1 2 /* $OpenBSD: servconf.c,v 1.390 2023/01/17 09:44:48 djm Exp $ */ 3 /* 4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland 5 * All rights reserved 6 * 7 * As far as I am concerned, the code I have written for this software 8 * can be used freely for any purpose. Any derived versions of this 9 * software must be clearly marked as such, and if the derived work is 10 * incompatible with the protocol description in the RFC file, it must be 11 * called by a name other than "ssh" or "Secure Shell". 12 */ 13 14 #include <sys/types.h> 15 #include <sys/socket.h> 16 #include <sys/queue.h> 17 #include <sys/sysctl.h> 18 #include <sys/stat.h> 19 20 #include <netinet/in.h> 21 #include <netinet/ip.h> 22 #include <net/route.h> 23 24 #include <ctype.h> 25 #include <glob.h> 26 #include <netdb.h> 27 #include <pwd.h> 28 #include <stdio.h> 29 #include <stdlib.h> 30 #include <string.h> 31 #include <signal.h> 32 #include <unistd.h> 33 #include <limits.h> 34 #include <stdarg.h> 35 #include <errno.h> 36 #include <util.h> 37 38 #include "xmalloc.h" 39 #include "ssh.h" 40 #include "log.h" 41 #include "sshbuf.h" 42 #include "misc.h" 43 #include "servconf.h" 44 #include "compat.h" 45 #include "pathnames.h" 46 #include "cipher.h" 47 #include "sshkey.h" 48 #include "kex.h" 49 #include "mac.h" 50 #include "match.h" 51 #include "channels.h" 52 #include "groupaccess.h" 53 #include "canohost.h" 54 #include "packet.h" 55 #include "ssherr.h" 56 #include "hostfile.h" 57 #include "auth.h" 58 #include "myproposal.h" 59 #include "digest.h" 60 61 static void add_listen_addr(ServerOptions *, const char *, 62 const char *, int); 63 static void add_one_listen_addr(ServerOptions *, const char *, 64 const char *, int); 65 static void parse_server_config_depth(ServerOptions *options, 66 const char *filename, struct sshbuf *conf, struct include_list *includes, 67 struct connection_info *connectinfo, int flags, int *activep, int depth); 68 69 /* Use of privilege separation or not */ 70 extern int use_privsep; 71 extern struct sshbuf *cfg; 72 73 /* Initializes the server options to their default values. */ 74 75 void 76 initialize_server_options(ServerOptions *options) 77 { 78 memset(options, 0, sizeof(*options)); 79 options->num_ports = 0; 80 options->ports_from_cmdline = 0; 81 options->queued_listen_addrs = NULL; 82 options->num_queued_listens = 0; 83 options->listen_addrs = NULL; 84 options->num_listen_addrs = 0; 85 options->address_family = -1; 86 options->routing_domain = NULL; 87 options->num_host_key_files = 0; 88 options->num_host_cert_files = 0; 89 options->host_key_agent = NULL; 90 options->pid_file = NULL; 91 options->login_grace_time = -1; 92 options->permit_root_login = PERMIT_NOT_SET; 93 options->ignore_rhosts = -1; 94 options->ignore_user_known_hosts = -1; 95 options->print_motd = -1; 96 options->print_lastlog = -1; 97 options->x11_forwarding = -1; 98 options->x11_display_offset = -1; 99 options->x11_use_localhost = -1; 100 options->permit_tty = -1; 101 options->permit_user_rc = -1; 102 options->xauth_location = NULL; 103 options->strict_modes = -1; 104 options->tcp_keep_alive = -1; 105 options->log_facility = SYSLOG_FACILITY_NOT_SET; 106 options->log_level = SYSLOG_LEVEL_NOT_SET; 107 options->num_log_verbose = 0; 108 options->log_verbose = NULL; 109 options->hostbased_authentication = -1; 110 options->hostbased_uses_name_from_packet_only = -1; 111 options->hostbased_accepted_algos = NULL; 112 options->hostkeyalgorithms = NULL; 113 options->pubkey_authentication = -1; 114 options->pubkey_auth_options = -1; 115 options->pubkey_accepted_algos = NULL; 116 options->kerberos_authentication = -1; 117 options->kerberos_or_local_passwd = -1; 118 options->kerberos_ticket_cleanup = -1; 119 options->kerberos_get_afs_token = -1; 120 options->gss_authentication=-1; 121 options->gss_cleanup_creds = -1; 122 options->gss_strict_acceptor = -1; 123 options->password_authentication = -1; 124 options->kbd_interactive_authentication = -1; 125 options->permit_empty_passwd = -1; 126 options->permit_user_env = -1; 127 options->permit_user_env_allowlist = NULL; 128 options->compression = -1; 129 options->rekey_limit = -1; 130 options->rekey_interval = -1; 131 options->allow_tcp_forwarding = -1; 132 options->allow_streamlocal_forwarding = -1; 133 options->allow_agent_forwarding = -1; 134 options->num_allow_users = 0; 135 options->num_deny_users = 0; 136 options->num_allow_groups = 0; 137 options->num_deny_groups = 0; 138 options->ciphers = NULL; 139 options->macs = NULL; 140 options->kex_algorithms = NULL; 141 options->ca_sign_algorithms = NULL; 142 options->fwd_opts.gateway_ports = -1; 143 options->fwd_opts.streamlocal_bind_mask = (mode_t)-1; 144 options->fwd_opts.streamlocal_bind_unlink = -1; 145 options->num_subsystems = 0; 146 options->max_startups_begin = -1; 147 options->max_startups_rate = -1; 148 options->max_startups = -1; 149 options->per_source_max_startups = -1; 150 options->per_source_masklen_ipv4 = -1; 151 options->per_source_masklen_ipv6 = -1; 152 options->max_authtries = -1; 153 options->max_sessions = -1; 154 options->banner = NULL; 155 options->use_dns = -1; 156 options->client_alive_interval = -1; 157 options->client_alive_count_max = -1; 158 options->num_authkeys_files = 0; 159 options->num_accept_env = 0; 160 options->num_setenv = 0; 161 options->permit_tun = -1; 162 options->permitted_opens = NULL; 163 options->permitted_listens = NULL; 164 options->adm_forced_command = NULL; 165 options->chroot_directory = NULL; 166 