1 /* $OpenBSD: servconf.c,v 1.197 2009/10/28 16:38:18 reyk Exp $ */ 2 /* 3 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland 4 * All rights reserved 5 * 6 * As far as I am concerned, the code I have written for this software 7 * can be used freely for any purpose. Any derived versions of this 8 * software must be clearly marked as such, and if the derived work is 9 * incompatible with the protocol description in the RFC file, it must be 10 * called by a name other than "ssh" or "Secure Shell". 11 */ 12 13 #include <sys/types.h> 14 #include <sys/socket.h> 15 #include <sys/queue.h> 16 17 #include <netdb.h> 18 #include <pwd.h> 19 #include <stdio.h> 20 #include <stdlib.h> 21 #include <string.h> 22 #include <signal.h> 23 #include <unistd.h> 24 #include <stdarg.h> 25 #include <errno.h> 26 27 #include "xmalloc.h" 28 #include "ssh.h" 29 #include "log.h" 30 #include "buffer.h" 31 #include "servconf.h" 32 #include "compat.h" 33 #include "pathnames.h" 34 #include "misc.h" 35 #include "cipher.h" 36 #include "key.h" 37 #include "kex.h" 38 #include "mac.h" 39 #include "match.h" 40 #include "channels.h" 41 #include "groupaccess.h" 42 43 static void add_listen_addr(ServerOptions *, char *, int); 44 static void add_one_listen_addr(ServerOptions *, char *, int); 45 46 /* Use of privilege separation or not */ 47 extern int use_privsep; 48 extern Buffer cfg; 49 50 /* Initializes the server options to their default values. */ 51 52 void 53 initialize_server_options(ServerOptions *options) 54 { 55 memset(options, 0, sizeof(*options)); 56 options->num_ports = 0; 57 options->ports_from_cmdline = 0; 58 options->listen_addrs = NULL; 59 options->address_family = -1; 60 options->num_host_key_files = 0; 61 options->pid_file = NULL; 62 options->server_key_bits = -1; 63 options->login_grace_time = -1; 64 options->key_regeneration_time = -1; 65 options->permit_root_login = PERMIT_NOT_SET; 66 options->ignore_rhosts = -1; 67 options->ignore_user_known_hosts = -1; 68 options->print_motd = -1; 69 options->print_lastlog = -1; 70 options->x11_forwarding = -1; 71 options->x11_display_offset = -1; 72 options->x11_use_localhost = -1; 73 options->xauth_location = NULL; 74 options->strict_modes = -1; 75 options->tcp_keep_alive = -1; 76 options->log_facility = SYSLOG_FACILITY_NOT_SET; 77 options->log_level = SYSLOG_LEVEL_NOT_SET; 78 options->rhosts_rsa_authentication = -1; 79 options->hostbased_authentication = -1; 80 options->hostbased_uses_name_from_packet_only = -1; 81 options->rsa_authentication = -1; 82 options->pubkey_authentication = -1; 83 options->kerberos_authentication = -1; 84 options->kerberos_or_local_passwd = -1; 85 options->kerberos_ticket_cleanup = -1; 86 options->kerberos_get_afs_token = -1; 87 options->gss_authentication=-1; 88 options->gss_cleanup_creds = -1; 89 options->password_authentication = -1; 90 options->kbd_interactive_authentication = -1; 91 options->challenge_response_authentication = -1; 92 options->permit_empty_passwd = -1; 93 options->permit_user_env = -1; 94 options->use_login = -1; 95 options->compression = -1; 96 options->allow_tcp_forwarding = -1; 97 options->allow_agent_forwarding = -1; 98 options->num_allow_users = 0; 99 options->num_deny_users = 0; 100 options->num_allow_groups = 0; 101 options->num_deny_groups = 0; 102 options->ciphers = NULL; 103 options->macs = NULL; 104 options->protocol = SSH_PROTO_UNKNOWN; 105 options->gateway_ports = -1; 106 options->num_subsystems = 0; 107 options->max_startups_begin = -1; 108 options->max_startups_rate = -1; 109 options->max_startups = -1; 110 options->max_authtries = -1; 111 options->max_sessions = -1; 112 options->banner = NULL; 113 options->use_dns = -1; 114 options->client_alive_interval = -1; 115 options->client_alive_count_max = -1; 116 options->authorized_keys_file = NULL; 117 options->authorized_keys_file2 = NULL; 118 options->num_accept_env = 0; 119 options->permit_tun = -1; 120 options->num_permitted_opens = -1; 121 options->adm_forced_command = NULL; 122 options->chroot_directory = NULL; 123 options->zero_knowledge_password_authentication = -1; 124 options->rdomain = -1; 125 } 126 127 void 128 fill_default_server_options(ServerOptions *options) 129 { 130 if (options->protocol == SSH_PROTO_UNKNOWN) 131 options->protocol = SSH_PROTO_2; 132 if (options->num_host_key_files == 0) { 133 /* fill default hostkeys for protocols */ 134 if (options->protocol & SSH_PROTO_1) 135 options->host_key_files[options->num_host_key_files++] = 136 _PATH_HOST_KEY_FILE; 137 if (options->protocol & SSH_PROTO_2) { 138 options->host_key_files[options->num_host_key_files++] = 139 _PATH_HOST_RSA_KEY_FILE; 140 options->host_key_files[options->num_host_key_files++] = 141 _PATH_HOST_DSA_KEY_FILE; 142 } 143 } 144 if (options->num_ports == 0) 145 options->ports[options->num_ports++] = SSH_DEFAULT_PORT; 146 if (options->listen_addrs == NULL) 147 add_listen_addr(options, NULL, 0); 148 if (options->pid_file == NULL) 149 options->pid_file = _PATH_SSH_DAEMON_PID_FILE; 150 if (options->server_key_bits == -1) 151 options->server_key_bits = 1024; 152 if (options->login_grace_time == -1) 153 options->login_grace_time = 120; 154 if (options->key_regeneration_time == -1) 155 options->key_regeneration_time = 3600; 156 if (options->permit_root_login == PERMIT_NOT_SET) 157 options->permit_root_login = PERMIT_YES; 158 if (options->ignore_rhosts == -1) 159 options->ignore_rhosts = 1; 160 if (options->ignore_user_known_hosts == -1) 161 options->ignore_user_known_hosts = 0; 162 if (options->print_motd == -1) 163 options->print_motd = 1; 164 if (options->print_lastlog == -1) 165 options->print_lastlog = 1; 166 if (options->x11_forwarding == -1) 167 options->x11_forwarding = 0; 168 if (options->x11_display_offset == -1) 169 options->x11_display_offset = 10; 170 if (options->x11_use_localhost == -1) 171 options->x11_use_localhost = 1; 172 if (options->xauth_location == NULL) 173 options->xauth_location = _PATH_XAUTH; 174 if (options->strict_modes == -1) 175 options->strict_modes = 1; 176 if (options->tcp_keep_alive == -1) 177 options->tcp_keep_alive = 1; 178 if (options->log_facility == SYSLOG_FACILITY_NOT_SET) 179 options->log_facility = SYSLOG_FACILITY_AUTH; 180 if (options->log_level == SYSLOG_LEVEL_NOT_SET) 181 options->log_level = SYSLOG_LEVEL_INFO; 182 if (options->rhosts_rsa_authentication == -1) 183 options->rhosts_rsa_authentication = 0; 184 if (options->hostbased_authentication == -1) 185 options->hostbased_authentication = 0; 186 if (options->hostbased_uses_name_from_packet_only == -1) 187 options->hostbased_uses_name_from_packet_only = 0; 188 if (options->rsa_authentication == -1) 189 options->rsa_authentication = 1; 190 if (options->pubkey_authentication == -1) 191 options->pubkey_authentication = 1; 192 if (options->kerberos_authentication == -1) 193 options->kerberos_authentication = 0; 194 if (options->kerberos_or_local_passwd == -1) 195 options->kerberos_or_local_passwd = 1; 196 if (options->kerberos_ticket_cleanup == -1) 197 options->kerberos_ticket_cleanup = 1; 198 if (options->kerberos_get_afs_token == -1) 199 options->kerberos_get_afs_token = 0; 200 if (options->gss_authentication == -1) 201 options->gss_authentication = 0; 202 if (options->gss_cleanup_creds == -1) 203 options->gss_cleanup_creds = 1; 204 if (options->password_authentication == -1) 205 options->password_authentication = 1; 206 if (options->kbd_interactive_authentication == -1) 207 options->kbd_interactive_authentication = 0; 208 if (options->challenge_response_authentication == -1) 209 options->challenge_response_authentication = 1; 210 if (options->permit_empty_passwd == -1) 211 options->permit_empty_passwd = 0; 212 if (options->permit_user_env == -1) 213 options->permit_user_env = 0; 214 if (options->use_login == -1) 215 options->use_login = 0; 216 if (options->compression == -1) 217 options->compression = COMP_DELAYED; 218 if (options->allow_tcp_forwarding == -1) 219 options->allow_tcp_forwarding = 1; 220 if (options->allow_agent_forwarding == -1) 221 options->allow_agent_forwarding = 1; 222 if (options->gateway_ports == -1) 223 options->gateway_ports = 0; 224 if (options->max_startups == -1) 225 options->max_startups = 10; 226 if (options->max_startups_rate == -1) 227 options->max_startups_rate = 100; /* 100% */ 228 if (options->max_startups_begin == -1) 229 options->max_startups_begin = options->max_startups; 230 if (options->max_authtries == -1) 231 options->max_authtries = DEFAULT_AUTH_FAIL_MAX; 232 if (options->max_sessions == -1) 233 options->max_sessions = DEFAULT_SESSIONS_MAX; 234 if (options->use_dns == -1) 235 options->use_dns = 1; 236 if (options->client_alive_interval == -1) 237 options->client_alive_interval = 0; 238 if (options->client_alive_count_max == -1) 239 options->client_alive_count_max = 3; 240 if (options->authorized_keys_file2 == NULL) { 241 /* authorized_keys_file2 falls back to authorized_keys_file */ 242 if (options->authorized_keys_file != NULL) 243 options->authorized_keys_file2 = options->authorized_keys_file; 244 else 245 options->authorized_keys_file2 = _PATH_SSH_USER_PERMITTED_KEYS2; 246 } 247 if (options->authorized_keys_file == NULL) 248 options->authorized_keys_file = _PATH_SSH_USER_PERMITTED_KEYS; 249 if (options->permit_tun == -1) 250 options->permit_tun = SSH_TUNMODE_NO; 251 if (options->zero_knowledge_password_authentication == -1) 252 options->zero_knowledge_password_authentication = 0; 253 254 /* Turn privilege separation on by default */ 255 if (use_privsep == -1) 256 use_privsep = 1; 257 } 258 259 /* Keyword tokens. */ 260 typedef enum { 261 sBadOption, /* == unknown option */ 262 sPort, sHostKeyFile, sServerKeyBits, sLoginGraceTime, sKeyRegenerationTime, 263 sPermitRootLogin, sLogFacility, sLogLevel, 264 sRhostsRSAAuthentication, sRSAAuthentication, 265 sKerberosAuthentication, sKerberosOrLocalPasswd, sKerberosTicketCleanup, 266 sKerberosGetAFSToken, 267 sKerberosTgtPassing, sChallengeResponseAuthentication, 268 sPasswordAuthentication, sKbdInteractiveAuthentication, 269 sListenAddress, sAddressFamily, 270 sPrintMotd, sPrintLastLog, sIgnoreRhosts, 271 sX11Forwarding, sX11DisplayOffset, sX11UseLocalhost, 272 sStrictModes, sEmptyPasswd, sTCPKeepAlive, 273 sPermitUserEnvironment, sUseLogin, sAllowTcpForwarding, sCompression, 274 sAllowUsers, sDenyUsers, sAllowGroups, sDenyGroups, 275 sIgnoreUserKnownHosts, sCiphers, sMacs, sProtocol, sPidFile, 276 sGatewayPorts, sPubkeyAuthentication, sXAuthLocation, sSubsystem, 277 sMaxStartups, sMaxAuthTries, sMaxSessions, 278 sBanner, sUseDNS, sHostbasedAuthentication, 279 sHostbasedUsesNameFromPacketOnly, sClientAliveInterval, 280 sClientAliveCountMax, sAuthorizedKeysFile, sAuthorizedKeysFile2, 281 sGssAuthentication, sGssCleanupCreds, sAcceptEnv, sPermitTunnel, 282 sMatch, sPermitOpen, sForceCommand, sChrootDirectory, 283 sUsePrivilegeSeparation, sAllowAgentForwarding, sRDomain, 284 sZeroKnowledgePasswordAuthentication, 285 sDeprecated, sUnsupported 286 } ServerOpCodes; 287 288 #define SSHCFG_GLOBAL 0x01 /* allowed in main section of sshd_config */ 289 #define SSHCFG_MATCH 0x02 /* allowed inside a Match section */ 290 #define SSHCFG_ALL (SSHCFG_GLOBAL|SSHCFG_MATCH) 291 292 /* Textual representation of the tokens. */ 293 static struct { 294 const char *name; 295 ServerOpCodes opcode; 296 u_int flags; 297 } keywords[] = { 298 { "port", sPort, SSHCFG_GLOBAL }, 299 { "hostkey", sHostKeyFile, SSHCFG_GLOBAL }, 300 { "hostdsakey", sHostKeyFile, SSHCFG_GLOBAL }, /* alias */ 301 { "pidfile", sPidFile, SSHCFG_GLOBAL }, 302 { "serverkeybits", sServerKeyBits, SSHCFG_GLOBAL }, 303 { "logingracetime", sLoginGraceTime, SSHCFG_GLOBAL }, 304 { "keyregenerationinterval", sKeyRegenerationTime, SSHCFG_GLOBAL }, 305 { "permitrootlogin", sPermitRootLogin, SSHCFG_ALL }, 306 { "syslogfacility", sLogFacility, SSHCFG_GLOBAL }, 307 { "loglevel", sLogLevel, SSHCFG_GLOBAL }, 308 { "rhostsauthentication", sDeprecated, SSHCFG_GLOBAL }, 309 { "rhostsrsaauthentication", sRhostsRSAAuthentication, SSHCFG_ALL }, 310 { "hostbasedauthentication", sHostbasedAuthentication, SSHCFG_ALL }, 311 { "hostbasedusesnamefrompacketonly", sHostbasedUsesNameFromPacketOnly, SSHCFG_GLOBAL }, 312 { "rsaauthentication", sRSAAuthentication, SSHCFG_ALL }, 313 { "pubkeyauthentication", sPubkeyAuthentication, SSHCFG_ALL }, 314 { "dsaauthentication", sPubkeyAuthentication, SSHCFG_GLOBAL }, /* alias */ 315 #ifdef KRB5 316 { "kerberosauthentication", sKerberosAuthentication, SSHCFG_ALL }, 317 { "kerberosorlocalpasswd", sKerberosOrLocalPasswd, SSHCFG_GLOBAL }, 318 { "kerberosticketcleanup", sKerberosTicketCleanup, SSHCFG_GLOBAL }, 319 { "kerberosgetafstoken", sKerberosGetAFSToken, SSHCFG_GLOBAL }, 320 #else 321 { "kerberosauthentication", sUnsupported, SSHCFG_ALL }, 322 { "kerberosorlocalpasswd", sUnsupported, SSHCFG_GLOBAL }, 323 { "kerberosticketcleanup", sUnsupported, SSHCFG_GLOBAL }, 324 { "kerberosgetafstoken", sUnsupported, SSHCFG_GLOBAL }, 325 #endif 326 { "kerberostgtpassing", sUnsupported, SSHCFG_GLOBAL }, 327 { "afstokenpassing", sUnsupported, SSHCFG_GLOBAL }, 328 #ifdef GSSAPI 329 { "gssapiauthentication", sGssAuthentication, SSHCFG_ALL }, 330 { "gssapicleanupcredentials", sGssCleanupCreds, SSHCFG_GLOBAL }, 331 #else 332 { "gssapiauthentication", sUnsupported, SSHCFG_ALL }, 333 { "gssapicleanupcredentials", sUnsupported, SSHCFG_GLOBAL }, 334 #endif 335 { "passwordauthentication", sPasswordAuthentication, SSHCFG_ALL }, 336 { "kbdinteractiveauthentication", sKbdInteractiveAuthentication, SSHCFG_ALL }, 337 { "challengeresponseauthentication", sChallengeResponseAuthentication, SSHCFG_GLOBAL }, 338 { "skeyauthentication", sChallengeResponseAuthentication, SSHCFG_GLOBAL }, /* alias */ 339 #ifdef JPAKE 340 { "zeroknowledgepasswordauthentication", sZeroKnowledgePasswordAuthentication, SSHCFG_ALL }, 341 #else 342 { "zeroknowledgepasswordauthentication", sUnsupported, SSHCFG_ALL }, 343 #endif 344 { "checkmail", sDeprecated, SSHCFG_GLOBAL }, 345 { "listenaddress", sListenAddress, SSHCFG_GLOBAL }, 346 { "addressfamily", sAddressFamily, SSHCFG_GLOBAL }, 347 { "printmotd", sPrintMotd, SSHCFG_GLOBAL }, 348 { "printlastlog", sPrintLastLog, SSHCFG_GLOBAL }, 349 { "ignorerhosts", sIgnoreRhosts, SSHCFG_GLOBAL }, 350 { "ignoreuserknownhosts", sIgnoreUserKnownHosts, SSHCFG_GLOBAL }, 351 { "x11forwarding", sX11Forwarding, SSHCFG_ALL }, 352 { "x11displayoffset", sX11DisplayOffset, SSHCFG_ALL }, 353 { "x11uselocalhost", sX11UseLocalhost, SSHCFG_ALL }, 354 { "xauthlocation", sXAuthLocation, SSHCFG_GLOBAL }, 355 { "strictmodes", sStrictModes, SSHCFG_GLOBAL }, 356 { "permitemptypasswords", sEmptyPasswd, SSHCFG_ALL }, 357 { "permituserenvironment", sPermitUserEnvironment, SSHCFG_GLOBAL }, 358 { "uselogin", sUseLogin, SSHCFG_GLOBAL }, 359 { "compression", sCompression, SSHCFG_GLOBAL }, 360 { "tcpkeepalive", sTCPKeepAlive, SSHCFG_GLOBAL }, 361 { "keepalive", sTCPKeepAlive, SSHCFG_GLOBAL }, /* obsolete alias */ 362 { "allowtcpforwarding", sAllowTcpForwarding, SSHCFG_ALL }, 363 { "allowagentforwarding", sAllowAgentForwarding, SSHCFG_ALL }, 364 { "allowusers", sAllowUsers, SSHCFG_GLOBAL }, 365 { "denyusers", sDenyUsers, SSHCFG_GLOBAL }, 366 { "allowgroups", sAllowGroups, SSHCFG_GLOBAL }, 367 { "denygroups", sDenyGroups, SSHCFG_GLOBAL }, 368 { "ciphers", sCiphers, SSHCFG_GLOBAL }, 369 { "macs", sMacs, SSHCFG_GLOBAL }, 370 { "protocol", sProtocol, SSHCFG_GLOBAL }, 371 { "gatewayports", sGatewayPorts, SSHCFG_ALL }, 372 { "subsystem", sSubsystem, SSHCFG_GLOBAL }, 373 { "maxstartups", sMaxStartups, SSHCFG_GLOBAL }, 374 { "maxauthtries", sMaxAuthTries, SSHCFG_ALL }, 375 { "maxsessions", sMaxSessions, SSHCFG_ALL }, 376 { "banner", sBanner, SSHCFG_ALL }, 377 { "usedns", sUseDNS, SSHCFG_GLOBAL }, 378 { "verifyreversemapping", sDeprecated, SSHCFG_GLOBAL }, 379 { "reversemappingcheck", sDeprecated, SSHCFG_GLOBAL }, 380 { "clientaliveinterval", sClientAliveInterval, SSHCFG_GLOBAL }, 381 { "clientalivecountmax", sClientAliveCountMax, SSHCFG_GLOBAL }, 382 { "authorizedkeysfile", sAuthorizedKeysFile, SSHCFG_GLOBAL }, 383 { "authorizedkeysfile2", sAuthorizedKeysFile2, SSHCFG_GLOBAL }, 384 { "useprivilegeseparation", sUsePrivilegeSeparation, SSHCFG_GLOBAL}, 385 { "acceptenv", sAcceptEnv, SSHCFG_GLOBAL }, 386 { "permittunnel", sPermitTunnel, SSHCFG_GLOBAL }, 387 { "match", sMatch, SSHCFG_ALL }, 388 { "permitopen", sPermitOpen, SSHCFG_ALL }, 389 { "forcecommand", sForceCommand, SSHCFG_ALL }, 390 { "rdomain", sRDomain, SSHCFG_GLOBAL }, 391 { "chrootdirectory", sChrootDirectory, SSHCFG_ALL }, 392 { NULL, sBadOption, 0 } 393 }; 394 395 static struct { 396 int val; 397 char *text; 398 } tunmode_desc[] = { 399 { SSH_TUNMODE_NO, "no" }, 400 { SSH_TUNMODE_POINTOPOINT, "point-to-point" }, 401 { SSH_TUNMODE_ETHERNET, "ethernet" }, 402 { SSH_TUNMODE_YES, "yes" }, 403 { -1, NULL } 404 }; 405 406 /* 407 * Returns the number of the token pointed to by cp or sBadOption. 408 */ 409 410 static ServerOpCodes 411 parse_token(const char *cp, const char *filename, 412 int linenum, u_int *flags) 413 { 414 u_int i; 415 416 for (i = 0; keywords[i].name; i++) 417 if (strcasecmp(cp, keywords[i].name) == 0) { 418 *flags = keywords[i].flags; 419 return keywords[i].opcode; 420 } 421 422 error("%s: line %d: Bad configuration option: %s", 423 filename, linenum, cp); 424 return sBadOption; 425 } 426 427 static void 428 add_listen_addr(ServerOptions *options, char *addr, int port) 429 { 430 u_int i; 431 432 if (options->num_ports == 0) 433 options->ports[options->num_ports++] = SSH_DEFAULT_PORT; 434 if (options->address_family == -1) 435 options->address_family = AF_UNSPEC; 436 if (port == 0) 437 for (i = 0; i < options->num_ports; i++) 438 add_one_listen_addr(options, addr, options->ports[i]); 439 else 440 add_one_listen_addr(options, addr, port); 441 } 442 443 static void 444 add_one_listen_addr(ServerOptions *options, char *addr, int port) 445 { 446 struct addrinfo hints, *ai, *aitop; 447 char strport[NI_MAXSERV]; 448 int gaierr; 449 450 memset(&hints, 0, sizeof(hints)); 451 hints.ai_family = options->address_family; 452 hints.ai_socktype = SOCK_STREAM; 453 hints.ai_flags = (addr == NULL) ? AI_PASSIVE : 0; 454 snprintf(strport, sizeof strport, "%d", port); 455 if ((gaierr = getaddrinfo(addr, strport, &hints, &aitop)) != 0) 456 fatal("bad addr or host: %s (%s)", 457 addr ? addr : "<NULL>", 458 ssh_gai_strerror(gaierr)); 459 for (ai = aitop; ai->ai_next; ai = ai->ai_next) 460 ; 461 ai->ai_next = options->listen_addrs; 462 options->listen_addrs = aitop; 463 } 464 465 /* 466 * The strategy for the Match blocks is that the config file is parsed twice. 467 * 468 * The first time is at startup. activep is initialized to 1 and the 469 * directives in the global context are processed and acted on. Hitting a 470 * Match directive unsets activep and the directives inside the block are 471 * checked for syntax only. 472 * 473 * The second time is after a connection has been established but before 474 * authentication. activep is initialized to 2 and global config directives 475 * are ignored since they have already been processed. If the criteria in a 476 * Match block is met, activep is set and the subsequent directives 477 * processed and actioned until EOF or another Match block unsets it. Any 478 * options set are copied into the main server config. 479 * 480 * Potential additions/improvements: 481 * - Add Match support for pre-kex directives, eg Protocol, Ciphers. 482 * 483 * - Add a Tag directive (idea from David Leonard) ala pf, eg: 484 * Match Address 192.168.0.* 485 * Tag trusted 486 * Match Group wheel 487 * Tag trusted 488 * Match Tag trusted 489 * AllowTcpForwarding yes 490 * GatewayPorts clientspecified 491 * [...] 