1 /* $OpenBSD: servconf.c,v 1.403 2023/10/11 22:42:26 djm Exp $ */ 2 /* 3 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland 4 * All rights reserved 5 * 6 * As far as I am concerned, the code I have written for this software 7 * can be used freely for any purpose. Any derived versions of this 8 * software must be clearly marked as such, and if the derived work is 9 * incompatible with the protocol description in the RFC file, it must be 10 * called by a name other than "ssh" or "Secure Shell". 11 */ 12 13 #include <sys/types.h> 14 #include <sys/socket.h> 15 #include <sys/queue.h> 16 #include <sys/sysctl.h> 17 #include <sys/stat.h> 18 19 #include <netinet/in.h> 20 #include <netinet/ip.h> 21 #include <net/route.h> 22 23 #include <ctype.h> 24 #include <glob.h> 25 #include <netdb.h> 26 #include <pwd.h> 27 #include <stdio.h> 28 #include <stdlib.h> 29 #include <string.h> 30 #include <signal.h> 31 #include <unistd.h> 32 #include <limits.h> 33 #include <stdarg.h> 34 #include <errno.h> 35 #include <util.h> 36 37 #include "xmalloc.h" 38 #include "ssh.h" 39 #include "log.h" 40 #include "sshbuf.h" 41 #include "misc.h" 42 #include "servconf.h" 43 #include "pathnames.h" 44 #include "cipher.h" 45 #include "sshkey.h" 46 #include "kex.h" 47 #include "mac.h" 48 #include "match.h" 49 #include "channels.h" 50 #include "groupaccess.h" 51 #include "canohost.h" 52 #include "packet.h" 53 #include "ssherr.h" 54 #include "hostfile.h" 55 #include "auth.h" 56 #include "myproposal.h" 57 #include "digest.h" 58 59 static void add_listen_addr(ServerOptions *, const char *, 60 const char *, int); 61 static void add_one_listen_addr(ServerOptions *, const char *, 62 const char *, int); 63 static void parse_server_config_depth(ServerOptions *options, 64 const char *filename, struct sshbuf *conf, struct include_list *includes, 65 struct connection_info *connectinfo, int flags, int *activep, int depth); 66 67 /* Use of privilege separation or not */ 68 extern int use_privsep; 69 extern struct sshbuf *cfg; 70 71 /* Initializes the server options to their default values. */ 72 73 void 74 initialize_server_options(ServerOptions *options) 75 { 76 memset(options, 0, sizeof(*options)); 77 options->num_ports = 0; 78 options->ports_from_cmdline = 0; 79 options->queued_listen_addrs = NULL; 80 options->num_queued_listens = 0; 81 options->listen_addrs = NULL; 82 options->num_listen_addrs = 0; 83 options->address_family = -1; 84 options->routing_domain = NULL; 85 options->num_host_key_files = 0; 86 options->num_host_cert_files = 0; 87 options->host_key_agent = NULL; 88 options->pid_file = NULL; 89 options->login_grace_time = -1; 90 options->permit_root_login = PERMIT_NOT_SET; 91 options->ignore_rhosts = -1; 92 options->ignore_user_known_hosts = -1; 93 options->print_motd = -1; 94 options->print_lastlog = -1; 95 options->x11_forwarding = -1; 96 options->x11_display_offset = -1; 97 options->x11_use_localhost = -1; 98 options->permit_tty = -1; 99 options->permit_user_rc = -1; 100 options->xauth_location = NULL; 101 options->strict_modes = -1; 102 options->tcp_keep_alive = -1; 103 options->log_facility = SYSLOG_FACILITY_NOT_SET; 104 options->log_level = SYSLOG_LEVEL_NOT_SET; 105 options->num_log_verbose = 0; 106 options->log_verbose = NULL; 107 options->hostbased_authentication = -1; 108 options->hostbased_uses_name_from_packet_only = -1; 109 options->hostbased_accepted_algos = NULL; 110 options->hostkeyalgorithms = NULL; 111 options->pubkey_authentication = -1; 112 options->pubkey_auth_options = -1; 113 options->pubkey_accepted_algos = NULL; 114 options->kerberos_authentication = -1; 115 options->kerberos_or_local_passwd = -1; 116 options->kerberos_ticket_cleanup = -1; 117 options->kerberos_get_afs_token = -1; 118 options->gss_authentication=-1; 119 options->gss_cleanup_creds = -1; 120 options->gss_strict_acceptor = -1; 121 options->password_authentication = -1; 122 options->kbd_interactive_authentication = -1; 123 options->permit_empty_passwd = -1; 124 options->permit_user_env = -1; 125 options->permit_user_env_allowlist = NULL; 126 options->compression = -1; 127 options->rekey_limit = -1; 128 options->rekey_interval = -1; 129 options->allow_tcp_forwarding = -1; 130 options->allow_streamlocal_forwarding = -1; 131 options->allow_agent_forwarding = -1; 132 options->num_allow_users = 0; 133 options->num_deny_users = 0; 134 options->num_allow_groups = 0; 135 options->num_deny_groups = 0; 136 options->ciphers = NULL; 137 options->macs = NULL; 138 options->kex_algorithms = NULL; 139 options->ca_sign_algorithms = NULL; 140 options->fwd_opts.gateway_ports = -1; 141 options->fwd_opts.streamlocal_bind_mask = (mode_t)-1; 142 options->fwd_opts.streamlocal_bind_unlink = -1; 143 options->num_subsystems = 0; 144 options->max_startups_begin = -1; 145 options->max_startups_rate = -1; 146 options->max_startups = -1; 147 options->per_source_max_startups = -1; 148 options->per_source_masklen_ipv4 = -1; 149 options->per_source_masklen_ipv6 = -1; 150 options->max_authtries = -1; 151 options->max_sessions = -1; 152 options->banner = NULL; 153 options->use_dns = -1; 154 options->client_alive_interval = -1; 155 options->client_alive_count_max = -1; 156 options->num_authkeys_files = 0; 157 options->num_accept_env = 0; 158 options->num_setenv = 0; 159 options->permit_tun = -1; 160 options->permitted_opens = NULL; 161 options->permitted_listens = NULL; 162 options->adm_forced_command = NULL; 163 options->chroot_directory = NULL; 164 options->authorized_keys_command = NULL; 165 options->authorized_keys_command_user = NULL; 166 options->revoked_keys_file = NULL; 167 options->sk_provider = NULL; 168 options->trusted_user_ca_keys = NULL; 169 options->authorized_principals_file = NULL; 170 options->authorized_principals_command = NULL; 171 options->authorized_principals_command_user = NULL; 172 options->ip_qos_interactive = -1; 173 options->ip_qos_bulk = -1; 174 options->version_addendum = NULL; 175 options->fingerprint_hash = -1; 176 options->disable_forwarding = -1; 177 options->expose_userauth_info = -1; 178 options->required_rsa_size = -1; 179 options->channel_timeouts = NULL; 180 options->num_channel_timeouts = 0; 181 options->unused_connection_timeout = -1; 182 } 183 184 /* Returns 1 if a string option is unset or set to "none" or 0 otherwise. */ 185 static int 186 option_clear_or_none(const char *o) 187 { 188 return o == NULL || strcasecmp(o, "none") == 0; 189 } 190 191 static void 192 assemble_algorithms(ServerOptions *o) 193 { 194 char *all_cipher, *all_mac, *all_kex, *all_key, *all_sig; 195 char *def_cipher, *def_mac, *def_kex, *def_key, *def_sig; 196 int r; 197 198 all_cipher = cipher_alg_list(',', 0); 199 all_mac = mac_alg_list(','); 200 all_kex = kex_alg_list(','); 201 all_key = sshkey_alg_list(0, 0, 1, ','); 202 all_sig = sshkey_alg_list(0, 1, 1, ','); 203 /* remove unsupported algos from default lists */ 204 def_cipher = match_filter_allowlist(KEX_SERVER_ENCRYPT, all_cipher); 205 def_mac = match_filter_allowlist(KEX_SERVER_MAC, all_mac); 206 def_kex = match_filter_allowlist(KEX_SERVER_KEX, all_kex); 207 def_key = match_filter_allowlist(KEX_DEFAULT_PK_ALG, all_key); 208 def_sig = match_filter_allowlist(SSH_ALLOWED_CA_SIGALGS, all_sig); 209 #define ASSEMBLE(what, defaults, all) \ 210 do { \ 211 if ((r = kex_assemble_names(&o->what, defaults, all)) != 0) \ 212 fatal_fr(r, "%s", #what); \ 213 } while (0) 214 ASSEMBLE(ciphers, def_cipher, all_cipher); 215 ASSEMBLE(macs, def_mac, all_mac); 216 ASSEMBLE(kex_algorithms, def_kex, all_kex); 217 ASSEMBLE(hostkeyalgorithms, def_key, all_key); 218 ASSEMBLE(hostbased_accepted_algos, def_key, all_key); 219 ASSEMBLE(pubkey_accepted_algos, def_key, all_key); 220 ASSEMBLE(ca_sign_algorithms, def_sig, all_sig); 221 #undef ASSEMBLE 222 free(all_cipher); 223 free(all_mac); 224 free(all_kex); 225 free(all_key); 226 free(all_sig); 227 free(def_cipher); 228 free(def_mac); 229 free(def_kex); 230 free(def_key); 231 free(def_sig); 232 } 233 234 void 235 servconf_add_hostkey(const char *file, const int line, 236 ServerOptions *options, const char *path, int userprovided) 237 { 238 char *apath = derelativise_path(path); 239 240 opt_array_append2(file, line, "HostKey", 241 &options->host_key_files, &options->host_key_file_userprovided, 242 &options->num_host_key_files, apath, userprovided); 243 free(apath); 244 } 245 246 void 247 servconf_add_hostcert(const char *file, const int line, 248 ServerOptions *options, const char *path) 249 { 250 char *apath = derelativise_path(path); 251 252 opt_array_append(file, line, "HostCertificate", 253 &options->host_cert_files, &options->num_host_cert_files, apath); 254 free(apath); 255 } 256 257 void 258 fill_default_server_options(ServerOptions *options) 259 { 260 u_int i; 261 262 if (options->num_host_key_files == 0) { 263 /* fill default hostkeys */ 264 servconf_add_hostkey("[default]", 0, options, 265 _PATH_HOST_RSA_KEY_FILE, 0); 266 servconf_add_hostkey("[default]", 0, options, 267 _PATH_HOST_ECDSA_KEY_FILE, 0); 268 servconf_add_hostkey("[default]", 0, options, 269 _PATH_HOST_ED25519_KEY_FILE, 0); 270 #ifdef WITH_XMSS 271 servconf_add_hostkey("[default]", 0, options, 272 _PATH_HOST_XMSS_KEY_FILE, 0); 273 #endif /* WITH_XMSS */ 274 } 275 /* No certificates by default */ 276 if (options->num_ports == 0) 277 options->ports[options->num_ports++] = SSH_DEFAULT_PORT; 278 if (options->address_family == -1) 279 options->address_family = AF_UNSPEC; 280 if (options->listen_addrs == NULL) 281 add_listen_addr(options, NULL, NULL, 0); 282 if (options->pid_file == NULL) 283 options->pid_file = xstrdup(_PATH_SSH_DAEMON_PID_FILE); 284 if (options->moduli_file == NULL) 285 options->moduli_file = xstrdup(_PATH_DH_MODULI); 286 if (options->login_grace_time == -1) 287 options->login_grace_time = 120; 288 if (options->permit_root_login == PERMIT_NOT_SET) 289 options->permit_root_login = PERMIT_NO_PASSWD; 290 if (options->ignore_rhosts == -1) 291 options->ignore_rhosts = 1; 292 if (options->ignore_user_known_hosts == -1) 293 options->ignore_user_known_hosts = 0; 294 if (options->print_motd == -1) 295 options->print_motd = 1; 296 if (options->print_lastlog == -1) 297 options->print_lastlog = 1; 298 if (options->x11_forwarding == -1) 299 options->x11_forwarding = 0; 300 if (options->x11_display_offset == -1) 301 options->x11_display_offset = 10; 302 if (options->x11_use_localhost == -1) 303 options->x11_use_localhost = 1; 304 if (options->xauth_location == NULL) 305 options->xauth_location = xstrdup(_PATH_XAUTH); 306 if (options->permit_tty == -1) 307 options->permit_tty = 1; 308 if (options->permit_user_rc == -1) 309 options->permit_user_rc = 1; 310 if (options->strict_modes == -1) 311 options->strict_modes = 1; 312 if (options->tcp_keep_alive == -1) 313 options->tcp_keep_alive = 1; 314 if (options->log_facility == SYSLOG_FACILITY_NOT_SET) 315 options->log_facility = SYSLOG_FACILITY_AUTH; 316 if (options->log_level == SYSLOG_LEVEL_NOT_SET) 317 options->log_level = SYSLOG_LEVEL_INFO; 318 if (options->hostbased_authentication == -1) 319 options->hostbased_authentication = 0; 320 if (options->hostbased_uses_name_from_packet_only == -1) 321 options->hostbased_uses_name_from_packet_only = 0; 322 if (options->pubkey_authentication == -1) 323 options->pubkey_authentication = 1; 324 if (options->pubkey_auth_options == -1) 325 options->pubkey_auth_options = 0; 326 if (options->kerberos_authentication == -1) 327 options->kerberos_authentication = 0; 328 if (options->kerberos_or_local_passwd == -1) 329 options->kerberos_or_local_passwd = 1; 330 if (options->kerberos_ticket_cleanup == -1) 331 options->kerberos_ticket_cleanup = 1; 332 if (options->kerberos_get_afs_token == -1) 333 options->kerberos_get_afs_token = 0; 334 if (options->gss_authentication == -1) 335 options->gss_authentication = 0; 336 if (options->gss_cleanup_creds == -1) 337 options->gss_cleanup_creds = 1; 338 if (options->gss_strict_acceptor == -1) 339 options->gss_strict_acceptor = 1; 340 if (options->password_authentication == -1) 341 options->password_authentication = 1; 342 if (options->kbd_interactive_authentication == -1) 343 options->kbd_interactive_authentication = 1; 344 if (options->permit_empty_passwd == -1) 345 options->permit_empty_passwd = 0; 346 if (options->permit_user_env == -1) { 347 options->permit_user_env = 0; 348 options->permit_user_env_allowlist = NULL; 349 } 350 if (options->compression == -1) 351 #ifdef WITH_ZLIB 352 options->compression = COMP_DELAYED; 353 #else 354 options->compression = COMP_NONE; 355 #endif 356 357 if (options->rekey_limit == -1) 358 options->rekey_limit = 0; 359 if (options->rekey_interval == -1) 360 options->rekey_interval = 0; 361 if (options->allow_tcp_forwarding == -1) 362 options->allow_tcp_forwarding = FORWARD_ALLOW; 363 if (options->allow_streamlocal_forwarding == -1) 364 options->allow_streamlocal_forwarding = FORWARD_ALLOW; 365 if (options->allow_agent_forwarding == -1) 366 options->allow_agent_forwarding = 1; 367 if (options->fwd_opts.gateway_ports == -1) 368 options->fwd_opts.gateway_ports = 0; 369 if (options->max_startups == -1) 370 options->max_startups = 100; 371 if (options->max_startups_rate == -1) 372 options->max_startups_rate = 30; /* 30% */ 373 if (options->max_startups_begin == -1) 374 options->max_startups_begin = 10; 375 if (options->per_source_max_startups == -1) 376 options->per_source_max_startups = INT_MAX; 377 if (options->per_source_masklen_ipv4 == -1) 378 options->per_source_masklen_ipv4 = 32; 379 if (options->per_source_masklen_ipv6 == -1) 380 options->per_source_masklen_ipv6 = 128; 381 if (options->max_authtries == -1) 382 options->max_authtries = DEFAULT_AUTH_FAIL_MAX; 383 if (options->max_sessions == -1) 384 options->max_sessions = DEFAULT_SESSIONS_MAX; 385 if (options->use_dns == -1) 386 options->use_dns = 0; 387 if (options->client_alive_interval == -1) 388 options->client_alive_interval = 0; 389 if (options->client_alive_count_max == -1) 390 options->client_alive_count_max = 3; 391 if (options->num_authkeys_files == 0) { 392 opt_array_append("[default]", 0, "AuthorizedKeysFiles", 393 &options->authorized_keys_files, 394 &options->num_authkeys_files, 395 _PATH_SSH_USER_PERMITTED_KEYS); 396 opt_array_append("[default]", 0, "AuthorizedKeysFiles", 397 &options->authorized_keys_files, 398 &options->num_authkeys_files, 399 _PATH_SSH_USER_PERMITTED_KEYS2); 400 } 401 if (options->permit_tun == -1) 402 options->permit_tun = SSH_TUNMODE_NO; 403 if (options->ip_qos_interactive == -1) 404 options->ip_qos_interactive = IPTOS_DSCP_AF21; 405 if (options->ip_qos_bulk == -1) 406 options->ip_qos_bulk = IPTOS_DSCP_CS1; 407 if (options->version_addendum == NULL) 408 options->version_addendum = xstrdup(""); 409 if (options->fwd_opts.streamlocal_bind_mask == (mode_t)-1) 410 options->fwd_opts.streamlocal_bind_mask = 0177; 411 if (options->fwd_opts.streamlocal_bind_unlink == -1) 412 options->fwd_opts.streamlocal_bind_unlink = 0; 413 if (options->fingerprint_hash == -1) 414 options->fingerprint_hash = SSH_FP_HASH_DEFAULT; 415 if (options->disable_forwarding == -1) 416 options->disable_forwarding = 0; 417 if (options->expose_userauth_info == -1) 418 options->expose_userauth_info = 0; 419 if (options->sk_provider == NULL) 420 options->sk_provider = xstrdup("internal"); 421 if (options->required_rsa_size == -1) 422 options->required_rsa_size = SSH_RSA_MINIMUM_MODULUS_SIZE; 423 if (options->unused_connection_timeout == -1) 424 options->unused_connection_timeout = 0; 425 426 assemble_algorithms(options); 427 428 /* Turn privilege separation and sandboxing on by default */ 429 if (use_privsep == -1) 430 use_privsep = PRIVSEP_ON; 431 432 #define CLEAR_ON_NONE(v) \ 433 do { \ 434 if (option_clear_or_none(v)) { \ 435 free(v); \ 436 v = NULL; \ 437 } \ 438 } while(0) 439 #define CLEAR_ON_NONE_ARRAY(v, nv, none) \ 440 do { \ 441 if (options->nv == 1 && \ 442 strcasecmp(options->v[0], none) == 0) { \ 443 free(options->v[0]); \ 444 free(options->v); \ 445 options->v = NULL; \ 446 options->nv = 0; \ 447 } \ 448 } while (0) 449 CLEAR_ON_NONE(options->pid_file); 450 CLEAR_ON_NONE(options->xauth_location); 451 CLEAR_ON_NONE(options->banner); 452 CLEAR_ON_NONE(options->trusted_user_ca_keys); 453 CLEAR_ON_NONE(options->revoked_keys_file); 454 CLEAR_ON_NONE(options->sk_provider); 455 CLEAR_ON_NONE(options->authorized_principals_file); 456 CLEAR_ON_NONE(options->adm_forced_command); 457 CLEAR_ON_NONE(options->chroot_directory); 458 CLEAR_ON_NONE(options->routing_domain); 459 CLEAR_ON_NONE(options->host_key_agent); 460 461 for (i = 0; i < options->num_host_key_files; i++) 462 CLEAR_ON_NONE(options->host_key_files[i]); 463 for (i = 0; i < options->num_host_cert_files; i++) 464 CLEAR_ON_NONE(options->host_cert_files[i]); 465 466 CLEAR_ON_NONE_ARRAY(channel_timeouts, num_channel_timeouts, "none"); 467 CLEAR_ON_NONE_ARRAY(auth_methods, num_auth_methods, "any"); 468 #undef CLEAR_ON_NONE 469 #undef CLEAR_ON_NONE_ARRAY 470 } 471 472 /* Keyword tokens. */ 473 typedef enum { 474 sBadOption, /* == unknown option */ 475 sPort, sHostKeyFile, sLoginGraceTime, 476 sPermitRootLogin, sLogFacility, sLogLevel, sLogVerbose, 477 sKerberosAuthentication, sKerberosOrLocalPasswd, sKerberosTicketCleanup, 478 sKerberosGetAFSToken, sPasswordAuthentication, 479 sKbdInteractiveAuthentication, sListenAddress, sAddressFamily, 480 sPrintMotd, sPrintLastLog, sIgnoreRhosts, 481 sX11Forwarding, sX11DisplayOffset, sX11UseLocalhost, 482 sPermitTTY, sStrictModes, sEmptyPasswd, sTCPKeepAlive, 483 sPermitUserEnvironment, sAllowTcpForwarding, sCompression, 484 sRekeyLimit, sAllowUsers, sDenyUsers, sAllowGroups, sDenyGroups, 485 sIgnoreUserKnownHosts, sCiphers, sMacs, sPidFile, sModuliFile, 486 sGatewayPorts, sPubkeyAuthentication, sPubkeyAcceptedAlgorithms, 487 sXAuthLocation, sSubsystem, sMaxStartups, sMaxAuthTries, sMaxSessions, 488 sBanner, sUseDNS, sHostbasedAuthentication, 489 sHostbasedUsesNameFromPacketOnly, sHostbasedAcceptedAlgorithms, 490 sHostKeyAlgorithms, sPerSourceMaxStartups, sPerSourceNetBlockSize, 491 sClientAliveInterval, sClientAliveCountMax, sAuthorizedKeysFile, 492 sGssAuthentication, sGssCleanupCreds, sGssStrictAcceptor, 493 sAcceptEnv, sSetEnv, sPermitTunnel, 494 sMatch, sPermitOpen, sPermitListen, sForceCommand, sChrootDirectory, 495 sUsePrivilegeSeparation, sAllowAgentForwarding, 496 sHostCertificate, sInclude, 497 sRevokedKeys, sTrustedUserCAKeys, sAuthorizedPrincipalsFile, 498 sAuthorizedPrincipalsCommand, sAuthorizedPrincipalsCommandUser, 499 sKexAlgorithms, sCASignatureAlgorithms, sIPQoS, sVersionAddendum, 500 sAuthorizedKeysCommand, sAuthorizedKeysCommandUser, 501 sAuthenticationMethods, sHostKeyAgent, sPermitUserRC, 502 sStreamLocalBindMask, sStreamLocalBindUnlink, 503 sAllowStreamLocalForwarding, sFingerprintHash, sDisableForwarding, 504 sExposeAuthInfo, sRDomain, sPubkeyAuthOptions, sSecurityKeyProvider, 505 sRequiredRSASize, sChannelTimeout, sUnusedConnectionTimeout, 506 sDeprecated, sIgnore, sUnsupported 507 } ServerOpCodes; 508 509 #define SSHCFG_GLOBAL 0x01 /* allowed in main section of config */ 510 #define SSHCFG_MATCH 0x02 /* allowed inside a Match section */ 511 #define SSHCFG_ALL (SSHCFG_GLOBAL|SSHCFG_MATCH) 512 #define SSHCFG_NEVERMATCH 0x04 /* Match never matches; internal only */ 513 #define SSHCFG_MATCH_ONLY 0x08 /* Match only in conditional blocks; internal only */ 514 515 /* Textual representation of the tokens. */ 516 static struct { 517 const char *name; 518 ServerOpCodes opcode; 519 u_int flags; 520 } keywords[] = { 521 { "port", sPort, SSHCFG_GLOBAL }, 522 { "hostkey", sHostKeyFile, SSHCFG_GLOBAL }, 523 { "hostdsakey", sHostKeyFile, SSHCFG_GLOBAL }, /* alias */ 524 { "hostkeyagent", sHostKeyAgent, SSHCFG_GLOBAL }, 525 { "pidfile", sPidFile, SSHCFG_GLOBAL }, 526 { "modulifile", sModuliFile, SSHCFG_GLOBAL }, 527 { "serverkeybits", sDeprecated, SSHCFG_GLOBAL }, 528 { "logingracetime", sLoginGraceTime, SSHCFG_GLOBAL }, 529 { "keyregenerationinterval", sDeprecated, SSHCFG_GLOBAL }, 530 { "permitrootlogin", sPermitRootLogin, SSHCFG_ALL }, 531 { "syslogfacility", sLogFacility, SSHCFG_GLOBAL }, 532 { "loglevel", sLogLevel, SSHCFG_ALL }, 533 { "logverbose", sLogVerbose, SSHCFG_ALL }, 534 { "rhostsauthentication", sDeprecated, SSHCFG_GLOBAL }, 535 { "rhostsrsaauthentication", sDeprecated, SSHCFG_ALL }, 536 { "hostbasedauthentication", sHostbasedAuthentication, SSHCFG_ALL }, 537 { "hostbasedusesnamefrompacketonly", sHostbasedUsesNameFromPacketOnly, SSHCFG_ALL }, 538 { "hostbasedacceptedalgorithms", sHostbasedAcceptedAlgorithms, SSHCFG_ALL }, 539 { "hostbasedacceptedkeytypes", sHostbasedAcceptedAlgorithms, SSHCFG_ALL }, /* obsolete */ 540 { "hostkeyalgorithms", sHostKeyAlgorithms, SSHCFG_GLOBAL }, 541 { "rsaauthentication", sDeprecated, SSHCFG_ALL }, 542 { "pubkeyauthentication", sPubkeyAuthentication, SSHCFG_ALL }, 543 { "pubkeyacceptedalgorithms", sPubkeyAcceptedAlgorithms, SSHCFG_ALL }, 544 { "pubkeyacceptedkeytypes", sPubkeyAcceptedAlgorithms, SSHCFG_ALL }, /* obsolete */ 545 { "pubkeyauthoptions", sPubkeyAuthOptions, SSHCFG_ALL }, 546 { "dsaauthentication", sPubkeyAuthentication, SSHCFG_GLOBAL }, /* alias */ 547 #ifdef KRB5 548 { "kerberosauthentication", sKerberosAuthentication, SSHCFG_ALL }, 549 { "kerberosorlocalpasswd", sKerberosOrLocalPasswd, SSHCFG_GLOBAL }, 550 { "kerberosticketcleanup", sKerberosTicketCleanup, SSHCFG_GLOBAL }, 551 { "kerberosgetafstoken", sKerberosGetAFSToken, SSHCFG_GLOBAL }, 552 #else 553 { "kerberosauthentication", sUnsupported, SSHCFG_ALL }, 554 { "kerberosorlocalpasswd", sUnsupported, SSHCFG_GLOBAL }, 555 { "kerberosticketcleanup", sUnsupported, SSHCFG_GLOBAL }, 556 { "kerberosgetafstoken", sUnsupported, SSHCFG_GLOBAL }, 557 #endif 558 { "kerberostgtpassing", sUnsupported, SSHCFG_GLOBAL }, 559 { "afstokenpassing", sUnsupported, SSHCFG_GLOBAL }, 560 #ifdef GSSAPI 561 { "gssapiauthentication", sGssAuthentication, SSHCFG_ALL }, 562 { "gssapicleanupcredentials", sGssCleanupCreds, SSHCFG_GLOBAL }, 563 { "gssapistrictacceptorcheck", sGssStrictAcceptor, SSHCFG_GLOBAL }, 564 #else 565 { "gssapiauthentication", sUnsupported, SSHCFG_ALL }, 566 { "gssapicleanupcredentials", sUnsupported, SSHCFG_GLOBAL }, 567 { "gssapistrictacceptorcheck", sUnsupported, SSHCFG_GLOBAL }, 568 #endif 569 { "passwordauthentication", sPasswordAuthentication, SSHCFG_ALL }, 570 { "kbdinteractiveauthentication", sKbdInteractiveAuthentication, SSHCFG_ALL }, 571 { "challengeresponseauthentication", sKbdInteractiveAuthentication, SSHCFG_ALL }, /* alias */ 572 { "skeyauthentication", sKbdInteractiveAuthentication, SSHCFG_ALL }, /* alias */ 573 { "checkmail", sDeprecated, SSHCFG_GLOBAL }, 574 { "listenaddress", sListenAddress, SSHCFG_GLOBAL }, 575 { "addressfamily", sAddressFamily, SSHCFG_GLOBAL }, 576 { "printmotd", sPrintMotd, SSHCFG_GLOBAL }, 577 { "printlastlog", sPrintLastLog, SSHCFG_GLOBAL }, 578 { "ignorerhosts", sIgnoreRhosts, SSHCFG_ALL }, 579 { "ignoreuserknownhosts", sIgnoreUserKnownHosts, SSHCFG_GLOBAL }, 580 { "x11forwarding", sX11Forwarding, SSHCFG_ALL }, 581 { "x11displayoffset", sX11DisplayOffset, SSHCFG_ALL }, 582 { "x11uselocalhost", sX11UseLocalhost, SSHCFG_ALL }, 583 { "xauthlocation", sXAuthLocation, SSHCFG_GLOBAL }, 584 { "strictmodes", sStrictModes, SSHCFG_GLOBAL }, 585 { "permitemptypasswords", sEmptyPasswd, SSHCFG_ALL }, 586 { "permituserenvironment", sPermitUserEnvironment, SSHCFG_GLOBAL }, 587 { "uselogin", sDeprecated, SSHCFG_GLOBAL }, 588 { "compression", sCompression, SSHCFG_GLOBAL }, 589 { "rekeylimit", sRekeyLimit, SSHCFG_ALL }, 590 { "tcpkeepalive", sTCPKeepAlive, SSHCFG_GLOBAL }, 591 { "keepalive", sTCPKeepAlive, SSHCFG_GLOBAL }, /* obsolete alias */ 592 { "allowtcpforwarding", sAllowTcpForwarding, SSHCFG_ALL }, 593 { "allowagentforwarding", sAllowAgentForwarding, SSHCFG_ALL }, 594 { "allowusers", sAllowUsers, SSHCFG_ALL }, 595 { "denyusers", sDenyUsers, SSHCFG_ALL }, 596 { "allowgroups", sAllowGroups, SSHCFG_ALL }, 597 { "denygroups", sDenyGroups, SSHCFG_ALL }, 598 { "ciphers", sCiphers, SSHCFG_GLOBAL }, 599 { "macs", sMacs, SSHCFG_GLOBAL }, 600 { "protocol", sIgnore, SSHCFG_GLOBAL }, 601 { "gatewayports", sGatewayPorts, SSHCFG_ALL }, 602 { "subsystem", sSubsystem, SSHCFG_ALL }, 603 { "maxstartups", sMaxStartups, SSHCFG_GLOBAL }, 604 { "persourcemaxstartups", sPerSourceMaxStartups, SSHCFG_GLOBAL }, 605 { "persourcenetblocksize", sPerSourceNetBlockSize, SSHCFG_GLOBAL }, 606 { "maxauthtries", sMaxAuthTries, SSHCFG_ALL }, 607 { "maxsessions", sMaxSessions, SSHCFG_ALL }, 608 { "banner", sBanner, SSHCFG_ALL }, 609 { "usedns", sUseDNS, SSHCFG_GLOBAL }, 610 { "verifyreversemapping", sDeprecated, SSHCFG_GLOBAL }, 611 { "reversemappingcheck", sDeprecated, SSHCFG_GLOBAL }, 612 { "clientaliveinterval", sClientAliveInterval, SSHCFG_ALL }, 613 { "clientalivecountmax", sClientAliveCountMax, SSHCFG_ALL }, 614 { "authorizedkeysfile", sAuthorizedKeysFile, SSHCFG_ALL }, 615 { "authorizedkeysfile2", sDeprecated, SSHCFG_ALL }, 616 { "useprivilegeseparation", sDeprecated, SSHCFG_GLOBAL}, 617 { "acceptenv", sAcceptEnv, SSHCFG_ALL }, 618 { "setenv", sSetEnv, SSHCFG_ALL }, 619 { "permittunnel", sPermitTunnel, SSHCFG_ALL }, 620 { "permittty", sPermitTTY, SSHCFG_ALL }, 621 { "permituserrc", sPermitUserRC, SSHCFG_ALL }, 622 { "match", sMatch, SSHCFG_ALL }, 623 { "permitopen", sPermitOpen, SSHCFG_ALL }, 624 { "permitlisten", sPermitListen, SSHCFG_ALL }, 625 { "forcecommand", sForceCommand, SSHCFG_ALL }, 626 { "chrootdirectory", sChrootDirectory, SSHCFG_ALL }, 627 { "hostcertificate", sHostCertificate, SSHCFG_GLOBAL }, 628 { "revokedkeys", sRevokedKeys, SSHCFG_ALL }, 629 { "trustedusercakeys", sTrustedUserCAKeys, SSHCFG_ALL }, 630 { "authorizedprincipalsfile", sAuthorizedPrincipalsFile, SSHCFG_ALL }, 631 { "kexalgorithms", sKexAlgorithms, SSHCFG_GLOBAL }, 632 { "include", sInclude, SSHCFG_ALL }, 633 { "ipqos", sIPQoS, SSHCFG_ALL }, 634 { "authorizedkeyscommand", sAuthorizedKeysCommand, SSHCFG_ALL }, 635 { "authorizedkeyscommanduser", sAuthorizedKeysCommandUser, SSHCFG_ALL }, 636 { "authorizedprincipalscommand", sAuthorizedPrincipalsCommand, SSHCFG_ALL }, 637 { "authorizedprincipalscommanduser", sAuthorizedPrincipalsCommandUser, SSHCFG_ALL }, 638 { "versionaddendum", sVersionAddendum, SSHCFG_GLOBAL }, 639 { "authenticationmethods", sAuthenticationMethods, SSHCFG_ALL }, 640 { "streamlocalbindmask", sStreamLocalBindMask, SSHCFG_ALL }, 641 { "streamlocalbindunlink", sStreamLocalBindUnlink, SSHCFG_ALL }, 642 { "allowstreamlocalforwarding", sAllowStreamLocalForwarding, SSHCFG_ALL }, 643 { "fingerprinthash", sFingerprintHash, SSHCFG_GLOBAL }, 644 { "disableforwarding", sDisableForwarding, SSHCFG_ALL }, 645 { "exposeauthinfo", sExposeAuthInfo, SSHCFG_ALL }, 646 { "rdomain", sRDomain, SSHCFG_ALL }, 647 { "casignaturealgorithms", sCASignatureAlgorithms, SSHCFG_ALL }, 648 { "securitykeyprovider", sSecurityKeyProvider, SSHCFG_GLOBAL }, 649 { "requiredrsasize", sRequiredRSASize, SSHCFG_ALL }, 650 { "channeltimeout", sChannelTimeout, SSHCFG_ALL }, 651 { "unusedconnectiontimeout", sUnusedConnectionTimeout, SSHCFG_ALL }, 652 { NULL, sBadOption, 0 } 653 }; 654 655 static struct { 656 int val; 657 char *text; 658 } tunmode_desc[] = { 659 { SSH_TUNMODE_NO, "no" }, 660 { SSH_TUNMODE_POINTOPOINT, "point-to-point" }, 661 { SSH_TUNMODE_ETHERNET, "ethernet" }, 662 { SSH_TUNMODE_YES, "yes" }, 663 { -1, NULL } 664 }; 665 666 /* Returns an opcode name from its number */ 667 668 static const char * 669 lookup_opcode_name(ServerOpCodes code) 670 { 671 u_int i; 672 673 for (i = 0; keywords[i].name != NULL; i++) 674 if (keywords[i].opcode == code) 675 return(keywords[i].name); 676 return "UNKNOWN"; 677 } 678 679 680 /* 681 * Returns the number of the token pointed to by cp or sBadOption. 