ("HPN Buffer Size: %d", options->hpn_buffer_size); 367 368 } 369 } else { 370 /* we have to do this incase the user sets both values in a contradictory */ 371 /* manner. hpn_disabled overrrides hpn_buffer_size*/ 372 if (options->hpn_disabled <= 0) { 373 if (options->hpn_buffer_size == 0) 374 options->hpn_buffer_size = 1; 375 /* limit the maximum buffer to 64MB */ 376 if (options->hpn_buffer_size > 64*1024) { 377 options->hpn_buffer_size = 64*1024*1024; 378 } else { 379 options->hpn_buffer_size *= 1024; 380 } 381 } else 382 options->hpn_buffer_size = CHAN_TCP_WINDOW_DEFAULT; 383 } 384 385 #ifdef WITH_LDAP_PUBKEY 386 if (options->lpk.on == -1) 387 options->lpk.on = _DEFAULT_LPK_ON; 388 if (options->lpk.servers == NULL) 389 options->lpk.servers = _DEFAULT_LPK_SERVERS; 390 if (options->lpk.u_basedn == NULL) 391 options->lpk.u_basedn = _DEFAULT_LPK_UDN; 392 if (options->lpk.g_basedn == NULL) 393 options->lpk.g_basedn = _DEFAULT_LPK_GDN; 394 if (options->lpk.binddn == NULL) 395 options->lpk.binddn = _DEFAULT_LPK_BINDDN; 396 if (options->lpk.bindpw == NULL) 397 options->lpk.bindpw = _DEFAULT_LPK_BINDPW; 398 if (options->lpk.sgroup == NULL) 399 options->lpk.sgroup = _DEFAULT_LPK_SGROUP; 400 if (options->lpk.filter == NULL) 401 options->lpk.filter = _DEFAULT_LPK_FILTER; 402 if (options->lpk.tls == -1) 403 options->lpk.tls = _DEFAULT_LPK_TLS; 404 if (options->lpk.b_timeout.tv_sec == -1) 405 options->lpk.b_timeout.tv_sec = _DEFAULT_LPK_BTIMEOUT; 406 if (options->lpk.s_timeout.tv_sec == -1) 407 options->lpk.s_timeout.tv_sec = _DEFAULT_LPK_STIMEOUT; 408 if (options->lpk.l_conf == NULL) 409 options->lpk.l_conf = _DEFAULT_LPK_LDP; 410 if (options->lpk.pub_key_attr == NULL) 411 options->lpk.pub_key_attr = __UNCONST(_DEFAULT_LPK_PUB); 412 #endif 413 414 /* Turn privilege separation on by default */ 415 if (use_privsep == -1) 416 use_privsep = PRIVSEP_NOSANDBOX; 417 } 418 419 /* Keyword tokens. */ 420 typedef enum { 421 sBadOption, /* == unknown option */ 422 /* Portable-specific options */ 423 sUsePAM, 424 /* Standard Options */ 425 sPort, sHostKeyFile, sServerKeyBits, sLoginGraceTime, sKeyRegenerationTime, 426 sPermitRootLogin, sLogFacility, sLogLevel, 427 sRhostsRSAAuthentication, sRSAAuthentication, 428 sKerberosAuthentication, sKerberosOrLocalPasswd, sKerberosTicketCleanup, 429 sKerberosGetAFSToken, 430 sKerberosTgtPassing, sChallengeResponseAuthentication, 431 sPasswordAuthentication, sKbdInteractiveAuthentication, 432 sListenAddress, sAddressFamily, 433 sPrintMotd, sPrintLastLog, sIgnoreRhosts, 434 sX11Forwarding, sX11DisplayOffset, sX11UseLocalhost, 435 sStrictModes, sEmptyPasswd, sTCPKeepAlive, 436 sPermitUserEnvironment, sUseLogin, sAllowTcpForwarding, sCompression, 437 sAllowUsers, sDenyUsers, sAllowGroups, sDenyGroups, 438 sIgnoreUserKnownHosts, sCiphers, sMacs, sProtocol, sPidFile, 439 sGatewayPorts, sPubkeyAuthentication, sXAuthLocation, sSubsystem, 440 sMaxStartups, sMaxAuthTries, sMaxSessions, 441 sBanner, sUseDNS, sHostbasedAuthentication, 442 sHostbasedUsesNameFromPacketOnly, sClientAliveInterval, 443 sClientAliveCountMax, sAuthorizedKeysFile, 444 sGssAuthentication, sGssCleanupCreds, sAcceptEnv, sPermitTunnel, 445 sMatch, sPermitOpen, sForceCommand, sChrootDirectory, 446 sUsePrivilegeSeparation, sAllowAgentForwarding, 447 sZeroKnowledgePasswordAuthentication, sHostCertificate, 448 sRevokedKeys, sTrustedUserCAKeys, sAuthorizedPrincipalsFile, 449 sKexAlgorithms, sIPQoS, sVersionAddendum, 450 sIgnoreRootRhosts, 451 sNoneEnabled, sTcpRcvBufPoll,sHPNDisabled, sHPNBufferSize, 452 sAuthorizedKeysCommand, sAuthorizedKeysCommandUser, 453 sAuthenticationMethods, 454 sDeprecated, sUnsupported 455 #ifdef WITH_LDAP_PUBKEY 456 ,sLdapPublickey, sLdapServers, sLdapUserDN 457 ,sLdapGroupDN, sBindDN, sBindPw, sMyGroup 458 ,sLdapFilter, sForceTLS, sBindTimeout 459 ,sSearchTimeout, sLdapConf ,sLpkPubKeyAttr 460 #endif 461 } ServerOpCodes; 462 463 #define SSHCFG_GLOBAL 0x01 /* allowed in main section of sshd_config */ 464 #define SSHCFG_MATCH 0x02 /* allowed inside a Match section */ 465 #define SSHCFG_ALL (SSHCFG_GLOBAL|SSHCFG_MATCH) 466 467 /* Textual representation of the tokens. */ 468 static struct { 469 const char *name; 470 ServerOpCodes opcode; 471 u_int flags; 472 } keywords[] = { 473 #ifdef USE_PAM 474 { "usepam", sUsePAM, SSHCFG_GLOBAL }, 475 #else 476 { "usepam", sUnsupported, SSHCFG_GLOBAL }, 477 #endif 478 { "port", sPort, SSHCFG_GLOBAL }, 479 { "hostkey", sHostKeyFile, SSHCFG_GLOBAL }, 480 { "hostdsakey", sHostKeyFile, SSHCFG_GLOBAL }, /* alias */ 481 { "pidfile", sPidFile, SSHCFG_GLOBAL }, 482 { "serverkeybits", sServerKeyBits, SSHCFG_GLOBAL }, 483 { "logingracetime", sLoginGraceTime, SSHCFG_GLOBAL }, 484 { "keyregenerationinterval", sKeyRegenerationTime, SSHCFG_GLOBAL }, 485 { "permitrootlogin", sPermitRootLogin, SSHCFG_ALL }, 486 { "syslogfacility", sLogFacility, SSHCFG_GLOBAL }, 487 { "loglevel", sLogLevel, SSHCFG_GLOBAL }, 488 { "rhostsauthentication", sDeprecated, SSHCFG_GLOBAL }, 489 { "rhostsrsaauthentication", sRhostsRSAAuthentication, SSHCFG_ALL }, 490 { "hostbasedauthentication", sHostbasedAuthentication, SSHCFG_ALL }, 491 { "hostbasedusesnamefrompacketonly", sHostbasedUsesNameFromPacketOnly, SSHCFG_ALL }, 492 { "rsaauthentication", sRSAAuthentication, SSHCFG_ALL }, 493 { "pubkeyauthentication", sPubkeyAuthentication, SSHCFG_ALL }, 494 { "dsaauthentication", sPubkeyAuthentication, SSHCFG_GLOBAL }, /* alias */ 495 #ifdef KRB5 496 { "kerberosauthentication", sKerberosAuthentication, SSHCFG_ALL }, 497 { "kerberosorlocalpasswd", sKerberosOrLocalPasswd, SSHCFG_GLOBAL }, 498 { "kerberosticketcleanup", sKerberosTicketCleanup, SSHCFG_GLOBAL }, 499 { "kerberosgetafstoken", sKerberosGetAFSToken, SSHCFG_GLOBAL }, 500 #else 501 { "kerberosauthentication", sUnsupported, SSHCFG_ALL }, 502 { "kerberosorlocalpasswd", sUnsupported, SSHCFG_GLOBAL }, 503 { "kerberosticketcleanup", sUnsupported, SSHCFG_GLOBAL }, 504 { "kerberosgetafstoken", sUnsupported, SSHCFG_GLOBAL }, 505 #endif 506 #if defined(AFS) || defined(KRB5) 507 { "kerberostgtpassing", sKerberosTgtPassing, SSHCFG_GLOBAL }, 508 #else 509 { "kerberostgtpassing", sUnsupported, SSHCFG_GLOBAL }, 510 #endif 511 { "afstokenpassing", sUnsupported, SSHCFG_GLOBAL }, 512 #ifdef GSSAPI 513 { "gssapiauthentication", sGssAuthentication, SSHCFG_ALL }, 514 { "gssapicleanupcredentials", sGssCleanupCreds, SSHCFG_GLOBAL }, 515 #else 516 { "gssapiauthentication", sUnsupported, SSHCFG_ALL }, 517 { "gssapicleanupcredentials", sUnsupported, SSHCFG_GLOBAL }, 518 #endif 519 { "passwordauthentication", sPasswordAuthentication, SSHCFG_ALL }, 520 { "kbdinteractiveauthentication", sKbdInteractiveAuthentication, SSHCFG_ALL }, 521 { "challengeresponseauthentication", sChallengeResponseAuthentication, SSHCFG_GLOBAL }, 522 { "skeyauthentication", sChallengeResponseAuthentication, SSHCFG_GLOBAL }, /* alias */ 523 #ifdef JPAKE 524 { "zeroknowledgepasswordauthentication", sZeroKnowledgePasswordAuthentication, SSHCFG_ALL }, 525 #else 526 { "zeroknowledgepasswordauthentication", sUnsupported, SSHCFG_ALL }, 527 #endif 528 { "checkmail", sDeprecated, SSHCFG_GLOBAL }, 529 { "listenaddress", sListenAddress, SSHCFG_GLOBAL }, 530 { "addressfamily", sAddressFamily, SSHCFG_GLOBAL }, 531 { "printmotd", sPrintMotd, SSHCFG_GLOBAL }, 532 { "printlastlog", sPrintLastLog, SSHCFG_GLOBAL }, 533 { "ignorerhosts", sIgnoreRhosts, SSHCFG_GLOBAL }, 534 { "ignorerootrhosts", sIgnoreRootRhosts, SSHCFG_GLOBAL }, 535 { "ignoreuserknownhosts", sIgnoreUserKnownHosts, SSHCFG_GLOBAL }, 536 { "x11forwarding", sX11Forwarding, SSHCFG_ALL }, 537 { "x11displayoffset", sX11DisplayOffset, SSHCFG_ALL }, 538 { "x11uselocalhost", sX11UseLocalhost, SSHCFG_ALL }, 539 { "xauthlocation", sXAuthLocation, SSHCFG_GLOBAL }, 540 { "strictmodes", sStrictModes, SSHCFG_GLOBAL }, 541 { "permitemptypasswords", sEmptyPasswd, SSHCFG_ALL }, 542 { "permituserenvironment", sPermitUserEnvironment, SSHCFG_GLOBAL }, 543 { "uselogin", sUseLogin, SSHCFG_GLOBAL }, 544 { "compression", sCompression, SSHCFG_GLOBAL }, 545 { "tcpkeepalive", sTCPKeepAlive, SSHCFG_GLOBAL }, 546 { "keepalive", sTCPKeepAlive, SSHCFG_GLOBAL }, /* obsolete alias */ 547 { "allowtcpforwarding", sAllowTcpForwarding, SSHCFG_ALL }, 548 { "allowagentforwarding", sAllowAgentForwarding, SSHCFG_ALL }, 549 { "allowusers", sAllowUsers, SSHCFG_ALL }, 550 { "denyusers", sDenyUsers, SSHCFG_ALL }, 551 { "allowgroups", sAllowGroups, SSHCFG_ALL }, 552 { "denygroups", sDenyGroups, SSHCFG_ALL }, 553 { "ciphers", sCiphers, SSHCFG_GLOBAL }, 554 { "macs", sMacs, SSHCFG_GLOBAL }, 555 { "protocol", sProtocol, SSHCFG_GLOBAL }, 556 { "gatewayports", sGatewayPorts, SSHCFG_ALL }, 557 { "subsystem", sSubsystem, SSHCFG_GLOBAL }, 558 { "maxstartups", sMaxStartups, SSHCFG_GLOBAL }, 559 { "maxauthtries", sMaxAuthTries, SSHCFG_ALL }, 560 { "maxsessions", sMaxSessions, SSHCFG_ALL }, 561 { "banner", sBanner, SSHCFG_ALL }, 562 { "usedns", sUseDNS, SSHCFG_GLOBAL }, 563 { "verifyreversemapping", sDeprecated, SSHCFG_GLOBAL }, 564 { "reversemappingcheck", sDeprecated, SSHCFG_GLOBAL }, 565 { "clientaliveinterval", sClientAliveInterval, SSHCFG_GLOBAL }, 566 { "clientalivecountmax", sClientAliveCountMax, SSHCFG_GLOBAL }, 567 { "authorizedkeysfile", sAuthorizedKeysFile, SSHCFG_ALL }, 568 { "authorizedkeysfile2", sDeprecated, SSHCFG_ALL }, 569 #ifdef WITH_LDAP_PUBKEY 570 { _DEFAULT_LPK_TOKEN, sLdapPublickey, SSHCFG_GLOBAL }, 571 { _DEFAULT_SRV_TOKEN, sLdapServers, SSHCFG_GLOBAL }, 572 { _DEFAULT_USR_TOKEN, sLdapUserDN, SSHCFG_GLOBAL }, 573 { _DEFAULT_GRP_TOKEN, sLdapGroupDN, SSHCFG_GLOBAL }, 574 { _DEFAULT_BDN_TOKEN, sBindDN, SSHCFG_GLOBAL }, 575 { _DEFAULT_BPW_TOKEN, sBindPw, SSHCFG_GLOBAL }, 576 { _DEFAULT_MYG_TOKEN, sMyGroup, SSHCFG_GLOBAL }, 577 { _DEFAULT_FIL_TOKEN, sLdapFilter, SSHCFG_GLOBAL }, 578 { _DEFAULT_TLS_TOKEN, sForceTLS, SSHCFG_GLOBAL }, 579 { _DEFAULT_BTI_TOKEN, sBindTimeout, SSHCFG_GLOBAL }, 580 { _DEFAULT_STI_TOKEN, sSearchTimeout, SSHCFG_GLOBAL }, 581 { _DEFAULT_LDP_TOKEN, sLdapConf, SSHCFG_GLOBAL }, 582 { "LpkPubKeyAttr", sLpkPubKeyAttr, SSHCFG_GLOBAL }, 583 #endif 584 { "useprivilegeseparation", sUsePrivilegeSeparation, SSHCFG_GLOBAL}, 585 { "acceptenv", sAcceptEnv, SSHCFG_ALL }, 586 { "permittunnel", sPermitTunnel, SSHCFG_ALL }, 587 { "match", sMatch, SSHCFG_ALL }, 588 { "permitopen", sPermitOpen, SSHCFG_ALL }, 589 { "forcecommand", sForceCommand, SSHCFG_ALL }, 590 { "chrootdirectory", sChrootDirectory, SSHCFG_ALL }, 591 { "hostcertificate", sHostCertificate, SSHCFG_GLOBAL }, 592 { "revokedkeys", sRevokedKeys, SSHCFG_ALL }, 593 { "trustedusercakeys", sTrustedUserCAKeys, SSHCFG_ALL }, 594 { "authorizedprincipalsfile", sAuthorizedPrincipalsFile, SSHCFG_ALL }, 595 { "kexalgorithms", sKexAlgorithms, SSHCFG_GLOBAL }, 596 { "ipqos", sIPQoS, SSHCFG_ALL }, 597 { "authorizedkeyscommand", sAuthorizedKeysCommand, SSHCFG_ALL }, 598 { "authorizedkeyscommanduser", sAuthorizedKeysCommandUser, SSHCFG_ALL }, 599 { "versionaddendum", sVersionAddendum, SSHCFG_GLOBAL }, 600 { "noneenabled", sNoneEnabled, SSHCFG_ALL }, 601 { "hpndisabled", sHPNDisabled, SSHCFG_ALL }, 602 { "hpnbuffersize", sHPNBufferSize, SSHCFG_ALL }, 603 { "tcprcvbufpoll", sTcpRcvBufPoll, SSHCFG_ALL }, 604 { "authenticationmethods", sAuthenticationMethods, SSHCFG_ALL }, 605 { NULL, sBadOption, 0 } 606 }; 607 608 static struct { 609 int val; 610 const char *text; 611 } tunmode_desc[] = { 612 { SSH_TUNMODE_NO, "no" }, 613 { SSH_TUNMODE_POINTOPOINT, "point-to-point" }, 614 { SSH_TUNMODE_ETHERNET, "ethernet" }, 615 { SSH_TUNMODE_YES, "yes" }, 616 { -1, NULL } 617 }; 618 619 /* 620 * Returns the number of the token pointed to by cp or sBadOption. 621 */ 622 623 static ServerOpCodes 624 parse_token(const char *cp, const char *filename, 625 int linenum, u_int *flags) 626 { 627 u_int i; 628 629 for (i = 0; keywords[i].name; i++) 630 if (strcasecmp(cp, keywords[i].name) == 0) { 631 debug ("Config token is %s", keywords[i].name); 632 *flags = keywords[i].flags; 633 return keywords[i].opcode; 634 } 635 636 error("%s: line %d: Bad configuration option: %s", 637 filename, linenum, cp); 638 return sBadOption; 639 } 640 641 char * 642 derelativise_path(const char *path) 643 { 644 char *expanded, *ret, cwd[MAXPATHLEN]; 645 646 expanded = tilde_expand_filename(path, getuid()); 647 if (*expanded == '/') 648 return expanded; 649 if (getcwd(cwd, sizeof(cwd)) == NULL) 650 fatal("%s: getcwd: %s", __func__, strerror(errno)); 651 xasprintf(&ret, "%s/%s", cwd, expanded); 652 xfree(expanded); 653 return ret; 654 } 655 656 static void 657 add_listen_addr(ServerOptions *options, char *addr, int port) 658 { 659 u_int i; 660 661 if (options->num_ports == 0) 662 options->ports[options->num_ports++] = SSH_DEFAULT_PORT; 663 if (options->address_family == -1) 664 options->address_family = AF_UNSPEC; 665 if (port == 0) 666 for (i = 0; i < options->num_ports; i++) 667 add_one_listen_addr(options, addr, options->ports[i]); 668 else 669 add_one_listen_addr(options, addr, port); 670 } 671 672 static void 673 add_one_listen_addr(ServerOptions *options, char *addr, int port) 674 { 675 struct addrinfo hints, *ai, *aitop; 676 char strport[NI_MAXSERV]; 677 int gaierr; 678 679 memset(&hints, 0, sizeof(hints)); 680 hints.ai_family = options->address_family; 681 hints.ai_socktype = SOCK_STREAM; 682 hints.ai_flags = (addr == NULL) ? AI_PASSIVE : 0; 683 snprintf(strport, sizeof strport, "%d", port); 684 if ((gaierr = getaddrinfo(addr, strport, &hints, &aitop)) != 0) 685 fatal("bad addr or host: %s (%s)", 686 addr ? addr : "<NULL>", 687 ssh_gai_strerror(gaierr)); 688 for (ai = aitop; ai->ai_next; ai = ai->ai_next) 689 ; 690 ai->ai_next = options->listen_addrs; 691 options->listen_addrs = aitop; 692 } 693 694 struct connection_info * 695 get_connection_info(int populate, int use_dns) 696 { 697 static struct connection_info ci; 698 699 if (!populate) 700 return &ci; 701 ci.host = get_canonical_hostname(use_dns); 702 ci.address = get_remote_ipaddr(); 703 ci.laddress = get_local_ipaddr(packet_get_connection_in()); 704 ci.lport = get_local_port(); 705 return &ci; 706 } 707 708 /* 709 * The strategy for the Match blocks is that the config file is parsed twice. 710 * 711 * The first time is at startup. activep is initialized to 1 and the 712 * directives in the global context are processed and acted on. Hitting a 713 * Match directive unsets activep and the directives inside the block are 714 * checked for syntax only. 715 * 716 * The second time is after a connection has been established but before 717 * authentication. activep is initialized to 2 and global config directives 718 * are ignored since they have already been processed. If the criteria in a 719 * Match block is met, activep is set and the subsequent directives 720 * processed and actioned until EOF or another Match block unsets it. Any 721 * options set are copied into the main server config. 722 * 723 * Potential additions/improvements: 724 * - Add Match support for pre-kex directives, eg Protocol, Ciphers. 725 * 726 * - Add a Tag directive (idea from David Leonard) ala pf, eg: 727 * Match Address 192.168.0.* 728 * Tag trusted 729 * Match Group wheel 730 * Tag trusted 731 * Match Tag trusted 732 * AllowTcpForwarding yes 733 * GatewayPorts clientspecified 734 * [...] 