1 /* $NetBSD: servconf.c,v 1.27 2018/04/08 21:56:48 joerg Exp $ */ 2 3 /* $OpenBSD: servconf.c,v 1.326 2018/03/01 20:32:16 markus Exp $ */ 4 /* 5 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland 6 * All rights reserved 7 * 8 * As far as I am concerned, the code I have written for this software 9 * can be used freely for any purpose. Any derived versions of this 10 * software must be clearly marked as such, and if the derived work is 11 * incompatible with the protocol description in the RFC file, it must be 12 * called by a name other than "ssh" or "Secure Shell". 13 */ 14 15 #include "includes.h" 16 __RCSID("$NetBSD: servconf.c,v 1.27 2018/04/08 21:56:48 joerg Exp $"); 17 #include <sys/types.h> 18 #include <sys/socket.h> 19 #include <sys/queue.h> 20 #include <sys/param.h> 21 #include <sys/sysctl.h> 22 23 #include <netinet/in.h> 24 #include <netinet/ip.h> 25 #include <net/route.h> 26 27 #include <ctype.h> 28 #include <netdb.h> 29 #include <pwd.h> 30 #include <stdio.h> 31 #include <stdlib.h> 32 #include <string.h> 33 #include <signal.h> 34 #include <unistd.h> 35 #include <limits.h> 36 #include <stdarg.h> 37 #include <errno.h> 38 #include <util.h> 39 #include <time.h> 40 41 #ifdef KRB4 42 #include <krb.h> 43 #ifdef AFS 44 #include <kafs.h> 45 #endif /* AFS */ 46 #endif /* KRB4 */ 47 48 #include "xmalloc.h" 49 #include "ssh.h" 50 #include "log.h" 51 #include "buffer.h" 52 #include "misc.h" 53 #include "servconf.h" 54 #include "compat.h" 55 #include "pathnames.h" 56 #include "cipher.h" 57 #include "key.h" 58 #include "kex.h" 59 #include "mac.h" 60 #include "match.h" 61 #include "channels.h" 62 #include "groupaccess.h" 63 #include "canohost.h" 64 #include "packet.h" 65 #include "hostfile.h" 66 #include "auth.h" 67 #include "fmt_scaled.h" 68 69 #ifdef WITH_LDAP_PUBKEY 70 #include "ldapauth.h" 71 #endif 72 #include "myproposal.h" 73 #include "digest.h" 74 75 static void add_listen_addr(ServerOptions *, const char *, 76 const char *, int); 77 static void add_one_listen_addr(ServerOptions *, const char *, 78 const char *, int); 79 80 /* Use of privilege separation or not */ 81 extern int use_privsep; 82 extern Buffer cfg; 83 84 /* Initializes the server options to their default values. */ 85 86 void 87 initialize_server_options(ServerOptions *options) 88 { 89 memset(options, 0, sizeof(*options)); 90 91 /* Portable-specific options */ 92 options->use_pam = -1; 93 94 /* Standard Options */ 95 options->num_ports = 0; 96 options->ports_from_cmdline = 0; 97 options->queued_listen_addrs = NULL; 98 options->num_queued_listens = 0; 99 options->listen_addrs = NULL; 100 options->num_listen_addrs = 0; 101 options->address_family = -1; 102 options->routing_domain = NULL; 103 options->num_host_key_files = 0; 104 options->num_host_cert_files = 0; 105 options->host_key_agent = NULL; 106 options->pid_file = NULL; 107 options->login_grace_time = -1; 108 options->permit_root_login = PERMIT_NOT_SET; 109 options->ignore_rhosts = -1; 110 options->ignore_root_rhosts = -1; 111 options->ignore_user_known_hosts = -1; 112 options->print_motd = -1; 113 options->print_lastlog = -1; 114 options->x11_forwarding = -1; 115 options->x11_display_offset = -1; 116 options->x11_use_localhost = -1; 117 options->permit_tty = -1; 118 options->permit_user_rc = -1; 119 options->xauth_location = NULL; 120 options->strict_modes = -1; 121 options->tcp_keep_alive = -1; 122 options->log_facility = SYSLOG_FACILITY_NOT_SET; 123 options->log_level = SYSLOG_LEVEL_NOT_SET; 124 options->hostbased_authentication = -1; 125 options->hostbased_uses_name_from_packet_only = -1; 126 options->hostbased_key_types = NULL; 127 options->hostkeyalgorithms = NULL; 128 options->pubkey_authentication = -1; 129 options->pubkey_key_types = NULL; 130 options->kerberos_authentication = -1; 131 options->kerberos_or_local_passwd = -1; 132 options->kerberos_ticket_cleanup = -1; 133 #if defined(AFS) || defined(KRB5) 134 options->kerberos_tgt_passing = -1; 135 #endif 136 #ifdef AFS 137 options->afs_token_passing = -1; 138 #endif 139 options->kerberos_get_afs_token = -1; 140 options->gss_authentication=-1; 141 options->gss_cleanup_creds = -1; 142 options->gss_strict_acceptor = -1; 143 options->password_authentication = -1; 144 options->kbd_interactive_authentication = -1; 145 options->challenge_response_authentication = -1; 146 options->permit_empty_passwd = -1; 147 options->permit_user_env = -1; 148 options->compression = -1; 149 options->rekey_limit = -1; 150 options->rekey_interval = -1; 151 options->allow_tcp_forwarding = -1; 152 options->allow_streamlocal_forwarding = -1; 153 options->allow_agent_forwarding = -1; 154 options->num_allow_users = 0; 155 options->num_deny_users = 0; 156 options->num_allow_groups = 0; 157 options->num_deny_groups = 0; 158 options->ciphers = NULL; 159 #ifdef WITH_LDAP_PUBKEY 160 /* XXX dirty */ 161 options->lpk.ld = NULL; 162 options->lpk.on = -1; 163 options->lpk.servers = NULL; 164 options->lpk.u_basedn = NULL; 165 options->lpk.g_basedn = NULL; 166 options->lpk.binddn = NULL; 167 options->lpk.bindpw = NULL; 168 options->lpk.sgroup = NULL; 169 options->lpk.filter = NULL; 170 options->lpk.fgroup = NULL; 171 options->lpk.l_conf = NULL; 172 options->lpk.tls = -1; 173 options->lpk.b_timeout.tv_sec = -1; 174 options->lpk.s_timeout.tv_sec = -1; 175 options->lpk.flags = FLAG_EMPTY; 176 options->lpk.pub_key_attr = NULL; 177 #endif 178 options->macs = NULL; 179 options->kex_algorithms = NULL; 180 options->fwd_opts.gateway_ports = -1; 181 options->fwd_opts.streamlocal_bind_mask = (mode_t)-1; 182 options->fwd_opts.streamlocal_bind_unlink = -1; 183 options->num_subsystems = 0; 184 options->max_startups_begin = -1; 185 options->max_startups_rate = -1; 186 options->max_startups = -1; 187 options->max_authtries = -1; 188 options->max_sessions = -1; 189 options->banner = NULL; 190 options->use_dns = -1; 191 options->client_alive_interval = -1; 192 options->client_alive_count_max = -1; 193 options->num_authkeys_files = 0; 194 options->num_accept_env = 0; 195 options->permit_tun = -1; 196 options->permitted_opens = NULL; 197 options->adm_forced_command = NULL; 198 options->chroot_directory = NULL; 199 options->authorized_keys_command = NULL; 200 options->authorized_keys_command_user = NULL; 201 options->revoked_keys_file = NULL; 202 options->trusted_user_ca_keys = NULL; 203 options->authorized_principals_file = NULL; 204 options->authorized_principals_command = NULL; 205 options->authorized_principals_command_user = NULL; 206 options->ip_qos_interactive = -1; 207 options->ip_qos_bulk = -1; 208 options->version_addendum = NULL; 209 options->fingerprint_hash = -1; 210 options->disable_forwarding = -1; 211 options->expose_userauth_info = -1; 212 options->none_enabled = -1; 213 options->tcp_rcv_buf_poll = -1; 214 options->hpn_disabled = -1; 215 options->hpn_buffer_size = -1; 216 } 217 218 /* Returns 1 if a string option is unset or set to "none" or 0 otherwise. */ 219 static int 220 option_clear_or_none(const char *o) 221 { 222 return o == NULL || strcasecmp(o, "none") == 0; 223 } 224 225 static void 226 assemble_algorithms(ServerOptions *o) 227 { 228 if (kex_assemble_names(KEX_SERVER_ENCRYPT, &o->ciphers) != 0 || 229 kex_assemble_names(KEX_SERVER_MAC, &o->macs) != 0 || 230 kex_assemble_names(KEX_SERVER_KEX, &o->kex_algorithms) != 0 || 231 kex_assemble_names(KEX_DEFAULT_PK_ALG, 232 &o->hostkeyalgorithms) != 0 || 233 kex_assemble_names(KEX_DEFAULT_PK_ALG, 234 &o->hostbased_key_types) != 0 || 235 kex_assemble_names(KEX_DEFAULT_PK_ALG, &o->pubkey_key_types) != 0) 236 fatal("kex_assemble_names failed"); 237 } 238 239 static void 240 array_append(const char *file, const int line, const char *directive, 241 char ***array, u_int *lp, const char *s) 242 { 243 244 if (*lp >= INT_MAX) 245 fatal("%s line %d: Too many %s entries", file, line, directive); 246 247 *array = xrecallocarray(*array, *lp, *lp + 1, sizeof(**array)); 248 (*array)[*lp] = xstrdup(s); 249 (*lp)++; 250 } 251 252 void 253 servconf_add_hostkey(const char *file, const int line, 254 ServerOptions *options, const char *path) 255 { 256 char *apath = derelativise_path(path); 257 258 array_append(file, line, "HostKey", 259 &options->host_key_files, &options->num_host_key_files, apath); 260 free(apath); 261 } 262 263 void 264 servconf_add_hostcert(const char *file, const int line, 265 ServerOptions *options, const char *path) 266 { 267 char *apath = derelativise_path(path); 268 269 array_append(file, line, "HostCertificate", 270 &options->host_cert_files, &options->num_host_cert_files, apath); 271 free(apath); 272 } 273 274 void 275 fill_default_server_options(ServerOptions *options) 276 { 277 /* needed for hpn socket tests */ 278 int sock; 279 int socksize; 280 socklen_t socksizelen = sizeof(int); 281 282 /* Portable-specific options */ 283 if (options->use_pam == -1) 284 options->use_pam = 0; 285 286 /* Standard Options */ 287 u_int i; 288 289 if (options->num_host_key_files == 0) { 290 /* fill default hostkeys */ 291 servconf_add_hostkey("[default]", 0, options, 292 _PATH_HOST_RSA_KEY_FILE); 293 servconf_add_hostkey("[default]", 0, options, 294 _PATH_HOST_ECDSA_KEY_FILE); 295 servconf_add_hostkey("[default]", 0, options, 296 _PATH_HOST_ED25519_KEY_FILE); 297 #ifdef WITH_XMSS 298 servconf_add_hostkey("[default]", 0, options, 299 _PATH_HOST_XMSS_KEY_FILE); 300 #endif /* WITH_XMSS */ 301 } 302 /* No certificates by default */ 303 if (options->num_ports == 0) 304 options->ports[options->num_ports++] = SSH_DEFAULT_PORT; 305 if (options->address_family == -1) 306 options->address_family = AF_UNSPEC; 307 if (options->listen_addrs == NULL) 308 add_listen_addr(options, NULL, NULL, 0); 309 if (options->pid_file == NULL) 310 options->pid_file = xstrdup(_PATH_SSH_DAEMON_PID_FILE); 311 if (options->login_grace_time == -1) 312 options->login_grace_time = 120; 313 if (options->permit_root_login == PERMIT_NOT_SET) 314 options->permit_root_login = PERMIT_NO_PASSWD; 315 if (options->ignore_rhosts == -1) 316 options->ignore_rhosts = 1; 317 if (options->ignore_root_rhosts == -1) 318 options->ignore_root_rhosts = options->ignore_rhosts; 319 if (options->ignore_user_known_hosts == -1) 320 options->ignore_user_known_hosts = 0; 321 if (options->print_motd == -1) 322 options->print_motd = 1; 323 if (options->print_lastlog == -1) 324 options->print_lastlog = 1; 325 if (options->x11_forwarding == -1) 326 options->x11_forwarding = 0; 327 if (options->x11_display_offset == -1) 328 options->x11_display_offset = 10; 329 if (options->x11_use_localhost == -1) 330 options->x11_use_localhost = 1; 331 if (options->xauth_location == NULL) 332 options->xauth_location = xstrdup(_PATH_XAUTH); 333 if (options->permit_tty == -1) 334 options->permit_tty = 1; 335 if (options->permit_user_rc == -1) 336 options->permit_user_rc = 1; 337 if (options->strict_modes == -1) 338 options->strict_modes = 1; 339 if (options->tcp_keep_alive == -1) 340 options->tcp_keep_alive = 1; 341 if (options->log_facility == SYSLOG_FACILITY_NOT_SET) 342 options->log_facility = SYSLOG_FACILITY_AUTH; 343 if (options->log_level == SYSLOG_LEVEL_NOT_SET) 344 options->log_level = SYSLOG_LEVEL_INFO; 345 if (options->hostbased_authentication == -1) 346 options->hostbased_authentication = 0; 347 if (options->hostbased_uses_name_from_packet_only == -1) 348 options->hostbased_uses_name_from_packet_only = 0; 349 if (options->pubkey_authentication == -1) 350 options->pubkey_authentication = 1; 351 if (options->kerberos_authentication == -1) 352 options->kerberos_authentication = 0; 353 if (options->kerberos_or_local_passwd == -1) 354 options->kerberos_or_local_passwd = 1; 355 if (options->kerberos_ticket_cleanup == -1) 356 options->kerberos_ticket_cleanup = 1; 357 #if defined(AFS) || defined(KRB5) 358 if (options->kerberos_tgt_passing == -1) 359 options->kerberos_tgt_passing = 0; 360 #endif 361 #ifdef AFS 362 if (options->afs_token_passing == -1) 363 options->afs_token_passing = 0; 364 #endif 365 if (options->kerberos_get_afs_token == -1) 366 options->kerberos_get_afs_token = 0; 367 if (options->gss_authentication == -1) 368 options->gss_authentication = 0; 369 if (options->gss_cleanup_creds == -1) 370 options->gss_cleanup_creds = 1; 371 if (options->gss_strict_acceptor == -1) 372 options->gss_strict_acceptor = 1; 373 if (options->password_authentication == -1) 374 options->password_authentication = 1; 375 if (options->kbd_interactive_authentication == -1) 376 options->kbd_interactive_authentication = 0; 377 if (options->challenge_response_authentication == -1) 378 options->challenge_response_authentication = 1; 379 if (options->permit_empty_passwd == -1) 380 options->permit_empty_passwd = 0; 381 if (options->permit_user_env == -1) 382 options->permit_user_env = 0; 383 if (options->compression == -1) 384 options->compression = COMP_DELAYED; 385 if (options->rekey_limit == -1) 386 options->rekey_limit = 0; 387 if (options->rekey_interval == -1) 388 options->rekey_interval = 0; 389 if (options->allow_tcp_forwarding == -1) 390 options->allow_tcp_forwarding = FORWARD_ALLOW; 391 if (options->allow_streamlocal_forwarding == -1) 392 options->allow_streamlocal_forwarding = FORWARD_ALLOW; 393 if (options->allow_agent_forwarding == -1) 394 options->allow_agent_forwarding = 1; 395 if (options->fwd_opts.gateway_ports == -1) 396 options->fwd_opts.gateway_ports = 0; 397 if (options->max_startups == -1) 398 options->max_startups = 100; 399 if (options->max_startups_rate == -1) 400 options->max_startups_rate = 30; /* 30% */ 401 if (options->max_startups_begin == -1) 402 options->max_startups_begin = 10; 403 if (options->max_authtries == -1) 404 options->max_authtries = DEFAULT_AUTH_FAIL_MAX; 405 if (options->max_sessions == -1) 406 options->max_sessions = DEFAULT_SESSIONS_MAX; 407 if (options->use_dns == -1) 408 options->use_dns = 0; 409 if (options->client_alive_interval == -1) 410 options->client_alive_interval = 0; 411 if (options->client_alive_count_max == -1) 412 options->client_alive_count_max = 3; 413 if (options->num_authkeys_files == 0) { 414 array_append("[default]", 0, "AuthorizedKeysFiles", 415 &options->authorized_keys_files, 416 &options->num_authkeys_files, 417 _PATH_SSH_USER_PERMITTED_KEYS); 418 array_append("[default]", 0, "AuthorizedKeysFiles", 419 &options->authorized_keys_files, 420 &options->num_authkeys_files, 421 _PATH_SSH_USER_PERMITTED_KEYS2); 422 } 423 if (options->permit_tun == -1) 424 options->permit_tun = SSH_TUNMODE_NO; 425 if (options->ip_qos_interactive == -1) 426 options->ip_qos_interactive = IPTOS_LOWDELAY; 427 if (options->ip_qos_bulk == -1) 428 options->ip_qos_bulk = IPTOS_THROUGHPUT; 429 if (options->version_addendum == NULL) 430 options->version_addendum = xstrdup(""); 431 432 if (options->hpn_disabled == -1) 433 options->hpn_disabled = 0; 434 435 if (options->hpn_buffer_size == -1) { 436 /* option not explicitly set. Now we have to figure out */ 437 /* what value to use */ 438 if (options->hpn_disabled == 1) { 439 options->hpn_buffer_size = CHAN_SES_WINDOW_DEFAULT; 440 } else { 441 /* get the current RCV size and set it to that */ 442 /*create a socket but don't connect it */ 443 /* we use that the get the rcv socket size */ 444 sock = socket(AF_INET, SOCK_STREAM, 0); 445 getsockopt(sock, SOL_SOCKET, SO_RCVBUF, 446 &socksize, &socksizelen); 447 close(sock); 448 options->hpn_buffer_size = socksize; 449 debug ("HPN Buffer Size: %d", options->hpn_buffer_size); 450 451 } 452 } else { 453 /* we have to do this incase the user sets both values in a contradictory */ 454 /* manner. hpn_disabled overrrides hpn_buffer_size*/ 455 if (options->hpn_disabled <= 0) { 456 if (options->hpn_buffer_size == 0) 457 options->hpn_buffer_size = 1; 458 /* limit the maximum buffer to 64MB */ 459 if (options->hpn_buffer_size > 64*1024) { 460 options->hpn_buffer_size = 64*1024*1024; 461 } else { 462 options->hpn_buffer_size *= 1024; 463 } 464 } else 465 options->hpn_buffer_size = CHAN_TCP_WINDOW_DEFAULT; 466 } 467 468 #ifdef WITH_LDAP_PUBKEY 469 if (options->lpk.on == -1) 470 options->lpk.on = _DEFAULT_LPK_ON; 471 if (options->lpk.servers == NULL) 472 options->lpk.servers = _DEFAULT_LPK_SERVERS; 473 if (options->lpk.u_basedn == NULL) 474 options->lpk.u_basedn = _DEFAULT_LPK_UDN; 475 if (options->lpk.g_basedn == NULL) 476 options->lpk.g_basedn = _DEFAULT_LPK_GDN; 477 if (options->lpk.binddn == NULL) 478 options->lpk.binddn = _DEFAULT_LPK_BINDDN; 479 if (options->lpk.bindpw == NULL) 480 options->lpk.bindpw = _DEFAULT_LPK_BINDPW; 481 if (options->lpk.sgroup == NULL) 482 options->lpk.sgroup = _DEFAULT_LPK_SGROUP; 483 if (options->lpk.filter == NULL) 484 options->lpk.filter = _DEFAULT_LPK_FILTER; 485 if (options->lpk.tls == -1) 486 options->lpk.tls = _DEFAULT_LPK_TLS; 487 if (options->lpk.b_timeout.tv_sec == -1) 488 options->lpk.b_timeout.tv_sec = _DEFAULT_LPK_BTIMEOUT; 489 if (options->lpk.s_timeout.tv_sec == -1) 490 options->lpk.s_timeout.tv_sec = _DEFAULT_LPK_STIMEOUT; 491 if (options->lpk.l_conf == NULL) 492 options->lpk.l_conf = _DEFAULT_LPK_LDP; 493 if (options->lpk.pub_key_attr == NULL) 494 options->lpk.pub_key_attr = __UNCONST(_DEFAULT_LPK_PUB); 495 #endif 496 497 if (options->fwd_opts.streamlocal_bind_mask == (mode_t)-1) 498 options->fwd_opts.streamlocal_bind_mask = 0177; 499 if (options->fwd_opts.streamlocal_bind_unlink == -1) 500 options->fwd_opts.streamlocal_bind_unlink = 0; 501 if (options->fingerprint_hash == -1) 502 options->fingerprint_hash = SSH_FP_HASH_DEFAULT; 503 if (options->disable_forwarding == -1) 504 options->disable_forwarding = 0; 505 if (options->expose_userauth_info == -1) 506 options->expose_userauth_info = 0; 507 508 assemble_algorithms(options); 509 510 /* Turn privilege separation and sandboxing on by default */ 511 if (use_privsep == -1) 512 use_privsep = PRIVSEP_ON; 513 514 #define CLEAR_ON_NONE(v) \ 515 do { \ 516 if (option_clear_or_none(v)) { \ 517 free(v); \ 518 v = NULL; \ 519 } \ 520 } while(0) 521 CLEAR_ON_NONE(options->pid_file); 522 CLEAR_ON_NONE(options->xauth_location); 523 CLEAR_ON_NONE(options->banner); 524 CLEAR_ON_NONE(options->trusted_user_ca_keys); 525 CLEAR_ON_NONE(options->revoked_keys_file); 526 CLEAR_ON_NONE(options->authorized_principals_file); 527 CLEAR_ON_NONE(options->adm_forced_command); 528 CLEAR_ON_NONE(options->chroot_directory); 529 CLEAR_ON_NONE(options->routing_domain); 530 for (i = 0; i < options->num_host_key_files; i++) 531 CLEAR_ON_NONE(options->host_key_files[i]); 532 for (i = 0; i < options->num_host_cert_files; i++) 533 CLEAR_ON_NONE(options->host_cert_files[i]); 534 #undef CLEAR_ON_NONE 535 536 /* Similar handling for AuthenticationMethods=any */ 537 if (options->num_auth_methods == 1 && 538 strcmp(options->auth_methods[0], "any") == 0) { 539 free(options->auth_methods[0]); 540 options->auth_methods[0] = NULL; 541 options->num_auth_methods = 0; 542 } 543 544 } 545 546 /* Keyword tokens. */ 547 typedef enum { 548 sBadOption, /* == unknown option */ 549 sUsePAM, 550 sPort, sHostKeyFile, sLoginGraceTime, 551 sPermitRootLogin, sLogFacility, sLogLevel, 552 sKerberosAuthentication, sKerberosOrLocalPasswd, sKerberosTicketCleanup, 553 sKerberosGetAFSToken, 554 sKerberosTgtPassing, sChallengeResponseAuthentication, 555 sPasswordAuthentication, sKbdInteractiveAuthentication, 556 sListenAddress, sAddressFamily, 557 sPrintMotd, sPrintLastLog, sIgnoreRhosts, 558 sX11Forwarding, sX11DisplayOffset, sX11UseLocalhost, 559 sPermitTTY, sStrictModes, sEmptyPasswd, sTCPKeepAlive, 560 sPermitUserEnvironment, sAllowTcpForwarding, sCompression, 561 sRekeyLimit, sAllowUsers, sDenyUsers, sAllowGroups, sDenyGroups, 562 sIgnoreUserKnownHosts, sCiphers, sMacs, sPidFile, 563 sGatewayPorts, sPubkeyAuthentication, sPubkeyAcceptedKeyTypes, 564 sXAuthLocation, sSubsystem, sMaxStartups, sMaxAuthTries, sMaxSessions, 565 sBanner, sUseDNS, sHostbasedAuthentication, 566 sHostbasedUsesNameFromPacketOnly, sHostbasedAcceptedKeyTypes, 567 sHostKeyAlgorithms, 568 sClientAliveInterval, sClientAliveCountMax, sAuthorizedKeysFile, 569 sGssAuthentication, sGssCleanupCreds, sGssStrictAcceptor, 570 sAcceptEnv, sPermitTunnel, 571 sMatch, sPermitOpen, sForceCommand, sChrootDirectory, 572 sUsePrivilegeSeparation, sAllowAgentForwarding, 573 sHostCertificate, 574 sRevokedKeys, sTrustedUserCAKeys, sAuthorizedPrincipalsFile, 575 sAuthorizedPrincipalsCommand, sAuthorizedPrincipalsCommandUser, 576 sKexAlgorithms, sIPQoS, sVersionAddendum, 577 sIgnoreRootRhosts, 578 sNoneEnabled, sTcpRcvBufPoll,sHPNDisabled, sHPNBufferSize, 579 sAuthorizedKeysCommand, sAuthorizedKeysCommandUser, 580 sAuthenticationMethods, sHostKeyAgent, sPermitUserRC, 581 sStreamLocalBindMask, sStreamLocalBindUnlink, 582 sAllowStreamLocalForwarding, sFingerprintHash, sDisableForwarding, 583 sExposeAuthInfo, sRDomain, 584 sDeprecated, sIgnore, sUnsupported 585 #ifdef WITH_LDAP_PUBKEY 586 ,sLdapPublickey, sLdapServers, sLdapUserDN 587 ,sLdapGroupDN, sBindDN, sBindPw, sMyGroup 588 ,sLdapFilter, sForceTLS, sBindTimeout 589 ,sSearchTimeout, sLdapConf ,sLpkPubKeyAttr 590 #endif 591 } ServerOpCodes; 592 593 #define SSHCFG_GLOBAL 0x01 /* allowed in main section of sshd_config */ 594 #define SSHCFG_MATCH 0x02 /* allowed inside a Match section */ 595 #define SSHCFG_ALL (SSHCFG_GLOBAL|SSHCFG_MATCH) 596 597 /* Textual representation of the tokens. */ 598 static struct { 599 const char *name; 600 ServerOpCodes opcode; 601 u_int flags; 602 } keywords[] = { 603 #ifdef USE_PAM 604 { "usepam", sUsePAM, SSHCFG_GLOBAL }, 605 #else 606 { "usepam", sUnsupported, SSHCFG_GLOBAL }, 607 #endif 608 { "port", sPort, SSHCFG_GLOBAL }, 609 { "hostkey", sHostKeyFile, SSHCFG_GLOBAL }, 610 { "hostdsakey", sHostKeyFile, SSHCFG_GLOBAL }, /* alias */ 611 { "hostkeyagent", sHostKeyAgent, SSHCFG_GLOBAL }, 612 { "pidfile", sPidFile, SSHCFG_GLOBAL }, 613 { "serverkeybits", sDeprecated, SSHCFG_GLOBAL }, 614 { "logingracetime", sLoginGraceTime, SSHCFG_GLOBAL }, 615 { "keyregenerationinterval", sDeprecated, SSHCFG_GLOBAL }, 616 { "permitrootlogin", sPermitRootLogin, SSHCFG_ALL }, 617 { "syslogfacility", sLogFacility, SSHCFG_GLOBAL }, 618 { "loglevel", sLogLevel, SSHCFG_ALL }, 619 { "rhostsauthentication", sDeprecated, SSHCFG_GLOBAL }, 620 { "rhostsrsaauthentication", sDeprecated, SSHCFG_ALL }, 621 { "hostbasedauthentication", sHostbasedAuthentication, SSHCFG_ALL }, 622 { "hostbasedusesnamefrompacketonly", sHostbasedUsesNameFromPacketOnly, SSHCFG_ALL }, 623 { "hostbasedacceptedkeytypes", sHostbasedAcceptedKeyTypes, SSHCFG_ALL }, 624 { "hostkeyalgorithms", sHostKeyAlgorithms, SSHCFG_GLOBAL }, 625 { "rsaauthentication", sDeprecated, SSHCFG_ALL }, 626 { "pubkeyauthentication", sPubkeyAuthentication, SSHCFG_ALL }, 627 { "pubkeyacceptedkeytypes", sPubkeyAcceptedKeyTypes, SSHCFG_ALL }, 628 { "dsaauthentication", sPubkeyAuthentication, SSHCFG_GLOBAL }, /* alias */ 629 #ifdef KRB5 630 { "kerberosauthentication", sKerberosAuthentication, SSHCFG_ALL }, 631 { "kerberosorlocalpasswd", sKerberosOrLocalPasswd, SSHCFG_GLOBAL }, 632 { "kerberosticketcleanup", sKerberosTicketCleanup, SSHCFG_GLOBAL }, 633 { "kerberosgetafstoken", sKerberosGetAFSToken, SSHCFG_GLOBAL }, 634 #else 635 { "kerberosauthentication", sUnsupported, SSHCFG_ALL }, 636 { "kerberosorlocalpasswd", sUnsupported, SSHCFG_GLOBAL }, 637 { "kerberosticketcleanup", sUnsupported, SSHCFG_GLOBAL }, 638 { "kerberosgetafstoken", sUnsupported, SSHCFG_GLOBAL }, 639 #endif 640 #if defined(AFS) || defined(KRB5) 641 { "kerberostgtpassing", sKerberosTgtPassing, SSHCFG_GLOBAL }, 642 #else 643 { "kerberostgtpassing", sUnsupported, SSHCFG_GLOBAL }, 644 #endif 645 { "afstokenpassing", sUnsupported, SSHCFG_GLOBAL }, 646 #ifdef GSSAPI 647 { "gssapiauthentication", sGssAuthentication, SSHCFG_ALL }, 648 { "gssapicleanupcredentials", sGssCleanupCreds, SSHCFG_GLOBAL }, 649 { "gssapistrictacceptorcheck", sGssStrictAcceptor, SSHCFG_GLOBAL }, 650 #else 651 { "gssapiauthentication", sUnsupported, SSHCFG_ALL }, 652 { "gssapicleanupcredentials", sUnsupported, SSHCFG_GLOBAL }, 653 { "gssapistrictacceptorcheck", sUnsupported, SSHCFG_GLOBAL }, 654 #endif 655 { "passwordauthentication", sPasswordAuthentication, SSHCFG_ALL }, 656 { "kbdinteractiveauthentication", sKbdInteractiveAuthentication, SSHCFG_ALL }, 657 { "challengeresponseauthentication", sChallengeResponseAuthentication, SSHCFG_GLOBAL }, 658 { "skeyauthentication", sChallengeResponseAuthentication, SSHCFG_GLOBAL }, /* alias */ 659 { "checkmail", sDeprecated, SSHCFG_GLOBAL }, 660 { "listenaddress", sListenAddress, SSHCFG_GLOBAL }, 661 { "addressfamily", sAddressFamily, SSHCFG_GLOBAL }, 662 { "printmotd", sPrintMotd, SSHCFG_GLOBAL }, 663 { "printlastlog", sPrintLastLog, SSHCFG_GLOBAL }, 664 { "ignorerhosts", sIgnoreRhosts, SSHCFG_GLOBAL }, 665 { "ignorerootrhosts", sIgnoreRootRhosts, SSHCFG_GLOBAL }, 666 { "ignoreuserknownhosts", sIgnoreUserKnownHosts, SSHCFG_GLOBAL }, 667 { "x11forwarding", sX11Forwarding, SSHCFG_ALL }, 668 { "x11displayoffset", sX11DisplayOffset, SSHCFG_ALL }, 669 { "x11uselocalhost", sX11UseLocalhost, SSHCFG_ALL }, 670 { "xauthlocation", sXAuthLocation, SSHCFG_GLOBAL }, 671 { "strictmodes", sStrictModes, SSHCFG_GLOBAL }, 672 { "permitemptypasswords", sEmptyPasswd, SSHCFG_ALL }, 673 { "permituserenvironment", sPermitUserEnvironment, SSHCFG_GLOBAL }, 674 { "uselogin", sDeprecated, SSHCFG_GLOBAL }, 675 { "compression", sCompression, SSHCFG_GLOBAL }, 676 { "rekeylimit", sRekeyLimit, SSHCFG_ALL }, 677 { "tcpkeepalive", sTCPKeepAlive, SSHCFG_GLOBAL }, 678 { "keepalive", sTCPKeepAlive, SSHCFG_GLOBAL }, /* obsolete alias */ 679 { "allowtcpforwarding", sAllowTcpForwarding, SSHCFG_ALL }, 680 { "allowagentforwarding", sAllowAgentForwarding, SSHCFG_ALL }, 681 { "allowusers", sAllowUsers, SSHCFG_ALL }, 682 { "denyusers", sDenyUsers, SSHCFG_ALL }, 683 { "allowgroups", sAllowGroups, SSHCFG_ALL }, 684 { "denygroups", sDenyGroups, SSHCFG_ALL }, 685 { "ciphers", sCiphers, SSHCFG_GLOBAL }, 686 { "macs", sMacs, SSHCFG_GLOBAL }, 687 { "protocol", sIgnore, SSHCFG_GLOBAL }, 688 { "gatewayports", sGatewayPorts, SSHCFG_ALL }, 689 { "subsystem", sSubsystem, SSHCFG_GLOBAL }, 690 { "maxstartups", sMaxStartups, SSHCFG_GLOBAL }, 691 { "maxauthtries", sMaxAuthTries, SSHCFG_ALL }, 692 { "maxsessions", sMaxSessions, SSHCFG_ALL }, 693 { "banner", sBanner, SSHCFG_ALL }, 694 { "usedns", sUseDNS, SSHCFG_GLOBAL }, 695 { "verifyreversemapping", sDeprecated, SSHCFG_GLOBAL }, 696 { "reversemappingcheck", sDeprecated, SSHCFG_GLOBAL }, 697 { "clientaliveinterval", sClientAliveInterval, SSHCFG_ALL }, 698 { "clientalivecountmax", sClientAliveCountMax, SSHCFG_ALL }, 699 { "authorizedkeysfile", sAuthorizedKeysFile, SSHCFG_ALL }, 700 { "authorizedkeysfile2", sDeprecated, SSHCFG_ALL }, 701 #ifdef WITH_LDAP_PUBKEY 702 { _DEFAULT_LPK_TOKEN, sLdapPublickey, SSHCFG_GLOBAL }, 703 { _DEFAULT_SRV_TOKEN, sLdapServers, SSHCFG_GLOBAL }, 704 { _DEFAULT_USR_TOKEN, sLdapUserDN, SSHCFG_GLOBAL }, 705 { _DEFAULT_GRP_TOKEN, sLdapGroupDN, SSHCFG_GLOBAL }, 706 { _DEFAULT_BDN_TOKEN, sBindDN, SSHCFG_GLOBAL }, 707 { _DEFAULT_BPW_TOKEN, sBindPw, SSHCFG_GLOBAL }, 708 { _DEFAULT_MYG_TOKEN, sMyGroup, SSHCFG_GLOBAL }, 709 { _DEFAULT_FIL_TOKEN, sLdapFilter, SSHCFG_GLOBAL }, 710 { _DEFAULT_TLS_TOKEN, sForceTLS, SSHCFG_GLOBAL }, 711 { _DEFAULT_BTI_TOKEN, sBindTimeout, SSHCFG_GLOBAL }, 712 { _DEFAULT_STI_TOKEN, sSearchTimeout, SSHCFG_GLOBAL }, 713 { _DEFAULT_LDP_TOKEN, sLdapConf, SSHCFG_GLOBAL }, 714 { "LpkPubKeyAttr", sLpkPubKeyAttr, SSHCFG_GLOBAL }, 715 #endif 716 { "useprivilegeseparation", sDeprecated, SSHCFG_GLOBAL}, 717 { "acceptenv", sAcceptEnv, SSHCFG_ALL }, 718 { "permittunnel", sPermitTunnel, SSHCFG_ALL }, 719 { "permittty", sPermitTTY, SSHCFG_ALL }, 720 { "permituserrc", sPermitUserRC, SSHCFG_ALL }, 721 { "match", sMatch, SSHCFG_ALL }, 722 { "permitopen", sPermitOpen, SSHCFG_ALL }, 723 { "forcecommand", sForceCommand, SSHCFG_ALL }, 724 { "chrootdirectory", sChrootDirectory, SSHCFG_ALL }, 725 { "hostcertificate", sHostCertificate, SSHCFG_GLOBAL }, 726 { "revokedkeys", sRevokedKeys, SSHCFG_ALL }, 727 { "trustedusercakeys", sTrustedUserCAKeys, SSHCFG_ALL }, 728 { "authorizedprincipalsfile", sAuthorizedPrincipalsFile, SSHCFG_ALL }, 729 { "kexalgorithms", sKexAlgorithms, SSHCFG_GLOBAL }, 730 { "ipqos", sIPQoS, SSHCFG_ALL }, 731 { "authorizedkeyscommand", sAuthorizedKeysCommand, SSHCFG_ALL }, 732 { "authorizedkeyscommanduser", sAuthorizedKeysCommandUser, SSHCFG_ALL }, 733 { "authorizedprincipalscommand", sAuthorizedPrincipalsCommand, SSHCFG_ALL }, 734 { "authorizedprincipalscommanduser", sAuthorizedPrincipalsCommandUser, SSHCFG_ALL }, 735 { "versionaddendum", sVersionAddendum, SSHCFG_GLOBAL }, 736 { "noneenabled", sNoneEnabled, SSHCFG_ALL }, 737 { "hpndisabled", sHPNDisabled, SSHCFG_ALL }, 738 { "hpnbuffersize", sHPNBufferSize, SSHCFG_ALL }, 739 { "tcprcvbufpoll", sTcpRcvBufPoll, SSHCFG_ALL }, 740 { "authenticationmethods", sAuthenticationMethods, SSHCFG_ALL }, 741 { "streamlocalbindmask", sStreamLocalBindMask, SSHCFG_ALL }, 742 { "streamlocalbindunlink", sStreamLocalBindUnlink, SSHCFG_ALL }, 743 { "allowstreamlocalforwarding", sAllowStreamLocalForwarding, SSHCFG_ALL }, 744 { "fingerprinthash", sFingerprintHash, SSHCFG_GLOBAL }, 745 { "disableforwarding", sDisableForwarding, SSHCFG_ALL }, 746 { "exposeauthinfo", sExposeAuthInfo, SSHCFG_ALL }, 747 { "rdomain", sRDomain, SSHCFG_ALL }, 748 { NULL, sBadOption, 0 } 749 }; 750 751 static struct { 752 int val; 753 const char *text; 754 } tunmode_desc[] = { 755 { SSH_TUNMODE_NO, "no" }, 756 { SSH_TUNMODE_POINTOPOINT, "point-to-point" }, 757 { SSH_TUNMODE_ETHERNET, "ethernet" }, 758 { SSH_TUNMODE_YES, "yes" }, 759 { -1, NULL } 760 }; 761 762 /* 763 * Returns the number of the token pointed to by cp or sBadOption. 764 */ 765 766 static ServerOpCodes 767 parse_token(const char *cp, const char *filename, 768 int linenum, u_int *flags) 769 { 770 u_int i; 771 772 for (i = 0; keywords[i].name; i++) 773 if (strcasecmp(cp, keywords[i].name) == 0) { 774 debug ("Config token is %s", keywords[i].name); 775 *flags = keywords[i].flags; 776 return keywords[i].opcode; 777 } 778 779 error("%s: line %d: Bad configuration option: %s", 780 filename, linenum, cp); 781 return sBadOption; 782 } 783 784 char * 785 derelativise_path(const char *path) 786 { 787 char *expanded, *ret, cwd[PATH_MAX]; 788 789 if (strcasecmp(path, "none") == 0) 790 return xstrdup("none"); 791 expanded = tilde_expand_filename(path, getuid()); 792 if (*expanded == '/') 793 return expanded; 794 if (getcwd(cwd, sizeof(cwd)) == NULL) 795 fatal("%s: getcwd: %s", __func__, strerror(errno)); 796 xasprintf(&ret, "%s/%s", cwd, expanded); 797 free(expanded); 798 return ret; 799 } 800 801 static void 802 add_listen_addr(ServerOptions *options, const char *addr, 803 const char *rdomain, int port) 804 { 805 u_int i; 806 807 if (port > 0) 808 add_one_listen_addr(options, addr, rdomain, port); 809 else { 810 for (i = 0; i < options->num_ports; i++) { 811 add_one_listen_addr(options, addr, rdomain, 812 options->ports[i]); 813 } 814 } 815 } 816 817 static void 818 add_one_listen_addr(ServerOptions *options, const char *addr, 819 const char *rdomain, int port) 820 { 821 struct addrinfo hints, *ai, *aitop; 822 char strport[NI_MAXSERV]; 823 int gaierr; 824 u_int i; 825 826 /* Find listen_addrs entry for this rdomain */ 827 for (i = 0; i < options->num_listen_addrs; i++) { 828 if (rdomain == NULL && options->listen_addrs[i].rdomain == NULL) 829 break; 830 if (rdomain == NULL || options->listen_addrs[i].rdomain == NULL) 831 continue; 832 if (strcmp(rdomain, options->listen_addrs[i].rdomain) == 0) 833 break; 834 } 835 if (i >= options->num_listen_addrs) { 836 /* No entry for this rdomain; allocate one */ 837 if (i >= INT_MAX) 838 fatal("%s: too many listen addresses", __func__); 839 options->listen_addrs = xrecallocarray(options->listen_addrs, 840 options->num_listen_addrs, options->num_listen_addrs + 1, 841 sizeof(*options->listen_addrs)); 842 i = options->num_listen_addrs++; 843 if (rdomain != NULL) 844 options->listen_addrs[i].rdomain = xstrdup(rdomain); 845 } 846 /* options->listen_addrs[i] points to the addresses for this rdomain */ 847 848 memset(&hints, 0, sizeof(hints)); 849 hints.ai_family = options->address_family; 850 hints.ai_socktype = SOCK_STREAM; 851 hints.ai_flags = (addr == NULL) ? AI_PASSIVE : 0; 852 snprintf(strport, sizeof strport, "%d", port); 853 if ((gaierr = getaddrinfo(addr, strport, &hints, &aitop)) != 0) 854 fatal("bad addr or host: %s (%s)", 855 addr ? addr : "<NULL>", 856 ssh_gai_strerror(gaierr)); 857 for (ai = aitop; ai->ai_next; ai = ai->ai_next) 858 ; 859 ai->ai_next = options->listen_addrs[i].addrs; 860 options->listen_addrs[i].addrs = aitop; 861 } 862 863 /* Returns nonzero if the routing domain name is valid */ 864 static int 865 valid_rdomain(const char *name) 866 { 867 #ifdef NET_RT_TABLE 868 const char *errstr; 869 long long num; 870 struct rt_tableinfo info; 871 int mib[6]; 872 size_t miblen = sizeof(mib); 873 874 if (name == NULL) 875 return 1; 876 877 num = strtonum(name, 0, 255, &errstr); 878 if (errstr != NULL) 879 return 0; 880 881 /* Check whether the table actually exists */ 882 memset(mib, 0, sizeof(mib)); 883 mib[0] = CTL_NET; 884 mib[1] = PF_ROUTE; 885 mib[4] = NET_RT_TABLE; 886 mib[5] = (int)num; 887 if (sysctl(mib, 6, &info, &miblen, NULL, 0) == -1) 888 return 0; 889 890 return 1; 891 #else 892 return 0; 893 #endif 894 } 895 896 /* 897 * Queue a ListenAddress to be processed once we have all of the Ports 898 * and AddressFamily options. 899 */ 900 static void 901 queue_listen_addr(ServerOptions *options, const char *addr, 902 const char *rdomain, int port) 903 { 904 struct queued_listenaddr *qla; 905 906 options->queued_listen_addrs = xrecallocarray( 907 options->queued_listen_addrs, 908 options->num_queued_listens, options->num_queued_listens + 1, 909 sizeof(*options->queued_listen_addrs)); 910 qla = &options->queued_listen_addrs[options->num_queued_listens++]; 911 qla->addr = xstrdup(addr); 912 qla->port = port; 913 qla->rdomain = rdomain == NULL ? NULL : xstrdup(rdomain); 914 } 915 916 /* 917 * Process queued (text) ListenAddress entries. 918 */ 919 static void 920 process_queued_listen_addrs(ServerOptions *options) 921 { 922 u_int i; 923 struct queued_listenaddr *qla; 924 925 if (options->num_ports == 0) 926 options->ports[options->num_ports++] = SSH_DEFAULT_PORT; 927 if (options->address_family == -1) 928 options->address_family = AF_UNSPEC; 929 930 for (i = 0; i < options->num_queued_listens; i++) { 931 qla = &options->queued_listen_addrs[i]; 932 add_listen_addr(options, qla->addr, qla->rdomain, qla->port); 933 free(qla->addr); 934 free(qla->rdomain); 935 } 936 free(options->queued_listen_addrs); 937 options->queued_listen_addrs = NULL; 938 options->num_queued_listens = 0; 939 } 940 941 /* 942 * Inform channels layer of permitopen options from configuration. 