682 */ 683 684 static ServerOpCodes 685 parse_token(const char *cp, const char *filename, 686 int linenum, u_int *flags) 687 { 688 u_int i; 689 690 for (i = 0; keywords[i].name; i++) 691 if (strcasecmp(cp, keywords[i].name) == 0) { 692 *flags = keywords[i].flags; 693 return keywords[i].opcode; 694 } 695 696 error("%s: line %d: Bad configuration option: %s", 697 filename, linenum, cp); 698 return sBadOption; 699 } 700 701 char * 702 derelativise_path(const char *path) 703 { 704 char *expanded, *ret, cwd[PATH_MAX]; 705 706 if (strcasecmp(path, "none") == 0) 707 return xstrdup("none"); 708 expanded = tilde_expand_filename(path, getuid()); 709 if (path_absolute(expanded)) 710 return expanded; 711 if (getcwd(cwd, sizeof(cwd)) == NULL) 712 fatal_f("getcwd: %s", strerror(errno)); 713 xasprintf(&ret, "%s/%s", cwd, expanded); 714 free(expanded); 715 return ret; 716 } 717 718 static void 719 add_listen_addr(ServerOptions *options, const char *addr, 720 const char *rdomain, int port) 721 { 722 u_int i; 723 724 if (port > 0) 725 add_one_listen_addr(options, addr, rdomain, port); 726 else { 727 for (i = 0; i < options->num_ports; i++) { 728 add_one_listen_addr(options, addr, rdomain, 729 options->ports[i]); 730 } 731 } 732 } 733 734 static void 735 add_one_listen_addr(ServerOptions *options, const char *addr, 736 const char *rdomain, int port) 737 { 738 struct addrinfo hints, *ai, *aitop; 739 char strport[NI_MAXSERV]; 740 int gaierr; 741 u_int i; 742 743 /* Find listen_addrs entry for this rdomain */ 744 for (i = 0; i < options->num_listen_addrs; i++) { 745 if (rdomain == NULL && options->listen_addrs[i].rdomain == NULL) 746 break; 747 if (rdomain == NULL || options->listen_addrs[i].rdomain == NULL) 748 continue; 749 if (strcmp(rdomain, options->listen_addrs[i].rdomain) == 0) 750 break; 751 } 752 if (i >= options->num_listen_addrs) { 753 /* No entry for this rdomain; allocate one */ 754 if (i >= INT_MAX) 755 fatal_f("too many listen addresses"); 756 options->listen_addrs = xrecallocarray(options->listen_addrs, 757 options->num_listen_addrs, options->num_listen_addrs + 1, 758 sizeof(*options->listen_addrs)); 759 i = options->num_listen_addrs++; 760 if (rdomain != NULL) 761 options->listen_addrs[i].rdomain = xstrdup(rdomain); 762 } 763 /* options->listen_addrs[i] points to the addresses for this rdomain */ 764 765 memset(&hints, 0, sizeof(hints)); 766 hints.ai_family = options->address_family; 767 hints.ai_socktype = SOCK_STREAM; 768 hints.ai_flags = (addr == NULL) ? AI_PASSIVE : 0; 769 snprintf(strport, sizeof strport, "%d", port); 770 if ((gaierr = getaddrinfo(addr, strport, &hints, &aitop)) != 0) 771 fatal("bad addr or host: %s (%s)", 772 addr ? addr : "<NULL>", 773 ssh_gai_strerror(gaierr)); 774 for (ai = aitop; ai->ai_next; ai = ai->ai_next) 775 ; 776 ai->ai_next = options->listen_addrs[i].addrs; 777 options->listen_addrs[i].addrs = aitop; 778 } 779 780 /* Returns nonzero if the routing domain name is valid */ 781 static int 782 valid_rdomain(const char *name) 783 { 784 const char *errstr; 785 long long num; 786 struct rt_tableinfo info; 787 int mib[6]; 788 size_t miblen = sizeof(mib); 789 790 if (name == NULL) 791 return 1; 792 793 num = strtonum(name, 0, 255, &errstr); 794 if (errstr != NULL) 795 return 0; 796 797 /* Check whether the table actually exists */ 798 memset(mib, 0, sizeof(mib)); 799 mib[0] = CTL_NET; 800 mib[1] = PF_ROUTE; 801 mib[4] = NET_RT_TABLE; 802 mib[5] = (int)num; 803 if (sysctl(mib, 6, &info, &miblen, NULL, 0) == -1) 804 return 0; 805 806 return 1; 807 } 808 809 /* 810 * Queue a ListenAddress to be processed once we have all of the Ports 811 * and AddressFamily options. 812 */ 813 static void 814 queue_listen_addr(ServerOptions *options, const char *addr, 815 const char *rdomain, int port) 816 { 817 struct queued_listenaddr *qla; 818 819 options->queued_listen_addrs = xrecallocarray( 820 options->queued_listen_addrs, 821 options->num_queued_listens, options->num_queued_listens + 1, 822 sizeof(*options->queued_listen_addrs)); 823 qla = &options->queued_listen_addrs[options->num_queued_listens++]; 824 qla->addr = xstrdup(addr); 825 qla->port = port; 826 qla->rdomain = rdomain == NULL ? NULL : xstrdup(rdomain); 827 } 828 829 /* 830 * Process queued (text) ListenAddress entries. 831 */ 832 static void 833 process_queued_listen_addrs(ServerOptions *options) 834 { 835 u_int i; 836 struct queued_listenaddr *qla; 837 838 if (options->num_ports == 0) 839 options->ports[options->num_ports++] = SSH_DEFAULT_PORT; 840 if (options->address_family == -1) 841 options->address_family = AF_UNSPEC; 842 843 for (i = 0; i < options->num_queued_listens; i++) { 844 qla = &options->queued_listen_addrs[i]; 845 add_listen_addr(options, qla->addr, qla->rdomain, qla->port); 846 free(qla->addr); 847 free(qla->rdomain); 848 } 849 free(options->queued_listen_addrs); 850 options->queued_listen_addrs = NULL; 851 options->num_queued_listens = 0; 852 } 853 854 /* 855 * Inform channels layer of permitopen options for a single forwarding 856 * direction (local/remote). 857 */ 858 static void 859 process_permitopen_list(struct ssh *ssh, ServerOpCodes opcode, 860 char **opens, u_int num_opens) 861 { 862 u_int i; 863 int port; 864 char *host, *arg, *oarg; 865 int where = opcode == sPermitOpen ? FORWARD_LOCAL : FORWARD_REMOTE; 866 const char *what = lookup_opcode_name(opcode); 867 868 channel_clear_permission(ssh, FORWARD_ADM, where); 869 if (num_opens == 0) 870 return; /* permit any */ 871 872 /* handle keywords: "any" / "none" */ 873 if (num_opens == 1 && strcmp(opens[0], "any") == 0) 874 return; 875 if (num_opens == 1 && strcmp(opens[0], "none") == 0) { 876 channel_disable_admin(ssh, where); 877 return; 878 } 879 /* Otherwise treat it as a list of permitted host:port */ 880 for (i = 0; i < num_opens; i++) { 881 oarg = arg = xstrdup(opens[i]); 882 host = hpdelim(&arg); 883 if (host == NULL) 884 fatal_f("missing host in %s", what); 885 host = cleanhostname(host); 886 if (arg == NULL || ((port = permitopen_port(arg)) < 0)) 887 fatal_f("bad port number in %s", what); 888 /* Send it to channels layer */ 889 channel_add_permission(ssh, FORWARD_ADM, 890 where, host, port); 891 free(oarg); 892 } 893 } 894 895 /* 896 * Inform channels layer of permitopen options from configuration. 897 */ 898 void 899 process_permitopen(struct ssh *ssh, ServerOptions *options) 900 { 901 process_permitopen_list(ssh, sPermitOpen, 902 options->permitted_opens, options->num_permitted_opens); 903 process_permitopen_list(ssh, sPermitListen, 904 options->permitted_listens, 905 options->num_permitted_listens); 906 } 907 908 void 909 process_channel_timeouts(struct ssh *ssh, ServerOptions *options) 910 { 911 int secs; 912 u_int i; 913 char *type; 914 915 debug3_f("setting %u timeouts", options->num_channel_timeouts); 916 channel_clear_timeouts(ssh); 917 for (i = 0; i < options->num_channel_timeouts; i++) { 918 if (parse_pattern_interval(options->channel_timeouts[i], 919 &type, &secs) != 0) { 920 fatal_f("internal error: bad timeout %s", 921 options->channel_timeouts[i]); 922 } 923 channel_add_timeout(ssh, type, secs); 924 free(type); 925 } 926 } 927 928 struct connection_info * 929 get_connection_info(struct ssh *ssh, int populate, int use_dns) 930 { 931 static struct connection_info ci; 932 933 if (ssh == NULL || !populate) 934 return &ci; 935 ci.host = auth_get_canonical_hostname(ssh, use_dns); 936 ci.address = ssh_remote_ipaddr(ssh); 937 ci.laddress = ssh_local_ipaddr(ssh); 938 ci.lport = ssh_local_port(ssh); 939 ci.rdomain = ssh_packet_rdomain_in(ssh); 940 return &ci; 941 } 942 943 /* 944 * The strategy for the Match blocks is that the config file is parsed twice. 945 * 946 * The first time is at startup. activep is initialized to 1 and the 947 * directives in the global context are processed and acted on. Hitting a 948 * Match directive unsets activep and the directives inside the block are 949 * checked for syntax only. 950 * 951 * The second time is after a connection has been established but before 952 * authentication. activep is initialized to 2 and global config directives 953 * are ignored since they have already been processed. If the criteria in a 954 * Match block is met, activep is set and the subsequent directives 955 * processed and actioned until EOF or another Match block unsets it. Any 956 * options set are copied into the main server config. 957 * 958 * Potential additions/improvements: 959 * - Add Match support for pre-kex directives, eg. Ciphers. 960 * 961 * - Add a Tag directive (idea from David Leonard) ala pf, eg: 962 * Match Address 192.168.0.* 963 * Tag trusted 964 * Match Group wheel 965 * Tag trusted 966 * Match Tag trusted 967 * AllowTcpForwarding yes 968 * GatewayPorts clientspecified 969 * [...] 970 * 971 * - Add a PermittedChannelRequests directive 972 * Match Group shell 973 * PermittedChannelRequests session,forwarded-tcpip 974 */ 975 976 static int 977 match_cfg_line_group(const char *grps, int line, const char *user) 978 { 979 int result = 0; 980 struct passwd *pw; 981 982 if (user == NULL) 983 goto out; 984 985 if ((pw = getpwnam(user)) == NULL) { 986 debug("Can't match group at line %d because user %.100s does " 987 "not exist", line, user); 988 } else if (ga_init(pw->pw_name, pw->pw_gid) == 0) { 989 debug("Can't Match group because user %.100s not in any group " 990 "at line %d", user, line); 991 } else if (ga_match_pattern_list(grps) != 1) { 992 debug("user %.100s does not match group list %.100s at line %d", 993 user, grps, line); 994 } else { 995 debug("user %.100s matched group list %.100s at line %d", user, 996 grps, line); 997 result = 1; 998 } 999 out: 1000 ga_free(); 1001 return result; 1002 } 1003 1004 static void 1005 match_test_missing_fatal(const char *criteria, const char *attrib) 1006 { 1007 fatal("'Match %s' in configuration but '%s' not in connection " 1008 "test specification.", criteria, attrib); 1009 } 1010 1011 /* 1012 * All of the attributes on a single Match line are ANDed together, so we need 1013 * to check every attribute and set the result to zero if any attribute does 1014 * not match. 