735 * 736 * - Add a PermittedChannelRequests directive 737 * Match Group shell 738 * PermittedChannelRequests session,forwarded-tcpip 739 */ 740 741 static int 742 match_cfg_line_group(const char *grps, int line, const char *user) 743 { 744 int result = 0; 745 struct passwd *pw; 746 747 if (user == NULL) 748 goto out; 749 750 if ((pw = getpwnam(user)) == NULL) { 751 debug("Can't match group at line %d because user %.100s does " 752 "not exist", line, user); 753 } else if (ga_init(pw->pw_name, pw->pw_gid) == 0) { 754 debug("Can't Match group because user %.100s not in any group " 755 "at line %d", user, line); 756 } else if (ga_match_pattern_list(grps) != 1) { 757 debug("user %.100s does not match group list %.100s at line %d", 758 user, grps, line); 759 } else { 760 debug("user %.100s matched group list %.100s at line %d", user, 761 grps, line); 762 result = 1; 763 } 764 out: 765 ga_free(); 766 return result; 767 } 768 769 /* 770 * All of the attributes on a single Match line are ANDed together, so we need 771 * to check every * attribute and set the result to zero if any attribute does 772 * not match. 773 */ 774 static int 775 match_cfg_line(char **condition, int line, struct connection_info *ci) 776 { 777 int result = 1, port; 778 char *arg, *attrib, *cp = *condition; 779 size_t len; 780 781 if (ci == NULL) 782 debug3("checking syntax for 'Match %s'", cp); 783 else 784 debug3("checking match for '%s' user %s host %s addr %s " 785 "laddr %s lport %d", cp, ci->user ? ci->user : "(null)", 786 ci->host ? ci->host : "(null)", 787 ci->address ? ci->address : "(null)", 788 ci->laddress ? ci->laddress : "(null)", ci->lport); 789 790 while ((attrib = strdelim(&cp)) && *attrib != '\0') { 791 if ((arg = strdelim(&cp)) == NULL || *arg == '\0') { 792 error("Missing Match criteria for %s", attrib); 793 return -1; 794 } 795 len = strlen(arg); 796 if (strcasecmp(attrib, "user") == 0) { 797 if (ci == NULL || ci->user == NULL) { 798 result = 0; 799 continue; 800 } 801 if (match_pattern_list(ci->user, arg, len, 0) != 1) 802 result = 0; 803 else 804 debug("user %.100s matched 'User %.100s' at " 805 "line %d", ci->user, arg, line); 806 } else if (strcasecmp(attrib, "group") == 0) { 807 if (ci == NULL || ci->user == NULL) { 808 result = 0; 809 continue; 810 } 811 switch (match_cfg_line_group(arg, line, ci->user)) { 812 case -1: 813 return -1; 814 case 0: 815 result = 0; 816 } 817 } else if (strcasecmp(attrib, "host") == 0) { 818 if (ci == NULL || ci->host == NULL) { 819 result = 0; 820 continue; 821 } 822 if (match_hostname(ci->host, arg, len) != 1) 823 result = 0; 824 else 825 debug("connection from %.100s matched 'Host " 826 "%.100s' at line %d", ci->host, arg, line); 827 } else if (strcasecmp(attrib, "address") == 0) { 828 if (ci == NULL || ci->address == NULL) { 829 result = 0; 830 continue; 831 } 832 switch (addr_match_list(ci->address, arg)) { 833 case 1: 834 debug("connection from %.100s matched 'Address " 835 "%.100s' at line %d", ci->address, arg, line); 836 break; 837 case 0: 838 case -1: 839 result = 0; 840 break; 841 case -2: 842 return -1; 843 } 844 } else if (strcasecmp(attrib, "localaddress") == 0){ 845 if (ci == NULL || ci->laddress == NULL) { 846 result = 0; 847 continue; 848 } 849 switch (addr_match_list(ci->laddress, arg)) { 850 case 1: 851 debug("connection from %.100s matched " 852 "'LocalAddress %.100s' at line %d", 853 ci->laddress, arg, line); 854 break; 855 case 0: 856 case -1: 857 result = 0; 858 break; 859 case -2: 860 return -1; 861 } 862 } else if (strcasecmp(attrib, "localport") == 0) { 863 if ((port = a2port(arg)) == -1) { 864 error("Invalid LocalPort '%s' on Match line", 865 arg); 866 return -1; 867 } 868 if (ci == NULL || ci->lport == 0) { 869 result = 0; 870 continue; 871 } 872 /* TODO support port lists */ 873 if (port == ci->lport) 874 debug("connection from %.100s matched " 875 "'LocalPort %d' at line %d", 876 ci->laddress, port, line); 877 else 878 result = 0; 879 } else { 880 error("Unsupported Match attribute %s", attrib); 881 return -1; 882 } 883 } 884 if (ci != NULL) 885 debug3("match %sfound", result ? "" : "not "); 886 *condition = cp; 887 return result; 888 } 889 890 #define WHITESPACE " \t\r\n" 891 892 /* Multistate option parsing */ 893 struct multistate { 894 const char *key; 895 int value; 896 }; 897 static const struct multistate multistate_addressfamily[] = { 898 { "inet", AF_INET }, 899 { "inet6", AF_INET6 }, 900 { "any", AF_UNSPEC }, 901 { NULL, -1 } 902 }; 903 static const struct multistate multistate_permitrootlogin[] = { 904 { "without-password", PERMIT_NO_PASSWD }, 905 { "forced-commands-only", PERMIT_FORCED_ONLY }, 906 { "yes", PERMIT_YES }, 907 { "no", PERMIT_NO }, 908 { NULL, -1 } 909 }; 910 static const struct multistate multistate_compression[] = { 911 { "delayed", COMP_DELAYED }, 912 { "yes", COMP_ZLIB }, 913 { "no", COMP_NONE }, 914 { NULL, -1 } 915 }; 916 static const struct multistate multistate_gatewayports[] = { 917 { "clientspecified", 2 }, 918 { "yes", 1 }, 919 { "no", 0 }, 920 { NULL, -1 } 921 }; 922 static const struct multistate multistate_privsep[] = { 923 { "yes", PRIVSEP_NOSANDBOX }, 924 { "sandbox", PRIVSEP_ON }, 925 { "nosandbox", PRIVSEP_NOSANDBOX }, 926 { "no", PRIVSEP_OFF }, 927 { NULL, -1 } 928 }; 929 static const struct multistate multistate_tcpfwd[] = { 930 { "yes", FORWARD_ALLOW }, 931 { "all", FORWARD_ALLOW }, 932 { "no", FORWARD_DENY }, 933 { "remote", FORWARD_REMOTE }, 934 { "local", FORWARD_LOCAL }, 935 { NULL, -1 } 936 }; 937 938 int 939 process_server_config_line(ServerOptions *options, char *line, 940 const char *filename, int linenum, int *activep, 941 struct connection_info *connectinfo) 942 { 943 char *cp, **charptr, *arg, *p; 944 int cmdline = 0, *intptr, value, value2, n; 945 SyslogFacility *log_facility_ptr; 946 LogLevel *log_level_ptr; 947 #ifdef WITH_LDAP_PUBKEY 948 unsigned long lvalue; 949 #endif 950 time_t *timetptr; 951 ServerOpCodes opcode; 952 int port = 0; 953 u_int i, flags = 0; 954 size_t len; 955 const struct multistate *multistate_ptr; 956 957 cp = line; 958 if ((arg = strdelim(&cp)) == NULL) 959 return 0; 960 /* Ignore leading whitespace */ 961 if (*arg == '\0') 962 arg = strdelim(&cp); 963 if (!arg || !*arg || *arg == '#') 964 return 0; 965 intptr = NULL; 966 timetptr = NULL; 967 charptr = NULL; 968 opcode = parse_token(arg, filename, linenum, &flags); 969 970 if (activep == NULL) { /* We are processing a command line directive */ 971 cmdline = 1; 972 activep = &cmdline; 973 } 974 if (*activep && opcode != sMatch) 975 debug3("%s:%d setting %s %s", filename, linenum, arg, cp); 976 if (*activep == 0 && !(flags & SSHCFG_MATCH)) { 977 if (connectinfo == NULL) { 978 fatal("%s line %d: Directive '%s' is not allowed " 979 "within a Match block", filename, linenum, arg); 980 } else { /* this is a directive we have already processed */ 981 while (arg) 982 arg = strdelim(&cp); 983 return 0; 984 } 985 } 986 987 switch (opcode) { 988 /* Portable-specific options */ 989 case sUsePAM: 990 intptr = &options->use_pam; 991 goto parse_flag; 992 993 /* Standard Options */ 994 case sBadOption: 995 return -1; 996 case sPort: 997 /* ignore ports from configfile if cmdline specifies ports */ 998 if (options->ports_from_cmdline) 999 return 0; 1000 if (options->listen_addrs != NULL) 1001 fatal("%s line %d: ports must be specified before " 1002 "ListenAddress.", filename, linenum); 1003 if (options->num_ports >= MAX_PORTS) 1004 fatal("%s line %d: too many ports.", 1005 filename, linenum); 1006 arg = strdelim(&cp); 1007 if (!arg || *arg == '\0') 1008 fatal("%s line %d: missing port number.", 1009 filename, linenum); 1010 options->ports[options->num_ports++] = a2port(arg); 1011 if (options->ports[options->num_ports-1] <= 0) 1012 fatal("%s line %d: Badly formatted port number.", 1013 filename, linenum); 1014 break; 1015 1016 case sServerKeyBits: 1017 intptr = &options->server_key_bits; 1018 parse_int: 1019 arg = strdelim(&cp); 1020 if (!arg || *arg == '\0') 1021 fatal("%s line %d: missing integer value.", 1022 filename, linenum); 1023 value = atoi(arg); 1024 if (*activep && *intptr == -1) 1025 *intptr = value; 1026 break; 1027 1028 case sLoginGraceTime: 1029 intptr = &options->login_grace_time; 1030 parse_time: 1031 arg = strdelim(&cp); 1032 if (!arg || *arg == '\0') 1033 fatal("%s line %d: missing time value.", 1034 filename, linenum); 1035 if ((value = convtime(arg)) == -1) 1036 fatal("%s line %d: invalid time value.", 1037 filename, linenum); 1038 if (*intptr == -1) 1039 *intptr = value; 1040 break; 1041 1042 case sKeyRegenerationTime: 1043 intptr = &options->key_regeneration_time; 1044 goto parse_time; 1045 1046 case sListenAddress: 1047 arg = strdelim(&cp); 1048 if (arg == NULL || *arg == '\0') 1049 fatal("%s line %d: missing address", 1050 filename, linenum); 1051 /* check for bare IPv6 address: no "[]" and 2 or more ":" */ 1052 if (strchr(arg, '[') == NULL && (p = strchr(arg, ':')) != NULL 1053 && strchr(p+1, ':') != NULL) { 1054 add_listen_addr(options, arg, 0); 1055 break; 1056 } 1057 p = hpdelim(&arg); 1058 if (p == NULL) 1059 fatal("%s line %d: bad address:port usage", 1060 filename, linenum); 1061 p = cleanhostname(p); 1062 if (arg == NULL) 1063 port = 0; 1064 else if ((port = a2port(arg)) <= 0) 1065 fatal("%s line %d: bad port number", filename, linenum); 1066 1067 add_listen_addr(options, p, port); 1068 1069 break; 1070 1071 case sAddressFamily: 1072 intptr = &options->address_family; 1073 multistate_ptr = multistate_addressfamily; 1074 if (options->listen_addrs != NULL) 1075 fatal("%s line %d: address family must be specified " 1076 "before ListenAddress.", filename, linenum); 1077 parse_multistate: 1078 arg = strdelim(&cp); 1079 if (!arg || *arg == '\0') 1080 fatal("%s line %d: missing argument.", 1081 filename, linenum); 1082 value = -1; 1083 for (i = 0; multistate_ptr[i].key != NULL; i++) { 1084 if (strcasecmp(arg, multistate_ptr[i].key) == 0) { 1085 value = multistate_ptr[i].value; 1086 break; 1087 } 1088 } 1089 if (value == -1) 1090 fatal("%s line %d: unsupported option \"%s\".", 1091 filename, linenum, arg); 1092 if (*activep && *intptr == -1) 1093 *intptr = value; 1094 break; 1095 1096 case sHostKeyFile: 1097 intptr = &options->num_host_key_files; 1098 if (*intptr >= MAX_HOSTKEYS) 1099 fatal("%s line %d: too many host keys specified (max %d).", 1100 filename, linenum, MAX_HOSTKEYS); 1101 charptr = &options->host_key_files[*intptr]; 1102 parse_filename: 1103 arg = strdelim(&cp); 1104 if (!arg || *arg == '\0') 1105 fatal("%s line %d: missing file name.", 1106 filename, linenum); 1107 if (*activep && *charptr == NULL) { 1108 *charptr = derelativise_path(arg); 1109 /* increase optional counter */ 1110 if (intptr != NULL) 1111 *intptr = *intptr + 1; 1112 } 1113 break; 1114 1115 case sHostCertificate: 1116 intptr = &options->num_host_cert_files; 1117 if (*intptr >= MAX_HOSTKEYS) 1118 fatal("%s line %d: too many host certificates " 1119 "specified (max %d).", filename, linenum, 1120 MAX_HOSTCERTS); 1121 charptr = &options->host_cert_files[*intptr]; 1122 goto parse_filename; 1123 break; 1124 1125 case sPidFile: 1126 charptr = &options->pid_file; 1127 goto parse_filename; 1128 1129 case sPermitRootLogin: 1130 intptr = &options->permit_root_login; 1131 multistate_ptr = multistate_permitrootlogin; 1132 goto parse_multistate; 1133 1134 case sIgnoreRhosts: 1135 intptr = &options->ignore_rhosts; 1136 parse_flag: 1137 arg = strdelim(&cp); 1138 if (!arg || *arg == '\0') 1139 fatal("%s line %d: missing yes/no argument.", 1140 filename, linenum); 1141 value = 0; /* silence compiler */ 1142 if (strcmp(arg, "yes") == 0) 1143 value = 1; 1144 else if (strcmp(arg, "no") == 0) 1145 value = 0; 1146 else 1147 fatal("%s line %d: Bad yes/no argument: %s", 1148 filename, linenum, arg); 1149 if (*activep && *intptr == -1) 1150 *intptr = value; 1151 break; 1152 1153 case sIgnoreRootRhosts: 1154 intptr = &options->ignore_root_rhosts; 1155 goto parse_flag; 1156 1157 case sNoneEnabled: 1158 intptr = &options->none_enabled; 1159 goto parse_flag; 1160 1161 case sTcpRcvBufPoll: 1162 intptr = &options->tcp_rcv_buf_poll; 1163 goto parse_flag; 1164 1165 case sHPNDisabled: 1166 intptr = &options->hpn_disabled; 1167 goto parse_flag; 1168 1169 case sHPNBufferSize: 1170 intptr = &options->hpn_buffer_size; 1171 goto parse_int; 1172 1173 case sIgnoreUserKnownHosts: 1174 intptr = &options->ignore_user_known_hosts; 1175 goto parse_flag; 1176 1177 case sRhostsRSAAuthentication: 1178 intptr = &options->rhosts_rsa_authentication; 1179 goto parse_flag; 1180 1181 case sHostbasedAuthentication: 1182 intptr = &options->hostbased_authentication; 1183 goto parse_flag; 1184 1185 case sHostbasedUsesNameFromPacketOnly: 1186 intptr = &options->hostbased_uses_name_from_packet_only; 1187 goto parse_flag; 1188 1189 case sRSAAuthentication: 1190 intptr = &options->rsa_authentication; 1191 goto parse_flag; 1192 1193 case sPubkeyAuthentication: 1194 intptr = &options->pubkey_authentication; 1195 goto parse_flag; 1196 1197 case sKerberosAuthentication: 1198 intptr = &options->kerberos_authentication; 1199 goto parse_flag; 1200 1201 case sKerberosOrLocalPasswd: 1202 intptr = &options->kerberos_or_local_passwd; 1203 goto parse_flag; 1204 1205 case sKerberosTicketCleanup: 1206 intptr = &options->kerberos_ticket_cleanup; 1207 goto parse_flag; 1208 1209 case sKerberosTgtPassing: 1210 intptr = &options->kerberos_tgt_passing; 1211 goto parse_flag; 1212 1213 case sKerberosGetAFSToken: 1214 intptr = &options->kerberos_get_afs_token; 1215 goto parse_flag; 1216 1217 case sGssAuthentication: 1218 intptr = &options->gss_authentication; 1219 goto parse_flag; 1220 1221 case sGssCleanupCreds: 1222 intptr = &options->gss_cleanup_creds; 1223 goto parse_flag; 1224 1225 case sPasswordAuthentication: 1226 intptr = &options->password_authentication; 1227 goto parse_flag; 1228 1229 case sZeroKnowledgePasswordAuthentication: 1230 intptr = &options->zero_knowledge_password_authentication; 1231 goto parse_flag; 1232 1233 case sKbdInteractiveAuthentication: 1234 intptr = &options->kbd_interactive_authentication; 1235 goto parse_flag; 1236 1237 case sChallengeResponseAuthentication: 1238 intptr = &options->challenge_response_authentication; 1239 goto parse_flag; 1240 1241 case sPrintMotd: 1242 intptr = &options->print_motd; 1243 goto parse_flag; 1244 1245 case sPrintLastLog: 1246 intptr = &options->print_lastlog; 1247 goto parse_flag; 1248 1249 case sX11Forwarding: 1250 intptr = &options->x11_forwarding; 1251 goto parse_flag; 1252 1253 case sX11DisplayOffset: 1254 intptr = &options->x11_display_offset; 1255 goto parse_int; 1256 1257 case sX11UseLocalhost: 1258 intptr = &options->x11_use_localhost; 1259 goto parse_flag; 1260 1261 case sXAuthLocation: 1262 charptr = &options->xauth_location; 1263 goto parse_filename; 1264 1265 case sStrictModes: 1266 intptr = &options->strict_modes; 1267 goto parse_flag; 1268 1269 case sTCPKeepAlive: 1270 intptr = &options->tcp_keep_alive; 1271 goto parse_flag; 1272 1273 case sEmptyPasswd: 1274 intptr = &options->permit_empty_passwd; 1275 goto parse_flag; 1276 1277 case sPermitUserEnvironment: 1278 intptr = &options->permit_user_env; 1279 goto parse_flag; 1280 1281 case sUseLogin: 1282 intptr = &options->use_login; 1283 goto parse_flag; 1284 1285 case sCompression: 1286 intptr = &options->compression; 1287 multistate_ptr = multistate_compression; 1288 goto parse_multistate; 1289 1290 case sGatewayPorts: 1291 intptr = &options->gateway_ports; 1292 multistate_ptr = multistate_gatewayports; 1293 goto parse_multistate; 1294 1295 case sUseDNS: 1296 intptr = &options->use_dns; 1297 goto parse_flag; 1298 1299 case sLogFacility: 1300 log_facility_ptr = &options->log_facility; 1301 arg = strdelim(&cp); 1302 value = log_facility_number(arg); 1303 if (value == SYSLOG_FACILITY_NOT_SET) 1304 fatal("%.200s line %d: unsupported log facility '%s'", 1305 filename, linenum, arg ? arg : "<NONE>"); 1306 if (*log_facility_ptr == -1) 1307 *log_facility_ptr = (SyslogFacility) value; 1308 break; 1309 1310 case sLogLevel: 1311 log_level_ptr = &options->log_level; 1312 arg = strdelim(&cp); 1313 value = log_level_number(arg); 1314 if (value == SYSLOG_LEVEL_NOT_SET) 1315 fatal("%.200s line %d: unsupported log level '%s'", 1316 filename, linenum, arg ? arg : "<NONE>"); 1317 if (*log_level_ptr == -1) 1318 *log_level_ptr = (LogLevel) value; 1319 break; 1320 1321 case sAllowTcpForwarding: 1322 intptr = &options->allow_tcp_forwarding; 1323 multistate_ptr = multistate_tcpfwd; 1324 goto parse_multistate; 1325 1326 case sAllowAgentForwarding: 1327 intptr = &options->allow_agent_forwarding; 1328 goto parse_flag; 1329 1330 case sUsePrivilegeSeparation: 1331 intptr = &use_privsep; 1332 multistate_ptr = multistate_privsep; 1333 goto parse_multistate; 1334 1335 case sAllowUsers: 1336 while ((arg = strdelim(&cp)) && *arg != '\0') { 1337 if (options->num_allow_users >= MAX_ALLOW_USERS) 1338 fatal("%s line %d: too many allow users.", 1339 filename, linenum); 1340 if (!