943 */ 944 void 945 process_permitopen(struct ssh *ssh, ServerOptions *options) 946 { 947 u_int i; 948 int port; 949 char *host, *arg, *oarg; 950 951 channel_clear_adm_permitted_opens(ssh); 952 if (options->num_permitted_opens == 0) 953 return; /* permit any */ 954 955 /* handle keywords: "any" / "none" */ 956 if (options->num_permitted_opens == 1 && 957 strcmp(options->permitted_opens[0], "any") == 0) 958 return; 959 if (options->num_permitted_opens == 1 && 960 strcmp(options->permitted_opens[0], "none") == 0) { 961 channel_disable_adm_local_opens(ssh); 962 return; 963 } 964 /* Otherwise treat it as a list of permitted host:port */ 965 for (i = 0; i < options->num_permitted_opens; i++) { 966 oarg = arg = xstrdup(options->permitted_opens[i]); 967 host = hpdelim(&arg); 968 if (host == NULL) 969 fatal("%s: missing host in PermitOpen", __func__); 970 host = cleanhostname(host); 971 if (arg == NULL || ((port = permitopen_port(arg)) < 0)) 972 fatal("%s: bad port number in PermitOpen", __func__); 973 /* Send it to channels layer */ 974 channel_add_adm_permitted_opens(ssh, host, port); 975 free(oarg); 976 } 977 } 978 979 struct connection_info * 980 get_connection_info(int populate, int use_dns) 981 { 982 struct ssh *ssh = active_state; /* XXX */ 983 static struct connection_info ci; 984 985 if (!populate) 986 return &ci; 987 ci.host = auth_get_canonical_hostname(ssh, use_dns); 988 ci.address = ssh_remote_ipaddr(ssh); 989 ci.laddress = ssh_local_ipaddr(ssh); 990 ci.lport = ssh_local_port(ssh); 991 ci.rdomain = ssh_packet_rdomain_in(ssh); 992 return &ci; 993 } 994 995 /* 996 * The strategy for the Match blocks is that the config file is parsed twice. 997 * 998 * The first time is at startup. activep is initialized to 1 and the 999 * directives in the global context are processed and acted on. Hitting a 1000 * Match directive unsets activep and the directives inside the block are 1001 * checked for syntax only. 1002 * 1003 * The second time is after a connection has been established but before 1004 * authentication. activep is initialized to 2 and global config directives 1005 * are ignored since they have already been processed. If the criteria in a 1006 * Match block is met, activep is set and the subsequent directives 1007 * processed and actioned until EOF or another Match block unsets it. Any 1008 * options set are copied into the main server config. 1009 * 1010 * Potential additions/improvements: 1011 * - Add Match support for pre-kex directives, eg. Ciphers. 1012 * 1013 * - Add a Tag directive (idea from David Leonard) ala pf, eg: 1014 * Match Address 192.168.0.* 1015 * Tag trusted 1016 * Match Group wheel 1017 * Tag trusted 1018 * Match Tag trusted 1019 * AllowTcpForwarding yes 1020 * GatewayPorts clientspecified 1021 * [...] 1022 * 1023 * - Add a PermittedChannelRequests directive 1024 * Match Group shell 1025 * PermittedChannelRequests session,forwarded-tcpip 1026 */ 1027 1028 static int 1029 match_cfg_line_group(const char *grps, int line, const char *user) 1030 { 1031 int result = 0; 1032 struct passwd *pw; 1033 1034 if (user == NULL) 1035 goto out; 1036 1037 if ((pw = getpwnam(user)) == NULL) { 1038 debug("Can't match group at line %d because user %.100s does " 1039 "not exist", line, user); 1040 } else if (ga_init(pw->pw_name, pw->pw_gid) == 0) { 1041 debug("Can't Match group because user %.100s not in any group " 1042 "at line %d", user, line); 1043 } else if (ga_match_pattern_list(grps) != 1) { 1044 debug("user %.100s does not match group list %.100s at line %d", 1045 user, grps, line); 1046 } else { 1047 debug("user %.100s matched group list %.100s at line %d", user, 1048 grps, line); 1049 result = 1; 1050 } 1051 out: 1052 ga_free(); 1053 return result; 1054 } 1055 1056 __dead static void 1057 match_test_missing_fatal(const char *criteria, const char *attrib) 1058 { 1059 fatal("'Match %s' in configuration but '%s' not in connection " 1060 "test specification.", criteria, attrib); 1061 } 1062 1063 /* 1064 * All of the attributes on a single Match line are ANDed together, so we need 1065 * to check every attribute and set the result to zero if any attribute does 1066 * not match. 1067 */ 1068 static int 1069 match_cfg_line(char **condition, int line, struct connection_info *ci) 1070 { 1071 int result = 1, attributes = 0, port; 1072 char *arg, *attrib, *cp = *condition; 1073 1074 if (ci == NULL) 1075 debug3("checking syntax for 'Match %s'", cp); 1076 else 1077 debug3("checking match for '%s' user %s host %s addr %s " 1078 "laddr %s lport %d", cp, ci->user ? ci->user : "(null)", 1079 ci->host ? ci->host : "(null)", 1080 ci->address ? ci->address : "(null)", 1081 ci->laddress ? ci->laddress : "(null)", ci->lport); 1082 1083 while ((attrib = strdelim(&cp)) && *attrib != '\0') { 1084 attributes++; 1085 if (strcasecmp(attrib, "all") == 0) { 1086 if (attributes != 1 || 1087 ((arg = strdelim(&cp)) != NULL && *arg != '\0')) { 1088 error("'all' cannot be combined with other " 1089 "Match attributes"); 1090 return -1; 1091 } 1092 *condition = cp; 1093 return 1; 1094 } 1095 if ((arg = strdelim(&cp)) == NULL || *arg == '\0') { 1096 error("Missing Match criteria for %s", attrib); 1097 return -1; 1098 } 1099 if (strcasecmp(attrib, "user") == 0) { 1100 if (ci == NULL) { 1101 result = 0; 1102 continue; 1103 } 1104 if (ci->user == NULL) 1105 match_test_missing_fatal("User", "user"); 1106 if (match_pattern_list(ci->user, arg, 0) != 1) 1107 result = 0; 1108 else 1109 debug("user %.100s matched 'User %.100s' at " 1110 "line %d", ci->user, arg, line); 1111 } else if (strcasecmp(attrib, "group") == 0) { 1112 if (ci == NULL) { 1113 result = 0; 1114 continue; 1115 } 1116 if (ci->user == NULL) 1117 match_test_missing_fatal("Group", "user"); 1118 switch (match_cfg_line_group(arg, line, ci->user)) { 1119 case -1: 1120 return -1; 1121 case 0: 1122 result = 0; 1123 } 1124 } else if (strcasecmp(attrib, "host") == 0) { 1125 if (ci == NULL) { 1126 result = 0; 1127 continue; 1128 } 1129 if (ci->host == NULL) 1130 match_test_missing_fatal("Host", "host"); 1131 if (match_hostname(ci->host, arg) != 1) 1132 result = 0; 1133 else 1134 debug("connection from %.100s matched 'Host " 1135 "%.100s' at line %d", ci->host, arg, line); 1136 } else if (strcasecmp(attrib, "address") == 0) { 1137 if (ci == NULL) { 1138 result = 0; 1139 continue; 1140 } 1141 if (ci->address == NULL) 1142 match_test_missing_fatal("Address", "addr"); 1143 switch (addr_match_list(ci->address, arg)) { 1144 case 1: 1145 debug("connection from %.100s matched 'Address " 1146 "%.100s' at line %d", ci->address, arg, line); 1147 break; 1148 case 0: 1149 case -1: 1150 result = 0; 1151 break; 1152 case -2: 1153 return -1; 1154 } 1155 } else if (strcasecmp(attrib, "localaddress") == 0){ 1156 if (ci == NULL) { 1157 result = 0; 1158 continue; 1159 } 1160 if (ci->laddress == NULL) 1161 match_test_missing_fatal("LocalAddress", 1162 "laddr"); 1163 switch (addr_match_list(ci->laddress, arg)) { 1164 case 1: 1165 debug("connection from %.100s matched " 1166 "'LocalAddress %.100s' at line %d", 1167 ci->laddress, arg, line); 1168 break; 1169 case 0: 1170 case -1: 1171 result = 0; 1172 break; 1173 case -2: 1174 return -1; 1175 } 1176 } else if (strcasecmp(attrib, "localport") == 0) { 1177 if ((port = a2port(arg)) == -1) { 1178 error("Invalid LocalPort '%s' on Match line", 1179 arg); 1180 return -1; 1181 } 1182 if (ci == NULL) { 1183 result = 0; 1184 continue; 1185 } 1186 if (ci->lport == 0) 1187 match_test_missing_fatal("LocalPort", "lport"); 1188 /* TODO support port lists */ 1189 if (port == ci->lport) 1190 debug("connection from %.100s matched " 1191 "'LocalPort %d' at line %d", 1192 ci->laddress, port, line); 1193 else 1194 result = 0; 1195 } else if (strcasecmp(attrib, "rdomain") == 0) { 1196 if (ci == NULL || ci->rdomain == NULL) { 1197 result = 0; 1198 continue; 1199 } 1200 if (match_pattern_list(ci->rdomain, arg, 0) != 1) 1201 result = 0; 1202 else 1203 debug("user %.100s matched 'RDomain %.100s' at " 1204 "line %d", ci->rdomain, arg, line); 1205 } else { 1206 error("Unsupported Match attribute %s", attrib); 1207 return -1; 1208 } 1209 } 1210 if (attributes == 0) { 1211 error("One or more attributes required for Match"); 1212 return -1; 1213 } 1214 if (ci != NULL) 1215 debug3("match %sfound", result ? "" : "not "); 1216 *condition = cp; 1217 return result; 1218 } 1219 1220 #define WHITESPACE " \t\r\n" 1221 1222 /* Multistate option parsing */ 1223 struct multistate { 1224 const char *key; 1225 int value; 1226 }; 1227 static const struct multistate multistate_flag[] = { 1228 { "yes", 1 }, 1229 { "no", 0 }, 1230 { NULL, -1 } 1231 }; 1232 static const struct multistate multistate_addressfamily[] = { 1233 { "inet", AF_INET }, 1234 { "inet6", AF_INET6 }, 1235 { "any", AF_UNSPEC }, 1236 { NULL, -1 } 1237 }; 1238 static const struct multistate multistate_permitrootlogin[] = { 1239 { "without-password", PERMIT_NO_PASSWD }, 1240 { "prohibit-password", PERMIT_NO_PASSWD }, 1241 { "forced-commands-only", PERMIT_FORCED_ONLY }, 1242 { "yes", PERMIT_YES }, 1243 { "no", PERMIT_NO }, 1244 { NULL, -1 } 1245 }; 1246 static const struct multistate multistate_compression[] = { 1247 { "yes", COMP_DELAYED }, 1248 { "delayed", COMP_DELAYED }, 1249 { "no", COMP_NONE }, 1250 { NULL, -1 } 1251 }; 1252 static const struct multistate multistate_gatewayports[] = { 1253 { "clientspecified", 2 }, 1254 { "yes", 1 }, 1255 { "no", 0 }, 1256 { NULL, -1 } 1257 }; 1258 static const struct multistate multistate_tcpfwd[] = { 1259 { "yes", FORWARD_ALLOW }, 1260 { "all", FORWARD_ALLOW }, 1261 { "no", FORWARD_DENY }, 1262 { "remote", FORWARD_REMOTE }, 1263 { "local", FORWARD_LOCAL }, 1264 { NULL, -1 } 1265 }; 1266 1267 int 1268 process_server_config_line(ServerOptions *options, char *line, 1269 const char *filename, int linenum, int *activep, 1270 struct connection_info *connectinfo) 1271 { 1272 char *cp, **charptr, *arg, *arg2, *p; 1273 int cmdline = 0, *intptr, value, value2, n, port; 1274 SyslogFacility *log_facility_ptr; 1275 LogLevel *log_level_ptr; 1276 #ifdef WITH_LDAP_PUBKEY 1277 unsigned long lvalue; 1278 #endif 1279 time_t *timetptr __unused; 1280 ServerOpCodes opcode; 1281 u_int i, flags = 0; 1282 size_t len; 1283 long long val64; 1284 const struct multistate *multistate_ptr; 1285 const char *errstr; 1286 1287 /* Strip trailing whitespace. Allow \f (form feed) at EOL only */ 1288 if ((len = strlen(line)) == 0) 1289 return 0; 1290 for (len--; len > 0; len--) { 1291 if (strchr(WHITESPACE "\f", line[len]) == NULL) 1292 break; 1293 line[len] = '\0'; 1294 } 1295 1296 cp = line; 1297 if ((arg = strdelim(&cp)) == NULL) 1298 return 0; 1299 /* Ignore leading whitespace */ 1300 if (*arg == '\0') 1301 arg = strdelim(&cp); 1302 if (!arg || !*arg || *arg == '#') 1303 return 0; 1304 intptr = NULL; 1305 timetptr = NULL; 1306 charptr = NULL; 1307 opcode = parse_token(arg, filename, linenum, &flags); 1308 1309 if (activep == NULL) { /* We are processing a command line directive */ 1310 cmdline = 1; 1311 activep = &cmdline; 1312 } 1313 if (*activep && opcode != sMatch) 1314 debug3("%s:%d setting %s %s", filename, linenum, arg, cp); 1315 if (*activep == 0 && !