1015 */ 1016 static int 1017 match_cfg_line(char **condition, int line, struct connection_info *ci) 1018 { 1019 int result = 1, attributes = 0, port; 1020 char *arg, *attrib, *cp = *condition; 1021 1022 if (ci == NULL) 1023 debug3("checking syntax for 'Match %s'", cp); 1024 else 1025 debug3("checking match for '%s' user %s host %s addr %s " 1026 "laddr %s lport %d", cp, ci->user ? ci->user : "(null)", 1027 ci->host ? ci->host : "(null)", 1028 ci->address ? ci->address : "(null)", 1029 ci->laddress ? ci->laddress : "(null)", ci->lport); 1030 1031 while ((attrib = strdelim(&cp)) && *attrib != '\0') { 1032 /* Terminate on comment */ 1033 if (*attrib == '#') { 1034 cp = NULL; /* mark all arguments consumed */ 1035 break; 1036 } 1037 arg = NULL; 1038 attributes++; 1039 /* Criterion "all" has no argument and must appear alone */ 1040 if (strcasecmp(attrib, "all") == 0) { 1041 if (attributes > 1 || ((arg = strdelim(&cp)) != NULL && 1042 *arg != '\0' && *arg != '#')) { 1043 error("'all' cannot be combined with other " 1044 "Match attributes"); 1045 return -1; 1046 } 1047 if (arg != NULL && *arg == '#') 1048 cp = NULL; /* mark all arguments consumed */ 1049 *condition = cp; 1050 return 1; 1051 } 1052 /* All other criteria require an argument */ 1053 if ((arg = strdelim(&cp)) == NULL || 1054 *arg == '\0' || *arg == '#') { 1055 error("Missing Match criteria for %s", attrib); 1056 return -1; 1057 } 1058 if (strcasecmp(attrib, "user") == 0) { 1059 if (ci == NULL || (ci->test && ci->user == NULL)) { 1060 result = 0; 1061 continue; 1062 } 1063 if (ci->user == NULL) 1064 match_test_missing_fatal("User", "user"); 1065 if (match_usergroup_pattern_list(ci->user, arg) != 1) 1066 result = 0; 1067 else 1068 debug("user %.100s matched 'User %.100s' at " 1069 "line %d", ci->user, arg, line); 1070 } else if (strcasecmp(attrib, "group") == 0) { 1071 if (ci == NULL || (ci->test && ci->user == NULL)) { 1072 result = 0; 1073 continue; 1074 } 1075 if (ci->user == NULL) 1076 match_test_missing_fatal("Group", "user"); 1077 switch (match_cfg_line_group(arg, line, ci->user)) { 1078 case -1: 1079 return -1; 1080 case 0: 1081 result = 0; 1082 } 1083 } else if (strcasecmp(attrib, "host") == 0) { 1084 if (ci == NULL || (ci->test && ci->host == NULL)) { 1085 result = 0; 1086 continue; 1087 } 1088 if (ci->host == NULL) 1089 match_test_missing_fatal("Host", "host"); 1090 if (match_hostname(ci->host, arg) != 1) 1091 result = 0; 1092 else 1093 debug("connection from %.100s matched 'Host " 1094 "%.100s' at line %d", ci->host, arg, line); 1095 } else if (strcasecmp(attrib, "address") == 0) { 1096 if (ci == NULL || (ci->test && ci->address == NULL)) { 1097 if (addr_match_list(NULL, arg) != 0) 1098 fatal("Invalid Match address argument " 1099 "'%s' at line %d", arg, line); 1100 result = 0; 1101 continue; 1102 } 1103 if (ci->address == NULL) 1104 match_test_missing_fatal("Address", "addr"); 1105 switch (addr_match_list(ci->address, arg)) { 1106 case 1: 1107 debug("connection from %.100s matched 'Address " 1108 "%.100s' at line %d", ci->address, arg, line); 1109 break; 1110 case 0: 1111 case -1: 1112 result = 0; 1113 break; 1114 case -2: 1115 return -1; 1116 } 1117 } else if (strcasecmp(attrib, "localaddress") == 0){ 1118 if (ci == NULL || (ci->test && ci->laddress == NULL)) { 1119 if (addr_match_list(NULL, arg) != 0) 1120 fatal("Invalid Match localaddress " 1121 "argument '%s' at line %d", arg, 1122 line); 1123 result = 0; 1124 continue; 1125 } 1126 if (ci->laddress == NULL) 1127 match_test_missing_fatal("LocalAddress", 1128 "laddr"); 1129 switch (addr_match_list(ci->laddress, arg)) { 1130 case 1: 1131 debug("connection from %.100s matched " 1132 "'LocalAddress %.100s' at line %d", 1133 ci->laddress, arg, line); 1134 break; 1135 case 0: 1136 case -1: 1137 result = 0; 1138 break; 1139 case -2: 1140 return -1; 1141 } 1142 } else if (strcasecmp(attrib, "localport") == 0) { 1143 if ((port = a2port(arg)) == -1) { 1144 error("Invalid LocalPort '%s' on Match line", 1145 arg); 1146 return -1; 1147 } 1148 if (ci == NULL || (ci->test && ci->lport == -1)) { 1149 result = 0; 1150 continue; 1151 } 1152 if (ci->lport == 0) 1153 match_test_missing_fatal("LocalPort", "lport"); 1154 /* TODO support port lists */ 1155 if (port == ci->lport) 1156 debug("connection from %.100s matched " 1157 "'LocalPort %d' at line %d", 1158 ci->laddress, port, line); 1159 else 1160 result = 0; 1161 } else if (strcasecmp(attrib, "rdomain") == 0) { 1162 if (ci == NULL || (ci->test && ci->rdomain == NULL)) { 1163 result = 0; 1164 continue; 1165 } 1166 if (ci->rdomain == NULL) 1167 match_test_missing_fatal("RDomain", "rdomain"); 1168 if (match_pattern_list(ci->rdomain, arg, 0) != 1) 1169 result = 0; 1170 else 1171 debug("user %.100s matched 'RDomain %.100s' at " 1172 "line %d", ci->rdomain, arg, line); 1173 } else { 1174 error("Unsupported Match attribute %s", attrib); 1175 return -1; 1176 } 1177 } 1178 if (attributes == 0) { 1179 error("One or more attributes required for Match"); 1180 return -1; 1181 } 1182 if (ci != NULL) 1183 debug3("match %sfound", result ? "" : "not "); 1184 *condition = cp; 1185 return result; 1186 } 1187 1188 #define WHITESPACE " \t\r\n" 1189 1190 /* Multistate option parsing */ 1191 struct multistate { 1192 char *key; 1193 int value; 1194 }; 1195 static const struct multistate multistate_flag[] = { 1196 { "yes", 1 }, 1197 { "no", 0 }, 1198 { NULL, -1 } 1199 }; 1200 static const struct multistate multistate_ignore_rhosts[] = { 1201 { "yes", IGNORE_RHOSTS_YES }, 1202 { "no", IGNORE_RHOSTS_NO }, 1203 { "shosts-only", IGNORE_RHOSTS_SHOSTS }, 1204 { NULL, -1 } 1205 }; 1206 static const struct multistate multistate_addressfamily[] = { 1207 { "inet", AF_INET }, 1208 { "inet6", AF_INET6 }, 1209 { "any", AF_UNSPEC }, 1210 { NULL, -1 } 1211 }; 1212 static const struct multistate multistate_permitrootlogin[] = { 1213 { "without-password", PERMIT_NO_PASSWD }, 1214 { "prohibit-password", PERMIT_NO_PASSWD }, 1215 { "forced-commands-only", PERMIT_FORCED_ONLY }, 1216 { "yes", PERMIT_YES }, 1217 { "no", PERMIT_NO }, 1218 { NULL, -1 } 1219 }; 1220 static const struct multistate multistate_compression[] = { 1221 #ifdef WITH_ZLIB 1222 { "yes", COMP_DELAYED }, 1223 { "delayed", COMP_DELAYED }, 1224 #endif 1225 { "no", COMP_NONE }, 1226 { NULL, -1 } 1227 }; 1228 static const struct multistate multistate_gatewayports[] = { 1229 { "clientspecified", 2 }, 1230 { "yes", 1 }, 1231 { "no", 0 }, 1232 { NULL, -1 } 1233 }; 1234 static const struct multistate multistate_tcpfwd[] = { 1235 { "yes", FORWARD_ALLOW }, 1236 { "all", FORWARD_ALLOW }, 1237 { "no", FORWARD_DENY }, 1238 { "remote", FORWARD_REMOTE }, 1239 { "local", FORWARD_LOCAL }, 1240 { NULL, -1 } 1241 }; 1242 1243 static int 1244 process_server_config_line_depth(ServerOptions *options, char *line, 1245 const char *filename, int linenum, int *activep, 1246 struct connection_info *connectinfo, int *inc_flags, int depth, 1247 struct include_list *includes) 1248 { 1249 char *str, ***chararrayptr, **charptr, *arg, *arg2, *p, *keyword; 1250 int cmdline = 0, *intptr, value, value2, n, port, oactive, r, found; 1251 int ca_only = 0; 1252 SyslogFacility *log_facility_ptr; 1253 LogLevel *log_level_ptr; 1254 ServerOpCodes opcode; 1255 u_int i, *uintptr, uvalue, flags = 0; 1256 size_t len; 1257 long long val64; 1258 const struct multistate *multistate_ptr; 1259 const char *errstr; 1260 struct include_item *item; 1261 glob_t gbuf; 1262 char **oav = NULL, **av; 1263 int oac = 0, ac; 1264 int ret = -1; 1265 1266 /* Strip trailing whitespace. Allow \f (form feed) at EOL only */ 1267 if ((len = strlen(line)) == 0) 1268 return 0; 1269 for (len--; len > 0; len--) { 1270 if (strchr(WHITESPACE "\f", line[len]) == NULL) 1271 break; 1272 line[len] = '\0'; 1273 } 1274 1275 str = line; 1276 if ((keyword = strdelim(&str)) == NULL) 1277 return 0; 1278 /* Ignore leading whitespace */ 1279 if (*keyword == '\0') 1280 keyword = strdelim(&str); 1281 if (!keyword || !*keyword || *keyword == '#') 1282 return 0; 1283 if (str == NULL || *str == '\0') { 1284 error("%s line %d: no argument after keyword \"%s\"", 1285 filename, linenum, keyword); 1286 return -1; 1287 } 1288 intptr = NULL; 1289 charptr = NULL; 1290 opcode = parse_token(keyword, filename, linenum, &flags); 1291 1292 if (argv_split(str, &oac, &oav, 1) != 0) { 1293 error("%s line %d: invalid quotes", filename, linenum); 1294 return -1; 1295 } 1296 ac = oac; 1297 av = oav; 1298 1299 if (activep == NULL) { /* We are processing a command line directive */ 1300 cmdline = 1; 1301 activep = &cmdline; 1302 } 1303 if (*activep && opcode != sMatch && opcode != sInclude) 1304 debug3("%s:%d setting %s %s", filename, linenum, keyword, str); 1305 if (*activep == 0 && !(flags & SSHCFG_MATCH)) { 1306 if (connectinfo == NULL) { 1307 fatal("%s line %d: Directive '%s' is not allowed " 1308 "within a Match block", filename, linenum, keyword); 1309 } else { /* this is a directive we have already processed */ 1310 ret = 0; 1311 goto out; 1312 } 1313 } 1314 1315 switch (opcode) { 1316 case sBadOption: 1317 goto out; 1318 case sPort: 1319 /* ignore ports from configfile if cmdline specifies ports */ 1320 if (options->ports_from_cmdline) { 1321 argv_consume(&ac); 1322 break; 1323 } 1324 if (options->num_ports >= MAX_PORTS) 1325 fatal("%s line %d: too many ports.", 1326 filename, linenum); 1327 arg = argv_next(&ac, &av); 1328 if (!arg || *arg == '\0') 1329 fatal("%s line %d: missing port number.", 1330 filename, linenum); 1331 options->ports[options->num_ports++] = a2port(arg); 1332 if (options->ports[options->num_ports-1] <= 0) 1333 fatal("%s line %d: Badly formatted port number.", 1334 filename, linenum); 1335 break; 1336 1337 case sLoginGraceTime: 1338 intptr = &options->login_grace_time; 1339 parse_time: 1340 arg = argv_next(&ac, &av); 1341 if (!arg || *arg == '\0') 1342 fatal("%s line %d: missing time value.", 1343 filename, linenum); 1344 if ((value = convtime(arg)) == -1) 1345 fatal("%s line %d: invalid time value.", 1346 filename, linenum); 1347 if (*activep && *intptr == -1) 1348 *intptr = value; 1349 break; 1350 1351 case sListenAddress: 1352 arg = argv_next(&ac, &av); 1353 if (arg == NULL || *arg == '\0') 1354 fatal("%s line %d: missing address", 1355 filename, linenum); 1356 /* check for bare IPv6 address: no "[]" and 2 or more ":" */ 1357 if (strchr(arg, '[') == NULL && (p = strchr(arg, ':')) != NULL 1358 && strchr(p+1, ':') != NULL) { 1359 port = 0; 1360 p = arg; 1361 } else { 1362 arg2 = NULL; 1363 p = hpdelim(&arg); 1364 if (p == NULL) 1365 fatal("%s line %d: bad address:port usage", 1366 filename, linenum); 1367 p = cleanhostname(p); 1368 if (arg == NULL) 1369 port = 0; 1370 else if ((port = a2port(arg)) <= 0) 1371 fatal("%s line %d: bad port number", 1372 filename, linenum); 1373 } 1374 /* Optional routing table */ 1375 arg2 = NULL; 1376 if ((arg = argv_next(&ac, &av)) != NULL) { 1377 if (strcmp(arg, "rdomain") != 0 || 1378 (arg2 = argv_next(&ac, &av)) == NULL) 1379 fatal("%s line %d: bad ListenAddress syntax", 1380 filename, linenum); 1381 if (!valid_rdomain(arg2)) 1382 fatal("%s line %d: bad routing domain", 1383 filename, linenum); 1384 } 1385 queue_listen_addr(options, p, arg2, port); 1386 1387 break; 1388 1389 case sAddressFamily: 1390 intptr = &options->address_family; 1391 multistate_ptr = multistate_addressfamily; 1392 parse_multistate: 1393 arg = argv_next(&ac, &av); 1394 if (!arg || *arg == '\0') 1395 fatal("%s line %d: missing argument.", 1396 filename, linenum); 1397 value = -1; 1398 for (i = 0; multistate_ptr[i].key != NULL; i++) { 1399 if (strcasecmp(arg, multistate_ptr[i].key) == 0) { 1400 value = multistate_ptr[i].value; 1401 break; 1402 } 1403 } 1404 if (value == -1) 1405 fatal("%s line %d: unsupported option \"%s\".", 1406 filename, linenum, arg); 1407 if (*activep && *intptr == -1) 1408 *intptr = value; 1409 break; 1410 1411 case sHostKeyFile: 1412 arg = argv_next(&ac, &av); 1413 if (!arg || *arg == '\0') 1414 fatal("%s line %d: missing file name.", 1415 filename, linenum); 1416 if (*activep) { 1417 servconf_add_hostkey(filename, linenum, 1418 options, arg, 1); 1419 } 1420 break; 1421 1422 case sHostKeyAgent: 1423 charptr = &options->host_key_agent; 1424 arg = argv_next(&ac, &av); 1425 if (!arg || *arg == '\0') 1426 fatal("%s line %d: missing socket name.", 1427 filename, linenum); 1428 if (*activep && *charptr == NULL) 1429 *charptr = !strcmp(arg, SSH_AUTHSOCKET_ENV_NAME) ? 1430 xstrdup(arg) : derelativise_path(arg); 1431 break; 1432 1433 case sHostCertificate: 1434 arg = argv_next(&ac, &av); 1435 if (!arg || *arg == '\0') 1436 fatal("%s line %d: missing file name.", 1437 filename, linenum); 1438 if (*activep) 1439 servconf_add_hostcert(filename, linenum, options, arg); 1440 break; 1441 1442 case sPidFile: 1443 charptr = &options->pid_file; 1444 parse_filename: 1445 arg = argv_next(&ac, &av); 1446 if (!arg || *arg == '\0') 1447 fatal("%s line %d: missing file name.", 1448 filename, linenum); 1449 if (*activep && *charptr == NULL) { 1450 *charptr = derelativise_path(arg); 1451 /* increase optional counter */ 1452 if (intptr != NULL) 1453 *intptr = *intptr + 1; 1454 } 1455 break; 1456 1457 case sModuliFile: 1458 charptr = &options->moduli_file; 1459 goto parse_filename; 1460 1461 case sPermitRootLogin: 1462 intptr = &options->permit_root_login; 1463 multistate_ptr = multistate_permitrootlogin; 1464 goto parse_multistate; 1465 1466 case sIgnoreRhosts: 1467 intptr = &options->ignore_rhosts; 1468 multistate_ptr = multistate_ignore_rhosts; 1469 goto parse_multistate; 1470 1471 case sIgnoreUserKnownHosts: 1472 intptr = &options->ignore_user_known_hosts; 1473 parse_flag: 1474 multistate_ptr = multistate_flag; 1475 goto parse_multistate; 1476 1477 case sHostbasedAuthentication: 1478 intptr = &options->hostbased_authentication; 1479 goto parse_flag; 1480 1481 case sHostbasedUsesNameFromPacketOnly: 1482 intptr = &options->hostbased_uses_name_from_packet_only; 1483 goto parse_flag; 1484 1485 case sHostbasedAcceptedAlgorithms: 1486 charptr = &options->hostbased_accepted_algos; 1487 ca_only = 0; 1488 parse_pubkey_algos: 1489 arg = argv_next(&ac, &av); 1490 if (!arg || *arg == '\0') 1491 fatal("%s line %d: Missing argument.", 1492 filename, linenum); 1493 if (*arg != '-' && 1494 !sshkey_names_valid2(*arg == '+' || *arg == '^' ? 