*activep) 1341 continue; 1342 options->allow_users[options->num_allow_users++] = 1343 xstrdup(arg); 1344 } 1345 break; 1346 1347 case sDenyUsers: 1348 while ((arg = strdelim(&cp)) && *arg != '\0') { 1349 if (options->num_deny_users >= MAX_DENY_USERS) 1350 fatal("%s line %d: too many deny users.", 1351 filename, linenum); 1352 if (!*activep) 1353 continue; 1354 options->deny_users[options->num_deny_users++] = 1355 xstrdup(arg); 1356 } 1357 break; 1358 1359 case sAllowGroups: 1360 while ((arg = strdelim(&cp)) && *arg != '\0') { 1361 if (options->num_allow_groups >= MAX_ALLOW_GROUPS) 1362 fatal("%s line %d: too many allow groups.", 1363 filename, linenum); 1364 if (!*activep) 1365 continue; 1366 options->allow_groups[options->num_allow_groups++] = 1367 xstrdup(arg); 1368 } 1369 break; 1370 1371 case sDenyGroups: 1372 while ((arg = strdelim(&cp)) && *arg != '\0') { 1373 if (options->num_deny_groups >= MAX_DENY_GROUPS) 1374 fatal("%s line %d: too many deny groups.", 1375 filename, linenum); 1376 if (!*activep) 1377 continue; 1378 options->deny_groups[options->num_deny_groups++] = 1379 xstrdup(arg); 1380 } 1381 break; 1382 1383 case sCiphers: 1384 arg = strdelim(&cp); 1385 if (!arg || *arg == '\0') 1386 fatal("%s line %d: Missing argument.", filename, linenum); 1387 if (!ciphers_valid(arg)) 1388 fatal("%s line %d: Bad SSH2 cipher spec '%s'.", 1389 filename, linenum, arg ? arg : "<NONE>"); 1390 if (options->ciphers == NULL) 1391 options->ciphers = xstrdup(arg); 1392 break; 1393 1394 case sMacs: 1395 arg = strdelim(&cp); 1396 if (!arg || *arg == '\0') 1397 fatal("%s line %d: Missing argument.", filename, linenum); 1398 if (!mac_valid(arg)) 1399 fatal("%s line %d: Bad SSH2 mac spec '%s'.", 1400 filename, linenum, arg ? arg : "<NONE>"); 1401 if (options->macs == NULL) 1402 options->macs = xstrdup(arg); 1403 break; 1404 1405 case sKexAlgorithms: 1406 arg = strdelim(&cp); 1407 if (!arg || *arg == '\0') 1408 fatal("%s line %d: Missing argument.", 1409 filename, linenum); 1410 if (!kex_names_valid(arg)) 1411 fatal("%s line %d: Bad SSH2 KexAlgorithms '%s'.", 1412 filename, linenum, arg ? arg : "<NONE>"); 1413 if (options->kex_algorithms == NULL) 1414 options->kex_algorithms = xstrdup(arg); 1415 break; 1416 1417 case sProtocol: 1418 intptr = &options->protocol; 1419 arg = strdelim(&cp); 1420 if (!arg || *arg == '\0') 1421 fatal("%s line %d: Missing argument.", filename, linenum); 1422 value = proto_spec(arg); 1423 if (value == SSH_PROTO_UNKNOWN) 1424 fatal("%s line %d: Bad protocol spec '%s'.", 1425 filename, linenum, arg ? arg : "<NONE>"); 1426 if (*intptr == SSH_PROTO_UNKNOWN) 1427 *intptr = value; 1428 break; 1429 1430 case sSubsystem: 1431 if (options->num_subsystems >= MAX_SUBSYSTEMS) { 1432 fatal("%s line %d: too many subsystems defined.", 1433 filename, linenum); 1434 } 1435 arg = strdelim(&cp); 1436 if (!arg || *arg == '\0') 1437 fatal("%s line %d: Missing subsystem name.", 1438 filename, linenum); 1439 if (!*activep) { 1440 arg = strdelim(&cp); 1441 break; 1442 } 1443 for (i = 0; i < options->num_subsystems; i++) 1444 if (strcmp(arg, options->subsystem_name[i]) == 0) 1445 fatal("%s line %d: Subsystem '%s' already defined.", 1446 filename, linenum, arg); 1447 options->subsystem_name[options->num_subsystems] = xstrdup(arg); 1448 arg = strdelim(&cp); 1449 if (!arg || *arg == '\0') 1450 fatal("%s line %d: Missing subsystem command.", 1451 filename, linenum); 1452 options->subsystem_command[options->num_subsystems] = xstrdup(arg); 1453 1454 /* Collect arguments (separate to executable) */ 1455 p = xstrdup(arg); 1456 len = strlen(p) + 1; 1457 while ((arg = strdelim(&cp)) != NULL && *arg != '\0') { 1458 len += 1 + strlen(arg); 1459 p = xrealloc(p, 1, len); 1460 strlcat(p, " ", len); 1461 strlcat(p, arg, len); 1462 } 1463 options->subsystem_args[options->num_subsystems] = p; 1464 options->num_subsystems++; 1465 break; 1466 1467 case sMaxStartups: 1468 arg = strdelim(&cp); 1469 if (!arg || *arg == '\0') 1470 fatal("%s line %d: Missing MaxStartups spec.", 1471 filename, linenum); 1472 if ((n = sscanf(arg, "%d:%d:%d", 1473 &options->max_startups_begin, 1474 &options->max_startups_rate, 1475 &options->max_startups)) == 3) { 1476 if (options->max_startups_begin > 1477 options->max_startups || 1478 options->max_startups_rate > 100 || 1479 options->max_startups_rate < 1) 1480 fatal("%s line %d: Illegal MaxStartups spec.", 1481 filename, linenum); 1482 } else if (n != 1) 1483 fatal("%s line %d: Illegal MaxStartups spec.", 1484 filename, linenum); 1485 else 1486 options->max_startups = options->max_startups_begin; 1487 break; 1488 1489 case sMaxAuthTries: 1490 intptr = &options->max_authtries; 1491 goto parse_int; 1492 1493 case sMaxSessions: 1494 intptr = &options->max_sessions; 1495 goto parse_int; 1496 1497 case sBanner: 1498 charptr = &options->banner; 1499 goto parse_filename; 1500 1501 /* 1502 * These options can contain %X options expanded at 1503 * connect time, so that you can specify paths like: 1504 * 1505 * AuthorizedKeysFile /etc/ssh_keys/%u 1506 */ 1507 case sAuthorizedKeysFile: 1508 if (*activep && options->num_authkeys_files == 0) { 1509 while ((arg = strdelim(&cp)) && *arg != '\0') { 1510 if (options->num_authkeys_files >= 1511 MAX_AUTHKEYS_FILES) 1512 fatal("%s line %d: " 1513 "too many authorized keys files.", 1514 filename, linenum); 1515 options->authorized_keys_files[ 1516 options->num_authkeys_files++] = 1517 tilde_expand_filename(arg, getuid()); 1518 } 1519 } 1520 return 0; 1521 1522 case sAuthorizedPrincipalsFile: 1523 charptr = &options->authorized_principals_file; 1524 arg = strdelim(&cp); 1525 if (!arg || *arg == '\0') 1526 fatal("%s line %d: missing file name.", 1527 filename, linenum); 1528 if (*activep && *charptr == NULL) { 1529 *charptr = tilde_expand_filename(arg, getuid()); 1530 /* increase optional counter */ 1531 if (intptr != NULL) 1532 *intptr = *intptr + 1; 1533 } 1534 break; 1535 1536 case sClientAliveInterval: 1537 intptr = &options->client_alive_interval; 1538 goto parse_time; 1539 1540 case sClientAliveCountMax: 1541 intptr = &options->client_alive_count_max; 1542 goto parse_int; 1543 1544 case sAcceptEnv: 1545 while ((arg = strdelim(&cp)) && *arg != '\0') { 1546 if (strchr(arg, '=') != NULL) 1547 fatal("%s line %d: Invalid environment name.", 1548 filename, linenum); 1549 if (options->num_accept_env >= MAX_ACCEPT_ENV) 1550 fatal("%s line %d: too many allow env.", 1551 filename, linenum); 1552 if (!