492 * 493 * - Add a PermittedChannelRequests directive 494 * Match Group shell 495 * PermittedChannelRequests session,forwarded-tcpip 496 */ 497 498 static int 499 match_cfg_line_group(const char *grps, int line, const char *user) 500 { 501 int result = 0; 502 struct passwd *pw; 503 504 if (user == NULL) 505 goto out; 506 507 if ((pw = getpwnam(user)) == NULL) { 508 debug("Can't match group at line %d because user %.100s does " 509 "not exist", line, user); 510 } else if (ga_init(pw->pw_name, pw->pw_gid) == 0) { 511 debug("Can't Match group because user %.100s not in any group " 512 "at line %d", user, line); 513 } else if (ga_match_pattern_list(grps) != 1) { 514 debug("user %.100s does not match group list %.100s at line %d", 515 user, grps, line); 516 } else { 517 debug("user %.100s matched group list %.100s at line %d", user, 518 grps, line); 519 result = 1; 520 } 521 out: 522 ga_free(); 523 return result; 524 } 525 526 static int 527 match_cfg_line(char **condition, int line, const char *user, const char *host, 528 const char *address) 529 { 530 int result = 1; 531 char *arg, *attrib, *cp = *condition; 532 size_t len; 533 534 if (user == NULL) 535 debug3("checking syntax for 'Match %s'", cp); 536 else 537 debug3("checking match for '%s' user %s host %s addr %s", cp, 538 user ? user : "(null)", host ? host : "(null)", 539 address ? address : "(null)"); 540 541 while ((attrib = strdelim(&cp)) && *attrib != '\0') { 542 if ((arg = strdelim(&cp)) == NULL || *arg == '\0') { 543 error("Missing Match criteria for %s", attrib); 544 return -1; 545 } 546 len = strlen(arg); 547 if (strcasecmp(attrib, "user") == 0) { 548 if (!user) { 549 result = 0; 550 continue; 551 } 552 if (match_pattern_list(user, arg, len, 0) != 1) 553 result = 0; 554 else 555 debug("user %.100s matched 'User %.100s' at " 556 "line %d", user, arg, line); 557 } else if (strcasecmp(attrib, "group") == 0) { 558 switch (match_cfg_line_group(arg, line, user)) { 559 case -1: 560 return -1; 561 case 0: 562 result = 0; 563 } 564 } else if (strcasecmp(attrib, "host") == 0) { 565 if (!host) { 566 result = 0; 567 continue; 568 } 569 if (match_hostname(host, arg, len) != 1) 570 result = 0; 571 else 572 debug("connection from %.100s matched 'Host " 573 "%.100s' at line %d", host, arg, line); 574 } else if (strcasecmp(attrib, "address") == 0) { 575 switch (addr_match_list(address, arg)) { 576 case 1: 577 debug("connection from %.100s matched 'Address " 578 "%.100s' at line %d", address, arg, line); 579 break; 580 case 0: 581 case -1: 582 result = 0; 583 break; 584 case -2: 585 return -1; 586 } 587 } else { 588 error("Unsupported Match attribute %s", attrib); 589 return -1; 590 } 591 } 592 if (user != NULL) 593 debug3("match %sfound", result ? "" : "not "); 594 *condition = cp; 595 return result; 596 } 597 598 #define WHITESPACE " \t\r\n" 599 600 int 601 process_server_config_line(ServerOptions *options, char *line, 602 const char *filename, int linenum, int *activep, const char *user, 603 const char *host, const char *address) 604 { 605 char *cp, **charptr, *arg, *p; 606 int cmdline = 0, *intptr, value, n; 607 SyslogFacility *log_facility_ptr; 608 LogLevel *log_level_ptr; 609 ServerOpCodes opcode; 610 int port; 611 u_int i, flags = 0; 612 size_t len; 613 614 cp = line; 615 if ((arg = strdelim(&cp)) == NULL) 616 return 0; 617 /* Ignore leading whitespace */ 618 if (*arg == '\0') 619 arg = strdelim(&cp); 620 if (!arg || !*arg || *arg == '#') 621 return 0; 622 intptr = NULL; 623 charptr = NULL; 624 opcode = parse_token(arg, filename, linenum, &flags); 625 626 if (activep == NULL) { /* We are processing a command line directive */ 627 cmdline = 1; 628 activep = &cmdline; 629 } 630 if (*activep && opcode != sMatch) 631 debug3("%s:%d setting %s %s", filename, linenum, arg, cp); 632 if (*activep == 0 && !(flags & SSHCFG_MATCH)) { 633 if (user == NULL) { 634 fatal("%s line %d: Directive '%s' is not allowed " 635 "within a Match block", filename, linenum, arg); 636 } else { /* this is a directive we have already processed */ 637 while (arg) 638 arg = strdelim(&cp); 639 return 0; 640 } 641 } 642 643 switch (opcode) { 644 case sBadOption: 645 return -1; 646 case sPort: 647 /* ignore ports from configfile if cmdline specifies ports */ 648 if (options->ports_from_cmdline) 649 return 0; 650 if (options->listen_addrs != NULL) 651 fatal("%s line %d: ports must be specified before " 652 "ListenAddress.", filename, linenum); 653 if (options->num_ports >= MAX_PORTS) 654 fatal("%s line %d: too many ports.", 655 filename, linenum); 656 arg = strdelim(&cp); 657 if (!arg || *arg == '\0') 658 fatal("%s line %d: missing port number.", 659 filename, linenum); 660 options->ports[options->num_ports++] = a2port(arg); 661 if (options->ports[options->num_ports-1] <= 0) 662 fatal("%s line %d: Badly formatted port number.", 663 filename, linenum); 664 break; 665 666 case sServerKeyBits: 667 intptr = &options->server_key_bits; 668 parse_int: 669 arg = strdelim(&cp); 670 if (!arg || *arg == '\0') 671 fatal("%s line %d: missing integer value.", 672 filename, linenum); 673 value = atoi(arg); 674 if (*activep && *intptr == -1) 675 *intptr = value; 676 break; 677 678 case sLoginGraceTime: 679 intptr = &options->login_grace_time; 680 parse_time: 681 arg = strdelim(&cp); 682 if (!arg || *arg == '\0') 683 fatal("%s line %d: missing time value.", 684 filename, linenum); 685 if ((value = convtime(arg)) == -1) 686 fatal("%s line %d: invalid time value.", 687 filename, linenum); 688 if (*intptr == -1) 689 *intptr = value; 690 break; 691 692 case sKeyRegenerationTime: 693 intptr = &options->key_regeneration_time; 694 goto parse_time; 695 696 case sListenAddress: 697 arg = strdelim(&cp); 698 if (arg == NULL || *arg == '\0') 699 fatal("%s line %d: missing address", 700 filename, linenum); 701 /* check for bare IPv6 address: no "[]" and 2 or more ":" */ 702 if (strchr(arg, '[') == NULL && (p = strchr(arg, ':')) != NULL 703 && strchr(p+1, ':') != NULL) { 704 add_listen_addr(options, arg, 0); 705 break; 706 } 707 p = hpdelim(&arg); 708 if (p == NULL) 709 fatal("%s line %d: bad address:port usage", 710 filename, linenum); 711 p = cleanhostname(p); 712 if (arg == NULL) 713 port = 0; 714 else if ((port = a2port(arg)) <= 0) 715 fatal("%s line %d: bad port number", filename, linenum); 716 717 add_listen_addr(options, p, port); 718 719 break; 720 721 case sAddressFamily: 722 arg = strdelim(&cp); 723 if (!arg || *arg == '\0') 724 fatal("%s line %d: missing address family.", 725 filename, linenum); 726 intptr = &options->address_family; 727 if (options->listen_addrs != NULL) 728 fatal("%s line %d: address family must be specified before " 729 "ListenAddress.", filename, linenum); 730 if (strcasecmp(arg, "inet") == 0) 731 value = AF_INET; 732 else if (strcasecmp(arg, "inet6") == 0) 733 value = AF_INET6; 734 else if (strcasecmp(arg, "any") == 0) 735 value = AF_UNSPEC; 736 else 737 fatal("%s line %d: unsupported address family \"%s\".", 738 filename, linenum, arg); 739 if (*intptr == -1) 740 *intptr = value; 