options->authorized_keys_command = NULL; 167 options->authorized_keys_command_user = NULL; 168 options->revoked_keys_file = NULL; 169 options->sk_provider = NULL; 170 options->trusted_user_ca_keys = NULL; 171 options->authorized_principals_file = NULL; 172 options->authorized_principals_command = NULL; 173 options->authorized_principals_command_user = NULL; 174 options->ip_qos_interactive = -1; 175 options->ip_qos_bulk = -1; 176 options->version_addendum = NULL; 177 options->fingerprint_hash = -1; 178 options->disable_forwarding = -1; 179 options->expose_userauth_info = -1; 180 options->required_rsa_size = -1; 181 options->channel_timeouts = NULL; 182 options->num_channel_timeouts = 0; 183 options->unused_connection_timeout = -1; 184 } 185 186 /* Returns 1 if a string option is unset or set to "none" or 0 otherwise. */ 187 static int 188 option_clear_or_none(const char *o) 189 { 190 return o == NULL || strcasecmp(o, "none") == 0; 191 } 192 193 static void 194 assemble_algorithms(ServerOptions *o) 195 { 196 char *all_cipher, *all_mac, *all_kex, *all_key, *all_sig; 197 char *def_cipher, *def_mac, *def_kex, *def_key, *def_sig; 198 int r; 199 200 all_cipher = cipher_alg_list(',', 0); 201 all_mac = mac_alg_list(','); 202 all_kex = kex_alg_list(','); 203 all_key = sshkey_alg_list(0, 0, 1, ','); 204 all_sig = sshkey_alg_list(0, 1, 1, ','); 205 /* remove unsupported algos from default lists */ 206 def_cipher = match_filter_allowlist(KEX_SERVER_ENCRYPT, all_cipher); 207 def_mac = match_filter_allowlist(KEX_SERVER_MAC, all_mac); 208 def_kex = match_filter_allowlist(KEX_SERVER_KEX, all_kex); 209 def_key = match_filter_allowlist(KEX_DEFAULT_PK_ALG, all_key); 210 def_sig = match_filter_allowlist(SSH_ALLOWED_CA_SIGALGS, all_sig); 211 #define ASSEMBLE(what, defaults, all) \ 212 do { \ 213 if ((r = kex_assemble_names(&o->what, defaults, all)) != 0) \ 214 fatal_fr(r, "%s", #what); \ 215 } while (0) 216 ASSEMBLE(ciphers, def_cipher, all_cipher); 217 ASSEMBLE(macs, def_mac, all_mac); 218 ASSEMBLE(kex_algorithms, def_kex, all_kex); 219 ASSEMBLE(hostkeyalgorithms, def_key, all_key); 220 ASSEMBLE(hostbased_accepted_algos, def_key, all_key); 221 ASSEMBLE(pubkey_accepted_algos, def_key, all_key); 222 ASSEMBLE(ca_sign_algorithms, def_sig, all_sig); 223 #undef ASSEMBLE 224 free(all_cipher); 225 free(all_mac); 226 free(all_kex); 227 free(all_key); 228 free(all_sig); 229 free(def_cipher); 230 free(def_mac); 231 free(def_kex); 232 free(def_key); 233 free(def_sig); 234 } 235 236 void 237 servconf_add_hostkey(const char *file, const int line, 238 ServerOptions *options, const char *path, int userprovided) 239 { 240 char *apath = derelativise_path(path); 241 242 opt_array_append2(file, line, "HostKey", 243 &options->host_key_files, &options->host_key_file_userprovided, 244 &options->num_host_key_files, apath, userprovided); 245 free(apath); 246 } 247 248 void 249 servconf_add_hostcert(const char *file, const int line, 250 ServerOptions *options, const char *path) 251 { 252 char *apath = derelativise_path(path); 253 254 opt_array_append(file, line, "HostCertificate", 255 &options->host_cert_files, &options->num_host_cert_files, apath); 256 free(apath); 257 } 258 259 void 260 fill_default_server_options(ServerOptions *options) 261 { 262 u_int i; 263 264 if (options->num_host_key_files == 0) { 265 /* fill default hostkeys */ 266 servconf_add_hostkey("[default]", 0, options, 267 _PATH_HOST_RSA_KEY_FILE, 0); 268 servconf_add_hostkey("[default]", 0, options, 269 _PATH_HOST_ECDSA_KEY_FILE, 0); 270 servconf_add_hostkey("[default]", 0, options, 271 _PATH_HOST_ED25519_KEY_FILE, 0); 272 #ifdef WITH_XMSS 273 servconf_add_hostkey("[default]", 0, options, 274 _PATH_HOST_XMSS_KEY_FILE, 0); 275 #endif /* WITH_XMSS */ 276 } 277 /* No certificates by default */ 278 if (options->num_ports == 0) 279 options->ports[options->num_ports++] = SSH_DEFAULT_PORT; 280 if (options->address_family == -1) 281 options->address_family = AF_UNSPEC; 282 if (options->listen_addrs == NULL) 283 add_listen_addr(options, NULL, NULL, 0); 284 if (options->pid_file == NULL) 285 options->pid_file = xstrdup(_PATH_SSH_DAEMON_PID_FILE); 286 if (options->moduli_file == NULL) 287 options->moduli_file = xstrdup(_PATH_DH_MODULI); 288 if (options->login_grace_time == -1) 289 options->login_grace_time = 120; 290 if (options->permit_root_login == PERMIT_NOT_SET) 291 options->permit_root_login = PERMIT_NO_PASSWD; 292 if (options->ignore_rhosts == -1) 293 options->ignore_rhosts = 1; 294 if (options->ignore_user_known_hosts == -1) 295 options->ignore_user_known_hosts = 0; 296 if (options->print_motd == -1) 297 options->print_motd = 1; 298 if (options->print_lastlog == -1) 299 options->print_lastlog = 1; 300 if (options->x11_forwarding == -1) 301 options->x11_forwarding = 0; 302 if (options->x11_display_offset == -1) 303 options->x11_display_offset = 10; 304 if (options->x11_use_localhost == -1) 305 options->x11_use_localhost = 1; 306 if (options->xauth_location == NULL) 307 options->xauth_location = xstrdup(_PATH_XAUTH); 308 if (options->permit_tty == -1) 309 options->permit_tty = 1; 310 if (options->permit_user_rc == -1) 311 options->permit_user_rc = 1; 312 if (options->strict_modes == -1) 313 options->strict_modes = 1; 314 if (options->tcp_keep_alive == -1) 315 options->tcp_keep_alive = 1; 316 if (options->log_facility == SYSLOG_FACILITY_NOT_SET) 317 options->log_facility = SYSLOG_FACILITY_AUTH; 318 if (options->log_level == SYSLOG_LEVEL_NOT_SET) 319 options->log_level = SYSLOG_LEVEL_INFO; 320 if (options->hostbased_authentication == -1) 321 options->hostbased_authentication = 0; 322 if (options->hostbased_uses_name_from_packet_only == -1) 323 options->hostbased_uses_name_from_packet_only = 0; 324 if (options->pubkey_authentication == -1) 325 options->pubkey_authentication = 1; 326 if (options->pubkey_auth_options == -1) 327 options->pubkey_auth_options = 0; 328 if (options->kerberos_authentication == -1) 329 options->kerberos_authentication = 0; 330 if (options->kerberos_or_local_passwd == -1) 331 options->kerberos_or_local_passwd = 1; 332 if (options->kerberos_ticket_cleanup == -1) 333 options->kerberos_ticket_cleanup = 1; 334 if (options->kerberos_get_afs_token == -1) 335 options->kerberos_get_afs_token = 0; 336 if (options->gss_authentication == -1) 337 options->gss_authentication = 0; 338 if (options->gss_cleanup_creds == -1) 339 options->gss_cleanup_creds = 1; 340 if (options->gss_strict_acceptor == -1) 341 options->gss_strict_acceptor = 1; 342 if (options->password_authentication == -1) 343 options->password_authentication = 1; 344 if (options->kbd_interactive_authentication == -1) 345 options->kbd_interactive_authentication = 1; 346 if (options->permit_empty_passwd == -1) 347 options->permit_empty_passwd = 0; 348 if (options->permit_user_env == -1) { 349 options->permit_user_env = 0; 350 options->permit_user_env_allowlist = NULL; 351 } 352 if (options->compression == -1) 353 #ifdef WITH_ZLIB 354 options->compression = COMP_DELAYED; 355 #else 356 options->compression = COMP_NONE; 357 #endif 358 359 if (options->rekey_limit == -1) 360 options->rekey_limit = 0; 361 if (options->rekey_interval == -1) 362 options->rekey_interval = 0; 363 if (options->allow_tcp_forwarding == -1) 364 options->allow_tcp_forwarding = FORWARD_ALLOW; 365 if (options->allow_streamlocal_forwarding == -1) 366 options->allow_streamlocal_forwarding = FORWARD_ALLOW; 367 if (options->allow_agent_forwarding == -1) 368 options->allow_agent_forwarding = 1; 369 if (options->fwd_opts.gateway_ports == -1) 370 options->fwd_opts.gateway_ports = 0; 371 if (options->max_startups == -1) 372 options->max_startups = 100; 373 if (options->max_startups_rate == -1) 374 options->max_startups_rate = 30; /* 30% */ 375 if (options->max_startups_begin == -1) 376 options->max_startups_begin = 10; 377 if (options->per_source_max_startups == -1) 378 options->per_source_max_startups = INT_MAX; 379 if (options->per_source_masklen_ipv4 == -1) 380 options->per_source_masklen_ipv4 = 32; 381 if (options->per_source_masklen_ipv6 == -1) 382 options->per_source_masklen_ipv6 = 128; 383 if (options->max_authtries == -1) 384 options->max_authtries = DEFAULT_AUTH_FAIL_MAX; 385 if (options->max_sessions == -1) 386 options->max_sessions = DEFAULT_SESSIONS_MAX; 387 if (options->use_dns == -1) 388 options->use_dns = 0; 389 if (options->client_alive_interval == -1) 390 options->client_alive_interval = 0; 391 if (options->client_alive_count_max == -1) 392 options->client_alive_count_max = 3; 393 if (options->num_authkeys_files == 0) { 394 opt_array_append("[default]", 0, "AuthorizedKeysFiles", 395 &options->authorized_keys_files, 396 &options->num_authkeys_files, 397 _PATH_SSH_USER_PERMITTED_KEYS); 398 opt_array_append("[default]", 0, "AuthorizedKeysFiles", 399 &options->authorized_keys_files, 400 &options->num_authkeys_files, 401 _PATH_SSH_USER_PERMITTED_KEYS2); 402 } 403 if (options->permit_tun == -1) 404 options->permit_tun = SSH_TUNMODE_NO; 405 if (options->ip_qos_interactive == -1) 406 options->ip_qos_interactive = IPTOS_DSCP_AF21; 407 if (options->ip_qos_bulk == -1) 408 options->ip_qos_bulk = IPTOS_DSCP_CS1; 409 if (options->version_addendum == NULL) 410 options->version_addendum = xstrdup(""); 411 if (options->fwd_opts.streamlocal_bind_mask == (mode_t)-1) 412 options->fwd_opts.streamlocal_bind_mask = 0177; 413 if (options->fwd_opts.streamlocal_bind_unlink == -1) 414 options->fwd_opts.streamlocal_bind_unlink = 0; 415 if (options->fingerprint_hash == -1) 416 options->fingerprint_hash = SSH_FP_HASH_DEFAULT; 417 if (options->disable_forwarding == -1) 418 options->disable_forwarding = 0; 419 if (options->expose_userauth_info == -1) 420 options->expose_userauth_info = 0; 421 if (options->sk_provider == NULL) 422 options->sk_provider = xstrdup("internal"); 423 if (options->required_rsa_size == -1) 424 options->required_rsa_size = SSH_RSA_MINIMUM_MODULUS_SIZE; 425 if (options->unused_connection_timeout == -1) 426 options->unused_connection_timeout = 0; 427 428 assemble_algorithms(options); 429 430 /* Turn privilege separation and sandboxing on by default */ 431 if (use_privsep == -1) 432 use_privsep = PRIVSEP_ON; 433 434 #define CLEAR_ON_NONE(v) \ 435 do { \ 436 if (option_clear_or_none(v)) { \ 437 free(v); \ 438 v = NULL; \ 439 } \ 440 } while(0) 441 #define CLEAR_ON_NONE_ARRAY(v, nv, none) \ 442 do { \ 443 if (options->nv == 1 && \ 444 strcasecmp(options->v[0], none) == 0) { \ 445 free(options->v[0]); \ 446 free(options->v); \ 447 options->v = NULL; \ 448 options->nv = 0; \ 449 } \ 450 } while (0) 451 CLEAR_ON_NONE(options->pid_file); 452 CLEAR_ON_NONE(options->xauth_location); 453 CLEAR_ON_NONE(options->banner); 454 CLEAR_ON_NONE(options->trusted_user_ca_keys); 455 CLEAR_ON_NONE(options->revoked_keys_file); 456 CLEAR_ON_NONE(options->sk_provider); 457 CLEAR_ON_NONE(options->authorized_principals_file); 458 CLEAR_ON_NONE(options->adm_forced_command); 459 CLEAR_ON_NONE(options->chroot_directory); 460 CLEAR_ON_NONE(options->routing_domain); 