*activep) 1553 continue; 1554 options->accept_env[options->num_accept_env++] = 1555 xstrdup(arg); 1556 } 1557 break; 1558 1559 case sPermitTunnel: 1560 intptr = &options->permit_tun; 1561 arg = strdelim(&cp); 1562 if (!arg || *arg == '\0') 1563 fatal("%s line %d: Missing yes/point-to-point/" 1564 "ethernet/no argument.", filename, linenum); 1565 value = -1; 1566 for (i = 0; tunmode_desc[i].val != -1; i++) 1567 if (strcmp(tunmode_desc[i].text, arg) == 0) { 1568 value = tunmode_desc[i].val; 1569 break; 1570 } 1571 if (value == -1) 1572 fatal("%s line %d: Bad yes/point-to-point/ethernet/" 1573 "no argument: %s", filename, linenum, arg); 1574 if (*intptr == -1) 1575 *intptr = value; 1576 break; 1577 1578 case sMatch: 1579 if (cmdline) 1580 fatal("Match directive not supported as a command-line " 1581 "option"); 1582 value = match_cfg_line(&cp, linenum, connectinfo); 1583 if (value < 0) 1584 fatal("%s line %d: Bad Match condition", filename, 1585 linenum); 1586 *activep = value; 1587 break; 1588 1589 case sPermitOpen: 1590 arg = strdelim(&cp); 1591 if (!arg || *arg == '\0') 1592 fatal("%s line %d: missing PermitOpen specification", 1593 filename, linenum); 1594 n = options->num_permitted_opens; /* modified later */ 1595 if (strcmp(arg, "any") == 0) { 1596 if (*activep && n == -1) { 1597 channel_clear_adm_permitted_opens(); 1598 options->num_permitted_opens = 0; 1599 } 1600 break; 1601 } 1602 if (strcmp(arg, "none") == 0) { 1603 if (*activep && n == -1) { 1604 options->num_permitted_opens = 1; 1605 channel_disable_adm_local_opens(); 1606 } 1607 break; 1608 } 1609 if (*activep && n == -1) 1610 channel_clear_adm_permitted_opens(); 1611 for (; arg != NULL && *arg != '\0'; arg = strdelim(&cp)) { 1612 p = hpdelim(&arg); 1613 if (p == NULL) 1614 fatal("%s line %d: missing host in PermitOpen", 1615 filename, linenum); 1616 p = cleanhostname(p); 1617 if (arg == NULL || ((port = permitopen_port(arg)) < 0)) 1618 fatal("%s line %d: bad port number in " 1619 "PermitOpen", filename, linenum); 1620 if (*activep && n == -1) 1621 options->num_permitted_opens = 1622 channel_add_adm_permitted_opens(p, port); 1623 } 1624 break; 1625 1626 case sForceCommand: 1627 if (cp == NULL) 1628 fatal("%.200s line %d: Missing argument.", filename, 1629 linenum); 1630 len = strspn(cp, WHITESPACE); 1631 if (*activep && options->adm_forced_command == NULL) 1632 options->adm_forced_command = xstrdup(cp + len); 1633 return 0; 1634 1635 case sChrootDirectory: 1636 charptr = &options->chroot_directory; 1637 1638 arg = strdelim(&cp); 1639 if (!arg || *arg == '\0') 1640 fatal("%s line %d: missing file name.", 1641 filename, linenum); 1642 if (*activep && *charptr == NULL) 1643 *charptr = xstrdup(arg); 1644 break; 1645 1646 case sTrustedUserCAKeys: 1647 charptr = &options->trusted_user_ca_keys; 1648 goto parse_filename; 1649 1650 case sRevokedKeys: 1651 charptr = &options->revoked_keys_file; 1652 goto parse_filename; 1653 1654 case sIPQoS: 1655 arg = strdelim(&cp); 1656 if ((value = parse_ipqos(arg)) == -1) 1657 fatal("%s line %d: Bad IPQoS value: %s", 1658 filename, linenum, arg); 1659 arg = strdelim(&cp); 1660 if (arg == NULL) 1661 value2 = value; 1662 else if ((value2 = parse_ipqos(arg)) == -1) 1663 fatal("%s line %d: Bad IPQoS value: %s", 1664 filename, linenum, arg); 1665 if (*activep) { 1666 options->ip_qos_interactive = value; 1667 options->ip_qos_bulk = value2; 1668 } 1669 break; 1670 1671 case sVersionAddendum: 1672 if (cp == NULL) 1673 fatal("%.200s line %d: Missing argument.", filename, 1674 linenum); 1675 len = strspn(cp, WHITESPACE); 1676 if (*activep && options->version_addendum == NULL) { 1677 if (strcasecmp(cp + len, "none") == 0) 1678 options->version_addendum = xstrdup(""); 1679 else if (strchr(cp + len, '\r') != NULL) 1680 fatal("%.200s line %d: Invalid argument", 1681 filename, linenum); 1682 else 1683 options->version_addendum = xstrdup(cp + len); 1684 } 1685 return 0; 1686 1687 case sAuthorizedKeysCommand: 1688 len = strspn(cp, WHITESPACE); 1689 if (*activep && options->authorized_keys_command == NULL) { 1690 if (cp[len] != '/' && strcasecmp(cp + len, "none") != 0) 1691 fatal("%.200s line %d: AuthorizedKeysCommand " 1692 "must be an absolute path", 1693 filename, linenum); 1694 options->authorized_keys_command = xstrdup(cp + len); 1695 } 1696 return 0; 1697 1698 case sAuthorizedKeysCommandUser: 1699 charptr = &options->authorized_keys_command_user; 1700 1701 arg = strdelim(&cp); 1702 if (*activep && *charptr == NULL) 1703 *charptr = xstrdup(arg); 1704 break; 1705 1706 case sAuthenticationMethods: 1707 if (*activep && options->num_auth_methods == 0) { 1708 while ((arg = strdelim(&cp)) && *arg != '\0') { 1709 if (options->num_auth_methods >= 1710 MAX_AUTH_METHODS) 1711 fatal("%s line %d: " 1712 "too many authentication methods.", 1713 filename, linenum); 1714 if (auth2_methods_valid(arg, 0) != 0) 1715 fatal("%s line %d: invalid " 1716 "authentication method list.", 1717 filename, linenum); 1718 options->auth_methods[ 1719 options->num_auth_methods++] = xstrdup(arg); 1720 } 1721 } 1722 return 0; 1723 1724 case sDeprecated: 1725 logit("%s line %d: Deprecated option %s", 1726 filename, linenum, arg); 1727 while (arg) 1728 arg = strdelim(&cp); 1729 break; 1730 1731 case sUnsupported: 1732 logit("%s line %d: Unsupported option %s", 1733 filename, linenum, arg); 1734 while (arg) 1735 arg = strdelim(&cp); 1736 break; 1737 #ifdef WITH_LDAP_PUBKEY 1738 case sLdapPublickey: 1739 intptr = &options->lpk.on; 1740 goto parse_flag; 1741 case sLdapServers: 1742 /* arg = strdelim(&cp); */ 1743 p = line; 1744 while(*p++); 1745 arg = p; 1746 if (!arg || *arg == '\0') 1747 fatal("%s line %d: missing ldap server",filename,linenum); 1748 arg[strlen(arg)] = '\0'; 1749 if ((options->lpk.servers = ldap_parse_servers(arg)) == NULL) 1750 fatal("%s line %d: error in ldap servers", filename, linenum); 1751 memset(arg,0,strlen(arg)); 1752 break; 1753 case sLdapUserDN: 1754 arg = cp; 1755 if (!arg || *arg == '\0') 1756 fatal("%s line %d: missing ldap server",filename,linenum); 1757 arg[strlen(arg)] = '\0'; 1758 options->lpk.u_basedn = xstrdup(arg); 1759 memset(arg,0,strlen(arg)); 1760 break; 1761 case sLdapGroupDN: 1762 arg = cp; 1763 if (!arg || *arg == '\0') 1764 fatal("%s line %d: missing ldap server",filename,linenum); 1765 arg[strlen(arg)] = '\0'; 1766 options->lpk.g_basedn = xstrdup(arg); 1767 memset(arg,0,strlen(arg)); 1768 break; 1769 case sBindDN: 1770 arg = cp; 1771 if (!arg || *arg == '\0') 1772 fatal("%s line %d: missing binddn",filename,linenum); 1773 arg[strlen(arg)] = '\0'; 1774 options->lpk.binddn = xstrdup(arg); 1775 memset(arg,0,strlen(arg)); 1776 break; 1777 case sBindPw: 1778 arg = cp; 1779 if (!arg || *arg == '\0') 1780 fatal("%s line %d: missing bindpw",filename,linenum); 1781 arg[strlen(arg)] = '\0'; 1782 options->lpk.bindpw = xstrdup(arg); 1783 memset(arg,0,strlen(arg)); 1784 break; 1785 case sMyGroup: 1786 arg = cp; 1787 if (!arg || *arg == '\0') 1788 fatal("%s line %d: missing groupname",filename, linenum); 1789 arg[strlen(arg)] = '\0'; 1790 options->lpk.sgroup = xstrdup(arg); 1791 if (options->lpk.sgroup) 1792 options->lpk.fgroup = ldap_parse_groups(options->lpk.sgroup); 1793 memset(arg,0,strlen(arg)); 1794 break; 1795 case sLdapFilter: 1796 arg = cp; 1797 if (!arg || *arg == '\0') 1798 fatal("%s line %d: missing filter",filename, linenum); 1799 arg[strlen(arg)] = '\0'; 1800 options->lpk.filter = xstrdup(arg); 1801 memset(arg,0,strlen(arg)); 1802 break; 1803 case sForceTLS: 1804 intptr = &options->lpk.tls; 1805 arg = strdelim(&cp); 1806 if (!arg || *arg == '\0') 1807 fatal("%s line %d: missing yes/no argument.", 1808 filename, linenum); 1809 value = 0; /* silence compiler */ 1810 if (strcmp(arg, "yes") == 0) 1811 value = 1; 1812 else if (strcmp(arg, "no") == 0) 1813 value = 0; 1814 else if (strcmp(arg, "try") == 0) 1815 value = -1; 1816 else 1817 fatal("%s line %d: Bad yes/no argument: %s", 1818 