741 break; 742 743 case sHostKeyFile: 744 intptr = &options->num_host_key_files; 745 if (*intptr >= MAX_HOSTKEYS) 746 fatal("%s line %d: too many host keys specified (max %d).", 747 filename, linenum, MAX_HOSTKEYS); 748 charptr = &options->host_key_files[*intptr]; 749 parse_filename: 750 arg = strdelim(&cp); 751 if (!arg || *arg == '\0') 752 fatal("%s line %d: missing file name.", 753 filename, linenum); 754 if (*activep && *charptr == NULL) { 755 *charptr = tilde_expand_filename(arg, getuid()); 756 /* increase optional counter */ 757 if (intptr != NULL) 758 *intptr = *intptr + 1; 759 } 760 break; 761 762 case sPidFile: 763 charptr = &options->pid_file; 764 goto parse_filename; 765 766 case sPermitRootLogin: 767 intptr = &options->permit_root_login; 768 arg = strdelim(&cp); 769 if (!arg || *arg == '\0') 770 fatal("%s line %d: missing yes/" 771 "without-password/forced-commands-only/no " 772 "argument.", filename, linenum); 773 value = 0; /* silence compiler */ 774 if (strcmp(arg, "without-password") == 0) 775 value = PERMIT_NO_PASSWD; 776 else if (strcmp(arg, "forced-commands-only") == 0) 777 value = PERMIT_FORCED_ONLY; 778 else if (strcmp(arg, "yes") == 0) 779 value = PERMIT_YES; 780 else if (strcmp(arg, "no") == 0) 781 value = PERMIT_NO; 782 else 783 fatal("%s line %d: Bad yes/" 784 "without-password/forced-commands-only/no " 785 "argument: %s", filename, linenum, arg); 786 if (*activep && *intptr == -1) 787 *intptr = value; 788 break; 789 790 case sIgnoreRhosts: 791 intptr = &options->ignore_rhosts; 792 parse_flag: 793 arg = strdelim(&cp); 794 if (!arg || *arg == '\0') 795 fatal("%s line %d: missing yes/no argument.", 796 filename, linenum); 797 value = 0; /* silence compiler */ 798 if (strcmp(arg, "yes") == 0) 799 value = 1; 800 else if (strcmp(arg, "no") == 0) 801 value = 0; 802 else 803 fatal("%s line %d: Bad yes/no argument: %s", 804 filename, linenum, arg); 805 if (*activep && *intptr == -1) 806 *intptr = value; 807 break; 808 809 case sIgnoreUserKnownHosts: 810 intptr = &options->ignore_user_known_hosts; 811 goto parse_flag; 812 813 case sRhostsRSAAuthentication: 814 intptr = &options->rhosts_rsa_authentication; 815 goto parse_flag; 816 817 case sHostbasedAuthentication: 818 intptr = &options->hostbased_authentication; 819 goto parse_flag; 820 821 case sHostbasedUsesNameFromPacketOnly: 822 intptr = &options->hostbased_uses_name_from_packet_only; 823 goto parse_flag; 824 825 case sRSAAuthentication: 826 intptr = &options->rsa_authentication; 827 goto parse_flag; 828 829 case sPubkeyAuthentication: 830 intptr = &options->pubkey_authentication; 831 goto parse_flag; 832 833 case sKerberosAuthentication: 834 intptr = &options->kerberos_authentication; 835 goto parse_flag; 836 837 case sKerberosOrLocalPasswd: 838 intptr = &options->kerberos_or_local_passwd; 839 goto parse_flag; 840 841 case sKerberosTicketCleanup: 842 intptr = &options->kerberos_ticket_cleanup; 843 goto parse_flag; 844 845 case sKerberosGetAFSToken: 846 intptr = &options->kerberos_get_afs_token; 847 goto parse_flag; 848 849 case sGssAuthentication: 850 intptr = &options->gss_authentication; 851 goto parse_flag; 852 853 case sGssCleanupCreds: 854 intptr = &options->gss_cleanup_creds; 855 goto parse_flag; 856 857 case sPasswordAuthentication: 858 intptr = &options->password_authentication; 859 goto parse_flag; 860 861 case sZeroKnowledgePasswordAuthentication: 862 intptr = &options->zero_knowledge_password_authentication; 863 goto parse_flag; 864 865 case sKbdInteractiveAuthentication: 866 intptr = &options->kbd_interactive_authentication; 867 goto parse_flag; 868 869 case sChallengeResponseAuthentication: 870 intptr = &options->challenge_response_authentication; 871 goto parse_flag; 872 873 case sPrintMotd: 874 intptr = &options->print_motd; 875 goto parse_flag; 876 877 case sPrintLastLog: 878 intptr = &options->print_lastlog; 879 goto parse_flag; 880 881 case sX11Forwarding: 882 intptr = &options->x11_forwarding; 883 goto parse_flag; 884 885 case sX11DisplayOffset: 886 intptr = &options->x11_display_offset; 887 goto parse_int; 888 889 case sX11UseLocalhost: 890 intptr = &options->x11_use_localhost; 891 goto parse_flag; 892 893 case sXAuthLocation: 894 charptr = &options->xauth_location; 895 goto parse_filename; 896 897 case sStrictModes: 898 intptr = &options->strict_modes; 899 goto parse_flag; 900 901 case sTCPKeepAlive: 902 intptr = &options->tcp_keep_alive; 903 goto parse_flag; 904 905 case sEmptyPasswd: 906 intptr = &options->permit_empty_passwd; 907 goto parse_flag; 908 909 case sPermitUserEnvironment: 910 intptr = &options->permit_user_env; 911 goto parse_flag; 912 913 case sUseLogin: 914 intptr = &options->use_login; 915 goto parse_flag; 916 917 case sCompression: 918 intptr = &options->compression; 919 arg = strdelim(&cp); 920 if (!arg || *arg == '\0') 921 fatal("%s line %d: missing yes/no/delayed " 922 "argument.", filename, linenum); 923 value = 0; /* silence compiler */ 924 if (strcmp(arg, "delayed") == 0) 925 value = COMP_DELAYED; 926 else if (strcmp(arg, "yes") == 0) 927 value = COMP_ZLIB; 928 else if (strcmp(arg, "no") == 0) 929 value = COMP_NONE; 930 else 931 fatal("%s line %d: Bad yes/no/delayed " 932 "argument: %s", filename, linenum, arg); 933 if (*intptr == -1) 934 *intptr = value; 935 break; 936 937 case sGatewayPorts: 938 intptr = &options->gateway_ports; 939 arg = strdelim(&cp); 940 if (!arg || *arg == '\0') 941 fatal("%s line %d: missing yes/no/clientspecified " 942 "argument.", filename, linenum); 943 value = 0; /* silence compiler */ 944 if (strcmp(arg, "clientspecified") == 0) 945 value = 2; 946 else if (strcmp(arg, "yes") == 0) 947 value = 1; 948 else if (strcmp(arg, "no") == 0) 949 value = 0; 950 else 951 fatal("%s line %d: Bad yes/no/clientspecified " 952 "argument: %s", filename, linenum, arg); 953 if (*activep && *intptr == -1) 954 *intptr = value; 955 break; 956 957 case sUseDNS: 958 intptr = &options->use_dns; 959 goto parse_flag; 960 961 case sLogFacility: 962 log_facility_ptr = &options->log_facility; 963 arg = strdelim(&cp); 964 value = log_facility_number(arg); 965 if (value == SYSLOG_FACILITY_NOT_SET) 966 fatal("%.200s line %d: unsupported log facility '%s'", 967 filename, linenum, arg ? arg : "<NONE>"); 968 if (*log_facility_ptr == -1) 969 *log_facility_ptr = (SyslogFacility) value; 970 break; 971 972 case sLogLevel: 973 log_level_ptr = &options->log_level; 974 arg = strdelim(&cp); 975 value = log_level_number(arg); 976 if (value == SYSLOG_LEVEL_NOT_SET) 977 fatal("%.200s line %d: unsupported log level '%s'", 978 filename, linenum, arg ? arg : "<NONE>"); 979 if (*log_level_ptr == -1) 980 *log_level_ptr = (LogLevel) value; 981 break; 