(flags & SSHCFG_MATCH)) { 1316 if (connectinfo == NULL) { 1317 fatal("%s line %d: Directive '%s' is not allowed " 1318 "within a Match block", filename, linenum, arg); 1319 } else { /* this is a directive we have already processed */ 1320 while (arg) 1321 arg = strdelim(&cp); 1322 return 0; 1323 } 1324 } 1325 1326 switch (opcode) { 1327 /* Portable-specific options */ 1328 case sUsePAM: 1329 intptr = &options->use_pam; 1330 goto parse_flag; 1331 1332 /* Standard Options */ 1333 case sBadOption: 1334 return -1; 1335 case sPort: 1336 /* ignore ports from configfile if cmdline specifies ports */ 1337 if (options->ports_from_cmdline) 1338 return 0; 1339 if (options->num_ports >= MAX_PORTS) 1340 fatal("%s line %d: too many ports.", 1341 filename, linenum); 1342 arg = strdelim(&cp); 1343 if (!arg || *arg == '\0') 1344 fatal("%s line %d: missing port number.", 1345 filename, linenum); 1346 options->ports[options->num_ports++] = a2port(arg); 1347 if (options->ports[options->num_ports-1] <= 0) 1348 fatal("%s line %d: Badly formatted port number.", 1349 filename, linenum); 1350 break; 1351 1352 case sLoginGraceTime: 1353 intptr = &options->login_grace_time; 1354 parse_time: 1355 arg = strdelim(&cp); 1356 if (!arg || *arg == '\0') 1357 fatal("%s line %d: missing time value.", 1358 filename, linenum); 1359 if ((value = convtime(arg)) == -1) 1360 fatal("%s line %d: invalid time value.", 1361 filename, linenum); 1362 if (*activep && *intptr == -1) 1363 *intptr = value; 1364 break; 1365 1366 case sListenAddress: 1367 arg = strdelim(&cp); 1368 if (arg == NULL || *arg == '\0') 1369 fatal("%s line %d: missing address", 1370 filename, linenum); 1371 /* check for bare IPv6 address: no "[]" and 2 or more ":" */ 1372 if (strchr(arg, '[') == NULL && (p = strchr(arg, ':')) != NULL 1373 && strchr(p+1, ':') != NULL) { 1374 port = 0; 1375 p = arg; 1376 } else { 1377 p = hpdelim(&arg); 1378 if (p == NULL) 1379 fatal("%s line %d: bad address:port usage", 1380 filename, linenum); 1381 p = cleanhostname(p); 1382 if (arg == NULL) 1383 port = 0; 1384 else if ((port = a2port(arg)) <= 0) 1385 fatal("%s line %d: bad port number", 1386 filename, linenum); 1387 } 1388 /* Optional routing table */ 1389 arg2 = NULL; 1390 if ((arg = strdelim(&cp)) != NULL) { 1391 if (strcmp(arg, "rdomain") != 0 || 1392 (arg2 = strdelim(&cp)) == NULL) 1393 fatal("%s line %d: bad ListenAddress syntax", 1394 filename, linenum); 1395 if (!valid_rdomain(arg2)) 1396 fatal("%s line %d: bad routing domain", 1397 filename, linenum); 1398 } 1399 1400 queue_listen_addr(options, p, arg2, port); 1401 1402 break; 1403 1404 case sAddressFamily: 1405 intptr = &options->address_family; 1406 multistate_ptr = multistate_addressfamily; 1407 parse_multistate: 1408 arg = strdelim(&cp); 1409 if (!arg || *arg == '\0') 1410 fatal("%s line %d: missing argument.", 1411 filename, linenum); 1412 value = -1; 1413 for (i = 0; multistate_ptr[i].key != NULL; i++) { 1414 if (strcasecmp(arg, multistate_ptr[i].key) == 0) { 1415 value = multistate_ptr[i].value; 1416 break; 1417 } 1418 } 1419 if (value == -1) 1420 fatal("%s line %d: unsupported option \"%s\".", 1421 filename, linenum, arg); 1422 if (*activep && *intptr == -1) 1423 *intptr = value; 1424 break; 1425 1426 case sHostKeyFile: 1427 arg = strdelim(&cp); 1428 if (!arg || *arg == '\0') 1429 fatal("%s line %d: missing file name.", 1430 filename, linenum); 1431 if (*activep) 1432 servconf_add_hostkey(filename, linenum, options, arg); 1433 break; 1434 1435 case sHostKeyAgent: 1436 charptr = &options->host_key_agent; 1437 arg = strdelim(&cp); 1438 if (!arg || *arg == '\0') 1439 fatal("%s line %d: missing socket name.", 1440 filename, linenum); 1441 if (*activep && *charptr == NULL) 1442 *charptr = !strcmp(arg, SSH_AUTHSOCKET_ENV_NAME) ? 1443 xstrdup(arg) : derelativise_path(arg); 1444 break; 1445 1446 case sHostCertificate: 1447 arg = strdelim(&cp); 1448 if (!arg || *arg == '\0') 1449 fatal("%s line %d: missing file name.", 1450 filename, linenum); 1451 if (*activep) 1452 servconf_add_hostcert(filename, linenum, options, arg); 1453 break; 1454 1455 case sPidFile: 1456 charptr = &options->pid_file; 1457 parse_filename: 1458 arg = strdelim(&cp); 1459 if (!arg || *arg == '\0') 1460 fatal("%s line %d: missing file name.", 1461 filename, linenum); 1462 if (*activep && *charptr == NULL) { 1463 *charptr = derelativise_path(arg); 1464 /* increase optional counter */ 1465 if (intptr != NULL) 1466 *intptr = *intptr + 1; 1467 } 1468 break; 1469 1470 case sPermitRootLogin: 1471 intptr = &options->permit_root_login; 1472 multistate_ptr = multistate_permitrootlogin; 1473 goto parse_multistate; 1474 1475 case sIgnoreRhosts: 1476 intptr = &options->ignore_rhosts; 1477 parse_flag: 1478 multistate_ptr = multistate_flag; 1479 goto parse_multistate; 1480 1481 case sIgnoreRootRhosts: 1482 intptr = &options->ignore_root_rhosts; 1483 goto parse_flag; 1484 1485 case sNoneEnabled: 1486 intptr = &options->none_enabled; 1487 goto parse_flag; 1488 1489 case sTcpRcvBufPoll: 1490 intptr = &options->tcp_rcv_buf_poll; 1491 goto parse_flag; 1492 1493 case sHPNDisabled: 1494 intptr = &options->hpn_disabled; 1495 goto parse_flag; 1496 1497 case sHPNBufferSize: 1498 intptr = &options->hpn_buffer_size; 1499 goto parse_int; 1500 1501 case sIgnoreUserKnownHosts: 1502 intptr = &options->ignore_user_known_hosts; 1503 goto parse_flag; 1504 1505 case sHostbasedAuthentication: 1506 intptr = &options->hostbased_authentication; 1507 goto parse_flag; 1508 1509 case sHostbasedUsesNameFromPacketOnly: 1510 intptr = &options->hostbased_uses_name_from_packet_only; 1511 goto parse_flag; 1512 1513 case sHostbasedAcceptedKeyTypes: 1514 charptr = &options->hostbased_key_types; 1515 parse_keytypes: 1516 arg = strdelim(&cp); 1517 if (!arg || *arg == '\0') 1518 fatal("%s line %d: Missing argument.", 1519 filename, linenum); 1520 if (*arg != '-' && 1521 !sshkey_names_valid2(*arg == '+' ? arg + 1 : arg, 1)) 1522 fatal("%s line %d: Bad key types '%s'.", 1523 filename, linenum, arg ? arg : "<NONE>"); 1524 if (*activep && *charptr == NULL) 1525 *charptr = xstrdup(arg); 1526 break; 1527 1528 case sHostKeyAlgorithms: 1529 charptr = &options->hostkeyalgorithms; 1530 goto parse_keytypes; 1531 1532 case sPubkeyAuthentication: 1533 intptr = &options->pubkey_authentication; 1534 goto parse_flag; 1535 1536 case sPubkeyAcceptedKeyTypes: 1537 charptr = &options->pubkey_key_types; 1538 goto parse_keytypes; 1539 1540 case sKerberosAuthentication: 1541 intptr = &options->kerberos_authentication; 1542 goto parse_flag; 1543 1544 case sKerberosOrLocalPasswd: 1545 intptr = &options->kerberos_or_local_passwd; 1546 goto parse_flag; 1547 1548 case sKerberosTicketCleanup: 1549 intptr = &options->kerberos_ticket_cleanup; 1550 goto parse_flag; 1551 1552 case sKerberosTgtPassing: 1553 intptr = &options->kerberos_tgt_passing; 1554 goto parse_flag; 1555 1556 case sKerberosGetAFSToken: 1557 intptr = &options->kerberos_get_afs_token; 1558 goto parse_flag; 1559 1560 case sGssAuthentication: 1561 intptr = &options->gss_authentication; 1562 goto parse_flag; 1563 1564 case sGssCleanupCreds: 1565 intptr = &options->gss_cleanup_creds; 1566 goto parse_flag; 1567 1568 case sGssStrictAcceptor: 1569 intptr = &options->gss_strict_acceptor; 1570 goto parse_flag; 1571 1572 case sPasswordAuthentication: 1573 intptr = &options->password_authentication; 1574 goto parse_flag; 1575 1576 case sKbdInteractiveAuthentication: 1577 intptr = &options->kbd_interactive_authentication; 1578 goto parse_flag; 1579 1580 case sChallengeResponseAuthentication: 1581 intptr = &options->challenge_response_authentication; 1582 goto parse_flag; 1583 1584 case sPrintMotd: 1585 intptr = &options->print_motd; 1586 goto parse_flag; 1587 1588 case sPrintLastLog: 1589 intptr = &options->print_lastlog; 1590 goto parse_flag; 1591 1592 case sX11Forwarding: 1593 intptr = &options->x11_forwarding; 1594 goto parse_flag; 1595 1596 case sX11DisplayOffset: 1597 intptr = &options->x11_display_offset; 1598 parse_int: 1599 arg = strdelim(&cp); 1600 if ((errstr = atoi_err(arg, &value)) != NULL) 1601 fatal("%s line %d: integer value %s.", 1602 filename, linenum, errstr); 1603 if (*activep && *intptr == -1) 1604 *intptr = value; 1605 break; 1606 1607 case sX11UseLocalhost: 1608 intptr = &options->x11_use_localhost; 1609 goto parse_flag; 1610 1611 case sXAuthLocation: 1612 charptr = &options->xauth_location; 1613 goto parse_filename; 1614 1615 case sPermitTTY: 1616 intptr = &options->permit_tty; 1617 goto parse_flag; 1618 1619 case sPermitUserRC: 1620 intptr = &options->permit_user_rc; 1621 goto parse_flag; 1622 1623 case sStrictModes: 1624 intptr = &options->strict_modes; 1625 goto parse_flag; 1626 1627 case sTCPKeepAlive: 1628 intptr = &options->tcp_keep_alive; 1629 goto parse_flag; 1630 1631 case sEmptyPasswd: 1632 intptr = &options->permit_empty_passwd; 1633 goto parse_flag; 1634 1635 case sPermitUserEnvironment: 1636 intptr = &options->permit_user_env; 1637 goto parse_flag; 1638 1639 case sCompression: 1640 intptr = &options->compression; 1641 multistate_ptr = multistate_compression; 1642 goto parse_multistate; 1643 1644 case sRekeyLimit: 1645 arg = strdelim(&cp); 1646 if (!arg || *arg == '\0') 1647 fatal("%.200s line %d: Missing argument.", filename, 1648 linenum); 1649 if (strcmp(arg, "default") == 0) { 1650 val64 = 0; 1651 } else { 1652 if (scan_scaled(arg, &val64) == -1) 1653 fatal("%.200s line %d: Bad number '%s': %s", 1654 filename, linenum, arg, strerror(errno)); 1655 if (val64 != 0 && val64 < 16) 1656 fatal("%.200s line %d: RekeyLimit too small", 1657 filename, linenum); 1658 } 1659 if (*activep && options->rekey_limit == -1) 1660 options->rekey_limit = val64; 1661 if (cp != NULL) { /* optional rekey interval present */ 1662 if (strcmp(cp, "none") == 0) { 1663 (void)strdelim(&cp); /* discard */ 1664 break; 1665 } 1666 intptr = &options->rekey_interval; 1667 goto parse_time; 1668 } 1669 break; 1670 1671 case sGatewayPorts: 1672 intptr = &options->fwd_opts.gateway_ports; 1673 multistate_ptr = multistate_gatewayports; 1674 goto parse_multistate; 1675 1676 case sUseDNS: 1677 intptr = &options->use_dns; 1678 goto parse_flag; 1679 1680 case sLogFacility: 1681 log_facility_ptr = &options->log_facility; 1682 arg = strdelim(&cp); 1683 value = log_facility_number(arg); 1684 if (value == SYSLOG_FACILITY_NOT_SET) 1685 fatal("%.200s line %d: unsupported log facility '%s'", 1686 filename, linenum, arg ? arg : "<NONE>"); 1687 if (*log_facility_ptr == -1) 1688 *log_facility_ptr = (SyslogFacility) value; 1689 break; 1690 1691 case sLogLevel: 1692 log_level_ptr = &options->log_level; 1693 arg = strdelim(&cp); 1694 value = log_level_number(arg); 1695 if (value == SYSLOG_LEVEL_NOT_SET) 1696 fatal("%.200s line %d: unsupported log level '%s'", 1697 filename, linenum, arg ? arg : "<NONE>"); 1698 if (*activep && *log_level_ptr == -1) 1699 *log_level_ptr = (LogLevel) value; 1700 break; 1701 1702 case sAllowTcpForwarding: 1703 intptr = &options->allow_tcp_forwarding; 1704 multistate_ptr = multistate_tcpfwd; 1705 goto parse_multistate; 1706 1707 case sAllowStreamLocalForwarding: 1708 intptr = &options->allow_streamlocal_forwarding; 1709 multistate_ptr = multistate_tcpfwd; 1710 goto parse_multistate; 1711 1712 case sAllowAgentForwarding: 1713 intptr = &options->allow_agent_forwarding; 1714 goto parse_flag; 1715 1716 case sDisableForwarding: 1717 intptr = &options->disable_forwarding; 1718 goto parse_flag; 1719 1720 case sAllowUsers: 1721 while ((arg = strdelim(&cp)) && *arg != '\0') { 1722 if (match_user(NULL, NULL, NULL, arg) == -1) 1723 fatal("%s line %d: invalid AllowUsers pattern: " 1724 "\"%.100s\"", filename, linenum, arg); 1725 if (!*activep) 1726 continue; 1727 array_append(filename, linenum, "AllowUsers", 1728 &options->allow_users, &options->num_allow_users, 1729 arg); 1730 } 1731 break; 1732 1733 case sDenyUsers: 1734 while ((arg = strdelim(&cp)) && *arg != '\0') { 1735 if (match_user(NULL, NULL, NULL, arg) == -1) 1736 fatal("%s line %d: invalid DenyUsers pattern: " 1737 "\"%.100s\"", filename, linenum, arg); 1738 if (!*activep) 1739 continue; 1740 array_append(filename, linenum, "DenyUsers", 1741 &options->deny_users, &options->num_deny_users, 1742 arg); 1743 } 1744 break; 1745 1746 case sAllowGroups: 1747 while ((arg = strdelim(&cp)) && *arg != '\0') { 1748 if (!