1495 arg + 1 : arg, 1, ca_only)) 1496 fatal("%s line %d: Bad key types '%s'.", 1497 filename, linenum, arg ? arg : "<NONE>"); 1498 if (*activep && *charptr == NULL) 1499 *charptr = xstrdup(arg); 1500 break; 1501 1502 case sHostKeyAlgorithms: 1503 charptr = &options->hostkeyalgorithms; 1504 ca_only = 0; 1505 goto parse_pubkey_algos; 1506 1507 case sCASignatureAlgorithms: 1508 charptr = &options->ca_sign_algorithms; 1509 ca_only = 1; 1510 goto parse_pubkey_algos; 1511 1512 case sPubkeyAuthentication: 1513 intptr = &options->pubkey_authentication; 1514 ca_only = 0; 1515 goto parse_flag; 1516 1517 case sPubkeyAcceptedAlgorithms: 1518 charptr = &options->pubkey_accepted_algos; 1519 ca_only = 0; 1520 goto parse_pubkey_algos; 1521 1522 case sPubkeyAuthOptions: 1523 intptr = &options->pubkey_auth_options; 1524 value = 0; 1525 while ((arg = argv_next(&ac, &av)) != NULL) { 1526 if (strcasecmp(arg, "none") == 0) 1527 continue; 1528 if (strcasecmp(arg, "touch-required") == 0) 1529 value |= PUBKEYAUTH_TOUCH_REQUIRED; 1530 else if (strcasecmp(arg, "verify-required") == 0) 1531 value |= PUBKEYAUTH_VERIFY_REQUIRED; 1532 else { 1533 error("%s line %d: unsupported %s option %s", 1534 filename, linenum, keyword, arg); 1535 goto out; 1536 } 1537 } 1538 if (*activep && *intptr == -1) 1539 *intptr = value; 1540 break; 1541 1542 case sKerberosAuthentication: 1543 intptr = &options->kerberos_authentication; 1544 goto parse_flag; 1545 1546 case sKerberosOrLocalPasswd: 1547 intptr = &options->kerberos_or_local_passwd; 1548 goto parse_flag; 1549 1550 case sKerberosTicketCleanup: 1551 intptr = &options->kerberos_ticket_cleanup; 1552 goto parse_flag; 1553 1554 case sKerberosGetAFSToken: 1555 intptr = &options->kerberos_get_afs_token; 1556 goto parse_flag; 1557 1558 case sGssAuthentication: 1559 intptr = &options->gss_authentication; 1560 goto parse_flag; 1561 1562 case sGssCleanupCreds: 1563 intptr = &options->gss_cleanup_creds; 1564 goto parse_flag; 1565 1566 case sGssStrictAcceptor: 1567 intptr = &options->gss_strict_acceptor; 1568 goto parse_flag; 1569 1570 case sPasswordAuthentication: 1571 intptr = &options->password_authentication; 1572 goto parse_flag; 1573 1574 case sKbdInteractiveAuthentication: 1575 intptr = &options->kbd_interactive_authentication; 1576 goto parse_flag; 1577 1578 case sPrintMotd: 1579 intptr = &options->print_motd; 1580 goto parse_flag; 1581 1582 case sPrintLastLog: 1583 intptr = &options->print_lastlog; 1584 goto parse_flag; 1585 1586 case sX11Forwarding: 1587 intptr = &options->x11_forwarding; 1588 goto parse_flag; 1589 1590 case sX11DisplayOffset: 1591 intptr = &options->x11_display_offset; 1592 parse_int: 1593 arg = argv_next(&ac, &av); 1594 if ((errstr = atoi_err(arg, &value)) != NULL) 1595 fatal("%s line %d: %s integer value %s.", 1596 filename, linenum, keyword, errstr); 1597 if (*activep && *intptr == -1) 1598 *intptr = value; 1599 break; 1600 1601 case sX11UseLocalhost: 1602 intptr = &options->x11_use_localhost; 1603 goto parse_flag; 1604 1605 case sXAuthLocation: 1606 charptr = &options->xauth_location; 1607 goto parse_filename; 1608 1609 case sPermitTTY: 1610 intptr = &options->permit_tty; 1611 goto parse_flag; 1612 1613 case sPermitUserRC: 1614 intptr = &options->permit_user_rc; 1615 goto parse_flag; 1616 1617 case sStrictModes: 1618 intptr = &options->strict_modes; 1619 goto parse_flag; 1620 1621 case sTCPKeepAlive: 1622 intptr = &options->tcp_keep_alive; 1623 goto parse_flag; 1624 1625 case sEmptyPasswd: 1626 intptr = &options->permit_empty_passwd; 1627 goto parse_flag; 1628 1629 case sPermitUserEnvironment: 1630 intptr = &options->permit_user_env; 1631 charptr = &options->permit_user_env_allowlist; 1632 arg = argv_next(&ac, &av); 1633 if (!arg || *arg == '\0') 1634 fatal("%s line %d: %s missing argument.", 1635 filename, linenum, keyword); 1636 value = 0; 1637 p = NULL; 1638 if (strcmp(arg, "yes") == 0) 1639 value = 1; 1640 else if (strcmp(arg, "no") == 0) 1641 value = 0; 1642 else { 1643 /* Pattern-list specified */ 1644 value = 1; 1645 p = xstrdup(arg); 1646 } 1647 if (*activep && *intptr == -1) { 1648 *intptr = value; 1649 *charptr = p; 1650 p = NULL; 1651 } 1652 free(p); 1653 break; 1654 1655 case sCompression: 1656 intptr = &options->compression; 1657 multistate_ptr = multistate_compression; 1658 goto parse_multistate; 1659 1660 case sRekeyLimit: 1661 arg = argv_next(&ac, &av); 1662 if (!arg || *arg == '\0') 1663 fatal("%s line %d: %s missing argument.", 1664 filename, linenum, keyword); 1665 if (strcmp(arg, "default") == 0) { 1666 val64 = 0; 1667 } else { 1668 if (scan_scaled(arg, &val64) == -1) 1669 fatal("%.200s line %d: Bad %s number '%s': %s", 1670 filename, linenum, keyword, 1671 arg, strerror(errno)); 1672 if (val64 != 0 && val64 < 16) 1673 fatal("%.200s line %d: %s too small", 1674 filename, linenum, keyword); 1675 } 1676 if (*activep && options->rekey_limit == -1) 1677 options->rekey_limit = val64; 1678 if (ac != 0) { /* optional rekey interval present */ 1679 if (strcmp(av[0], "none") == 0) { 1680 (void)argv_next(&ac, &av); /* discard */ 1681 break; 1682 } 1683 intptr = &options->rekey_interval; 1684 goto parse_time; 1685 } 1686 break; 1687 1688 case sGatewayPorts: 1689 intptr = &options->fwd_opts.gateway_ports; 1690 multistate_ptr = multistate_gatewayports; 1691 goto parse_multistate; 1692 1693 case sUseDNS: 1694 intptr = &options->use_dns; 1695 goto parse_flag; 1696 1697 case sLogFacility: 1698 log_facility_ptr = &options->log_facility; 1699 arg = argv_next(&ac, &av); 1700 value = log_facility_number(arg); 1701 if (value == SYSLOG_FACILITY_NOT_SET) 1702 fatal("%.200s line %d: unsupported log facility '%s'", 1703 filename, linenum, arg ? arg : "<NONE>"); 1704 if (*log_facility_ptr == -1) 1705 *log_facility_ptr = (SyslogFacility) value; 1706 break; 1707 1708 case sLogLevel: 1709 log_level_ptr = &options->log_level; 1710 arg = argv_next(&ac, &av); 1711 value = log_level_number(arg); 1712 if (value == SYSLOG_LEVEL_NOT_SET) 1713 fatal("%.200s line %d: unsupported log level '%s'", 1714 filename, linenum, arg ? arg : "<NONE>"); 1715 if (*activep && *log_level_ptr == -1) 1716 *log_level_ptr = (LogLevel) value; 1717 break; 1718 1719 case sLogVerbose: 1720 found = options->num_log_verbose == 0; 1721 i = 0; 1722 while ((arg = argv_next(&ac, &av)) != NULL) { 1723 if (*arg == '\0') { 1724 error("%s line %d: keyword %s empty argument", 1725 filename, linenum, keyword); 1726 goto out; 1727 } 1728 /* Allow "none" only in first position */ 1729 if (strcasecmp(arg, "none") == 0) { 1730 if (i > 0 || ac > 0) { 1731 error("%s line %d: keyword %s \"none\" " 1732 "argument must appear alone.", 1733 filename, linenum, keyword); 1734 goto out; 1735 } 1736 } 1737 i++; 1738 if (!found || !*activep) 1739 continue; 1740 opt_array_append(filename, linenum, keyword, 1741 &options->log_verbose, &options->num_log_verbose, 1742 arg); 1743 } 1744 break; 1745 1746 case sAllowTcpForwarding: 1747 intptr = &options->allow_tcp_forwarding; 1748 multistate_ptr = multistate_tcpfwd; 1749 goto parse_multistate; 1750 1751 case sAllowStreamLocalForwarding: 1752 intptr = &options->allow_streamlocal_forwarding; 1753 multistate_ptr = multistate_tcpfwd; 1754 goto parse_multistate; 1755 1756 case sAllowAgentForwarding: 1757 intptr = &options->allow_agent_forwarding; 1758 goto parse_flag; 1759 1760 case sDisableForwarding: 1761 intptr = &options->disable_forwarding; 1762 goto parse_flag; 1763 1764 case sAllowUsers: 1765 chararrayptr = &options->allow_users; 1766 uintptr = &options->num_allow_users; 1767 parse_allowdenyusers: 1768 while ((arg = argv_next(&ac, &av)) != NULL) { 1769 if (*arg == '\0' || 1770 match_user(NULL, NULL, NULL, arg) == -1) 1771 fatal("%s line %d: invalid %s pattern: \"%s\"", 1772 filename, linenum, keyword, arg); 1773 if (!*activep) 1774 continue; 1775 opt_array_append(filename, linenum, keyword, 1776 chararrayptr, uintptr, arg); 1777 } 1778 break; 1779 1780 case sDenyUsers: 1781 chararrayptr = &options->deny_users; 1782 uintptr = &options->num_deny_users; 1783 goto parse_allowdenyusers; 1784 1785 case sAllowGroups: 1786 chararrayptr = &options->allow_groups; 1787 uintptr = &options->num_allow_groups; 1788 parse_allowdenygroups: 1789 while ((arg = argv_next(&ac, &av)) != NULL) { 1790 if (*arg == '\0') 1791 fatal("%s line %d: empty %s pattern", 1792 filename, linenum, keyword); 1793 if (!*activep) 1794 continue; 1795 opt_array_append(filename, linenum, keyword, 1796 chararrayptr, uintptr, arg); 1797 } 1798 break; 1799 1800 case sDenyGroups: 1801 chararrayptr = &options->deny_groups; 1802 uintptr = &options->num_deny_groups; 1803 goto parse_allowdenygroups; 1804 1805 case sCiphers: 1806 arg = argv_next(&ac, &av); 1807 if (!arg || *arg == '\0') 1808 fatal("%s line %d: %s missing argument.", 1809 filename, linenum, keyword); 1810 if (*arg != '-' && 1811 !ciphers_valid(*arg == '+' || *arg == '^' ? arg + 1 : arg)) 1812 fatal("%s line %d: Bad SSH2 cipher spec '%s'.", 1813 filename, linenum, arg ? arg : "<NONE>"); 1814 if (options->ciphers == NULL) 1815 options->ciphers = xstrdup(arg); 1816 break; 1817 1818 case sMacs: 1819 arg = argv_next(&ac, &av); 1820 if (!arg || *arg == '\0') 1821 fatal("%s line %d: %s missing argument.", 1822 filename, linenum, keyword); 1823 if (*arg != '-' && 1824 !mac_valid(*arg == '+' || *arg == '^' ? arg + 1 : arg)) 1825 fatal("%s line %d: Bad SSH2 mac spec '%s'.", 1826 filename, linenum, arg ? arg : "<NONE>"); 1827 if (options->macs == NULL) 1828 options->macs = xstrdup(arg); 1829 break; 1830 1831 case sKexAlgorithms: 1832 arg = argv_next(&ac, &av); 1833 if (!arg || *arg == '\0') 1834 fatal("%s line %d: %s missing argument.", 1835 filename, linenum, keyword); 1836 if (*arg != '-' && 1837 !kex_names_valid(*arg == '+' || *arg == '^' ? 1838 arg + 1 : arg)) 1839 fatal("%s line %d: Bad SSH2 KexAlgorithms '%s'.", 1840 filename, linenum, arg ? arg : "<NONE>"); 1841 if (options->kex_algorithms == NULL) 1842 options->kex_algorithms = xstrdup(arg); 1843 break; 1844 1845 case sSubsystem: 1846 arg = argv_next(&ac, &av); 1847 if (!arg || *arg == '\0') 1848 fatal("%s line %d: %s missing argument.", 1849 filename, linenum, keyword); 1850 if (!*activep) { 1851 argv_consume(&ac); 1852 break; 1853 } 1854 found = 0; 1855 for (i = 0; i < options->num_subsystems; i++) { 1856 if (strcmp(arg, options->subsystem_name[i]) == 0) { 1857 found = 1; 1858 break; 1859 } 1860 } 1861 if (found) { 1862 debug("%s line %d: Subsystem '%s' already defined.", 1863 filename, linenum, arg); 1864 argv_consume(&ac); 1865 break; 1866 } 1867 options->subsystem_name = xrecallocarray( 1868 options->subsystem_name, options->num_subsystems, 1869 options->num_subsystems + 1, 1870 sizeof(*options->subsystem_name)); 1871 options->subsystem_command = xrecallocarray( 1872 options->subsystem_command, options->num_subsystems, 1873 options->num_subsystems + 1, 1874 sizeof(*options->subsystem_command)); 1875 options->subsystem_args = xrecallocarray( 1876 options->subsystem_args, options->num_subsystems, 1877 options->num_subsystems + 1, 1878 sizeof(*options->subsystem_args)); 1879 options->subsystem_name[options->num_subsystems] = xstrdup(arg); 1880 arg = argv_next(&ac, &av); 1881 if (!arg || *arg == '\0') { 1882 fatal("%s line %d: Missing subsystem command.", 1883 filename, linenum); 1884 } 1885 options->subsystem_command[options->num_subsystems] = 1886 xstrdup(arg); 1887 /* Collect arguments (separate to executable) */ 1888 arg = argv_assemble(1, &arg); /* quote command correctly */ 1889 arg2 = argv_assemble(ac, av); /* rest of command */ 1890 xasprintf(&options->subsystem_args[options->num_subsystems], 1891 "%s %s", arg, arg2); 1892 free(arg2); 1893 argv_consume(&ac); 1894 options->num_subsystems++; 1895 break; 1896 1897 case sMaxStartups: 1898 arg = argv_next(&ac, &av); 1899 if (!arg || *arg == '\0') 1900 fatal("%s line %d: %s missing argument.", 1901 filename, linenum, keyword); 1902 if ((n = sscanf(arg, "%d:%d:%d", 1903 &options->max_startups_begin, 1904 &options->max_startups_rate, 1905 &options->max_startups)) == 3) { 1906 if (options->max_startups_begin > 1907 options->max_startups || 1908 options->max_startups_rate > 100 || 1909 options->max_startups_rate < 1) 1910 fatal("%s line %d: Invalid %s spec.", 1911 filename, linenum, keyword); 1912 } else if (n != 1) 1913 fatal("%s line %d: Invalid %s spec.", 1914 filename, linenum, keyword); 1915 else 1916 options->max_startups = options->max_startups_begin; 1917 if (options->max_startups <= 0 || 1918 options->max_startups_begin <= 0) 1919 fatal("%s line %d: Invalid %s spec.", 1920 filename, linenum, keyword); 1921 break; 1922 1923 case sPerSourceNetBlockSize: 1924 arg = argv_next(&ac, &av); 1925 