982 983 case sAllowTcpForwarding: 984 intptr = &options->allow_tcp_forwarding; 985 goto parse_flag; 986 987 case sAllowAgentForwarding: 988 intptr = &options->allow_agent_forwarding; 989 goto parse_flag; 990 991 case sUsePrivilegeSeparation: 992 intptr = &use_privsep; 993 goto parse_flag; 994 995 case sAllowUsers: 996 while ((arg = strdelim(&cp)) && *arg != '\0') { 997 if (options->num_allow_users >= MAX_ALLOW_USERS) 998 fatal("%s line %d: too many allow users.", 999 filename, linenum); 1000 options->allow_users[options->num_allow_users++] = 1001 xstrdup(arg); 1002 } 1003 break; 1004 1005 case sDenyUsers: 1006 while ((arg = strdelim(&cp)) && *arg != '\0') { 1007 if (options->num_deny_users >= MAX_DENY_USERS) 1008 fatal("%s line %d: too many deny users.", 1009 filename, linenum); 1010 options->deny_users[options->num_deny_users++] = 1011 xstrdup(arg); 1012 } 1013 break; 1014 1015 case sAllowGroups: 1016 while ((arg = strdelim(&cp)) && *arg != '\0') { 1017 if (options->num_allow_groups >= MAX_ALLOW_GROUPS) 1018 fatal("%s line %d: too many allow groups.", 1019 filename, linenum); 1020 options->allow_groups[options->num_allow_groups++] = 1021 xstrdup(arg); 1022 } 1023 break; 1024 1025 case sDenyGroups: 1026 while ((arg = strdelim(&cp)) && *arg != '\0') { 1027 if (options->num_deny_groups >= MAX_DENY_GROUPS) 1028 fatal("%s line %d: too many deny groups.", 1029 filename, linenum); 1030 options->deny_groups[options->num_deny_groups++] = xstrdup(arg); 1031 } 1032 break; 1033 1034 case sCiphers: 1035 arg = strdelim(&cp); 1036 if (!arg || *arg == '\0') 1037 fatal("%s line %d: Missing argument.", filename, linenum); 1038 if (!ciphers_valid(arg)) 1039 fatal("%s line %d: Bad SSH2 cipher spec '%s'.", 1040 filename, linenum, arg ? arg : "<NONE>"); 1041 if (options->ciphers == NULL) 1042 options->ciphers = xstrdup(arg); 1043 break; 1044 1045 case sMacs: 1046 arg = strdelim(&cp); 1047 if (!arg || *arg == '\0') 1048 fatal("%s line %d: Missing argument.", filename, linenum); 1049 if (!mac_valid(arg)) 1050 fatal("%s line %d: Bad SSH2 mac spec '%s'.", 1051 filename, linenum, arg ? arg : "<NONE>"); 1052 if (options->macs == NULL) 1053 options->macs = xstrdup(arg); 1054 break; 1055 1056 case sProtocol: 1057 intptr = &options->protocol; 1058 arg = strdelim(&cp); 1059 if (!arg || *arg == '\0') 1060 fatal("%s line %d: Missing argument.", filename, linenum); 1061 value = proto_spec(arg); 1062 if (value == SSH_PROTO_UNKNOWN) 1063 fatal("%s line %d: Bad protocol spec '%s'.", 1064 filename, linenum, arg ? arg : "<NONE>"); 1065 if (*intptr == SSH_PROTO_UNKNOWN) 1066 *intptr = value; 1067 break; 1068 1069 case sSubsystem: 1070 if (options->num_subsystems >= MAX_SUBSYSTEMS) { 1071 fatal("%s line %d: too many subsystems defined.", 1072 filename, linenum); 1073 } 1074 arg = strdelim(&cp); 1075 if (!arg || *arg == '\0') 1076 fatal("%s line %d: Missing subsystem name.", 1077 filename, linenum); 1078 if (!*activep) { 1079 arg = strdelim(&cp); 1080 break; 1081 } 1082 for (i = 0; i < options->num_subsystems; i++) 1083 if (strcmp(arg, options->subsystem_name[i]) == 0) 1084 fatal("%s line %d: Subsystem '%s' already defined.", 1085 filename, linenum, arg); 1086 options->subsystem_name[options->num_subsystems] = xstrdup(arg); 1087 arg = strdelim(&cp); 1088 if (!arg || *arg == '\0') 1089 fatal("%s line %d: Missing subsystem command.", 1090 filename, linenum); 1091 options->subsystem_command[options->num_subsystems] = xstrdup(arg); 1092 1093 /* Collect arguments (separate to executable) */ 1094 p = xstrdup(arg); 1095 len = strlen(p) + 1; 1096 while ((arg = strdelim(&cp)) != NULL && *arg != '\0') { 1097 len += 1 + strlen(arg); 1098 p = xrealloc(p, 1, len); 1099 strlcat(p, " ", len); 1100 strlcat(p, arg, len); 1101 } 1102 options->subsystem_args[options->num_subsystems] = p; 1103 options->num_subsystems++; 1104 break; 1105 1106 case sMaxStartups: 1107 arg = strdelim(&cp); 1108 if (!arg || *arg == '\0') 1109 fatal("%s line %d: Missing MaxStartups spec.", 1110 filename, linenum); 1111 if ((n = sscanf(arg, "%d:%d:%d", 1112 &options->max_startups_begin, 1113 &options->max_startups_rate, 1114 &options->max_startups)) == 3) { 1115 if (options->max_startups_begin > 1116 options->max_startups || 1117 options->max_startups_rate > 100 || 1118 options->max_startups_rate < 1) 1119 fatal("%s line %d: Illegal MaxStartups spec.", 1120 filename, linenum); 1121 } else if (n != 1) 1122 fatal("%s line %d: Illegal MaxStartups spec.", 1123 filename, linenum); 1124 else 1125 options->max_startups = options->max_startups_begin; 1126 break; 1127 1128 case sMaxAuthTries: 1129 intptr = &options->max_authtries; 1130 goto parse_int; 1131 1132 case sMaxSessions: 1133 intptr = &options->max_sessions; 1134 goto parse_int; 1135 1136 case sBanner: 1137 charptr = &options->banner; 1138 goto parse_filename; 1139 1140 /* 1141 * These options can contain %X options expanded at 1142 * connect time, so that you can specify paths like: 1143 * 1144 * AuthorizedKeysFile /etc/ssh_keys/%u 1145 */ 1146 case sAuthorizedKeysFile: 1147 case sAuthorizedKeysFile2: 1148 charptr = (opcode == sAuthorizedKeysFile) ? 1149 &options->authorized_keys_file : 1150 &options->authorized_keys_file2; 1151 goto parse_filename; 1152 1153 case sClientAliveInterval: 1154 intptr = &options->client_alive_interval; 1155 goto parse_time; 1156 1157 case sClientAliveCountMax: 1158 intptr = &options->client_alive_count_max; 1159 goto parse_int; 1160 1161 case sAcceptEnv: 1162 while ((arg = strdelim(&cp)) && *arg != '\0') { 1163 if (strchr(arg, '=') != NULL) 1164 fatal("%s line %d: Invalid environment name.", 1165 filename, linenum); 1166 if (options->num_accept_env >= MAX_ACCEPT_ENV) 1167 fatal("%s line %d: too many allow env.", 1168 filename, linenum); 1169 if (!