461 CLEAR_ON_NONE(options->host_key_agent); 462 463 for (i = 0; i < options->num_host_key_files; i++) 464 CLEAR_ON_NONE(options->host_key_files[i]); 465 for (i = 0; i < options->num_host_cert_files; i++) 466 CLEAR_ON_NONE(options->host_cert_files[i]); 467 468 CLEAR_ON_NONE_ARRAY(channel_timeouts, num_channel_timeouts, "none"); 469 CLEAR_ON_NONE_ARRAY(auth_methods, num_auth_methods, "any"); 470 #undef CLEAR_ON_NONE 471 #undef CLEAR_ON_NONE_ARRAY 472 } 473 474 /* Keyword tokens. */ 475 typedef enum { 476 sBadOption, /* == unknown option */ 477 sPort, sHostKeyFile, sLoginGraceTime, 478 sPermitRootLogin, sLogFacility, sLogLevel, sLogVerbose, 479 sKerberosAuthentication, sKerberosOrLocalPasswd, sKerberosTicketCleanup, 480 sKerberosGetAFSToken, sPasswordAuthentication, 481 sKbdInteractiveAuthentication, sListenAddress, sAddressFamily, 482 sPrintMotd, sPrintLastLog, sIgnoreRhosts, 483 sX11Forwarding, sX11DisplayOffset, sX11UseLocalhost, 484 sPermitTTY, sStrictModes, sEmptyPasswd, sTCPKeepAlive, 485 sPermitUserEnvironment, sAllowTcpForwarding, sCompression, 486 sRekeyLimit, sAllowUsers, sDenyUsers, sAllowGroups, sDenyGroups, 487 sIgnoreUserKnownHosts, sCiphers, sMacs, sPidFile, sModuliFile, 488 sGatewayPorts, sPubkeyAuthentication, sPubkeyAcceptedAlgorithms, 489 sXAuthLocation, sSubsystem, sMaxStartups, sMaxAuthTries, sMaxSessions, 490 sBanner, sUseDNS, sHostbasedAuthentication, 491 sHostbasedUsesNameFromPacketOnly, sHostbasedAcceptedAlgorithms, 492 sHostKeyAlgorithms, sPerSourceMaxStartups, sPerSourceNetBlockSize, 493 sClientAliveInterval, sClientAliveCountMax, sAuthorizedKeysFile, 494 sGssAuthentication, sGssCleanupCreds, sGssStrictAcceptor, 495 sAcceptEnv, sSetEnv, sPermitTunnel, 496 sMatch, sPermitOpen, sPermitListen, sForceCommand, sChrootDirectory, 497 sUsePrivilegeSeparation, sAllowAgentForwarding, 498 sHostCertificate, sInclude, 499 sRevokedKeys, sTrustedUserCAKeys, sAuthorizedPrincipalsFile, 500 sAuthorizedPrincipalsCommand, sAuthorizedPrincipalsCommandUser, 501 sKexAlgorithms, sCASignatureAlgorithms, sIPQoS, sVersionAddendum, 502 sAuthorizedKeysCommand, sAuthorizedKeysCommandUser, 503 sAuthenticationMethods, sHostKeyAgent, sPermitUserRC, 504 sStreamLocalBindMask, sStreamLocalBindUnlink, 505 sAllowStreamLocalForwarding, sFingerprintHash, sDisableForwarding, 506 sExposeAuthInfo, sRDomain, sPubkeyAuthOptions, sSecurityKeyProvider, 507 sRequiredRSASize, sChannelTimeout, sUnusedConnectionTimeout, 508 sDeprecated, sIgnore, sUnsupported 509 } ServerOpCodes; 510 511 #define SSHCFG_GLOBAL 0x01 /* allowed in main section of config */ 512 #define SSHCFG_MATCH 0x02 /* allowed inside a Match section */ 513 #define SSHCFG_ALL (SSHCFG_GLOBAL|SSHCFG_MATCH) 514 #define SSHCFG_NEVERMATCH 0x04 /* Match never matches; internal only */ 515 #define SSHCFG_MATCH_ONLY 0x08 /* Match only in conditional blocks; internal only */ 516 517 /* Textual representation of the tokens. */ 518 static struct { 519 const char *name; 520 ServerOpCodes opcode; 521 u_int flags; 522 } keywords[] = { 523 { "port", sPort, SSHCFG_GLOBAL }, 524 { "hostkey", sHostKeyFile, SSHCFG_GLOBAL }, 525 { "hostdsakey", sHostKeyFile, SSHCFG_GLOBAL }, /* alias */ 526 { "hostkeyagent", sHostKeyAgent, SSHCFG_GLOBAL }, 527 { "pidfile", sPidFile, SSHCFG_GLOBAL }, 528 { "modulifile", sModuliFile, SSHCFG_GLOBAL }, 529 { "serverkeybits", sDeprecated, SSHCFG_GLOBAL }, 530 { "logingracetime", sLoginGraceTime, SSHCFG_GLOBAL }, 531 { "keyregenerationinterval", sDeprecated, SSHCFG_GLOBAL }, 532 { "permitrootlogin", sPermitRootLogin, SSHCFG_ALL }, 533 { "syslogfacility", sLogFacility, SSHCFG_GLOBAL }, 534 { "loglevel", sLogLevel, SSHCFG_ALL }, 535 { "logverbose", sLogVerbose, SSHCFG_ALL }, 536 { "rhostsauthentication", sDeprecated, SSHCFG_GLOBAL }, 537 { "rhostsrsaauthentication", sDeprecated, SSHCFG_ALL }, 538 { "hostbasedauthentication", sHostbasedAuthentication, SSHCFG_ALL }, 539 { "hostbasedusesnamefrompacketonly", sHostbasedUsesNameFromPacketOnly, SSHCFG_ALL }, 540 { "hostbasedacceptedalgorithms", sHostbasedAcceptedAlgorithms, SSHCFG_ALL }, 541 { "hostbasedacceptedkeytypes", sHostbasedAcceptedAlgorithms, SSHCFG_ALL }, /* obsolete */ 542 { "hostkeyalgorithms", sHostKeyAlgorithms, SSHCFG_GLOBAL }, 543 { "rsaauthentication", sDeprecated, SSHCFG_ALL }, 544 { "pubkeyauthentication", sPubkeyAuthentication, SSHCFG_ALL }, 545 { "pubkeyacceptedalgorithms", sPubkeyAcceptedAlgorithms, SSHCFG_ALL }, 546 { "pubkeyacceptedkeytypes", sPubkeyAcceptedAlgorithms, SSHCFG_ALL }, /* obsolete */ 547 { "pubkeyauthoptions", sPubkeyAuthOptions, SSHCFG_ALL }, 548 { "dsaauthentication", sPubkeyAuthentication, SSHCFG_GLOBAL }, /* alias */ 549 #ifdef KRB5 550 { "kerberosauthentication", sKerberosAuthentication, SSHCFG_ALL }, 551 { "kerberosorlocalpasswd", sKerberosOrLocalPasswd, SSHCFG_GLOBAL }, 552 { "kerberosticketcleanup", sKerberosTicketCleanup, SSHCFG_GLOBAL }, 553 { "kerberosgetafstoken", sKerberosGetAFSToken, SSHCFG_GLOBAL }, 554 #else 555 { "kerberosauthentication", sUnsupported, SSHCFG_ALL }, 556 { "kerberosorlocalpasswd", sUnsupported, SSHCFG_GLOBAL }, 557 { "kerberosticketcleanup", sUnsupported, SSHCFG_GLOBAL }, 558 { "kerberosgetafstoken", sUnsupported, SSHCFG_GLOBAL }, 559 #endif 560 { "kerberostgtpassing", sUnsupported, SSHCFG_GLOBAL }, 561 { "afstokenpassing", sUnsupported, SSHCFG_GLOBAL }, 562 #ifdef GSSAPI 563 { "gssapiauthentication", sGssAuthentication, SSHCFG_ALL }, 564 { "gssapicleanupcredentials", sGssCleanupCreds, SSHCFG_GLOBAL }, 565 { "gssapistrictacceptorcheck", sGssStrictAcceptor, SSHCFG_GLOBAL }, 566 #else 567 { "gssapiauthentication", sUnsupported, SSHCFG_ALL }, 568 { "gssapicleanupcredentials", sUnsupported, SSHCFG_GLOBAL }, 569 { "gssapistrictacceptorcheck", sUnsupported, SSHCFG_GLOBAL }, 570 #endif 571 { "passwordauthentication", sPasswordAuthentication, SSHCFG_ALL }, 572 { "kbdinteractiveauthentication", sKbdInteractiveAuthentication, SSHCFG_ALL }, 573 { "challengeresponseauthentication", sKbdInteractiveAuthentication, SSHCFG_ALL }, /* alias */ 574 { "skeyauthentication", sKbdInteractiveAuthentication, SSHCFG_ALL }, /* alias */ 575 { "checkmail", sDeprecated, SSHCFG_GLOBAL }, 576 { "listenaddress", sListenAddress, SSHCFG_GLOBAL }, 577 { "addressfamily", sAddressFamily, SSHCFG_GLOBAL }, 578 { "printmotd", sPrintMotd, SSHCFG_GLOBAL }, 579 { "printlastlog", sPrintLastLog, SSHCFG_GLOBAL }, 580 { "ignorerhosts", sIgnoreRhosts, SSHCFG_ALL }, 581 { "ignoreuserknownhosts", sIgnoreUserKnownHosts, SSHCFG_GLOBAL }, 582 { "x11forwarding", sX11Forwarding, SSHCFG_ALL }, 583 { "x11displayoffset", sX11DisplayOffset, SSHCFG_ALL }, 584 { "x11uselocalhost", sX11UseLocalhost, SSHCFG_ALL }, 585 { "xauthlocation", sXAuthLocation, SSHCFG_GLOBAL }, 586 { "strictmodes", sStrictModes, SSHCFG_GLOBAL }, 587 { "permitemptypasswords", sEmptyPasswd, SSHCFG_ALL }, 588 { "permituserenvironment", sPermitUserEnvironment, SSHCFG_GLOBAL }, 589 { "uselogin", sDeprecated, SSHCFG_GLOBAL }, 590 { "compression", sCompression, SSHCFG_GLOBAL }, 591 { "rekeylimit", sRekeyLimit, SSHCFG_ALL }, 592 { "tcpkeepalive", sTCPKeepAlive, SSHCFG_GLOBAL }, 593 { "keepalive", sTCPKeepAlive, SSHCFG_GLOBAL }, /* obsolete alias */ 594 { "allowtcpforwarding", sAllowTcpForwarding, SSHCFG_ALL }, 595 { "allowagentforwarding", sAllowAgentForwarding, SSHCFG_ALL }, 596 { "allowusers", sAllowUsers, SSHCFG_ALL }, 597 { "denyusers", sDenyUsers, SSHCFG_ALL }, 598 { "allowgroups", sAllowGroups, SSHCFG_ALL }, 599 { "denygroups", sDenyGroups, SSHCFG_ALL }, 600 { "ciphers", sCiphers, SSHCFG_GLOBAL }, 601 { "macs", sMacs, SSHCFG_GLOBAL }, 602 { "protocol", sIgnore, SSHCFG_GLOBAL }, 603 { "gatewayports", sGatewayPorts, SSHCFG_ALL }, 604 { "subsystem", sSubsystem, SSHCFG_GLOBAL }, 605 { "maxstartups", sMaxStartups, SSHCFG_GLOBAL }, 606 { "persourcemaxstartups", sPerSourceMaxStartups, SSHCFG_GLOBAL }, 607 { "persourcenetblocksize", sPerSourceNetBlockSize, SSHCFG_GLOBAL }, 608 { "maxauthtries", sMaxAuthTries, SSHCFG_ALL }, 609 { "maxsessions", sMaxSessions, SSHCFG_ALL }, 610 { "banner", sBanner, SSHCFG_ALL }, 611 { "usedns", sUseDNS, SSHCFG_GLOBAL }, 612 { "verifyreversemapping", sDeprecated, SSHCFG_GLOBAL }, 613 { "reversemappingcheck", sDeprecated, SSHCFG_GLOBAL }, 614 { "clientaliveinterval", sClientAliveInterval, SSHCFG_ALL }, 615 { "clientalivecountmax", sClientAliveCountMax, SSHCFG_ALL }, 616 { "authorizedkeysfile", sAuthorizedKeysFile, SSHCFG_ALL }, 617 { "authorizedkeysfile2", sDeprecated, SSHCFG_ALL }, 618 { "useprivilegeseparation", sDeprecated, SSHCFG_GLOBAL}, 619 { "acceptenv", sAcceptEnv, SSHCFG_ALL }, 620 { "setenv", sSetEnv, SSHCFG_ALL }, 621 { "permittunnel", sPermitTunnel, SSHCFG_ALL }, 622 { "permittty", sPermitTTY, SSHCFG_ALL }, 623 { "permituserrc", sPermitUserRC, SSHCFG_ALL }, 624 { "match", sMatch, SSHCFG_ALL }, 625 { "permitopen", sPermitOpen, SSHCFG_ALL }, 626 { "permitlisten", sPermitListen, SSHCFG_ALL }, 627 { "forcecommand", sForceCommand, SSHCFG_ALL }, 628 { "chrootdirectory", sChrootDirectory, SSHCFG_ALL }, 629 { "hostcertificate", sHostCertificate, SSHCFG_GLOBAL }, 630 { "revokedkeys", sRevokedKeys, SSHCFG_ALL }, 631 { "trustedusercakeys", sTrustedUserCAKeys, SSHCFG_ALL }, 632 { "authorizedprincipalsfile", sAuthorizedPrincipalsFile, SSHCFG_ALL }, 633 { "kexalgorithms", sKexAlgorithms, SSHCFG_GLOBAL }, 634 { "include", sInclude, SSHCFG_ALL }, 635 { "ipqos", sIPQoS, SSHCFG_ALL }, 636 { "authorizedkeyscommand", sAuthorizedKeysCommand, SSHCFG_ALL }, 637 { "authorizedkeyscommanduser", sAuthorizedKeysCommandUser, SSHCFG_ALL }, 638 { "authorizedprincipalscommand", sAuthorizedPrincipalsCommand, SSHCFG_ALL }, 639 { "authorizedprincipalscommanduser", sAuthorizedPrincipalsCommandUser, SSHCFG_ALL }, 640 { "versionaddendum", sVersionAddendum, SSHCFG_GLOBAL }, 641 { "authenticationmethods", sAuthenticationMethods, SSHCFG_ALL }, 642 { "streamlocalbindmask", sStreamLocalBindMask, SSHCFG_ALL }, 643 { "streamlocalbindunlink", sStreamLocalBindUnlink, SSHCFG_ALL }, 644 { "allowstreamlocalforwarding", sAllowStreamLocalForwarding, SSHCFG_ALL }, 645 { "fingerprinthash", sFingerprintHash, SSHCFG_GLOBAL }, 646 { "disableforwarding", sDisableForwarding, SSHCFG_ALL }, 647 { "exposeauthinfo", sExposeAuthInfo, SSHCFG_ALL }, 648 { "rdomain", sRDomain, SSHCFG_ALL }, 649 { "casignaturealgorithms", sCASignatureAlgorithms, SSHCFG_ALL }, 650 { "securitykeyprovider", sSecurityKeyProvider, SSHCFG_GLOBAL }, 651 { "requiredrsasize", sRequiredRSASize, SSHCFG_ALL }, 652 { "channeltimeout", sChannelTimeout, SSHCFG_ALL }, 653 { "unusedconnectiontimeout", sUnusedConnectionTimeout, SSHCFG_ALL }, 654 { NULL, sBadOption, 0 } 655 }; 656 657 static struct { 658 int val; 659 char *text; 660 } tunmode_desc[] = { 661 { SSH_TUNMODE_NO, "no" }, 662 { SSH_TUNMODE_POINTOPOINT, "point-to-point" }, 663 { SSH_TUNMODE_ETHERNET, "ethernet" }, 664 { SSH_TUNMODE_YES, "yes" }, 665 { -1, NULL } 666 }; 667 668 /* Returns an opcode name from its number */ 669 670 static const char * 671 lookup_opcode_name(ServerOpCodes code) 672 { 673 u_int i; 674 675 for (i = 0; keywords[i].name != NULL; i++) 676 if (keywords[i].opcode == code) 677 return(keywords[i].name); 678 return "UNKNOWN"; 679 } 680 681 682 /* 683 * Returns the number of the token pointed to by cp or sBadOption. 