if (!arg || *arg == '\0') 1926 fatal("%s line %d: %s missing argument.", 1927 filename, linenum, keyword); 1928 switch (n = sscanf(arg, "%d:%d", &value, &value2)) { 1929 case 2: 1930 if (value2 < 0 || value2 > 128) 1931 n = -1; 1932 /* FALLTHROUGH */ 1933 case 1: 1934 if (value < 0 || value > 32) 1935 n = -1; 1936 } 1937 if (n != 1 && n != 2) 1938 fatal("%s line %d: Invalid %s spec.", 1939 filename, linenum, keyword); 1940 if (*activep) { 1941 options->per_source_masklen_ipv4 = value; 1942 options->per_source_masklen_ipv6 = value2; 1943 } 1944 break; 1945 1946 case sPerSourceMaxStartups: 1947 arg = argv_next(&ac, &av); 1948 if (!arg || *arg == '\0') 1949 fatal("%s line %d: %s missing argument.", 1950 filename, linenum, keyword); 1951 if (strcmp(arg, "none") == 0) { /* no limit */ 1952 value = INT_MAX; 1953 } else { 1954 if ((errstr = atoi_err(arg, &value)) != NULL) 1955 fatal("%s line %d: %s integer value %s.", 1956 filename, linenum, keyword, errstr); 1957 } 1958 if (*activep && options->per_source_max_startups == -1) 1959 options->per_source_max_startups = value; 1960 break; 1961 1962 case sMaxAuthTries: 1963 intptr = &options->max_authtries; 1964 goto parse_int; 1965 1966 case sMaxSessions: 1967 intptr = &options->max_sessions; 1968 goto parse_int; 1969 1970 case sBanner: 1971 charptr = &options->banner; 1972 goto parse_filename; 1973 1974 /* 1975 * These options can contain %X options expanded at 1976 * connect time, so that you can specify paths like: 1977 * 1978 * AuthorizedKeysFile /etc/ssh_keys/%u 1979 */ 1980 case sAuthorizedKeysFile: 1981 uvalue = options->num_authkeys_files; 1982 while ((arg = argv_next(&ac, &av)) != NULL) { 1983 if (*arg == '\0') { 1984 error("%s line %d: keyword %s empty argument", 1985 filename, linenum, keyword); 1986 goto out; 1987 } 1988 arg2 = tilde_expand_filename(arg, getuid()); 1989 if (*activep && uvalue == 0) { 1990 opt_array_append(filename, linenum, keyword, 1991 &options->authorized_keys_files, 1992 &options->num_authkeys_files, arg2); 1993 } 1994 free(arg2); 1995 } 1996 break; 1997 1998 case sAuthorizedPrincipalsFile: 1999 charptr = &options->authorized_principals_file; 2000 arg = argv_next(&ac, &av); 2001 if (!arg || *arg == '\0') 2002 fatal("%s line %d: %s missing argument.", 2003 filename, linenum, keyword); 2004 if (*activep && *charptr == NULL) { 2005 *charptr = tilde_expand_filename(arg, getuid()); 2006 /* increase optional counter */ 2007 if (intptr != NULL) 2008 *intptr = *intptr + 1; 2009 } 2010 break; 2011 2012 case sClientAliveInterval: 2013 intptr = &options->client_alive_interval; 2014 goto parse_time; 2015 2016 case sClientAliveCountMax: 2017 intptr = &options->client_alive_count_max; 2018 goto parse_int; 2019 2020 case sAcceptEnv: 2021 while ((arg = argv_next(&ac, &av)) != NULL) { 2022 if (*arg == '\0' || strchr(arg, '=') != NULL) 2023 fatal("%s line %d: Invalid environment name.", 2024 filename, linenum); 2025 if (!*activep) 2026 continue; 2027 opt_array_append(filename, linenum, keyword, 2028 &options->accept_env, &options->num_accept_env, 2029 arg); 2030 } 2031 break; 2032 2033 case sSetEnv: 2034 uvalue = options->num_setenv; 2035 while ((arg = argv_next(&ac, &av)) != NULL) { 2036 if (*arg == '\0' || strchr(arg, '=') == NULL) 2037 fatal("%s line %d: Invalid environment.", 2038 filename, linenum); 2039 if (!*activep || uvalue != 0) 2040 continue; 2041 if (lookup_setenv_in_list(arg, options->setenv, 2042 options->num_setenv) != NULL) { 2043 debug2("%s line %d: ignoring duplicate env " 2044 "name \"%.64s\"", filename, linenum, arg); 2045 continue; 2046 } 2047 opt_array_append(filename, linenum, keyword, 2048 &options->setenv, &options->num_setenv, arg); 2049 } 2050 break; 2051 2052 case sPermitTunnel: 2053 intptr = &options->permit_tun; 2054 arg = argv_next(&ac, &av); 2055 if (!arg || *arg == '\0') 2056 fatal("%s line %d: %s missing argument.", 2057 filename, linenum, keyword); 2058 value = -1; 2059 for (i = 0; tunmode_desc[i].val != -1; i++) 2060 if (strcmp(tunmode_desc[i].text, arg) == 0) { 2061 value = tunmode_desc[i].val; 2062 break; 2063 } 2064 if (value == -1) 2065 fatal("%s line %d: bad %s argument %s", 2066 filename, linenum, keyword, arg); 2067 if (*activep && *intptr == -1) 2068 *intptr = value; 2069 break; 2070 2071 case sInclude: 2072 if (cmdline) { 2073 fatal("Include directive not supported as a " 2074 "command-line option"); 2075 } 2076 value = 0; 2077 while ((arg2 = argv_next(&ac, &av)) != NULL) { 2078 if (*arg2 == '\0') { 2079 error("%s line %d: keyword %s empty argument", 2080 filename, linenum, keyword); 2081 goto out; 2082 } 2083 value++; 2084 found = 0; 2085 if (*arg2 != '/' && *arg2 != '~') { 2086 xasprintf(&arg, "%s/%s", SSHDIR, arg2); 2087 } else 2088 arg = xstrdup(arg2); 2089 2090 /* 2091 * Don't let included files clobber the containing 2092 * file's Match state. 2093 */ 2094 oactive = *activep; 2095 2096 /* consult cache of include files */ 2097 TAILQ_FOREACH(item, includes, entry) { 2098 if (strcmp(item->selector, arg) != 0) 2099 continue; 2100 if (item->filename != NULL) { 2101 parse_server_config_depth(options, 2102 item->filename, item->contents, 2103 includes, connectinfo, 2104 (*inc_flags & SSHCFG_MATCH_ONLY 2105 ? SSHCFG_MATCH_ONLY : (oactive 2106 ? 0 : SSHCFG_NEVERMATCH)), 2107 activep, depth + 1); 2108 } 2109 found = 1; 2110 *activep = oactive; 2111 } 2112 if (found != 0) { 2113 free(arg); 2114 continue; 2115 } 2116 2117 /* requested glob was not in cache */ 2118 debug2("%s line %d: new include %s", 2119 filename, linenum, arg); 2120 if ((r = glob(arg, 0, NULL, &gbuf)) != 0) { 2121 if (r != GLOB_NOMATCH) { 2122 fatal("%s line %d: include \"%s\" glob " 2123 "failed", filename, linenum, arg); 2124 } 2125 /* 2126 * If no entry matched then record a 2127 * placeholder to skip later glob calls. 2128 */ 2129 debug2("%s line %d: no match for %s", 2130 filename, linenum, arg); 2131 item = xcalloc(1, sizeof(*item)); 2132 item->selector = strdup(arg); 2133 TAILQ_INSERT_TAIL(includes, 2134 item, entry); 2135 } 2136 if (gbuf.gl_pathc > INT_MAX) 2137 fatal_f("too many glob results"); 2138 for (n = 0; n < (int)gbuf.gl_pathc; n++) { 2139 debug2("%s line %d: including %s", 2140 filename, linenum, gbuf.gl_pathv[n]); 2141 item = xcalloc(1, sizeof(*item)); 2142 item->selector = strdup(arg); 2143 item->filename = strdup(gbuf.gl_pathv[n]); 2144 if ((item->contents = sshbuf_new()) == NULL) 2145 fatal_f("sshbuf_new failed"); 2146 load_server_config(item->filename, 2147 item->contents); 2148 parse_server_config_depth(options, 2149 item->filename, item->contents, 2150 includes, connectinfo, 2151 (*inc_flags & SSHCFG_MATCH_ONLY 2152 ? SSHCFG_MATCH_ONLY : (oactive 2153 ? 0 : SSHCFG_NEVERMATCH)), 2154 activep, depth + 1); 2155 *activep = oactive; 2156 TAILQ_INSERT_TAIL(includes, item, entry); 2157 } 2158 globfree(&gbuf); 2159 free(arg); 2160 } 2161 if (value == 0) { 2162 fatal("%s line %d: %s missing filename argument", 2163 filename, linenum, keyword); 2164 } 2165 break; 2166 2167 case sMatch: 2168 if (cmdline) 2169 fatal("Match directive not supported as a command-line " 2170 "option"); 2171 value = match_cfg_line(&str, linenum, 2172 (*inc_flags & SSHCFG_NEVERMATCH ? NULL : connectinfo)); 2173 if (value < 0) 2174 fatal("%s line %d: Bad Match condition", filename, 2175 linenum); 2176 *activep = (*inc_flags & SSHCFG_NEVERMATCH) ? 0 : value; 2177 /* 2178 * The MATCH_ONLY flag is applicable only until the first 2179 * match block. 2180 */ 2181 *inc_flags &= ~SSHCFG_MATCH_ONLY; 2182 /* 2183 * If match_cfg_line() didn't consume all its arguments then 2184 * arrange for the extra arguments check below to fail. 2185 */ 2186 if (str == NULL || *str == '\0') 2187 argv_consume(&ac); 2188 break; 2189 2190 case sPermitListen: 2191 case sPermitOpen: 2192 if (opcode == sPermitListen) { 2193 uintptr = &options->num_permitted_listens; 2194 chararrayptr = &options->permitted_listens; 2195 } else { 2196 uintptr = &options->num_permitted_opens; 2197 chararrayptr = &options->permitted_opens; 2198 } 2199 arg = argv_next(&ac, &av); 2200 if (!arg || *arg == '\0') 2201 fatal("%s line %d: %s missing argument.", 2202 filename, linenum, keyword); 2203 uvalue = *uintptr; /* modified later */ 2204 if (strcmp(arg, "any") == 0 || strcmp(arg, "none") == 0) { 2205 if (*activep && uvalue == 0) { 2206 *uintptr = 1; 2207 *chararrayptr = xcalloc(1, 2208 sizeof(**chararrayptr)); 2209 (*chararrayptr)[0] = xstrdup(arg); 2210 } 2211 break; 2212 } 2213 for (; arg != NULL && *arg != '\0'; arg = argv_next(&ac, &av)) { 2214 if (opcode == sPermitListen && 2215 strchr(arg, ':') == NULL) { 2216 /* 2217 * Allow bare port number for PermitListen 2218 * to indicate a wildcard listen host. 2219 */ 2220 xasprintf(&arg2, "*:%s", arg); 2221 } else { 2222 arg2 = xstrdup(arg); 2223 p = hpdelim(&arg); 2224 if (p == NULL) { 2225 fatal("%s line %d: %s missing host", 2226 filename, linenum, keyword); 2227 } 2228 p = cleanhostname(p); 2229 } 2230 if (arg == NULL || 2231 ((port = permitopen_port(arg)) < 0)) { 2232 fatal("%s line %d: %s bad port number", 2233 filename, linenum, keyword); 2234 } 2235 if (*activep && uvalue == 0) { 2236 opt_array_append(filename, linenum, keyword, 2237 chararrayptr, uintptr, arg2); 2238 } 2239 free(arg2); 2240 } 2241 break; 2242 2243 case sForceCommand: 2244 if (str == NULL || *str == '\0') 2245 fatal("%s line %d: %s missing argument.", 2246 filename, linenum, keyword); 2247 len = strspn(str, WHITESPACE); 2248 if (*activep && options->adm_forced_command == NULL) 2249 options->adm_forced_command = xstrdup(str + len); 2250 argv_consume(&ac); 2251 break; 2252 2253 case sChrootDirectory: 2254 charptr = &options->chroot_directory; 2255 2256 arg = argv_next(&ac, &av); 2257 if (!arg || *arg == '\0') 2258 fatal("%s line %d: %s missing argument.", 2259 filename, linenum, keyword); 2260 if (*activep && *charptr == NULL) 2261 *charptr = xstrdup(arg); 2262 break; 2263 2264 case sTrustedUserCAKeys: 2265 charptr = &options->trusted_user_ca_keys; 2266 goto parse_filename; 2267 2268 case sRevokedKeys: 2269 charptr = &options->revoked_keys_file; 2270 goto parse_filename; 2271 2272 case sSecurityKeyProvider: 2273 charptr = &options->sk_provider; 2274 arg = argv_next(&ac, &av); 2275 if (!arg || *arg == '\0') 2276 fatal("%s line %d: %s missing argument.", 2277 filename, linenum, keyword); 2278 if (*activep && *charptr == NULL) { 2279 *charptr = strcasecmp(arg, "internal") == 0 ? 2280 xstrdup(arg) : derelativise_path(arg); 2281 /* increase optional counter */ 2282 if (intptr != NULL) 2283 *intptr = *intptr + 1; 2284 } 2285 break; 2286 2287 case sIPQoS: 2288 arg = argv_next(&ac, &av); 2289 if (!arg || *arg == '\0') 2290 fatal("%s line %d: %s missing argument.", 2291 filename, linenum, keyword); 2292 if ((value = parse_ipqos(arg)) == -1) 2293 fatal("%s line %d: Bad %s value: %s", 2294 filename, linenum, keyword, arg); 2295 arg = argv_next(&ac, &av); 2296 if (arg == NULL) 2297 value2 = value; 2298 else if ((value2 = parse_ipqos(arg)) == -1) 2299 fatal("%s line %d: Bad %s value: %s", 2300 filename, linenum, keyword, arg); 2301 if (*activep) { 2302 options->ip_qos_interactive = value; 2303 options->ip_qos_bulk = value2; 2304 } 2305 break; 2306 2307 case sVersionAddendum: 2308 if (str == NULL || *str == '\0') 2309 fatal("%s line %d: %s missing argument.", 2310 filename, linenum, keyword); 2311 len = strspn(str, WHITESPACE); 2312 if (strchr(str + len, '\r') != NULL) { 2313 fatal("%.200s line %d: Invalid %s argument", 2314 filename, linenum, keyword); 2315 } 2316 if ((arg = strchr(line, '#')) != NULL) { 2317 *arg = '\0'; 2318 rtrim(line); 2319 } 2320 if (*activep && options->version_addendum == NULL) { 2321 if (strcasecmp(str + len, "none") == 0) 2322 options->version_addendum = xstrdup(""); 2323 else 2324 options->version_addendum = xstrdup(str + len); 2325 } 2326 argv_consume(&ac); 2327 break; 2328 2329 case sAuthorizedKeysCommand: 2330 charptr = &options->authorized_keys_command; 2331 parse_command: 2332 len = strspn(str, WHITESPACE); 2333 if (str[len] != '/' && strcasecmp(str + len, "none") != 0) { 2334 fatal("%.200s line %d: %s must be an absolute path", 2335 filename, linenum, keyword); 2336 } 2337 if (*activep && *charptr == NULL) 2338 *charptr = xstrdup(str + len); 2339 argv_consume(&ac); 2340 break; 2341 2342 case sAuthorizedKeysCommandUser: 2343 charptr = &options->authorized_keys_command_user; 2344 parse_localuser: 2345 arg = argv_next(&ac, &av); 2346 if (!arg || *arg == '\0') { 2347 fatal("%s line %d: missing %s argument.", 2348 filename, linenum, keyword); 2349 } 2350 if (*activep && *charptr == NULL) 2351 *charptr = xstrdup(arg); 2352 break; 2353 2354 case sAuthorizedPrincipalsCommand: 2355 charptr = &options->authorized_principals_command; 2356 goto parse_command; 2357 2358 case sAuthorizedPrincipalsCommandUser: 2359 charptr = &options->authorized_principals_command_user; 2360 goto parse_localuser; 2361 2362 case sAuthenticationMethods: 2363 found = options->num_auth_methods == 0; 2364 value = 0; /* seen "any" pseudo-method */ 2365 value2 = 0; /* successfully parsed any method */ 2366 while ((arg = argv_next(&ac, &av)) != NULL) { 2367 if (strcmp(arg, "any") == 0) { 2368 if (options->num_auth_methods > 0) { 2369 fatal("%s line %d: \"any\" must " 2370 "appear alone in %s", 2371 filename, linenum, keyword); 2372 } 2373 value = 1; 2374 } else if (value) { 2375 fatal("%s line %d: \"any\" must appear " 2376 "alone in %s", filename, linenum, keyword); 2377 } else if (auth2_methods_valid(arg, 0) != 0) { 2378 fatal("%s line %d: invalid %s method list.", 2379 filename, linenum, keyword); 2380 } 2381 value2 = 1; 2382 if (!found || !