*activep) 1749 continue; 1750 array_append(filename, linenum, "AllowGroups", 1751 &options->allow_groups, &options->num_allow_groups, 1752 arg); 1753 } 1754 break; 1755 1756 case sDenyGroups: 1757 while ((arg = strdelim(&cp)) && *arg != '\0') { 1758 if (!*activep) 1759 continue; 1760 array_append(filename, linenum, "DenyGroups", 1761 &options->deny_groups, &options->num_deny_groups, 1762 arg); 1763 } 1764 break; 1765 1766 case sCiphers: 1767 arg = strdelim(&cp); 1768 if (!arg || *arg == '\0') 1769 fatal("%s line %d: Missing argument.", filename, linenum); 1770 if (*arg != '-' && !ciphers_valid(*arg == '+' ? arg + 1 : arg)) 1771 fatal("%s line %d: Bad SSH2 cipher spec '%s'.", 1772 filename, linenum, arg ? arg : "<NONE>"); 1773 if (options->ciphers == NULL) 1774 options->ciphers = xstrdup(arg); 1775 break; 1776 1777 case sMacs: 1778 arg = strdelim(&cp); 1779 if (!arg || *arg == '\0') 1780 fatal("%s line %d: Missing argument.", filename, linenum); 1781 if (*arg != '-' && !mac_valid(*arg == '+' ? arg + 1 : arg)) 1782 fatal("%s line %d: Bad SSH2 mac spec '%s'.", 1783 filename, linenum, arg ? arg : "<NONE>"); 1784 if (options->macs == NULL) 1785 options->macs = xstrdup(arg); 1786 break; 1787 1788 case sKexAlgorithms: 1789 arg = strdelim(&cp); 1790 if (!arg || *arg == '\0') 1791 fatal("%s line %d: Missing argument.", 1792 filename, linenum); 1793 if (*arg != '-' && 1794 !kex_names_valid(*arg == '+' ? arg + 1 : arg)) 1795 fatal("%s line %d: Bad SSH2 KexAlgorithms '%s'.", 1796 filename, linenum, arg ? arg : "<NONE>"); 1797 if (options->kex_algorithms == NULL) 1798 options->kex_algorithms = xstrdup(arg); 1799 break; 1800 1801 case sSubsystem: 1802 if (options->num_subsystems >= MAX_SUBSYSTEMS) { 1803 fatal("%s line %d: too many subsystems defined.", 1804 filename, linenum); 1805 } 1806 arg = strdelim(&cp); 1807 if (!arg || *arg == '\0') 1808 fatal("%s line %d: Missing subsystem name.", 1809 filename, linenum); 1810 if (!*activep) { 1811 arg = strdelim(&cp); 1812 break; 1813 } 1814 for (i = 0; i < options->num_subsystems; i++) 1815 if (strcmp(arg, options->subsystem_name[i]) == 0) 1816 fatal("%s line %d: Subsystem '%s' already defined.", 1817 filename, linenum, arg); 1818 options->subsystem_name[options->num_subsystems] = xstrdup(arg); 1819 arg = strdelim(&cp); 1820 if (!arg || *arg == '\0') 1821 fatal("%s line %d: Missing subsystem command.", 1822 filename, linenum); 1823 options->subsystem_command[options->num_subsystems] = xstrdup(arg); 1824 1825 /* Collect arguments (separate to executable) */ 1826 p = xstrdup(arg); 1827 len = strlen(p) + 1; 1828 while ((arg = strdelim(&cp)) != NULL && *arg != '\0') { 1829 len += 1 + strlen(arg); 1830 p = xreallocarray(p, 1, len); 1831 strlcat(p, " ", len); 1832 strlcat(p, arg, len); 1833 } 1834 options->subsystem_args[options->num_subsystems] = p; 1835 options->num_subsystems++; 1836 break; 1837 1838 case sMaxStartups: 1839 arg = strdelim(&cp); 1840 if (!arg || *arg == '\0') 1841 fatal("%s line %d: Missing MaxStartups spec.", 1842 filename, linenum); 1843 if ((n = sscanf(arg, "%d:%d:%d", 1844 &options->max_startups_begin, 1845 &options->max_startups_rate, 1846 &options->max_startups)) == 3) { 1847 if (options->max_startups_begin > 1848 options->max_startups || 1849 options->max_startups_rate > 100 || 1850 options->max_startups_rate < 1) 1851 fatal("%s line %d: Illegal MaxStartups spec.", 1852 filename, linenum); 1853 } else if (n != 1) 1854 fatal("%s line %d: Illegal MaxStartups spec.", 1855 filename, linenum); 1856 else 1857 options->max_startups = options->max_startups_begin; 1858 break; 1859 1860 case sMaxAuthTries: 1861 intptr = &options->max_authtries; 1862 goto parse_int; 1863 1864 case sMaxSessions: 1865 intptr = &options->max_sessions; 1866 goto parse_int; 1867 1868 case sBanner: 1869 charptr = &options->banner; 1870 goto parse_filename; 1871 1872 /* 1873 * These options can contain %X options expanded at 1874 * connect time, so that you can specify paths like: 1875 * 1876 * AuthorizedKeysFile /etc/ssh_keys/%u 1877 */ 1878 case sAuthorizedKeysFile: 1879 if (*activep && options->num_authkeys_files == 0) { 1880 while ((arg = strdelim(&cp)) && *arg != '\0') { 1881 arg = tilde_expand_filename(arg, getuid()); 1882 array_append(filename, linenum, 1883 "AuthorizedKeysFile", 1884 &options->authorized_keys_files, 1885 &options->num_authkeys_files, arg); 1886 free(arg); 1887 } 1888 } 1889 return 0; 1890 1891 case sAuthorizedPrincipalsFile: 1892 charptr = &options->authorized_principals_file; 1893 arg = strdelim(&cp); 1894 if (!arg || *arg == '\0') 1895 fatal("%s line %d: missing file name.", 1896 filename, linenum); 1897 if (*activep && *charptr == NULL) { 1898 *charptr = tilde_expand_filename(arg, getuid()); 1899 /* increase optional counter */ 1900 if (intptr != NULL) 1901 *intptr = *intptr + 1; 1902 } 1903 break; 1904 1905 case sClientAliveInterval: 1906 intptr = &options->client_alive_interval; 1907 goto parse_time; 1908 1909 case sClientAliveCountMax: 1910 intptr = &options->client_alive_count_max; 1911 goto parse_int; 1912 1913 case sAcceptEnv: 1914 while ((arg = strdelim(&cp)) && *arg != '\0') { 1915 if (strchr(arg, '=') != NULL) 1916 fatal("%s line %d: Invalid environment name.", 1917 filename, linenum); 1918 if (!*activep) 1919 continue; 1920 array_append(filename, linenum, "AcceptEnv", 1921 &options->accept_env, &options->num_accept_env, 1922 arg); 1923 } 1924 break; 1925 1926 case sPermitTunnel: 1927 intptr = &options->permit_tun; 1928 arg = strdelim(&cp); 1929 if (!arg || *arg == '\0') 1930 fatal("%s line %d: Missing yes/point-to-point/" 1931 "ethernet/no argument.", filename, linenum); 1932 value = -1; 1933 for (i = 0; tunmode_desc[i].val != -1; i++) 1934 if (strcmp(tunmode_desc[i].text, arg) == 0) { 1935 value = tunmode_desc[i].val; 1936 break; 1937 } 1938 if (value == -1) 1939 fatal("%s line %d: Bad yes/point-to-point/ethernet/" 1940 "no argument: %s", filename, linenum, arg); 1941 if (*activep && *intptr == -1) 1942 *intptr = value; 1943 break; 1944 1945 case sMatch: 1946 if (cmdline) 1947 fatal("Match directive not supported as a command-line " 1948 "option"); 1949 value = match_cfg_line(&cp, linenum, connectinfo); 1950 if (value < 0) 1951 fatal("%s line %d: Bad Match condition", filename, 1952 linenum); 1953 *activep = value; 1954 break; 1955 1956 case sPermitOpen: 1957 arg = strdelim(&cp); 1958 if (!arg || *arg == '\0') 1959 fatal("%s line %d: missing PermitOpen specification", 1960 filename, linenum); 1961 value = options->num_permitted_opens; /* modified later */ 1962 if (strcmp(arg, "any") == 0 || strcmp(arg, "none") == 0) { 1963 if (*activep && value == 0) { 1964 options->num_permitted_opens = 1; 1965 options->permitted_opens = xcalloc(1, 1966 sizeof(*options->permitted_opens)); 1967 options->permitted_opens[0] = xstrdup(arg); 1968 } 1969 break; 1970 } 1971 for (; arg != NULL && *arg != '\0'; arg = strdelim(&cp)) { 1972 arg2 = xstrdup(arg); 1973 p = hpdelim(&arg); 1974 if (p == NULL) 1975 fatal("%s line %d: missing host in PermitOpen", 1976 filename, linenum); 1977 p = cleanhostname(p); 1978 if (arg == NULL || ((port = permitopen_port(arg)) < 0)) 1979 fatal("%s line %d: bad port number in " 1980 "PermitOpen", filename, linenum); 1981 if (*activep && value == 0) { 1982 array_append(filename, linenum, 1983 "PermitOpen", 1984 &options->permitted_opens, 1985 &options->num_permitted_opens, arg2); 1986 } 1987 free(arg2); 1988 } 1989 break; 1990 1991 case sForceCommand: 1992 if (cp == NULL || *cp == '\0') 1993 fatal("%.200s line %d: Missing argument.", filename, 1994 linenum); 1995 len = strspn(cp, WHITESPACE); 1996 if (*activep && options->adm_forced_command == NULL) 1997 options->adm_forced_command = xstrdup(cp + len); 1998 return 0; 1999 2000 case sChrootDirectory: 2001 charptr = &options->chroot_directory; 2002 2003 arg = strdelim(&cp); 2004 if (!arg || *arg == '\0') 2005 fatal("%s line %d: missing file name.", 2006 filename, linenum); 2007 if (*activep && *charptr == NULL) 2008 *charptr = xstrdup(arg); 2009 break; 2010 2011 case sTrustedUserCAKeys: 2012 charptr = &options->trusted_user_ca_keys; 2013 goto parse_filename; 2014 2015 case sRevokedKeys: 2016 charptr = &options->revoked_keys_file; 2017 goto parse_filename; 2018 2019 case sIPQoS: 2020 arg = strdelim(&cp); 2021 if ((value = parse_ipqos(arg)) == -1) 2022 fatal("%s line %d: Bad IPQoS value: %s", 2023 filename, linenum, arg); 2024 arg = strdelim(&cp); 2025 if (arg == NULL) 2026 value2 = value; 2027 else if ((value2 = parse_ipqos(arg)) == -1) 2028 fatal("%s line %d: Bad IPQoS value: %s", 2029 filename, linenum, arg); 2030 if (*activep) { 2031 options->ip_qos_interactive = value; 2032 options->ip_qos_bulk = value2; 2033 } 2034 break; 2035 2036 case sVersionAddendum: 2037 if (cp == NULL || *cp == '\0') 2038 fatal("%.200s line %d: Missing argument.", filename, 2039 linenum); 2040 len = strspn(cp, WHITESPACE); 2041 if (*activep && options->version_addendum == NULL) { 2042 if (strcasecmp(cp + len, "none") == 0) 2043 options->version_addendum = xstrdup(""); 2044 else if (strchr(cp + len, '\r') != NULL) 2045 fatal("%.200s line %d: Invalid argument", 2046 filename, linenum); 2047 else 2048 options->version_addendum = xstrdup(cp + len); 2049 } 2050 return 0; 2051 2052 case sAuthorizedKeysCommand: 2053 if (cp == NULL) 2054 fatal("%.200s line %d: Missing argument.", filename, 2055 linenum); 2056 len = strspn(cp, WHITESPACE); 2057 if (*activep && options->authorized_keys_command == NULL) { 2058 if (cp[len] != '/' && strcasecmp(cp + len, "none") != 0) 2059 fatal("%.200s line %d: AuthorizedKeysCommand " 2060 "must be an absolute path", 2061 filename, linenum); 2062 options->authorized_keys_command = xstrdup(cp + len); 2063 } 2064 return 0; 2065 2066 case sAuthorizedKeysCommandUser: 2067 charptr = &options->authorized_keys_command_user; 2068 2069 arg = strdelim(&cp); 2070 if (!arg || *arg == '\0') 2071 fatal("%s line %d: missing AuthorizedKeysCommandUser " 2072 "argument.", filename, linenum); 2073 if (*activep && *charptr == NULL) 2074 *charptr = xstrdup(arg); 2075 break; 2076 2077 case sAuthorizedPrincipalsCommand: 2078 if (cp == NULL) 2079 fatal("%.200s line %d: Missing argument.", filename, 2080 linenum); 2081 len = strspn(cp, WHITESPACE); 2082 if (*activep && 2083 options->authorized_principals_command == NULL) { 2084 if (cp[len] != '/' && strcasecmp(cp + len, "none") != 0) 2085 fatal("%.200s line %d: " 2086 "AuthorizedPrincipalsCommand must be " 2087 "an absolute path", filename, linenum); 2088 options->authorized_principals_command = 2089 xstrdup(cp + len); 2090 } 2091 return 0; 2092 2093 case sAuthorizedPrincipalsCommandUser: 2094 charptr = &options->authorized_principals_command_user; 2095 2096 arg = strdelim(&cp); 2097 if (!arg || *arg == '\0') 2098 fatal("%s line %d: missing " 2099 "AuthorizedPrincipalsCommandUser argument.", 2100 filename, linenum); 2101 if (*activep && *charptr == NULL) 2102 *charptr = xstrdup(arg); 2103 break; 2104 2105 case sAuthenticationMethods: 2106 if (options->num_auth_methods == 0) { 2107 value = 0; /* seen "any" pseudo-method */ 2108 value2 = 0; /* sucessfully parsed any method */ 2109 while ((arg = strdelim(&cp)) && *arg != '\0') { 2110 if (strcmp(arg, "any") == 0) { 2111 if (options->num_auth_methods > 0) { 2112 fatal("%s line %d: \"any\" " 2113 "must appear alone in " 2114 "AuthenticationMethods", 2115 filename, linenum); 2116 } 2117 value = 1; 2118 } else if (value) { 2119 fatal("%s line %d: \"any\" must appear " 2120 "alone in AuthenticationMethods", 2121 filename, linenum); 2122 } else if (auth2_methods_valid(arg, 0) != 0) { 2123 fatal("%s line %d: invalid " 2124 "authentication method list.", 2125 filename, linenum); 2126 } 2127 value2 = 1; 2128 if (!