684 */ 685 686 static ServerOpCodes 687 parse_token(const char *cp, const char *filename, 688 int linenum, u_int *flags) 689 { 690 u_int i; 691 692 for (i = 0; keywords[i].name; i++) 693 if (strcasecmp(cp, keywords[i].name) == 0) { 694 *flags = keywords[i].flags; 695 return keywords[i].opcode; 696 } 697 698 error("%s: line %d: Bad configuration option: %s", 699 filename, linenum, cp); 700 return sBadOption; 701 } 702 703 char * 704 derelativise_path(const char *path) 705 { 706 char *expanded, *ret, cwd[PATH_MAX]; 707 708 if (strcasecmp(path, "none") == 0) 709 return xstrdup("none"); 710 expanded = tilde_expand_filename(path, getuid()); 711 if (path_absolute(expanded)) 712 return expanded; 713 if (getcwd(cwd, sizeof(cwd)) == NULL) 714 fatal_f("getcwd: %s", strerror(errno)); 715 xasprintf(&ret, "%s/%s", cwd, expanded); 716 free(expanded); 717 return ret; 718 } 719 720 static void 721 add_listen_addr(ServerOptions *options, const char *addr, 722 const char *rdomain, int port) 723 { 724 u_int i; 725 726 if (port > 0) 727 add_one_listen_addr(options, addr, rdomain, port); 728 else { 729 for (i = 0; i < options->num_ports; i++) { 730 add_one_listen_addr(options, addr, rdomain, 731 options->ports[i]); 732 } 733 } 734 } 735 736 static void 737 add_one_listen_addr(ServerOptions *options, const char *addr, 738 const char *rdomain, int port) 739 { 740 struct addrinfo hints, *ai, *aitop; 741 char strport[NI_MAXSERV]; 742 int gaierr; 743 u_int i; 744 745 /* Find listen_addrs entry for this rdomain */ 746 for (i = 0; i < options->num_listen_addrs; i++) { 747 if (rdomain == NULL && options->listen_addrs[i].rdomain == NULL) 748 break; 749 if (rdomain == NULL || options->listen_addrs[i].rdomain == NULL) 750 continue; 751 if (strcmp(rdomain, options->listen_addrs[i].rdomain) == 0) 752 break; 753 } 754 if (i >= options->num_listen_addrs) { 755 /* No entry for this rdomain; allocate one */ 756 if (i >= INT_MAX) 757 fatal_f("too many listen addresses"); 758 options->listen_addrs = xrecallocarray(options->listen_addrs, 759 options->num_listen_addrs, options->num_listen_addrs + 1, 760 sizeof(*options->listen_addrs)); 761 i = options->num_listen_addrs++; 762 if (rdomain != NULL) 763 options->listen_addrs[i].rdomain = xstrdup(rdomain); 764 } 765 /* options->listen_addrs[i] points to the addresses for this rdomain */ 766 767 memset(&hints, 0, sizeof(hints)); 768 hints.ai_family = options->address_family; 769 hints.ai_socktype = SOCK_STREAM; 770 hints.ai_flags = (addr == NULL) ? AI_PASSIVE : 0; 771 snprintf(strport, sizeof strport, "%d", port); 772 if ((gaierr = getaddrinfo(addr, strport, &hints, &aitop)) != 0) 773 fatal("bad addr or host: %s (%s)", 774 addr ? addr : "<NULL>", 775 ssh_gai_strerror(gaierr)); 776 for (ai = aitop; ai->ai_next; ai = ai->ai_next) 777 ; 778 ai->ai_next = options->listen_addrs[i].addrs; 779 options->listen_addrs[i].addrs = aitop; 780 } 781 782 /* Returns nonzero if the routing domain name is valid */ 783 static int 784 valid_rdomain(const char *name) 785 { 786 const char *errstr; 787 long long num; 788 struct rt_tableinfo info; 789 int mib[6]; 790 size_t miblen = sizeof(mib); 791 792 if (name == NULL) 793 return 1; 794 795 num = strtonum(name, 0, 255, &errstr); 796 if (errstr != NULL) 797 return 0; 798 799 /* Check whether the table actually exists */ 800 memset(mib, 0, sizeof(mib)); 801 mib[0] = CTL_NET; 802 mib[1] = PF_ROUTE; 803 mib[4] = NET_RT_TABLE; 804 mib[5] = (int)num; 805 if (sysctl(mib, 6, &info, &miblen, NULL, 0) == -1) 806 return 0; 807 808 return 1; 809 } 810 811 /* 812 * Queue a ListenAddress to be processed once we have all of the Ports 813 * and AddressFamily options. 814 */ 815 static void 816 queue_listen_addr(ServerOptions *options, const char *addr, 817 const char *rdomain, int port) 818 { 819 struct queued_listenaddr *qla; 820 821 options->queued_listen_addrs = xrecallocarray( 822 options->queued_listen_addrs, 823 options->num_queued_listens, options->num_queued_listens + 1, 824 sizeof(*options->queued_listen_addrs)); 825 qla = &options->queued_listen_addrs[options->num_queued_listens++]; 826 qla->addr = xstrdup(addr); 827 qla->port = port; 828 qla->rdomain = rdomain == NULL ? NULL : xstrdup(rdomain); 829 } 830 831 /* 832 * Process queued (text) ListenAddress entries. 833 */ 834 static void 835 process_queued_listen_addrs(ServerOptions *options) 836 { 837 u_int i; 838 struct queued_listenaddr *qla; 839 840 if (options->num_ports == 0) 841 options->ports[options->num_ports++] = SSH_DEFAULT_PORT; 842 if (options->address_family == -1) 843 options->address_family = AF_UNSPEC; 844 845 for (i = 0; i < options->num_queued_listens; i++) { 846 qla = &options->queued_listen_addrs[i]; 847 add_listen_addr(options, qla->addr, qla->rdomain, qla->port); 848 free(qla->addr); 849 free(qla->rdomain); 850 } 851 free(options->queued_listen_addrs); 852 options->queued_listen_addrs = NULL; 853 options->num_queued_listens = 0; 854 } 855 856 /* 857 * Inform channels layer of permitopen options for a single forwarding 858 * direction (local/remote). 