*activep) 2383 continue; 2384 opt_array_append(filename, linenum, keyword, 2385 &options->auth_methods, 2386 &options->num_auth_methods, arg); 2387 } 2388 if (value2 == 0) { 2389 fatal("%s line %d: no %s specified", 2390 filename, linenum, keyword); 2391 } 2392 break; 2393 2394 case sStreamLocalBindMask: 2395 arg = argv_next(&ac, &av); 2396 if (!arg || *arg == '\0') 2397 fatal("%s line %d: %s missing argument.", 2398 filename, linenum, keyword); 2399 /* Parse mode in octal format */ 2400 value = strtol(arg, &p, 8); 2401 if (arg == p || value < 0 || value > 0777) 2402 fatal("%s line %d: Invalid %s.", 2403 filename, linenum, keyword); 2404 if (*activep) 2405 options->fwd_opts.streamlocal_bind_mask = (mode_t)value; 2406 break; 2407 2408 case sStreamLocalBindUnlink: 2409 intptr = &options->fwd_opts.streamlocal_bind_unlink; 2410 goto parse_flag; 2411 2412 case sFingerprintHash: 2413 arg = argv_next(&ac, &av); 2414 if (!arg || *arg == '\0') 2415 fatal("%s line %d: %s missing argument.", 2416 filename, linenum, keyword); 2417 if ((value = ssh_digest_alg_by_name(arg)) == -1) 2418 fatal("%.200s line %d: Invalid %s algorithm \"%s\".", 2419 filename, linenum, keyword, arg); 2420 if (*activep) 2421 options->fingerprint_hash = value; 2422 break; 2423 2424 case sExposeAuthInfo: 2425 intptr = &options->expose_userauth_info; 2426 goto parse_flag; 2427 2428 case sRDomain: 2429 charptr = &options->routing_domain; 2430 arg = argv_next(&ac, &av); 2431 if (!arg || *arg == '\0') 2432 fatal("%s line %d: %s missing argument.", 2433 filename, linenum, keyword); 2434 if (strcasecmp(arg, "none") != 0 && strcmp(arg, "%D") != 0 && 2435 !valid_rdomain(arg)) 2436 fatal("%s line %d: invalid routing domain", 2437 filename, linenum); 2438 if (*activep && *charptr == NULL) 2439 *charptr = xstrdup(arg); 2440 break; 2441 2442 case sRequiredRSASize: 2443 intptr = &options->required_rsa_size; 2444 goto parse_int; 2445 2446 case sChannelTimeout: 2447 uvalue = options->num_channel_timeouts; 2448 i = 0; 2449 while ((arg = argv_next(&ac, &av)) != NULL) { 2450 /* Allow "none" only in first position */ 2451 if (strcasecmp(arg, "none") == 0) { 2452 if (i > 0 || ac > 0) { 2453 error("%s line %d: keyword %s \"none\" " 2454 "argument must appear alone.", 2455 filename, linenum, keyword); 2456 goto out; 2457 } 2458 } else if (parse_pattern_interval(arg, 2459 NULL, NULL) != 0) { 2460 fatal("%s line %d: invalid channel timeout %s", 2461 filename, linenum, arg); 2462 } 2463 if (!*activep || uvalue != 0) 2464 continue; 2465 opt_array_append(filename, linenum, keyword, 2466 &options->channel_timeouts, 2467 &options->num_channel_timeouts, arg); 2468 } 2469 break; 2470 2471 case sUnusedConnectionTimeout: 2472 intptr = &options->unused_connection_timeout; 2473 /* peek at first arg for "none" so we can reuse parse_time */ 2474 if (av[0] != NULL && strcasecmp(av[0], "none") == 0) { 2475 (void)argv_next(&ac, &av); /* consume arg */ 2476 if (*activep) 2477 *intptr = 0; 2478 break; 2479 } 2480 goto parse_time; 2481 2482 case sDeprecated: 2483 case sIgnore: 2484 case sUnsupported: 2485 do_log2(opcode == sIgnore ? 2486 SYSLOG_LEVEL_DEBUG2 : SYSLOG_LEVEL_INFO, 2487 "%s line %d: %s option %s", filename, linenum, 2488 opcode == sUnsupported ? "Unsupported" : "Deprecated", 2489 keyword); 2490 argv_consume(&ac); 2491 break; 2492 2493 default: 2494 fatal("%s line %d: Missing handler for opcode %s (%d)", 2495 filename, linenum, keyword, opcode); 2496 } 2497 /* Check that there is no garbage at end of line. */ 2498 if (ac > 0) { 2499 error("%.200s line %d: keyword %s extra arguments " 2500 "at end of line", filename, linenum, keyword); 2501 goto out; 2502 } 2503 2504 /* success */ 2505 ret = 0; 2506 out: 2507 argv_free(oav, oac); 2508 return ret; 2509 } 2510 2511 int 2512 process_server_config_line(ServerOptions *options, char *line, 2513 const char *filename, int linenum, int *activep, 2514 struct connection_info *connectinfo, struct include_list *includes) 2515 { 2516 int inc_flags = 0; 2517 2518 return process_server_config_line_depth(options, line, filename, 2519 linenum, activep, connectinfo, &inc_flags, 0, includes); 2520 } 2521 2522 2523 /* Reads the server configuration file. */ 2524 2525 void 2526 load_server_config(const char *filename, struct sshbuf *conf) 2527 { 2528 struct stat st; 2529 char *line = NULL, *cp; 2530 size_t linesize = 0; 2531 FILE *f; 2532 int r; 2533 2534 debug2_f("filename %s", filename); 2535 if ((f = fopen(filename, "r")) == NULL) { 2536 perror(filename); 2537 exit(1); 2538 } 2539 sshbuf_reset(conf); 2540 /* grow buffer, so realloc is avoided for large config files */ 2541 if (fstat(fileno(f), &st) == 0 && st.st_size > 0 && 2542 (r = sshbuf_allocate(conf, st.st_size)) != 0) 2543 fatal_fr(r, "allocate"); 2544 while (getline(&line, &linesize, f) != -1) { 2545 /* 2546 * Strip whitespace 2547 * NB - preserve newlines, they are needed to reproduce 2548 * line numbers later for error messages 2549 */ 2550 cp = line + strspn(line, " \t\r"); 2551 if ((r = sshbuf_put(conf, cp, strlen(cp))) != 0) 2552 fatal_fr(r, "sshbuf_put"); 2553 } 2554 free(line); 2555 if ((r = sshbuf_put_u8(conf, 0)) != 0) 2556 fatal_fr(r, "sshbuf_put_u8"); 2557 fclose(f); 2558 debug2_f("done config len = %zu", sshbuf_len(conf)); 2559 } 2560 2561 void 2562 parse_server_match_config(ServerOptions *options, 2563 struct include_list *includes, struct connection_info *connectinfo) 2564 { 2565 ServerOptions mo; 2566 2567 initialize_server_options(&mo); 2568 parse_server_config(&mo, "reprocess config", cfg, includes, 2569 connectinfo, 0); 2570 copy_set_server_options(options, &mo, 0); 2571 } 2572 2573 int parse_server_match_testspec(struct connection_info *ci, char *spec) 2574 { 2575 char *p; 2576 2577 while ((p = strsep(&spec, ",")) && *p != '\0') { 2578 if (strncmp(p, "addr=", 5) == 0) { 2579 ci->address = xstrdup(p + 5); 2580 } else if (strncmp(p, "host=", 5) == 0) { 2581 ci->host = xstrdup(p + 5); 2582 } else if (strncmp(p, "user=", 5) == 0) { 2583 ci->user = xstrdup(p + 5); 2584 } else if (strncmp(p, "laddr=", 6) == 0) { 2585 ci->laddress = xstrdup(p + 6); 2586 } else if (strncmp(p, "rdomain=", 8) == 0) { 2587 ci->rdomain = xstrdup(p + 8); 2588 } else if (strncmp(p, "lport=", 6) == 0) { 2589 ci->lport = a2port(p + 6); 2590 if (ci->lport == -1) { 2591 fprintf(stderr, "Invalid port '%s' in test mode" 2592 " specification %s\n", p+6, p); 2593 return -1; 2594 } 2595 } else { 2596 fprintf(stderr, "Invalid test mode specification %s\n", 2597 p); 2598 return -1; 2599 } 2600 } 2601 return 0; 2602 } 2603 2604 void 2605 servconf_merge_subsystems(ServerOptions *dst, ServerOptions *src) 2606 { 2607 u_int i, j, found; 2608 2609 for (i = 0; i < src->num_subsystems; i++) { 2610 found = 0; 2611 for (j = 0; j < dst->num_subsystems; j++) { 2612 if (strcmp(src->subsystem_name[i], 2613 dst->subsystem_name[j]) == 0) { 2614 found = 1; 2615 break; 2616 } 2617 } 2618 if (found) { 2619 debug_f("override \"%s\"", dst->subsystem_name[j]); 2620 free(dst->subsystem_command[j]); 2621 free(dst->subsystem_args[j]); 2622 dst->subsystem_command[j] = 2623 xstrdup(src->subsystem_command[i]); 2624 dst->subsystem_args[j] = 2625 xstrdup(src->subsystem_args[i]); 2626 continue; 2627 } 2628 debug_f("add \"%s\"", src->subsystem_name[i]); 2629 dst->subsystem_name = xrecallocarray( 2630 dst->subsystem_name, dst->num_subsystems, 2631 dst->num_subsystems + 1, sizeof(*dst->subsystem_name)); 2632 dst->subsystem_command = xrecallocarray( 2633 dst->subsystem_command, dst->num_subsystems, 2634 dst->num_subsystems + 1, sizeof(*dst->subsystem_command)); 2635 dst->subsystem_args = xrecallocarray( 2636 dst->subsystem_args, dst->num_subsystems, 2637 dst->num_subsystems + 1, sizeof(*dst->subsystem_args)); 2638 j = dst->num_subsystems++; 2639 dst->subsystem_name[j] = xstrdup(src->subsystem_name[i]); 2640 dst->subsystem_command[j] = xstrdup(src->subsystem_command[i]); 2641 dst->subsystem_args[j] = xstrdup(src->subsystem_args[i]); 2642 } 2643 } 2644 2645 /* 2646 * Copy any supported values that are set. 2647 * 2648 * If the preauth flag is set, we do not bother copying the string or 2649 * array values that are not used pre-authentication, because any that we 2650 * do use must be explicitly sent in mm_getpwnamallow(). 2651 */ 2652 void 2653 copy_set_server_options(ServerOptions *dst, ServerOptions *src, int preauth) 2654 { 2655 #define M_CP_INTOPT(n) do {\ 2656 if (src->n != -1) \ 2657 dst->n = src->n; \ 2658 } while (0) 2659 2660 M_CP_INTOPT(password_authentication); 2661 M_CP_INTOPT(gss_authentication); 2662 M_CP_INTOPT(pubkey_authentication); 2663 M_CP_INTOPT(pubkey_auth_options); 2664 M_CP_INTOPT(kerberos_authentication); 2665 M_CP_INTOPT(hostbased_authentication); 2666 M_CP_INTOPT(hostbased_uses_name_from_packet_only); 2667 M_CP_INTOPT(kbd_interactive_authentication); 2668 M_CP_INTOPT(permit_root_login); 2669 M_CP_INTOPT(permit_empty_passwd); 2670 M_CP_INTOPT(ignore_rhosts); 2671 2672 M_CP_INTOPT(allow_tcp_forwarding); 2673 M_CP_INTOPT(allow_streamlocal_forwarding); 2674 M_CP_INTOPT(allow_agent_forwarding); 2675 M_CP_INTOPT(disable_forwarding); 2676 M_CP_INTOPT(expose_userauth_info); 2677 M_CP_INTOPT(permit_tun); 2678 M_CP_INTOPT(fwd_opts.gateway_ports); 2679 M_CP_INTOPT(fwd_opts.streamlocal_bind_unlink); 2680 M_CP_INTOPT(x11_display_offset); 2681 M_CP_INTOPT(x11_forwarding); 2682 M_CP_INTOPT(x11_use_localhost); 2683 M_CP_INTOPT(permit_tty); 2684 M_CP_INTOPT(permit_user_rc); 2685 M_CP_INTOPT(max_sessions); 2686 M_CP_INTOPT(max_authtries); 2687 M_CP_INTOPT(client_alive_count_max); 2688 M_CP_INTOPT(client_alive_interval); 2689 M_CP_INTOPT(ip_qos_interactive); 2690 M_CP_INTOPT(ip_qos_bulk); 2691 M_CP_INTOPT(rekey_limit); 2692 M_CP_INTOPT(rekey_interval); 2693 M_CP_INTOPT(log_level); 2694 M_CP_INTOPT(required_rsa_size); 2695 M_CP_INTOPT(unused_connection_timeout); 2696 2697 /* 2698 * The bind_mask is a mode_t that may be unsigned, so we can't use 2699 * M_CP_INTOPT - it does a signed comparison that causes compiler 2700 * warnings. 2701 */ 2702 if (src->fwd_opts.streamlocal_bind_mask != (mode_t)-1) { 2703 dst->fwd_opts.streamlocal_bind_mask = 2704 src->fwd_opts.streamlocal_bind_mask; 2705 } 2706 2707 /* M_CP_STROPT and M_CP_STRARRAYOPT should not appear before here */ 2708 #define M_CP_STROPT(n) do {\ 2709 if (src->n != NULL && dst->n != src->n) { \ 2710 free(dst->n); \ 2711 dst->n = src->n; \ 2712 } \ 2713 } while(0) 2714 #define M_CP_STRARRAYOPT(s, num_s) do {\ 2715 u_int i; \ 2716 if (src->num_s != 0) { \ 2717 for (i = 0; i < dst->num_s; i++) \ 2718 free(dst->s[i]); \ 2719 free(dst->s); \ 2720 dst->s = xcalloc(src->num_s, sizeof(*dst->s)); \ 2721 for (i = 0; i < src->num_s; i++) \ 2722 dst->s[i] = xstrdup(src->s[i]); \ 2723 dst->num_s = src->num_s; \ 2724 } \ 2725 } while(0) 2726 2727 /* See comment in servconf.h */ 2728 COPY_MATCH_STRING_OPTS(); 2729 2730 /* Arguments that accept '+...' need to be expanded */ 2731 assemble_algorithms(dst); 2732 2733 /* 2734 * The only things that should be below this point are string options 2735 * which are only used after authentication. 2736 */ 2737 if (preauth) 2738 return; 2739 2740 /* These options may be "none" to clear a global setting */ 2741 M_CP_STROPT(adm_forced_command); 2742 if (option_clear_or_none(dst->adm_forced_command)) { 2743 free(dst->adm_forced_command); 2744 dst->adm_forced_command = NULL; 2745 } 2746 M_CP_STROPT(chroot_directory); 2747 if (option_clear_or_none(dst->chroot_directory)) { 2748 free(dst->chroot_directory); 2749 dst->chroot_directory = NULL; 2750 } 2751 2752 /* Subsystems require merging. */ 2753 servconf_merge_subsystems(dst, src); 2754 } 2755 2756 #undef M_CP_INTOPT 2757 #undef M_CP_STROPT 2758 #undef M_CP_STRARRAYOPT 2759 2760 #define SERVCONF_MAX_DEPTH 16 2761 static void 2762 parse_server_config_depth(ServerOptions *options, const char *filename, 2763 struct sshbuf *conf, struct include_list *includes, 2764 struct connection_info *connectinfo, int flags, int *activep, int depth) 2765 { 2766 int linenum, bad_options = 0; 2767 char *cp, *obuf, *cbuf; 2768 2769 if (depth < 0 || depth > SERVCONF_MAX_DEPTH) 2770 fatal("Too many recursive configuration includes"); 2771 2772 debug2_f("config %s len %zu%s", filename, sshbuf_len(conf), 2773 (flags & SSHCFG_NEVERMATCH ? " [checking syntax only]" : "")); 2774 2775 if ((obuf = cbuf = sshbuf_dup_string(conf)) == NULL) 2776 fatal_f("sshbuf_dup_string failed"); 2777 linenum = 1; 2778 while ((cp = strsep(&cbuf, "\n")) != NULL) { 2779 if (process_server_config_line_depth(options, cp, 2780 filename, linenum++, activep, connectinfo, &flags, 2781 depth, includes) != 0) 2782 bad_options++; 2783 } 2784 free(obuf); 2785 if (bad_options > 0) 2786 fatal("%s: terminating, %d bad configuration options", 2787 filename, bad_options); 2788 } 2789 2790 void 2791 parse_server_config(ServerOptions *options, const char *filename, 2792 struct sshbuf *conf, struct include_list *includes, 2793 struct connection_info *connectinfo, int reexec) 2794 { 2795 int active = connectinfo ? 