filename, linenum, arg); 1819 if (*intptr == -1) 1820 *intptr = value; 1821 break; 1822 case sBindTimeout: 1823 timetptr = &options->lpk.b_timeout.tv_sec; 1824 parse_ulong: 1825 arg = strdelim(&cp); 1826 if (!arg || *arg == '\0') 1827 fatal("%s line %d: missing integer value.", 1828 filename, linenum); 1829 lvalue = atol(arg); 1830 if (*activep && *timetptr == -1) 1831 *timetptr = lvalue; 1832 break; 1833 1834 case sSearchTimeout: 1835 timetptr = &options->lpk.s_timeout.tv_sec; 1836 goto parse_ulong; 1837 break; 1838 case sLdapConf: 1839 arg = cp; 1840 if (!arg || *arg == '\0') 1841 fatal("%s line %d: missing LpkLdapConf", filename, linenum); 1842 arg[strlen(arg)] = '\0'; 1843 options->lpk.l_conf = xstrdup(arg); 1844 memset(arg, 0, strlen(arg)); 1845 break; 1846 case sLpkPubKeyAttr: 1847 arg = cp; 1848 if (!arg || *arg == '\0') 1849 fatal("%s line %d: missing pubkeyattr",filename,linenum); 1850 arg[strlen(arg)] = '\0'; 1851 options->lpk.pub_key_attr = xstrdup(arg); 1852 memset(arg,0,strlen(arg)); 1853 break; 1854 1855 #endif 1856 1857 default: 1858 fatal("%s line %d: Missing handler for opcode %s (%d)", 1859 filename, linenum, arg, opcode); 1860 } 1861 if ((arg = strdelim(&cp)) != NULL && *arg != '\0') 1862 fatal("%s line %d: garbage at end of line; \"%.200s\".", 1863 filename, linenum, arg); 1864 return 0; 1865 } 1866 1867 /* Reads the server configuration file. */ 1868 1869 void 1870 load_server_config(const char *filename, Buffer *conf) 1871 { 1872 char line[4096], *cp; 1873 FILE *f; 1874 int lineno = 0; 1875 1876 debug2("%s: filename %s", __func__, filename); 1877 if ((f = fopen(filename, "r")) == NULL) { 1878 perror(filename); 1879 exit(1); 1880 } 1881 buffer_clear(conf); 1882 while (fgets(line, sizeof(line), f)) { 1883 lineno++; 1884 if (strlen(line) == sizeof(line) - 1) 1885 fatal("%s line %d too long", filename, lineno); 1886 /* 1887 * Trim out comments and strip whitespace 1888 * NB - preserve newlines, they are needed to reproduce 1889 * line numbers later for error messages 1890 */ 1891 if ((cp = strchr(line, '#')) != NULL) 1892 memcpy(cp, "\n", 2); 1893 cp = line + strspn(line, " \t\r"); 1894 1895 buffer_append(conf, cp, strlen(cp)); 1896 } 1897 buffer_append(conf, "\0", 1); 1898 fclose(f); 1899 debug2("%s: done config len = %d", __func__, buffer_len(conf)); 1900 } 1901 1902 void 1903 parse_server_match_config(ServerOptions *options, 1904 struct connection_info *connectinfo) 1905 { 1906 ServerOptions mo; 1907 1908 initialize_server_options(&mo); 1909 parse_server_config(&mo, "reprocess config", &cfg, connectinfo); 1910 copy_set_server_options(options, &mo, 0); 1911 } 1912 1913 int parse_server_match_testspec(struct connection_info *ci, char *spec) 1914 { 1915 char *p; 1916 1917 while ((p = strsep(&spec, ",")) && *p != '\0') { 1918 if (strncmp(p, "addr=", 5) == 0) { 1919 ci->address = xstrdup(p + 5); 1920 } else if (strncmp(p, "host=", 5) == 0) { 1921 ci->host = xstrdup(p + 5); 1922 } else if (strncmp(p, "user=", 5) == 0) { 1923 ci->user = xstrdup(p + 5); 1924 } else if (strncmp(p, "laddr=", 6) == 0) { 1925 ci->laddress = xstrdup(p + 6); 1926 } else if (strncmp(p, "lport=", 6) == 0) { 1927 ci->lport = a2port(p + 6); 1928 if (ci->lport == -1) { 1929 fprintf(stderr, "Invalid port '%s' in test mode" 1930 " specification %s\n", p+6, p); 1931 return -1; 1932 } 1933 } else { 1934 fprintf(stderr, "Invalid test mode specification %s\n", 1935 p); 1936 return -1; 1937 } 1938 } 1939 return 0; 1940 } 1941 1942 /* 1943 * returns 1 for a complete spec, 0 for partial spec and -1 for an 1944 * empty spec. 1945 */ 1946 int server_match_spec_complete(struct connection_info *ci) 1947 { 1948 if (ci->user && ci->host && ci->address) 1949 return 1; /* complete */ 1950 if (!ci->user && !ci->host && !ci->address) 1951 return -1; /* empty */ 1952 return 0; /* partial */ 1953 } 1954 1955 /* Helper macros */ 1956 #define M_CP_INTOPT(n) do {\ 1957 if (src->n != -1) \ 1958 dst->n = src->n; \ 1959 } while (0) 1960 #define M_CP_STROPT(n) do {\ 1961 if (src->n != NULL) { \ 1962 if (dst->n != NULL) \ 1963 xfree(dst->n); \ 1964 dst->n = src->n; \ 1965 } \ 1966 } while(0) 1967 #define M_CP_STRARRAYOPT(n, num_n) do {\ 1968 if (src->num_n != 0) { \ 1969 for (dst->num_n = 0; dst->num_n < src->num_n; dst->num_n++) \ 1970 dst->n[dst->num_n] = xstrdup(src->n[dst->num_n]); \ 1971 } \ 1972 } while(0) 1973 1974 /* 1975 * Copy any supported values that are set. 1976 * 1977 * If the preauth flag is set, we do not bother copying the string or 1978 * array values that are not used pre-authentication, because any that we 1979 * do use must be explictly sent in mm_getpwnamallow(). 1980 */ 1981 void 1982 copy_set_server_options(ServerOptions *dst, ServerOptions *src, int preauth) 1983 { 1984 M_CP_INTOPT(password_authentication); 1985 M_CP_INTOPT(gss_authentication); 1986 M_CP_INTOPT(rsa_authentication); 1987 M_CP_INTOPT(pubkey_authentication); 1988 M_CP_INTOPT(kerberos_authentication); 1989 M_CP_INTOPT(hostbased_authentication); 1990 M_CP_INTOPT(hostbased_uses_name_from_packet_only); 1991 M_CP_INTOPT(kbd_interactive_authentication); 1992 M_CP_INTOPT(zero_knowledge_password_authentication); 1993 M_CP_STROPT(authorized_keys_command); 1994 M_CP_STROPT(authorized_keys_command_user); 1995 M_CP_INTOPT(permit_root_login); 1996 M_CP_INTOPT(permit_empty_passwd); 1997 1998 M_CP_INTOPT(allow_tcp_forwarding); 1999 M_CP_INTOPT(allow_agent_forwarding); 2000 M_CP_INTOPT(permit_tun); 2001 M_CP_INTOPT(gateway_ports); 2002 M_CP_INTOPT(x11_display_offset); 2003 M_CP_INTOPT(x11_forwarding); 2004 M_CP_INTOPT(x11_use_localhost); 2005 M_CP_INTOPT(max_sessions); 2006 M_CP_INTOPT(max_authtries); 2007 M_CP_INTOPT(ip_qos_interactive); 2008 M_CP_INTOPT(ip_qos_bulk); 2009 2010 /* See comment in servconf.h */ 2011 COPY_MATCH_STRING_OPTS(); 2012 2013 /* 2014 * The only things that should be below this point are string options 2015 * which are only used after authentication. 2016 */ 2017 if (preauth) 2018 return; 2019 2020 M_CP_STROPT(adm_forced_command); 2021 M_CP_STROPT(chroot_directory); 2022 } 2023 2024 #undef M_CP_INTOPT 2025 #undef M_CP_STROPT 2026 #undef M_CP_STRARRAYOPT 2027 2028 void 2029 parse_server_config(ServerOptions *options, const char *filename, Buffer *conf, 2030 struct connection_info *connectinfo) 2031 { 2032 int active, linenum, bad_options = 0; 2033 char *cp, *obuf, *cbuf; 2034 2035 debug2("%s: config %s len %d", __func__, filename, buffer_len(conf)); 2036 2037 obuf = cbuf = xstrdup(buffer_ptr(conf)); 2038 active = connectinfo ? 0 : 1; 2039 linenum = 1; 2040 while ((cp = strsep(&cbuf, "\n")) != NULL) { 2041 if (process_server_config_line(options, cp, filename, 2042 linenum++, &active, connectinfo) != 0) 2043 bad_options++; 2044 } 2045 xfree(obuf); 2046 if (bad_options > 0) 2047 fatal("%s: terminating, %d bad configuration options", 2048 filename, bad_options); 2049 } 2050 2051 static const char * 2052 fmt_multistate_int(int val, const struct multistate *m) 2053 { 2054 u_int i; 2055 2056 for (i = 0; m[i].key != NULL; i++) { 2057 if (m[i].value == val) 2058 return m[i].key; 2059 } 2060 return "UNKNOWN"; 2061 } 2062 2063 static const char * 2064 fmt_intarg(ServerOpCodes code, int val) 2065 { 2066 if (val == -1) 2067 return "unset"; 2068 switch (code) { 2069 case sAddressFamily: 2070 return fmt_multistate_int(val, multistate_addressfamily); 2071 case sPermitRootLogin: 2072 return fmt_multistate_int(val, multistate_permitrootlogin); 2073 case sGatewayPorts: 2074 return fmt_multistate_int(val, multistate_gatewayports); 2075 case sCompression: 2076 return fmt_multistate_int(val, multistate_compression); 2077 case sUsePrivilegeSeparation: 2078 return fmt_multistate_int(val, multistate_privsep); 2079 case sAllowTcpForwarding: 2080 return fmt_multistate_int(val, multistate_tcpfwd); 