859 */ 860 static void 861 process_permitopen_list(struct ssh *ssh, ServerOpCodes opcode, 862 char **opens, u_int num_opens) 863 { 864 u_int i; 865 int port; 866 char *host, *arg, *oarg; 867 int where = opcode == sPermitOpen ? FORWARD_LOCAL : FORWARD_REMOTE; 868 const char *what = lookup_opcode_name(opcode); 869 870 channel_clear_permission(ssh, FORWARD_ADM, where); 871 if (num_opens == 0) 872 return; /* permit any */ 873 874 /* handle keywords: "any" / "none" */ 875 if (num_opens == 1 && strcmp(opens[0], "any") == 0) 876 return; 877 if (num_opens == 1 && strcmp(opens[0], "none") == 0) { 878 channel_disable_admin(ssh, where); 879 return; 880 } 881 /* Otherwise treat it as a list of permitted host:port */ 882 for (i = 0; i < num_opens; i++) { 883 oarg = arg = xstrdup(opens[i]); 884 host = hpdelim(&arg); 885 if (host == NULL) 886 fatal_f("missing host in %s", what); 887 host = cleanhostname(host); 888 if (arg == NULL || ((port = permitopen_port(arg)) < 0)) 889 fatal_f("bad port number in %s", what); 890 /* Send it to channels layer */ 891 channel_add_permission(ssh, FORWARD_ADM, 892 where, host, port); 893 free(oarg); 894 } 895 } 896 897 /* 898 * Inform channels layer of permitopen options from configuration. 899 */ 900 void 901 process_permitopen(struct ssh *ssh, ServerOptions *options) 902 { 903 process_permitopen_list(ssh, sPermitOpen, 904 options->permitted_opens, options->num_permitted_opens); 905 process_permitopen_list(ssh, sPermitListen, 906 options->permitted_listens, 907 options->num_permitted_listens); 908 } 909 910 /* Parse a ChannelTimeout clause "pattern=interval" */ 911 static int 912 parse_timeout(const char *s, char **typep, u_int *secsp) 913 { 914 char *cp, *sdup; 915 int secs; 916 917 if (typep != NULL) 918 *typep = NULL; 919 if (secsp != NULL) 920 *secsp = 0; 921 if (s == NULL) 922 return -1; 923 sdup = xstrdup(s); 924 925 if ((cp = strchr(sdup, '=')) == NULL || cp == sdup) { 926 free(sdup); 927 return -1; 928 } 929 *cp++ = '\0'; 930 if ((secs = convtime(cp)) < 0) { 931 free(sdup); 932 return -1; 933 } 934 /* success */ 935 if (typep != NULL) 936 *typep = xstrdup(sdup); 937 if (secsp != NULL) 938 *secsp = (u_int)secs; 939 free(sdup); 940 return 0; 941 } 942 943 void 944 process_channel_timeouts(struct ssh *ssh, ServerOptions *options) 945 { 946 u_int i, secs; 947 char *type; 948 949 debug3_f("setting %u timeouts", options->num_channel_timeouts); 950 channel_clear_timeouts(ssh); 951 for (i = 0; i < options->num_channel_timeouts; i++) { 952 if (parse_timeout(options->channel_timeouts[i], 953 &type, &secs) != 0) { 954 fatal_f("internal error: bad timeout %s", 955 options->channel_timeouts[i]); 956 } 957 channel_add_timeout(ssh, type, secs); 958 free(type); 959 } 960 } 961 962 struct connection_info * 963 get_connection_info(struct ssh *ssh, int populate, int use_dns) 964 { 965 static struct connection_info ci; 966 967 if (ssh == NULL || !populate) 968 return &ci; 969 ci.host = auth_get_canonical_hostname(ssh, use_dns); 970 ci.address = ssh_remote_ipaddr(ssh); 971 ci.laddress = ssh_local_ipaddr(ssh); 972 ci.lport = ssh_local_port(ssh); 973 ci.rdomain = ssh_packet_rdomain_in(ssh); 974 return &ci; 975 } 976 977 /* 978 * The strategy for the Match blocks is that the config file is parsed twice. 979 * 980 * The first time is at startup. activep is initialized to 1 and the 981 * directives in the global context are processed and acted on. Hitting a 982 * Match directive unsets activep and the directives inside the block are 983 * checked for syntax only. 984 * 985 * The second time is after a connection has been established but before 986 * authentication. activep is initialized to 2 and global config directives 987 * are ignored since they have already been processed. If the criteria in a 988 * Match block is met, activep is set and the subsequent directives 989 * processed and actioned until EOF or another Match block unsets it. Any 990 * options set are copied into the main server config. 991 * 992 * Potential additions/improvements: 993 * - Add Match support for pre-kex directives, eg. Ciphers. 994 * 995 * - Add a Tag directive (idea from David Leonard) ala pf, eg: 996 * Match Address 192.168.0.* 997 * Tag trusted 998 * Match Group wheel 999 * Tag trusted 1000 * Match Tag trusted 1001 * AllowTcpForwarding yes 1002 * GatewayPorts clientspecified 1003 * [...] 1004 * 1005 * - Add a PermittedChannelRequests directive 1006 * Match Group shell 1007 * PermittedChannelRequests session,forwarded-tcpip 1008 */ 1009 1010 static int 1011 match_cfg_line_group(const char *grps, int line, const char *user) 1012 { 1013 int result = 0; 1014 struct passwd *pw; 1015 1016 if (user == NULL) 1017 goto out; 1018 1019 if ((pw = getpwnam(user)) == NULL) { 1020 debug("Can't match group at line %d because user %.100s does " 1021 "not exist", line, user); 1022 } else if (ga_init(pw->pw_name, pw->pw_gid) == 0) { 1023 debug("Can't Match group because user %.100s not in any group " 1024 "at line %d", user, line); 1025 } else if (ga_match_pattern_list(grps) != 1) { 1026 debug("user %.100s does not match group list %.100s at line %d", 1027 user, grps, line); 1028 } else { 1029 debug("user %.100s matched group list %.100s at line %d", user, 1030 grps, line); 1031 result = 1; 1032 } 1033 out: 1034 ga_free(); 1035 return result; 1036 } 1037 1038 static void 1039 match_test_missing_fatal(const char *criteria, const char *attrib) 1040 { 1041 fatal("'Match %s' in configuration but '%s' not in connection " 1042 "test specification.", criteria, attrib); 1043 } 1044 1045 /* 1046 * All of the attributes on a single Match line are ANDed together, so we need 1047 * to check every attribute and set the result to zero if any attribute does 1048 * not match. 