*activep) 2129 continue; 2130 array_append(filename, linenum, 2131 "AuthenticationMethods", 2132 &options->auth_methods, 2133 &options->num_auth_methods, arg); 2134 } 2135 if (value2 == 0) { 2136 fatal("%s line %d: no AuthenticationMethods " 2137 "specified", filename, linenum); 2138 } 2139 } 2140 return 0; 2141 2142 case sStreamLocalBindMask: 2143 arg = strdelim(&cp); 2144 if (!arg || *arg == '\0') 2145 fatal("%s line %d: missing StreamLocalBindMask " 2146 "argument.", filename, linenum); 2147 /* Parse mode in octal format */ 2148 value = strtol(arg, &p, 8); 2149 if (arg == p || value < 0 || value > 0777) 2150 fatal("%s line %d: Bad mask.", filename, linenum); 2151 if (*activep) 2152 options->fwd_opts.streamlocal_bind_mask = (mode_t)value; 2153 break; 2154 2155 case sStreamLocalBindUnlink: 2156 intptr = &options->fwd_opts.streamlocal_bind_unlink; 2157 goto parse_flag; 2158 2159 case sFingerprintHash: 2160 arg = strdelim(&cp); 2161 if (!arg || *arg == '\0') 2162 fatal("%.200s line %d: Missing argument.", 2163 filename, linenum); 2164 if ((value = ssh_digest_alg_by_name(arg)) == -1) 2165 fatal("%.200s line %d: Invalid hash algorithm \"%s\".", 2166 filename, linenum, arg); 2167 if (*activep) 2168 options->fingerprint_hash = value; 2169 break; 2170 2171 case sExposeAuthInfo: 2172 intptr = &options->expose_userauth_info; 2173 goto parse_flag; 2174 2175 case sRDomain: 2176 charptr = &options->routing_domain; 2177 arg = strdelim(&cp); 2178 if (!arg || *arg == '\0') 2179 fatal("%.200s line %d: Missing argument.", 2180 filename, linenum); 2181 if (strcasecmp(arg, "none") != 0 && strcmp(arg, "%D") != 0 && 2182 !valid_rdomain(arg)) 2183 fatal("%s line %d: bad routing domain", 2184 filename, linenum); 2185 if (*activep && *charptr == NULL) 2186 *charptr = xstrdup(arg); 2187 break; 2188 2189 case sDeprecated: 2190 case sIgnore: 2191 case sUnsupported: 2192 do_log2(opcode == sIgnore ? 2193 SYSLOG_LEVEL_DEBUG2 : SYSLOG_LEVEL_INFO, 2194 "%s line %d: %s option %s", filename, linenum, 2195 opcode == sUnsupported ? "Unsupported" : "Deprecated", arg); 2196 while (arg) 2197 arg = strdelim(&cp); 2198 break; 2199 2200 #ifdef WITH_LDAP_PUBKEY 2201 case sLdapPublickey: 2202 intptr = &options->lpk.on; 2203 goto parse_flag; 2204 case sLdapServers: 2205 /* arg = strdelim(&cp); */ 2206 p = line; 2207 while(*p++); 2208 arg = p; 2209 if (!arg || *arg == '\0') 2210 fatal("%s line %d: missing ldap server",filename,linenum); 2211 arg[strlen(arg)] = '\0'; 2212 if ((options->lpk.servers = ldap_parse_servers(arg)) == NULL) 2213 fatal("%s line %d: error in ldap servers", filename, linenum); 2214 memset(arg,0,strlen(arg)); 2215 break; 2216 case sLdapUserDN: 2217 arg = cp; 2218 if (!arg || *arg == '\0') 2219 fatal("%s line %d: missing ldap server",filename,linenum); 2220 arg[strlen(arg)] = '\0'; 2221 options->lpk.u_basedn = xstrdup(arg); 2222 memset(arg,0,strlen(arg)); 2223 break; 2224 case sLdapGroupDN: 2225 arg = cp; 2226 if (!arg || *arg == '\0') 2227 fatal("%s line %d: missing ldap server",filename,linenum); 2228 arg[strlen(arg)] = '\0'; 2229 options->lpk.g_basedn = xstrdup(arg); 2230 memset(arg,0,strlen(arg)); 2231 break; 2232 case sBindDN: 2233 arg = cp; 2234 if (!arg || *arg == '\0') 2235 fatal("%s line %d: missing binddn",filename,linenum); 2236 arg[strlen(arg)] = '\0'; 2237 options->lpk.binddn = xstrdup(arg); 2238 memset(arg,0,strlen(arg)); 2239 break; 2240 case sBindPw: 2241 arg = cp; 2242 if (!arg || *arg == '\0') 2243 fatal("%s line %d: missing bindpw",filename,linenum); 2244 arg[strlen(arg)] = '\0'; 2245 options->lpk.bindpw = xstrdup(arg); 2246 memset(arg,0,strlen(arg)); 2247 break; 2248 case sMyGroup: 2249 arg = cp; 2250 if (!arg || *arg == '\0') 2251 fatal("%s line %d: missing groupname",filename, linenum); 2252 arg[strlen(arg)] = '\0'; 2253 options->lpk.sgroup = xstrdup(arg); 2254 if (options->lpk.sgroup) 2255 options->lpk.fgroup = ldap_parse_groups(options->lpk.sgroup); 2256 memset(arg,0,strlen(arg)); 2257 break; 2258 case sLdapFilter: 2259 arg = cp; 2260 if (!arg || *arg == '\0') 2261 fatal("%s line %d: missing filter",filename, linenum); 2262 arg[strlen(arg)] = '\0'; 2263 options->lpk.filter = xstrdup(arg); 2264 memset(arg,0,strlen(arg)); 2265 break; 2266 case sForceTLS: 2267 intptr = &options->lpk.tls; 2268 arg = strdelim(&cp); 2269 if (!arg || *arg == '\0') 2270 fatal("%s line %d: missing yes/no argument.", 2271 filename, linenum); 2272 value = 0; /* silence compiler */ 2273 if (strcmp(arg, "yes") == 0) 2274 value = 1; 2275 else if (strcmp(arg, "no") == 0) 2276 value = 0; 2277 else if (strcmp(arg, "try") == 0) 2278 value = -1; 2279 else 2280 fatal("%s line %d: Bad yes/no argument: %s", 2281 filename, linenum, arg); 2282 if (*intptr == -1) 2283 *intptr = value; 2284 break; 2285 case sBindTimeout: 2286 timetptr = &options->lpk.b_timeout.tv_sec; 2287 parse_ulong: 2288 arg = strdelim(&cp); 2289 if (!arg || *arg == '\0') 2290 fatal("%s line %d: missing integer value.", 2291 filename, linenum); 2292 lvalue = atol(arg); 2293 if (*activep && *timetptr == -1) 2294 *timetptr = lvalue; 2295 break; 2296 2297 case sSearchTimeout: 2298 timetptr = &options->lpk.s_timeout.tv_sec; 2299 goto parse_ulong; 2300 break; 2301 case sLdapConf: 2302 arg = cp; 2303 if (!arg || *arg == '\0') 2304 fatal("%s line %d: missing LpkLdapConf", filename, linenum); 2305 arg[strlen(arg)] = '\0'; 2306 options->lpk.l_conf = xstrdup(arg); 2307 memset(arg, 0, strlen(arg)); 2308 break; 2309 case sLpkPubKeyAttr: 2310 arg = cp; 2311 if (!arg || *arg == '\0') 2312 fatal("%s line %d: missing pubkeyattr",filename,linenum); 2313 arg[strlen(arg)] = '\0'; 2314 options->lpk.pub_key_attr = xstrdup(arg); 2315 memset(arg,0,strlen(arg)); 2316 break; 2317 2318 #endif 2319 2320 default: 2321 fatal("%s line %d: Missing handler for opcode %s (%d)", 2322 filename, linenum, arg, opcode); 2323 } 2324 if ((arg = strdelim(&cp)) != NULL && *arg != '\0') 2325 fatal("%s line %d: garbage at end of line; \"%.200s\".", 2326 filename, linenum, arg); 2327 return 0; 2328 } 2329 2330 /* Reads the server configuration file. */ 2331 2332 void 2333 load_server_config(const char *filename, Buffer *conf) 2334 { 2335 char line[4096], *cp; 2336 FILE *f; 2337 int lineno = 0; 2338 2339 debug2("%s: filename %s", __func__, filename); 2340 if ((f = fopen(filename, "r")) == NULL) { 2341 perror(filename); 2342 exit(1); 2343 } 2344 buffer_clear(conf); 2345 while (fgets(line, sizeof(line), f)) { 2346 lineno++; 2347 if (strlen(line) == sizeof(line) - 1) 2348 fatal("%s line %d too long", filename, lineno); 2349 /* 2350 * Trim out comments and strip whitespace 2351 * NB - preserve newlines, they are needed to reproduce 2352 * line numbers later for error messages 2353 */ 2354 if ((cp = strchr(line, '#')) != NULL) 2355 memcpy(cp, "\n", 2); 2356 cp = line + strspn(line, " \t\r"); 2357 2358 buffer_append(conf, cp, strlen(cp)); 2359 } 2360 buffer_append(conf, "\0", 1); 2361 fclose(f); 2362 debug2("%s: done config len = %d", __func__, buffer_len(conf)); 2363 } 2364 2365 void 2366 parse_server_match_config(ServerOptions *options, 2367 struct connection_info *connectinfo) 2368 { 2369 ServerOptions mo; 2370 2371 initialize_server_options(&mo); 2372 parse_server_config(&mo, "reprocess config", &cfg, connectinfo); 2373 copy_set_server_options(options, &mo, 0); 2374 } 2375 2376 int parse_server_match_testspec(struct connection_info *ci, char *spec) 2377 { 2378 char *p; 2379 2380 while ((p = strsep(&spec, ",")) && *p != '\0') { 2381 if (strncmp(p, "addr=", 5) == 0) { 2382 ci->address = xstrdup(p + 5); 2383 } else if (strncmp(p, "host=", 5) == 0) { 2384 ci->host = xstrdup(p + 5); 2385 } else if (strncmp(p, "user=", 5) == 0) { 2386 ci->user = xstrdup(p + 5); 2387 } else if (strncmp(p, "laddr=", 6) == 0) { 2388 ci->laddress = xstrdup(p + 6); 2389 } else if (strncmp(p, "rdomain=", 8) == 0) { 2390 ci->rdomain = xstrdup(p + 8); 2391 } else if (strncmp(p, "lport=", 6) == 0) { 2392 ci->lport = a2port(p + 6); 2393 if (ci->lport == -1) { 2394 fprintf(stderr, "Invalid port '%s' in test mode" 2395 " specification %s\n", p+6, p); 2396 return -1; 2397 } 2398 } else { 2399 fprintf(stderr, "Invalid test mode specification %s\n", 2400 p); 2401 return -1; 2402 } 2403 } 2404 return 0; 2405 } 2406 2407 /* 2408 * Copy any supported values that are set. 2409 * 2410 * If the preauth flag is set, we do not bother copying the string or 2411 * array values that are not used pre-authentication, because any that we 2412 * do use must be explictly sent in mm_getpwnamallow(). 2413 */ 2414 void 2415 copy_set_server_options(ServerOptions *dst, ServerOptions *src, int preauth) 2416 { 2417 #define M_CP_INTOPT(n) do {\ 2418 if (src->n != -1) \ 2419 dst->n = src->n; \ 2420 } while (0) 2421 2422 M_CP_INTOPT(password_authentication); 2423 M_CP_INTOPT(gss_authentication); 2424 M_CP_INTOPT(pubkey_authentication); 2425 M_CP_INTOPT(kerberos_authentication); 2426 M_CP_INTOPT(hostbased_authentication); 2427 M_CP_INTOPT(hostbased_uses_name_from_packet_only); 2428 M_CP_INTOPT(kbd_interactive_authentication); 2429 M_CP_INTOPT(permit_root_login); 2430 M_CP_INTOPT(permit_empty_passwd); 2431 2432 M_CP_INTOPT(allow_tcp_forwarding); 2433 M_CP_INTOPT(allow_streamlocal_forwarding); 2434 M_CP_INTOPT(allow_agent_forwarding); 2435 M_CP_INTOPT(disable_forwarding); 2436 M_CP_INTOPT(expose_userauth_info); 2437 M_CP_INTOPT(permit_tun); 2438 M_CP_INTOPT(fwd_opts.gateway_ports); 2439 M_CP_INTOPT(fwd_opts.streamlocal_bind_unlink); 2440 M_CP_INTOPT(x11_display_offset); 2441 M_CP_INTOPT(x11_forwarding); 2442 M_CP_INTOPT(x11_use_localhost); 2443 M_CP_INTOPT(permit_tty); 2444 M_CP_INTOPT(permit_user_rc); 2445 M_CP_INTOPT(max_sessions); 2446 M_CP_INTOPT(max_authtries); 2447 M_CP_INTOPT(client_alive_count_max); 2448 M_CP_INTOPT(client_alive_interval); 2449 M_CP_INTOPT(ip_qos_interactive); 2450 M_CP_INTOPT(ip_qos_bulk); 2451 M_CP_INTOPT(rekey_limit); 2452 M_CP_INTOPT(rekey_interval); 2453 M_CP_INTOPT(log_level); 2454 2455 /* 2456 * The bind_mask is a mode_t that may be unsigned, so we can't use 2457 * M_CP_INTOPT - it does a signed comparison that causes compiler 2458 * warnings. 2459 */ 2460 if (src->fwd_opts.streamlocal_bind_mask != (mode_t)-1) { 2461 dst->fwd_opts.streamlocal_bind_mask = 2462 src->fwd_opts.streamlocal_bind_mask; 2463 } 2464 2465 /* M_CP_STROPT and M_CP_STRARRAYOPT should not appear before here */ 2466 #define M_CP_STROPT(n) do {\ 2467 if (src->n != NULL && dst->n != src->n) { \ 2468 free(dst->n); \ 2469 dst->n = src->n; \ 2470 } \ 2471 } while(0) 2472 #define M_CP_STRARRAYOPT(s, num_s) do {\ 2473 u_int i; \ 2474 if (src->num_s != 0) { \ 2475 for (i = 0; i < dst->num_s; i++) \ 2476 free(dst->s[i]); \ 2477 free(dst->s); \ 2478 dst->s = xcalloc(src->num_s, sizeof(*dst->s)); \ 2479 for (i = 0; i < src->num_s; i++) \ 2480 dst->s[i] = xstrdup(src->s[i]); \ 2481 dst->num_s = src->num_s; \ 2482 } \ 2483 } while(0) 2484 2485 /* See comment in servconf.h */ 2486 COPY_MATCH_STRING_OPTS(); 2487 2488 /* Arguments that accept '+...' need to be expanded */ 2489 assemble_algorithms(dst); 2490 2491 /* 2492 * The only things that should be below this point are string options 2493 * which are only used after authentication. 