0 : 1; 2796 parse_server_config_depth(options, filename, conf, includes, 2797 connectinfo, (connectinfo ? SSHCFG_MATCH_ONLY : 0), &active, 0); 2798 if (!reexec) 2799 process_queued_listen_addrs(options); 2800 } 2801 2802 static const char * 2803 fmt_multistate_int(int val, const struct multistate *m) 2804 { 2805 u_int i; 2806 2807 for (i = 0; m[i].key != NULL; i++) { 2808 if (m[i].value == val) 2809 return m[i].key; 2810 } 2811 return "UNKNOWN"; 2812 } 2813 2814 static const char * 2815 fmt_intarg(ServerOpCodes code, int val) 2816 { 2817 if (val == -1) 2818 return "unset"; 2819 switch (code) { 2820 case sAddressFamily: 2821 return fmt_multistate_int(val, multistate_addressfamily); 2822 case sPermitRootLogin: 2823 return fmt_multistate_int(val, multistate_permitrootlogin); 2824 case sGatewayPorts: 2825 return fmt_multistate_int(val, multistate_gatewayports); 2826 case sCompression: 2827 return fmt_multistate_int(val, multistate_compression); 2828 case sAllowTcpForwarding: 2829 return fmt_multistate_int(val, multistate_tcpfwd); 2830 case sAllowStreamLocalForwarding: 2831 return fmt_multistate_int(val, multistate_tcpfwd); 2832 case sIgnoreRhosts: 2833 return fmt_multistate_int(val, multistate_ignore_rhosts); 2834 case sFingerprintHash: 2835 return ssh_digest_alg_name(val); 2836 default: 2837 switch (val) { 2838 case 0: 2839 return "no"; 2840 case 1: 2841 return "yes"; 2842 default: 2843 return "UNKNOWN"; 2844 } 2845 } 2846 } 2847 2848 static void 2849 dump_cfg_int(ServerOpCodes code, int val) 2850 { 2851 if (code == sUnusedConnectionTimeout && val == 0) { 2852 printf("%s none\n", lookup_opcode_name(code)); 2853 return; 2854 } 2855 printf("%s %d\n", lookup_opcode_name(code), val); 2856 } 2857 2858 static void 2859 dump_cfg_oct(ServerOpCodes code, int val) 2860 { 2861 printf("%s 0%o\n", lookup_opcode_name(code), val); 2862 } 2863 2864 static void 2865 dump_cfg_fmtint(ServerOpCodes code, int val) 2866 { 2867 printf("%s %s\n", lookup_opcode_name(code), fmt_intarg(code, val)); 2868 } 2869 2870 static void 2871 dump_cfg_string(ServerOpCodes code, const char *val) 2872 { 2873 printf("%s %s\n", lookup_opcode_name(code), 2874 val == NULL ? "none" : val); 2875 } 2876 2877 static void 2878 dump_cfg_strarray(ServerOpCodes code, u_int count, char **vals) 2879 { 2880 u_int i; 2881 2882 for (i = 0; i < count; i++) 2883 printf("%s %s\n", lookup_opcode_name(code), vals[i]); 2884 } 2885 2886 static void 2887 dump_cfg_strarray_oneline(ServerOpCodes code, u_int count, char **vals) 2888 { 2889 u_int i; 2890 2891 switch (code) { 2892 case sAuthenticationMethods: 2893 case sChannelTimeout: 2894 break; 2895 default: 2896 if (count <= 0) 2897 return; 2898 break; 2899 } 2900 2901 printf("%s", lookup_opcode_name(code)); 2902 for (i = 0; i < count; i++) 2903 printf(" %s", vals[i]); 2904 if (code == sAuthenticationMethods && count == 0) 2905 printf(" any"); 2906 else if (code == sChannelTimeout && count == 0) 2907 printf(" none"); 2908 printf("\n"); 2909 } 2910 2911 static char * 2912 format_listen_addrs(struct listenaddr *la) 2913 { 2914 int r; 2915 struct addrinfo *ai; 2916 char addr[NI_MAXHOST], port[NI_MAXSERV]; 2917 char *laddr1 = xstrdup(""), *laddr2 = NULL; 2918 2919 /* 2920 * ListenAddress must be after Port. add_one_listen_addr pushes 2921 * addresses onto a stack, so to maintain ordering we need to 2922 * print these in reverse order. 2923 */ 2924 for (ai = la->addrs; ai; ai = ai->ai_next) { 2925 if ((r = getnameinfo(ai->ai_addr, ai->ai_addrlen, addr, 2926 sizeof(addr), port, sizeof(port), 2927 NI_NUMERICHOST|NI_NUMERICSERV)) != 0) { 2928 error("getnameinfo: %.100s", ssh_gai_strerror(r)); 2929 continue; 2930 } 2931 laddr2 = laddr1; 2932 if (ai->ai_family == AF_INET6) { 2933 xasprintf(&laddr1, "listenaddress [%s]:%s%s%s\n%s", 2934 addr, port, 2935 la->rdomain == NULL ? "" : " rdomain ", 2936 la->rdomain == NULL ? "" : la->rdomain, 2937 laddr2); 2938 } else { 2939 xasprintf(&laddr1, "listenaddress %s:%s%s%s\n%s", 2940 addr, port, 2941 la->rdomain == NULL ? "" : " rdomain ", 2942 la->rdomain == NULL ? "" : la->rdomain, 2943 laddr2); 2944 } 2945 free(laddr2); 2946 } 2947 return laddr1; 2948 } 2949 2950 void 2951 dump_config(ServerOptions *o) 2952 { 2953 char *s; 2954 u_int i; 2955 2956 /* these are usually at the top of the config */ 2957 for (i = 0; i < o->num_ports; i++) 2958 printf("port %d\n", o->ports[i]); 2959 dump_cfg_fmtint(sAddressFamily, o->address_family); 2960 2961 for (i = 0; i < o->num_listen_addrs; i++) { 2962 s = format_listen_addrs(&o->listen_addrs[i]); 2963 printf("%s", s); 2964 free(s); 2965 } 2966 2967 /* integer arguments */ 2968 dump_cfg_int(sLoginGraceTime, o->login_grace_time); 2969 dump_cfg_int(sX11DisplayOffset, o->x11_display_offset); 2970 dump_cfg_int(sMaxAuthTries, o->max_authtries); 2971 dump_cfg_int(sMaxSessions, o->max_sessions); 2972 dump_cfg_int(sClientAliveInterval, o->client_alive_interval); 2973 dump_cfg_int(sClientAliveCountMax, o->client_alive_count_max); 2974 dump_cfg_int(sRequiredRSASize, o->required_rsa_size); 2975 dump_cfg_oct(sStreamLocalBindMask, o->fwd_opts.streamlocal_bind_mask); 2976 dump_cfg_int(sUnusedConnectionTimeout, o->unused_connection_timeout); 2977 2978 /* formatted integer arguments */ 2979 dump_cfg_fmtint(sPermitRootLogin, o->permit_root_login); 2980 dump_cfg_fmtint(sIgnoreRhosts, o->ignore_rhosts); 2981 dump_cfg_fmtint(sIgnoreUserKnownHosts, o->ignore_user_known_hosts); 2982 dump_cfg_fmtint(sHostbasedAuthentication, o->hostbased_authentication); 2983 dump_cfg_fmtint(sHostbasedUsesNameFromPacketOnly, 2984 o->hostbased_uses_name_from_packet_only); 2985 dump_cfg_fmtint(sPubkeyAuthentication, o->pubkey_authentication); 2986 #ifdef KRB5 2987 dump_cfg_fmtint(sKerberosAuthentication, o->kerberos_authentication); 2988 dump_cfg_fmtint(sKerberosOrLocalPasswd, o->kerberos_or_local_passwd); 2989 dump_cfg_fmtint(sKerberosTicketCleanup, o->kerberos_ticket_cleanup); 2990 dump_cfg_fmtint(sKerberosGetAFSToken, o->kerberos_get_afs_token); 2991 #endif 2992 #ifdef GSSAPI 2993 dump_cfg_fmtint(sGssAuthentication, o->gss_authentication); 2994 dump_cfg_fmtint(sGssCleanupCreds, o->gss_cleanup_creds); 2995 #endif 2996 dump_cfg_fmtint(sPasswordAuthentication, o->password_authentication); 2997 dump_cfg_fmtint(sKbdInteractiveAuthentication, 2998 o->kbd_interactive_authentication); 2999 dump_cfg_fmtint(sPrintMotd, o->print_motd); 3000 dump_cfg_fmtint(sPrintLastLog, o->print_lastlog); 3001 dump_cfg_fmtint(sX11Forwarding, o->x11_forwarding); 3002 dump_cfg_fmtint(sX11UseLocalhost, o->x11_use_localhost); 3003 dump_cfg_fmtint(sPermitTTY, o->permit_tty); 3004 dump_cfg_fmtint(sPermitUserRC, o->permit_user_rc); 3005 dump_cfg_fmtint(sStrictModes, o->strict_modes); 3006 dump_cfg_fmtint(sTCPKeepAlive, o->tcp_keep_alive); 3007 dump_cfg_fmtint(sEmptyPasswd, o->permit_empty_passwd); 3008 dump_cfg_fmtint(sCompression, o->compression); 3009 dump_cfg_fmtint(sGatewayPorts, o->fwd_opts.gateway_ports); 3010 dump_cfg_fmtint(sUseDNS, o->use_dns); 3011 dump_cfg_fmtint(sAllowTcpForwarding, o->allow_tcp_forwarding); 3012 dump_cfg_fmtint(sAllowAgentForwarding, o->allow_agent_forwarding); 3013 dump_cfg_fmtint(sDisableForwarding, o->disable_forwarding); 3014 dump_cfg_fmtint(sAllowStreamLocalForwarding, o->allow_streamlocal_forwarding); 3015 dump_cfg_fmtint(sStreamLocalBindUnlink, o->fwd_opts.streamlocal_bind_unlink); 3016 dump_cfg_fmtint(sFingerprintHash, o->fingerprint_hash); 3017 dump_cfg_fmtint(sExposeAuthInfo, o->expose_userauth_info); 3018 3019 /* string arguments */ 3020 dump_cfg_string(sPidFile, o->pid_file); 3021 dump_cfg_string(sModuliFile, o->moduli_file); 3022 dump_cfg_string(sXAuthLocation, o->xauth_location); 3023 dump_cfg_string(sCiphers, o->ciphers); 3024 dump_cfg_string(sMacs, o->macs); 3025 dump_cfg_string(sBanner, o->banner); 3026 dump_cfg_string(sForceCommand, o->adm_forced_command); 3027 dump_cfg_string(sChrootDirectory, o->chroot_directory); 3028 dump_cfg_string(sTrustedUserCAKeys, o->trusted_user_ca_keys); 3029 dump_cfg_string(sRevokedKeys, o->revoked_keys_file); 3030 dump_cfg_string(sSecurityKeyProvider, o->sk_provider); 3031 dump_cfg_string(sAuthorizedPrincipalsFile, 3032 o->authorized_principals_file); 3033 dump_cfg_string(sVersionAddendum, *o->version_addendum == '\0' 3034 ? "none" : o->version_addendum); 3035 dump_cfg_string(sAuthorizedKeysCommand, o->authorized_keys_command); 3036 dump_cfg_string(sAuthorizedKeysCommandUser, o->authorized_keys_command_user); 3037 dump_cfg_string(sAuthorizedPrincipalsCommand, o->authorized_principals_command); 3038 dump_cfg_string(sAuthorizedPrincipalsCommandUser, o->authorized_principals_command_user); 3039 dump_cfg_string(sHostKeyAgent, o->host_key_agent); 3040 dump_cfg_string(sKexAlgorithms, o->kex_algorithms); 3041 dump_cfg_string(sCASignatureAlgorithms, o->ca_sign_algorithms); 3042 dump_cfg_string(sHostbasedAcceptedAlgorithms, o->hostbased_accepted_algos); 3043 dump_cfg_string(sHostKeyAlgorithms, o->hostkeyalgorithms); 3044 dump_cfg_string(sPubkeyAcceptedAlgorithms, o->pubkey_accepted_algos); 3045 dump_cfg_string(sRDomain, o->routing_domain); 3046 3047 /* string arguments requiring a lookup */ 3048 dump_cfg_string(sLogLevel, log_level_name(o->log_level)); 3049 dump_cfg_string(sLogFacility, log_facility_name(o->log_facility)); 3050 3051 /* string array arguments */ 3052 dump_cfg_strarray_oneline(sAuthorizedKeysFile, o->num_authkeys_files, 3053 o->authorized_keys_files); 3054 dump_cfg_strarray(sHostKeyFile, o->num_host_key_files, 3055 o->host_key_files); 3056 dump_cfg_strarray(sHostCertificate, o->num_host_cert_files, 3057 o->host_cert_files); 3058 dump_cfg_strarray(sAllowUsers, o->num_allow_users, o->allow_users); 3059 dump_cfg_strarray(sDenyUsers, o->num_deny_users, o->deny_users); 3060 dump_cfg_strarray(sAllowGroups, o->num_allow_groups, o->allow_groups); 3061 dump_cfg_strarray(sDenyGroups, o->num_deny_groups, o->deny_groups); 3062 dump_cfg_strarray(sAcceptEnv, o->num_accept_env, o->accept_env); 3063 dump_cfg_strarray(sSetEnv, o->num_setenv, o->setenv); 3064 dump_cfg_strarray_oneline(sAuthenticationMethods, 3065 o->num_auth_methods, o->auth_methods); 3066 dump_cfg_strarray_oneline(sLogVerbose, 3067 o->num_log_verbose, o->log_verbose); 3068 dump_cfg_strarray_oneline(sChannelTimeout, 3069 o->num_channel_timeouts, o->channel_timeouts); 3070 3071 /* other arguments */ 3072 for (i = 0; i < o->num_subsystems; i++) 3073 printf("subsystem %s %s\n", o->subsystem_name[i], 3074 o->subsystem_args[i]); 3075 3076 printf("maxstartups %d:%d:%d\n", o->max_startups_begin, 3077 o->max_startups_rate, o->max_startups); 3078 printf("persourcemaxstartups "); 3079 if (o->per_source_max_startups == INT_MAX) 3080 printf("none\n"); 3081 else 3082 printf("%d\n", o->per_source_max_startups); 3083 printf("persourcenetblocksize %d:%d\n", o->per_source_masklen_ipv4, 3084 o->per_source_masklen_ipv6); 3085 3086 s = NULL; 3087 for (i = 0; tunmode_desc[i].val != -1; i++) { 3088 if (tunmode_desc[i].val == o->permit_tun) { 3089 s = tunmode_desc[i].text; 3090 break; 3091 } 3092 } 3093 dump_cfg_string(sPermitTunnel, s); 3094 3095 printf("ipqos %s ", iptos2str(o->ip_qos_interactive)); 3096 printf("%s\n", iptos2str(o->ip_qos_bulk)); 3097 3098 printf("rekeylimit %llu %d\n", (unsigned long long)o->rekey_limit, 3099 o->rekey_interval); 3100 3101 printf("permitopen"); 3102 if (o->num_permitted_opens == 0) 3103 printf(" any"); 3104 else { 3105 for (i = 0; i < o->num_permitted_opens; i++) 3106 printf(" %s", o->permitted_opens[i]); 3107 } 3108 printf("\n"); 3109 printf("permitlisten"); 3110 if (o->num_permitted_listens == 0) 3111 printf(" any"); 3112 else { 3113 for (i = 0; i < o->num_permitted_listens; i++) 3114 printf(" %s", o->permitted_listens[i]); 3115 } 3116 printf("\n"); 3117 3118 if (o->permit_user_env_allowlist == NULL) { 3119 dump_cfg_fmtint(sPermitUserEnvironment, o->permit_user_env); 3120 } else { 3121 printf("permituserenvironment %s\n", 3122 o->permit_user_env_allowlist); 3123 } 3124 3125 printf("pubkeyauthoptions"); 3126 if (o->pubkey_auth_options == 0) 3127 printf(" none"); 3128 if (o->pubkey_auth_options & PUBKEYAUTH_TOUCH_REQUIRED) 3129 printf(" touch-required"); 3130 if (o->pubkey_auth_options & PUBKEYAUTH_VERIFY_REQUIRED) 3131 printf(" verify-required"); 3132 printf("\n"); 3133 } 3134