2081 case sProtocol: 2082 switch (val) { 2083 case SSH_PROTO_1: 2084 return "1"; 2085 case SSH_PROTO_2: 2086 return "2"; 2087 case (SSH_PROTO_1|SSH_PROTO_2): 2088 return "2,1"; 2089 default: 2090 return "UNKNOWN"; 2091 } 2092 default: 2093 switch (val) { 2094 case 0: 2095 return "no"; 2096 case 1: 2097 return "yes"; 2098 default: 2099 return "UNKNOWN"; 2100 } 2101 } 2102 } 2103 2104 static const char * 2105 lookup_opcode_name(ServerOpCodes code) 2106 { 2107 u_int i; 2108 2109 for (i = 0; keywords[i].name != NULL; i++) 2110 if (keywords[i].opcode == code) 2111 return(keywords[i].name); 2112 return "UNKNOWN"; 2113 } 2114 2115 static void 2116 dump_cfg_int(ServerOpCodes code, int val) 2117 { 2118 printf("%s %d\n", lookup_opcode_name(code), val); 2119 } 2120 2121 static void 2122 dump_cfg_fmtint(ServerOpCodes code, int val) 2123 { 2124 printf("%s %s\n", lookup_opcode_name(code), fmt_intarg(code, val)); 2125 } 2126 2127 static void 2128 dump_cfg_string(ServerOpCodes code, const char *val) 2129 { 2130 if (val == NULL) 2131 return; 2132 printf("%s %s\n", lookup_opcode_name(code), val); 2133 } 2134 2135 static void 2136 dump_cfg_strarray(ServerOpCodes code, u_int count, char **vals) 2137 { 2138 u_int i; 2139 2140 for (i = 0; i < count; i++) 2141 printf("%s %s\n", lookup_opcode_name(code), vals[i]); 2142 } 2143 2144 static void 2145 dump_cfg_strarray_oneline(ServerOpCodes code, u_int count, char **vals) 2146 { 2147 u_int i; 2148 2149 printf("%s", lookup_opcode_name(code)); 2150 for (i = 0; i < count; i++) 2151 printf(" %s", vals[i]); 2152 printf("\n"); 2153 } 2154 2155 void 2156 dump_config(ServerOptions *o) 2157 { 2158 u_int i; 2159 int ret; 2160 struct addrinfo *ai; 2161 char addr[NI_MAXHOST], port[NI_MAXSERV]; 2162 const char *s = NULL; 2163 2164 /* these are usually at the top of the config */ 2165 for (i = 0; i < o->num_ports; i++) 2166 printf("port %d\n", o->ports[i]); 2167 dump_cfg_fmtint(sProtocol, o->protocol); 2168 dump_cfg_fmtint(sAddressFamily, o->address_family); 2169 2170 /* ListenAddress must be after Port */ 2171 for (ai = o->listen_addrs; ai; ai = ai->ai_next) { 2172 if ((ret = getnameinfo(ai->ai_addr, ai->ai_addrlen, addr, 2173 sizeof(addr), port, sizeof(port), 2174 NI_NUMERICHOST|NI_NUMERICSERV)) != 0) { 2175 error("getnameinfo failed: %.100s", 2176 (ret != EAI_SYSTEM) ? gai_strerror(ret) : 2177 strerror(errno)); 2178 } else { 2179 if (ai->ai_family == AF_INET6) 2180 printf("listenaddress [%s]:%s\n", addr, port); 2181 else 2182 printf("listenaddress %s:%s\n", addr, port); 2183 } 2184 } 2185 2186 /* integer arguments */ 2187 dump_cfg_int(sServerKeyBits, o->server_key_bits); 2188 dump_cfg_int(sLoginGraceTime, o->login_grace_time); 2189 dump_cfg_int(sKeyRegenerationTime, o->key_regeneration_time); 2190 dump_cfg_int(sX11DisplayOffset, o->x11_display_offset); 2191 dump_cfg_int(sMaxAuthTries, o->max_authtries); 2192 dump_cfg_int(sMaxSessions, o->max_sessions); 2193 dump_cfg_int(sClientAliveInterval, o->client_alive_interval); 2194 dump_cfg_int(sClientAliveCountMax, o->client_alive_count_max); 2195 2196 /* formatted integer arguments */ 2197 dump_cfg_fmtint(sPermitRootLogin, o->permit_root_login); 2198 dump_cfg_fmtint(sIgnoreRhosts, o->ignore_rhosts); 2199 dump_cfg_fmtint(sIgnoreUserKnownHosts, o->ignore_user_known_hosts); 2200 dump_cfg_fmtint(sRhostsRSAAuthentication, o->rhosts_rsa_authentication); 2201 dump_cfg_fmtint(sHostbasedAuthentication, o->hostbased_authentication); 2202 dump_cfg_fmtint(sHostbasedUsesNameFromPacketOnly, 2203 o->hostbased_uses_name_from_packet_only); 2204 dump_cfg_fmtint(sRSAAuthentication, o->rsa_authentication); 2205 dump_cfg_fmtint(sPubkeyAuthentication, o->pubkey_authentication); 2206 #ifdef KRB5 2207 dump_cfg_fmtint(sKerberosAuthentication, o->kerberos_authentication); 2208 dump_cfg_fmtint(sKerberosOrLocalPasswd, o->kerberos_or_local_passwd); 2209 dump_cfg_fmtint(sKerberosTicketCleanup, o->kerberos_ticket_cleanup); 2210 dump_cfg_fmtint(sKerberosGetAFSToken, o->kerberos_get_afs_token); 2211 #endif 2212 #ifdef GSSAPI 2213 dump_cfg_fmtint(sGssAuthentication, o->gss_authentication); 2214 dump_cfg_fmtint(sGssCleanupCreds, o->gss_cleanup_creds); 2215 #endif 2216 #ifdef JPAKE 2217 dump_cfg_fmtint(sZeroKnowledgePasswordAuthentication, 2218 o->zero_knowledge_password_authentication); 2219 #endif 2220 dump_cfg_fmtint(sPasswordAuthentication, o->password_authentication); 2221 dump_cfg_fmtint(sKbdInteractiveAuthentication, 2222 o->kbd_interactive_authentication); 2223 dump_cfg_fmtint(sChallengeResponseAuthentication, 2224 o->challenge_response_authentication); 2225 dump_cfg_fmtint(sPrintMotd, o->print_motd); 2226 dump_cfg_fmtint(sPrintLastLog, o->print_lastlog); 2227 dump_cfg_fmtint(sX11Forwarding, o->x11_forwarding); 2228 dump_cfg_fmtint(sX11UseLocalhost, o->x11_use_localhost); 2229 dump_cfg_fmtint(sStrictModes, o->strict_modes); 2230 dump_cfg_fmtint(sTCPKeepAlive, o->tcp_keep_alive); 2231 dump_cfg_fmtint(sEmptyPasswd, o->permit_empty_passwd); 2232 dump_cfg_fmtint(sPermitUserEnvironment, o->permit_user_env); 2233 dump_cfg_fmtint(sUseLogin, o->use_login); 2234 dump_cfg_fmtint(sCompression, o->compression); 2235 dump_cfg_fmtint(sGatewayPorts, o->gateway_ports); 2236 dump_cfg_fmtint(sUseDNS, o->use_dns); 2237 dump_cfg_fmtint(sAllowTcpForwarding, o->allow_tcp_forwarding); 2238 dump_cfg_fmtint(sUsePrivilegeSeparation, use_privsep); 2239 2240 /* string arguments */ 2241 dump_cfg_string(sPidFile, o->pid_file); 2242 dump_cfg_string(sXAuthLocation, o->xauth_location); 2243 dump_cfg_string(sCiphers, o->ciphers); 2244 dump_cfg_string(sMacs, o->macs); 2245 dump_cfg_string(sBanner, o->banner); 2246 dump_cfg_string(sForceCommand, o->adm_forced_command); 2247 dump_cfg_string(sChrootDirectory, o->chroot_directory); 2248 dump_cfg_string(sTrustedUserCAKeys, o->trusted_user_ca_keys); 2249 dump_cfg_string(sRevokedKeys, o->revoked_keys_file); 2250 dump_cfg_string(sAuthorizedPrincipalsFile, 2251 o->authorized_principals_file); 2252 dump_cfg_string(sVersionAddendum, o->version_addendum); 2253 dump_cfg_string(sAuthorizedKeysCommand, o->authorized_keys_command); 2254 dump_cfg_string(sAuthorizedKeysCommandUser, o->authorized_keys_command_user); 2255 2256 /* string arguments requiring a lookup */ 2257 dump_cfg_string(sLogLevel, log_level_name(o->log_level)); 2258 dump_cfg_string(sLogFacility, log_facility_name(o->log_facility)); 2259 2260 /* string array arguments */ 2261 dump_cfg_strarray_oneline(sAuthorizedKeysFile, o->num_authkeys_files, 2262 o->authorized_keys_files); 2263 dump_cfg_strarray(sHostKeyFile, o->num_host_key_files, 2264 o->host_key_files); 2265 dump_cfg_strarray(sHostKeyFile, o->num_host_cert_files, 2266 o->host_cert_files); 2267 dump_cfg_strarray(sAllowUsers, o->num_allow_users, o->allow_users); 2268 dump_cfg_strarray(sDenyUsers, o->num_deny_users, o->deny_users); 2269 dump_cfg_strarray(sAllowGroups, o->num_allow_groups, o->allow_groups); 2270 dump_cfg_strarray(sDenyGroups, o->num_deny_groups, o->deny_groups); 2271 dump_cfg_strarray(sAcceptEnv, o->num_accept_env, o->accept_env); 2272 dump_cfg_strarray_oneline(sAuthenticationMethods, 2273 o->num_auth_methods, o->auth_methods); 2274 2275 /* other arguments */ 2276 for (i = 0; i < o->num_subsystems; i++) 2277 printf("subsystem %s %s\n", o->subsystem_name[i], 2278 o->subsystem_args[i]); 2279 2280 printf("maxstartups %d:%d:%d\n", o->max_startups_begin, 2281 o->max_startups_rate, o->max_startups); 2282 2283 for (i = 0; tunmode_desc[i].val != -1; i++) 2284 if (tunmode_desc[i].val == o->permit_tun) { 2285 s = tunmode_desc[i].text; 2286 break; 2287 } 2288 dump_cfg_string(sPermitTunnel, s); 2289 2290 printf("ipqos %s ", iptos2str(o->ip_qos_interactive)); 2291 printf("%s\n", iptos2str(o->ip_qos_bulk)); 2292 2293 channel_print_adm_permitted_opens(); 2294 } 2295