*activep) 1170 break; 1171 options->accept_env[options->num_accept_env++] = 1172 xstrdup(arg); 1173 } 1174 break; 1175 1176 case sPermitTunnel: 1177 intptr = &options->permit_tun; 1178 arg = strdelim(&cp); 1179 if (!arg || *arg == '\0') 1180 fatal("%s line %d: Missing yes/point-to-point/" 1181 "ethernet/no argument.", filename, linenum); 1182 value = -1; 1183 for (i = 0; tunmode_desc[i].val != -1; i++) 1184 if (strcmp(tunmode_desc[i].text, arg) == 0) { 1185 value = tunmode_desc[i].val; 1186 break; 1187 } 1188 if (value == -1) 1189 fatal("%s line %d: Bad yes/point-to-point/ethernet/" 1190 "no argument: %s", filename, linenum, arg); 1191 if (*intptr == -1) 1192 *intptr = value; 1193 break; 1194 1195 case sMatch: 1196 if (cmdline) 1197 fatal("Match directive not supported as a command-line " 1198 "option"); 1199 value = match_cfg_line(&cp, linenum, user, host, address); 1200 if (value < 0) 1201 fatal("%s line %d: Bad Match condition", filename, 1202 linenum); 1203 *activep = value; 1204 break; 1205 1206 case sPermitOpen: 1207 arg = strdelim(&cp); 1208 if (!arg || *arg == '\0') 1209 fatal("%s line %d: missing PermitOpen specification", 1210 filename, linenum); 1211 n = options->num_permitted_opens; /* modified later */ 1212 if (strcmp(arg, "any") == 0) { 1213 if (*activep && n == -1) { 1214 channel_clear_adm_permitted_opens(); 1215 options->num_permitted_opens = 0; 1216 } 1217 break; 1218 } 1219 if (*activep && n == -1) 1220 channel_clear_adm_permitted_opens(); 1221 for (; arg != NULL && *arg != '\0'; arg = strdelim(&cp)) { 1222 p = hpdelim(&arg); 1223 if (p == NULL) 1224 fatal("%s line %d: missing host in PermitOpen", 1225 filename, linenum); 1226 p = cleanhostname(p); 1227 if (arg == NULL || (port = a2port(arg)) <= 0) 1228 fatal("%s line %d: bad port number in " 1229 "PermitOpen", filename, linenum); 1230 if (*activep && n == -1) 1231 options->num_permitted_opens = 1232 channel_add_adm_permitted_opens(p, port); 1233 } 1234 break; 1235 1236 case sForceCommand: 1237 if (cp == NULL) 1238 fatal("%.200s line %d: Missing argument.", filename, 1239 linenum); 1240 len = strspn(cp, WHITESPACE); 1241 if (*activep && options->adm_forced_command == NULL) 1242 options->adm_forced_command = xstrdup(cp + len); 1243 return 0; 1244 1245 case sChrootDirectory: 1246 charptr = &options->chroot_directory; 1247 1248 arg = strdelim(&cp); 1249 if (!arg || *arg == '\0') 1250 fatal("%s line %d: missing file name.", 1251 filename, linenum); 1252 if (*activep && *charptr == NULL) 1253 *charptr = xstrdup(arg); 1254 break; 1255 1256 case sRDomain: 1257 intptr = &options->rdomain; 1258 goto parse_int; 1259 1260 case sDeprecated: 1261 logit("%s line %d: Deprecated option %s", 1262 filename, linenum, arg); 1263 while (arg) 1264 arg = strdelim(&cp); 1265 break; 1266 1267 case sUnsupported: 1268 logit("%s line %d: Unsupported option %s", 1269 filename, linenum, arg); 1270 while (arg) 1271 arg = strdelim(&cp); 1272 break; 1273 1274 default: 1275 fatal("%s line %d: Missing handler for opcode %s (%d)", 1276 filename, linenum, arg, opcode); 1277 } 1278 if ((arg = strdelim(&cp)) != NULL && *arg != '\0') 1279 fatal("%s line %d: garbage at end of line; \"%.200s\".", 1280 filename, linenum, arg); 1281 return 0; 1282 } 1283 1284 /* Reads the server configuration file. */ 1285 1286 void 1287 load_server_config(const char *filename, Buffer *conf) 1288 { 1289 char line[1024], *cp; 1290 FILE *f; 1291 1292 debug2("%s: filename %s", __func__, filename); 1293 if ((f = fopen(filename, "r")) == NULL) { 1294 perror(filename); 1295 exit(1); 1296 } 1297 buffer_clear(conf); 1298 while (fgets(line, sizeof(line), f)) { 1299 /* 1300 * Trim out comments and strip whitespace 1301 * NB - preserve newlines, they are needed to reproduce 1302 * line numbers later for error messages 1303 */ 1304 if ((cp = strchr(line, '#')) != NULL) 1305 memcpy(cp, "\n", 2); 1306 cp = line + strspn(line, " \t\r"); 1307 1308 buffer_append(conf, cp, strlen(cp)); 1309 } 1310 buffer_append(conf, "\0", 1); 1311 fclose(f); 1312 debug2("%s: done config len = %d", __func__, buffer_len(conf)); 1313 } 1314 1315 void 1316 parse_server_match_config(ServerOptions *options, const char *user, 1317 const char *host, const char *address) 1318 { 1319 ServerOptions mo; 1320 1321 initialize_server_options(&mo); 1322 parse_server_config(&mo, "reprocess config", &cfg, user, host, address); 1323 copy_set_server_options(options, &mo, 0); 1324 } 1325 1326 /* Helper macros */ 1327 #define M_CP_INTOPT(n) do {\ 1328 if (src->n != -1) \ 1329 dst->n = src->n; \ 1330 } while (0) 1331 #define M_CP_STROPT(n) do {\ 1332 if (src->n != NULL) { \ 1333 if (dst->n != NULL) \ 1334 xfree(dst->n); \ 1335 dst->n = src->n; \ 1336 } \ 1337 } while(0) 1338 1339 /* 1340 * Copy any supported values that are set. 1341 * 1342 * If the preauth flag is set, we do not bother copying the string or 1343 * array values that are not used pre-authentication, because any that we 1344 * do use must be explictly sent in mm_getpwnamallow(). 1345 */ 1346 void 1347 copy_set_server_options(ServerOptions *dst, ServerOptions *src, int preauth) 1348 { 1349 M_CP_INTOPT(password_authentication); 1350 M_CP_INTOPT(gss_authentication); 1351 M_CP_INTOPT(rsa_authentication); 1352 M_CP_INTOPT(pubkey_authentication); 1353 M_CP_INTOPT(kerberos_authentication); 1354 M_CP_INTOPT(hostbased_authentication); 1355 M_CP_INTOPT(kbd_interactive_authentication); 1356 M_CP_INTOPT(zero_knowledge_password_authentication); 1357 M_CP_INTOPT(permit_root_login); 1358 M_CP_INTOPT(permit_empty_passwd); 1359 1360 M_CP_INTOPT(allow_tcp_forwarding); 1361 M_CP_INTOPT(allow_agent_forwarding); 1362 M_CP_INTOPT(gateway_ports); 1363 M_CP_INTOPT(x11_display_offset); 1364 M_CP_INTOPT(x11_forwarding); 1365 M_CP_INTOPT(x11_use_localhost); 1366 M_CP_INTOPT(max_sessions); 1367 M_CP_INTOPT(max_authtries); 1368 1369 M_CP_STROPT(banner); 1370 if (preauth) 1371 return; 1372 M_CP_STROPT(adm_forced_command); 1373 M_CP_STROPT(chroot_directory); 1374 } 1375 1376 #undef M_CP_INTOPT 1377 #undef M_CP_STROPT 1378 1379 void 1380 parse_server_config(ServerOptions *options, const char *filename, Buffer *conf, 1381 const char *user, const char *host, const char *address) 1382 { 1383 int active, linenum, bad_options = 0; 1384 char *cp, *obuf, *cbuf; 1385 1386 debug2("%s: config %s len %d", __func__, filename, buffer_len(conf)); 1387 1388 obuf = cbuf = xstrdup(buffer_ptr(conf)); 1389 active = user ? 0 : 1; 1390 linenum = 1; 1391 while ((cp = strsep(&cbuf, "\n")) != NULL) { 1392 if (process_server_config_line(options, cp, filename, 1393 linenum++, &active, user, host, address) != 0) 1394 bad_options++; 1395 } 1396 xfree(obuf); 1397 if (bad_options > 0) 1398 fatal("%s: terminating, %d bad configuration options", 1399 filename, bad_options); 1400 } 1401 1402 static const char * 1403 fmt_intarg(ServerOpCodes code, int val) 1404 { 1405 if (code == sAddressFamily) { 1406 switch (val) { 1407 case AF_INET: 1408 return "inet"; 1409 case AF_INET6: 1410 return "inet6"; 1411 case AF_UNSPEC: 1412 return "any"; 1413 default: 1414 return "UNKNOWN"; 1415 } 1416 } 1417 if (code == sPermitRootLogin) { 1418 switch (val) { 1419 case PERMIT_NO_PASSWD: 1420 return "without-password"; 1421 case PERMIT_FORCED_ONLY: 1422 return "forced-commands-only"; 1423 case PERMIT_YES: 1424 return "yes"; 1425 } 1426 } 1427 if (code == sProtocol) { 1428 switch (val) { 1429 case SSH_PROTO_1: 1430 return "1"; 1431 case SSH_PROTO_2: 1432 return "2"; 1433 case (SSH_PROTO_1|SSH_PROTO_2): 1434 return "2,1"; 1435 default: 1436 return "UNKNOWN"; 1437 } 1438 } 1439 if (code == sGatewayPorts && val == 2) 1440 return "clientspecified"; 1441 if (code == sCompression && val == COMP_DELAYED) 1442 return "delayed"; 1443 switch (val) { 1444 case -1: 1445 return "unset"; 1446 case 0: 1447 return "no"; 1448 case 1: 1449 return "yes"; 1450 } 1451 return "UNKNOWN"; 1452 } 1453 1454 static const char * 1455 lookup_opcode_name(ServerOpCodes code) 1456 { 1457 u_int i; 1458 1459 for (i = 0; keywords[i].name != NULL; i++) 1460 if (keywords[i].opcode == code) 1461 return(keywords[i].name); 1462 return "UNKNOWN"; 1463 } 1464 1465 static void 1466 dump_cfg_int(ServerOpCodes code, int val) 1467 { 1468 printf("%s %d\n", lookup_opcode_name(code), val); 1469 } 1470 1471 static void 1472 dump_cfg_fmtint(ServerOpCodes code, int val) 1473 { 1474 printf("%s %s\n", lookup_opcode_name(code), fmt_intarg(code, val)); 1475 } 1476 1477 static void 1478 dump_cfg_string(ServerOpCodes code, const char *val) 1479 { 1480 if (val == NULL) 1481 return; 1482 printf("%s %s\n", lookup_opcode_name(code), val); 1483 } 1484 1485 static void 1486 dump_cfg_strarray(ServerOpCodes code, u_int count, char **vals) 1487 { 1488 u_int i; 1489 1490 for (i = 0; i < count; i++) 1491 printf("%s %s\n", lookup_opcode_name(code), vals[i]); 1492 } 1493 1494 void 1495 dump_config(ServerOptions *o) 1496 { 1497 u_int i; 1498 int ret; 1499 struct addrinfo *ai; 1500 char addr[NI_MAXHOST], port[NI_MAXSERV], *s = NULL; 1501 1502 /* these are usually at the top of the config */ 1503 for (i = 0; i < o->num_ports; i++) 1504 printf("port %d\n", o->ports[i]); 1505 dump_cfg_fmtint(sProtocol, o->protocol); 1506 dump_cfg_fmtint(sAddressFamily, o->address_family); 1507 1508 /* ListenAddress must be after Port */ 1509 for (ai = o->listen_addrs; ai; ai = ai->ai_next) { 1510 if ((ret = getnameinfo(ai->ai_addr, ai->ai_addrlen, addr, 1511 sizeof(addr), port, sizeof(port), 1512 NI_NUMERICHOST|NI_NUMERICSERV)) != 0) { 1513 error("getnameinfo failed: %.100s", 1514 (ret != EAI_SYSTEM) ? gai_strerror(ret) : 1515 strerror(errno)); 1516 } else { 1517 if (ai->ai_family == AF_INET6) 1518 printf("listenaddress [%s]:%s\n", addr, port); 1519 else 1520 printf("listenaddress %s:%s\n", addr, port); 1521 } 1522 } 1523 1524 /* integer arguments */ 1525 dump_cfg_int(sServerKeyBits, o->server_key_bits); 1526 dump_cfg_int(sLoginGraceTime, o->login_grace_time); 1527 dump_cfg_int(sKeyRegenerationTime, o->key_regeneration_time); 1528 dump_cfg_int(sX11DisplayOffset, o->x11_display_offset); 1529 dump_cfg_int(sMaxAuthTries, o->max_authtries); 1530 dump_cfg_int(sMaxSessions, o->max_sessions); 1531 dump_cfg_int(sClientAliveInterval, o->client_alive_interval); 1532 dump_cfg_int(sClientAliveCountMax, o->client_alive_count_max); 1533 dump_cfg_int(sRDomain, o->rdomain); 1534 1535 /* formatted integer arguments */ 1536 dump_cfg_fmtint(sPermitRootLogin, o->permit_root_login); 1537 dump_cfg_fmtint(sIgnoreRhosts, o->ignore_rhosts); 1538 dump_cfg_fmtint(sIgnoreUserKnownHosts, o->ignore_user_known_hosts); 1539 dump_cfg_fmtint(sRhostsRSAAuthentication, o->rhosts_rsa_authentication); 1540 dump_cfg_fmtint(sHostbasedAuthentication, o->hostbased_authentication); 1541 dump_cfg_fmtint(sHostbasedUsesNameFromPacketOnly, 1542 o->hostbased_uses_name_from_packet_only); 1543 dump_cfg_fmtint(sRSAAuthentication, o->rsa_authentication); 1544 dump_cfg_fmtint(sPubkeyAuthentication, o->pubkey_authentication); 1545 #ifdef KRB5 1546 dump_cfg_fmtint(sKerberosAuthentication, o->kerberos_authentication); 1547 dump_cfg_fmtint(sKerberosOrLocalPasswd, o->kerberos_or_local_passwd); 1548 dump_cfg_fmtint(sKerberosTicketCleanup, o->kerberos_ticket_cleanup); 1549 dump_cfg_fmtint(sKerberosGetAFSToken, o->kerberos_get_afs_token); 1550 #endif 1551 #ifdef GSSAPI 1552 dump_cfg_fmtint(sGssAuthentication, o->gss_authentication); 1553 dump_cfg_fmtint(sGssCleanupCreds, o->gss_cleanup_creds); 1554 #endif 1555 #ifdef JPAKE 1556 dump_cfg_fmtint(sZeroKnowledgePasswordAuthentication, 1557 o->zero_knowledge_password_authentication); 1558 #endif 1559 dump_cfg_fmtint(sPasswordAuthentication, o->password_authentication); 1560 dump_cfg_fmtint(sKbdInteractiveAuthentication, 1561 o->kbd_interactive_authentication); 1562 dump_cfg_fmtint(sChallengeResponseAuthentication, 1563 o->challenge_response_authentication); 1564 dump_cfg_fmtint(sPrintMotd, o->print_motd); 1565 dump_cfg_fmtint(sPrintLastLog, o->print_lastlog); 1566 dump_cfg_fmtint(sX11Forwarding, o->x11_forwarding); 1567 dump_cfg_fmtint(sX11UseLocalhost, o->x11_use_localhost); 1568 dump_cfg_fmtint(sStrictModes, o->strict_modes); 1569 dump_cfg_fmtint(sTCPKeepAlive, o->tcp_keep_alive); 1570 dump_cfg_fmtint(sEmptyPasswd, o->permit_empty_passwd); 1571 dump_cfg_fmtint(sPermitUserEnvironment, o->permit_user_env); 1572 dump_cfg_fmtint(sUseLogin, o->use_login); 1573 dump_cfg_fmtint(sCompression, o->compression); 1574 dump_cfg_fmtint(sGatewayPorts, o->gateway_ports); 1575 dump_cfg_fmtint(sUseDNS, o->use_dns); 1576 dump_cfg_fmtint(sAllowTcpForwarding, o->allow_tcp_forwarding); 1577 dump_cfg_fmtint(sUsePrivilegeSeparation, use_privsep); 1578 1579 /* string arguments */ 1580 dump_cfg_string(sPidFile, o->pid_file); 1581 dump_cfg_string(sXAuthLocation, o->xauth_location); 1582 dump_cfg_string(sCiphers, o->ciphers); 1583 dump_cfg_string(sMacs, o->macs); 1584 dump_cfg_string(sBanner, o->banner); 1585 dump_cfg_string(sAuthorizedKeysFile, o->authorized_keys_file); 1586 dump_cfg_string(sAuthorizedKeysFile2, o->authorized_keys_file2); 1587 dump_cfg_string(sForceCommand, o->adm_forced_command); 1588 1589 /* string arguments requiring a lookup */ 1590 dump_cfg_string(sLogLevel, log_level_name(o->log_level)); 1591 dump_cfg_string(sLogFacility, log_facility_name(o->log_facility)); 1592 1593 /* string array arguments */ 1594 dump_cfg_strarray(sHostKeyFile, o->num_host_key_files, 1595 o->host_key_files); 1596 dump_cfg_strarray(sAllowUsers, o->num_allow_users, o->allow_users); 1597 dump_cfg_strarray(sDenyUsers, o->num_deny_users, o->deny_users); 1598 dump_cfg_strarray(sAllowGroups, o->num_allow_groups, o->allow_groups); 1599 dump_cfg_strarray(sDenyGroups, o->num_deny_groups, o->deny_groups); 1600 dump_cfg_strarray(sAcceptEnv, o->num_accept_env, o->accept_env); 1601 1602 /* other arguments */ 1603 for (i = 0; i < o->num_subsystems; i++) 1604 printf("subsystem %s %s\n", o->subsystem_name[i], 1605 o->subsystem_args[i]); 1606 1607 printf("maxstartups %d:%d:%d\n", o->max_startups_begin, 1608 o->max_startups_rate, o->max_startups); 1609 1610 for (i = 0; tunmode_desc[i].val != -1; i++) 1611 if (tunmode_desc[i].val == o->permit_tun) { 1612 s = tunmode_desc[i].text; 1613 break; 1614 } 1615 dump_cfg_string(sPermitTunnel, s); 1616 1617 channel_print_adm_permitted_opens(); 1618 } 1619