2494 */ 2495 if (preauth) 2496 return; 2497 2498 /* These options may be "none" to clear a global setting */ 2499 M_CP_STROPT(adm_forced_command); 2500 if (option_clear_or_none(dst->adm_forced_command)) { 2501 free(dst->adm_forced_command); 2502 dst->adm_forced_command = NULL; 2503 } 2504 M_CP_STROPT(chroot_directory); 2505 if (option_clear_or_none(dst->chroot_directory)) { 2506 free(dst->chroot_directory); 2507 dst->chroot_directory = NULL; 2508 } 2509 } 2510 2511 #undef M_CP_INTOPT 2512 #undef M_CP_STROPT 2513 #undef M_CP_STRARRAYOPT 2514 2515 void 2516 parse_server_config(ServerOptions *options, const char *filename, Buffer *conf, 2517 struct connection_info *connectinfo) 2518 { 2519 int active, linenum, bad_options = 0; 2520 char *cp, *obuf, *cbuf; 2521 2522 debug2("%s: config %s len %d", __func__, filename, buffer_len(conf)); 2523 2524 if ((obuf = cbuf = sshbuf_dup_string(conf)) == NULL) 2525 fatal("%s: sshbuf_dup_string failed", __func__); 2526 active = connectinfo ? 0 : 1; 2527 linenum = 1; 2528 while ((cp = strsep(&cbuf, "\n")) != NULL) { 2529 if (process_server_config_line(options, cp, filename, 2530 linenum++, &active, connectinfo) != 0) 2531 bad_options++; 2532 } 2533 free(obuf); 2534 if (bad_options > 0) 2535 fatal("%s: terminating, %d bad configuration options", 2536 filename, bad_options); 2537 process_queued_listen_addrs(options); 2538 } 2539 2540 static const char * 2541 fmt_multistate_int(int val, const struct multistate *m) 2542 { 2543 u_int i; 2544 2545 for (i = 0; m[i].key != NULL; i++) { 2546 if (m[i].value == val) 2547 return m[i].key; 2548 } 2549 return "UNKNOWN"; 2550 } 2551 2552 static const char * 2553 fmt_intarg(ServerOpCodes code, int val) 2554 { 2555 if (val == -1) 2556 return "unset"; 2557 switch (code) { 2558 case sAddressFamily: 2559 return fmt_multistate_int(val, multistate_addressfamily); 2560 case sPermitRootLogin: 2561 return fmt_multistate_int(val, multistate_permitrootlogin); 2562 case sGatewayPorts: 2563 return fmt_multistate_int(val, multistate_gatewayports); 2564 case sCompression: 2565 return fmt_multistate_int(val, multistate_compression); 2566 case sAllowTcpForwarding: 2567 return fmt_multistate_int(val, multistate_tcpfwd); 2568 case sAllowStreamLocalForwarding: 2569 return fmt_multistate_int(val, multistate_tcpfwd); 2570 case sFingerprintHash: 2571 return ssh_digest_alg_name(val); 2572 default: 2573 switch (val) { 2574 case 0: 2575 return "no"; 2576 case 1: 2577 return "yes"; 2578 default: 2579 return "UNKNOWN"; 2580 } 2581 } 2582 } 2583 2584 static const char * 2585 lookup_opcode_name(ServerOpCodes code) 2586 { 2587 u_int i; 2588 2589 for (i = 0; keywords[i].name != NULL; i++) 2590 if (keywords[i].opcode == code) 2591 return(keywords[i].name); 2592 return "UNKNOWN"; 2593 } 2594 2595 static void 2596 dump_cfg_int(ServerOpCodes code, int val) 2597 { 2598 printf("%s %d\n", lookup_opcode_name(code), val); 2599 } 2600 2601 static void 2602 dump_cfg_oct(ServerOpCodes code, int val) 2603 { 2604 printf("%s 0%o\n", lookup_opcode_name(code), val); 2605 } 2606 2607 static void 2608 dump_cfg_fmtint(ServerOpCodes code, int val) 2609 { 2610 printf("%s %s\n", lookup_opcode_name(code), fmt_intarg(code, val)); 2611 } 2612 2613 static void 2614 dump_cfg_string(ServerOpCodes code, const char *val) 2615 { 2616 printf("%s %s\n", lookup_opcode_name(code), 2617 val == NULL ? "none" : val); 2618 } 2619 2620 static void 2621 dump_cfg_strarray(ServerOpCodes code, u_int count, char **vals) 2622 { 2623 u_int i; 2624 2625 for (i = 0; i < count; i++) 2626 printf("%s %s\n", lookup_opcode_name(code), vals[i]); 2627 } 2628 2629 static void 2630 dump_cfg_strarray_oneline(ServerOpCodes code, u_int count, char **vals) 2631 { 2632 u_int i; 2633 2634 if (count <= 0 && code != sAuthenticationMethods) 2635 return; 2636 printf("%s", lookup_opcode_name(code)); 2637 for (i = 0; i < count; i++) 2638 printf(" %s", vals[i]); 2639 if (code == sAuthenticationMethods && count == 0) 2640 printf(" any"); 2641 printf("\n"); 2642 } 2643 2644 static char * 2645 format_listen_addrs(struct listenaddr *la) 2646 { 2647 int r; 2648 struct addrinfo *ai; 2649 char addr[NI_MAXHOST], port[NI_MAXSERV]; 2650 char *laddr1 = xstrdup(""), *laddr2 = NULL; 2651 2652 /* 2653 * ListenAddress must be after Port. add_one_listen_addr pushes 2654 * addresses onto a stack, so to maintain ordering we need to 2655 * print these in reverse order. 2656 */ 2657 for (ai = la->addrs; ai; ai = ai->ai_next) { 2658 if ((r = getnameinfo(ai->ai_addr, ai->ai_addrlen, addr, 2659 sizeof(addr), port, sizeof(port), 2660 NI_NUMERICHOST|NI_NUMERICSERV)) != 0) { 2661 error("getnameinfo: %.100s", ssh_gai_strerror(r)); 2662 continue; 2663 } 2664 laddr2 = laddr1; 2665 if (ai->ai_family == AF_INET6) { 2666 xasprintf(&laddr1, "listenaddress [%s]:%s%s%s\n%s", 2667 addr, port, 2668 la->rdomain == NULL ? "" : " rdomain ", 2669 la->rdomain == NULL ? "" : la->rdomain, 2670 laddr2); 2671 } else { 2672 xasprintf(&laddr1, "listenaddress %s:%s%s%s\n%s", 2673 addr, port, 2674 la->rdomain == NULL ? "" : " rdomain ", 2675 la->rdomain == NULL ? "" : la->rdomain, 2676 laddr2); 2677 } 2678 free(laddr2); 2679 } 2680 return laddr1; 2681 } 2682 2683 void 2684 dump_config(ServerOptions *o) 2685 { 2686 const char *s; 2687 u_int i; 2688 2689 /* these are usually at the top of the config */ 2690 for (i = 0; i < o->num_ports; i++) 2691 printf("port %d\n", o->ports[i]); 2692 dump_cfg_fmtint(sAddressFamily, o->address_family); 2693 2694 for (i = 0; i < o->num_listen_addrs; i++) { 2695 char *ss = format_listen_addrs(&o->listen_addrs[i]); 2696 printf("%s", ss); 2697 free(ss); 2698 } 2699 2700 /* integer arguments */ 2701 dump_cfg_int(sLoginGraceTime, o->login_grace_time); 2702 dump_cfg_int(sX11DisplayOffset, o->x11_display_offset); 2703 dump_cfg_int(sMaxAuthTries, o->max_authtries); 2704 dump_cfg_int(sMaxSessions, o->max_sessions); 2705 dump_cfg_int(sClientAliveInterval, o->client_alive_interval); 2706 dump_cfg_int(sClientAliveCountMax, o->client_alive_count_max); 2707 dump_cfg_oct(sStreamLocalBindMask, o->fwd_opts.streamlocal_bind_mask); 2708 2709 /* formatted integer arguments */ 2710 dump_cfg_fmtint(sPermitRootLogin, o->permit_root_login); 2711 dump_cfg_fmtint(sIgnoreRhosts, o->ignore_rhosts); 2712 dump_cfg_fmtint(sIgnoreUserKnownHosts, o->ignore_user_known_hosts); 2713 dump_cfg_fmtint(sHostbasedAuthentication, o->hostbased_authentication); 2714 dump_cfg_fmtint(sHostbasedUsesNameFromPacketOnly, 2715 o->hostbased_uses_name_from_packet_only); 2716 dump_cfg_fmtint(sPubkeyAuthentication, o->pubkey_authentication); 2717 #ifdef KRB5 2718 dump_cfg_fmtint(sKerberosAuthentication, o->kerberos_authentication); 2719 dump_cfg_fmtint(sKerberosOrLocalPasswd, o->kerberos_or_local_passwd); 2720 dump_cfg_fmtint(sKerberosTicketCleanup, o->kerberos_ticket_cleanup); 2721 dump_cfg_fmtint(sKerberosGetAFSToken, o->kerberos_get_afs_token); 2722 #endif 2723 #ifdef GSSAPI 2724 dump_cfg_fmtint(sGssAuthentication, o->gss_authentication); 2725 dump_cfg_fmtint(sGssCleanupCreds, o->gss_cleanup_creds); 2726 #endif 2727 dump_cfg_fmtint(sPasswordAuthentication, o->password_authentication); 2728 dump_cfg_fmtint(sKbdInteractiveAuthentication, 2729 o->kbd_interactive_authentication); 2730 dump_cfg_fmtint(sChallengeResponseAuthentication, 2731 o->challenge_response_authentication); 2732 dump_cfg_fmtint(sPrintMotd, o->print_motd); 2733 dump_cfg_fmtint(sPrintLastLog, o->print_lastlog); 2734 dump_cfg_fmtint(sX11Forwarding, o->x11_forwarding); 2735 dump_cfg_fmtint(sX11UseLocalhost, o->x11_use_localhost); 2736 dump_cfg_fmtint(sPermitTTY, o->permit_tty); 2737 dump_cfg_fmtint(sPermitUserRC, o->permit_user_rc); 2738 dump_cfg_fmtint(sStrictModes, o->strict_modes); 2739 dump_cfg_fmtint(sTCPKeepAlive, o->tcp_keep_alive); 2740 dump_cfg_fmtint(sEmptyPasswd, o->permit_empty_passwd); 2741 dump_cfg_fmtint(sPermitUserEnvironment, o->permit_user_env); 2742 dump_cfg_fmtint(sCompression, o->compression); 2743 dump_cfg_fmtint(sGatewayPorts, o->fwd_opts.gateway_ports); 2744 dump_cfg_fmtint(sUseDNS, o->use_dns); 2745 dump_cfg_fmtint(sAllowTcpForwarding, o->allow_tcp_forwarding); 2746 dump_cfg_fmtint(sAllowAgentForwarding, o->allow_agent_forwarding); 2747 dump_cfg_fmtint(sDisableForwarding, o->disable_forwarding); 2748 dump_cfg_fmtint(sAllowStreamLocalForwarding, o->allow_streamlocal_forwarding); 2749 dump_cfg_fmtint(sStreamLocalBindUnlink, o->fwd_opts.streamlocal_bind_unlink); 2750 dump_cfg_fmtint(sFingerprintHash, o->fingerprint_hash); 2751 dump_cfg_fmtint(sExposeAuthInfo, o->expose_userauth_info); 2752 2753 /* string arguments */ 2754 dump_cfg_string(sPidFile, o->pid_file); 2755 dump_cfg_string(sXAuthLocation, o->xauth_location); 2756 dump_cfg_string(sCiphers, o->ciphers ? o->ciphers : KEX_SERVER_ENCRYPT); 2757 dump_cfg_string(sMacs, o->macs ? o->macs : KEX_SERVER_MAC); 2758 dump_cfg_string(sBanner, o->banner); 2759 dump_cfg_string(sForceCommand, o->adm_forced_command); 2760 dump_cfg_string(sChrootDirectory, o->chroot_directory); 2761 dump_cfg_string(sTrustedUserCAKeys, o->trusted_user_ca_keys); 2762 dump_cfg_string(sRevokedKeys, o->revoked_keys_file); 2763 dump_cfg_string(sAuthorizedPrincipalsFile, 2764 o->authorized_principals_file); 2765 dump_cfg_string(sVersionAddendum, *o->version_addendum == '\0' 2766 ? "none" : o->version_addendum); 2767 dump_cfg_string(sAuthorizedKeysCommand, o->authorized_keys_command); 2768 dump_cfg_string(sAuthorizedKeysCommandUser, o->authorized_keys_command_user); 2769 dump_cfg_string(sAuthorizedPrincipalsCommand, o->authorized_principals_command); 2770 dump_cfg_string(sAuthorizedPrincipalsCommandUser, o->authorized_principals_command_user); 2771 dump_cfg_string(sHostKeyAgent, o->host_key_agent); 2772 dump_cfg_string(sKexAlgorithms, 2773 o->kex_algorithms ? o->kex_algorithms : KEX_SERVER_KEX); 2774 dump_cfg_string(sHostbasedAcceptedKeyTypes, o->hostbased_key_types ? 2775 o->hostbased_key_types : KEX_DEFAULT_PK_ALG); 2776 dump_cfg_string(sHostKeyAlgorithms, o->hostkeyalgorithms ? 2777 o->hostkeyalgorithms : KEX_DEFAULT_PK_ALG); 2778 dump_cfg_string(sPubkeyAcceptedKeyTypes, o->pubkey_key_types ? 2779 o->pubkey_key_types : KEX_DEFAULT_PK_ALG); 2780 dump_cfg_string(sRDomain, o->routing_domain); 2781 2782 /* string arguments requiring a lookup */ 2783 dump_cfg_string(sLogLevel, log_level_name(o->log_level)); 2784 dump_cfg_string(sLogFacility, log_facility_name(o->log_facility)); 2785 2786 /* string array arguments */ 2787 dump_cfg_strarray_oneline(sAuthorizedKeysFile, o->num_authkeys_files, 2788 o->authorized_keys_files); 2789 dump_cfg_strarray(sHostKeyFile, o->num_host_key_files, 2790 o->host_key_files); 2791 dump_cfg_strarray(sHostCertificate, o->num_host_cert_files, 2792 o->host_cert_files); 2793 dump_cfg_strarray(sAllowUsers, o->num_allow_users, o->allow_users); 2794 dump_cfg_strarray(sDenyUsers, o->num_deny_users, o->deny_users); 2795 dump_cfg_strarray(sAllowGroups, o->num_allow_groups, o->allow_groups); 2796 dump_cfg_strarray(sDenyGroups, o->num_deny_groups, o->deny_groups); 2797 dump_cfg_strarray(sAcceptEnv, o->num_accept_env, o->accept_env); 2798 dump_cfg_strarray_oneline(sAuthenticationMethods, 2799 o->num_auth_methods, o->auth_methods); 2800 2801 /* other arguments */ 2802 for (i = 0; i < o->num_subsystems; i++) 2803 printf("subsystem %s %s\n", o->subsystem_name[i], 2804 o->subsystem_args[i]); 2805 2806 printf("maxstartups %d:%d:%d\n", o->max_startups_begin, 2807 o->max_startups_rate, o->max_startups); 2808 2809 s = NULL; 2810 for (i = 0; tunmode_desc[i].val != -1; i++) { 2811 if (tunmode_desc[i].val == o->permit_tun) { 2812 s = tunmode_desc[i].text; 2813 break; 2814 } 2815 } 2816 dump_cfg_string(sPermitTunnel, s); 2817 2818 printf("ipqos %s ", iptos2str(o->ip_qos_interactive)); 2819 printf("%s\n", iptos2str(o->ip_qos_bulk)); 2820 2821 printf("rekeylimit %llu %d\n", (unsigned long long)o->rekey_limit, 2822 o->rekey_interval); 2823 2824 printf("permitopen"); 2825 if (o->num_permitted_opens == 0) 2826 printf(" any"); 2827 else { 2828 for (i = 0; i < o->num_permitted_opens; i++) 2829 printf(" %s", o->permitted_opens[i]); 2830 } 2831 printf("\n"); 2832 } 2833