1049 */ 1050 static int 1051 match_cfg_line(char **condition, int line, struct connection_info *ci) 1052 { 1053 int result = 1, attributes = 0, port; 1054 char *arg, *attrib, *cp = *condition; 1055 1056 if (ci == NULL) 1057 debug3("checking syntax for 'Match %s'", cp); 1058 else 1059 debug3("checking match for '%s' user %s host %s addr %s " 1060 "laddr %s lport %d", cp, ci->user ? ci->user : "(null)", 1061 ci->host ? ci->host : "(null)", 1062 ci->address ? ci->address : "(null)", 1063 ci->laddress ? ci->laddress : "(null)", ci->lport); 1064 1065 while ((attrib = strdelim(&cp)) && *attrib != '\0') { 1066 /* Terminate on comment */ 1067 if (*attrib == '#') { 1068 cp = NULL; /* mark all arguments consumed */ 1069 break; 1070 } 1071 arg = NULL; 1072 attributes++; 1073 /* Criterion "all" has no argument and must appear alone */ 1074 if (strcasecmp(attrib, "all") == 0) { 1075 if (attributes > 1 || ((arg = strdelim(&cp)) != NULL && 1076 *arg != '\0' && *arg != '#')) { 1077 error("'all' cannot be combined with other " 1078 "Match attributes"); 1079 return -1; 1080 } 1081 if (arg != NULL && *arg == '#') 1082 cp = NULL; /* mark all arguments consumed */ 1083 *condition = cp; 1084 return 1; 1085 } 1086 /* All other criteria require an argument */ 1087 if ((arg = strdelim(&cp)) == NULL || 1088 *arg == '\0' || *arg == '#') { 1089 error("Missing Match criteria for %s", attrib); 1090 return -1; 1091 } 1092 if (strcasecmp(attrib, "user") == 0) { 1093 if (ci == NULL || (ci->test && ci->user == NULL)) { 1094 result = 0; 1095 continue; 1096 } 1097 if (ci->user == NULL) 1098 match_test_missing_fatal("User", "user"); 1099 if (match_usergroup_pattern_list(ci->user, arg) != 1) 1100 result = 0; 1101 else 1102 debug("user %.100s matched 'User %.100s' at " 1103 "line %d", ci->user, arg, line); 1104 } else if (strcasecmp(attrib, "group") == 0) { 1105 if (ci == NULL || (ci->test && ci->user == NULL)) { 1106 result = 0; 1107 continue; 1108 } 1109 if (ci->user == NULL) 1110 match_test_missing_fatal("Group", "user"); 1111 switch (match_cfg_line_group(arg, line, ci->user)) { 1112 case -1: 1113 return -1; 1114 case 0: 1115 result = 0; 1116 } 1117 } else if (strcasecmp(attrib, "host") == 0) { 1118 if (ci == NULL || (ci->test && ci->host == NULL)) { 1119 result = 0; 1120 continue; 1121 } 1122 if (ci->host == NULL) 1123 match_test_missing_fatal("Host", "host"); 1124 if (match_hostname(ci->host, arg) != 1) 1125 result = 0; 1126 else 1127 debug("connection from %.100s matched 'Host " 1128 "%.100s' at line %d", ci->host, arg, line); 1129 } else if (strcasecmp(attrib, "address") == 0) { 1130 if (ci == NULL || (ci->test && ci->address == NULL)) { 1131 if (addr_match_list(NULL, arg) != 0) 1132 fatal("Invalid Match address argument " 1133 "'%s' at line %d", arg, line); 1134 result = 0; 1135 continue; 1136 } 1137 if (ci->address == NULL) 1138 match_test_missing_fatal("Address", "addr"); 1139 switch (addr_match_list(ci->address, arg)) { 1140 case 1: 1141 debug("connection from %.100s matched 'Address " 1142 "%.100s' at line %d", ci->address, arg, line); 1143 break; 1144 case 0: 1145 case -1: 1146 result = 0; 1147 break; 1148 case -2: 1149 return -1; 1150 } 1151 } else if (strcasecmp(attrib, "localaddress") == 0){ 1152 if (ci == NULL || (ci->test && ci->laddress == NULL)) { 1153 if (addr_match_list(NULL, arg) != 0) 1154 fatal("Invalid Match localaddress " 1155 "argument '%s' at line %d", arg, 1156 line); 1157 result = 0; 1158 continue; 1159 } 1160 if (ci->laddress == NULL) 1161 match_test_missing_fatal("LocalAddress", 1162 "laddr"); 1163 switch (addr_match_list(ci->laddress, arg)) { 1164 case 1: 1165 debug("connection from %.100s matched " 1166 "'LocalAddress %.100s' at line %d", 1167 ci->laddress, arg, line); 1168 break; 1169 case 0: 1170 case -1: 1171 result = 0; 1172 break; 1173 case -2: 1174 return -1; 1175 } 1176 } else if (strcasecmp(attrib, "localport") == 0) { 1177 if ((port = a2port(arg)) == -1) { 1178 error("Invalid LocalPort '%s' on Match line", 1179 arg); 1180 return -1; 1181 } 1182 if (ci == NULL || (ci->test && ci->lport == -1)) { 1183 result = 0; 1184 continue; 1185 } 1186 if (ci->lport == 0) 1187 match_test_missing_fatal("LocalPort", "lport"); 1188 /* TODO support port lists */ 1189 if (port == ci->lport) 1190 debug("connection from %.100s matched " 1191 "'LocalPort %d' at line %d", 1192 ci->laddress, port, line); 1193 else 1194 result = 0; 1195 } else if (strcasecmp(attrib, "rdomain") == 0) { 1196 if (ci == NULL || (ci->test && ci->rdomain == NULL)) { 1197 result = 0; 1198 continue; 1199 } 1200 if (ci->rdomain == NULL) 1201 match_test_missing_fatal("RDomain", "rdomain"); 1202 if (match_pattern_list(ci->rdomain, arg, 0) != 1) 1203 result = 0; 1204 else 1205 debug("user %.100s matched 'RDomain %.100s' at " 1206 "line %d", ci->rdomain, arg, line); 1207 } else { 1208 error("Unsupported Match attribute %s", attrib); 1209 return -1; 1210 } 1211 } 1212 if (attributes == 0) { 1213 error("One or more attributes required for Match"); 1214 return -1; 1215 } 1216 if (ci != NULL) 1217 debug3("match %sfound", result ? "" : "not "); 1218 *condition = cp; 1219 return result; 1220 } 1221 1222 #define WHITESPACE " \t\r\n" 1223 1224 /* Multistate option parsing */ 1225 struct multistate { 1226 char *key; 1227 int value; 1228 }; 1229 static const struct multistate multistate_flag[] = { 1230 { "yes", 1 }, 1231 { "no", 0 }, 1232 { NULL, -1 } 1233 }; 1234 static const struct multistate multistate_ignore_rhosts[] = { 1235 { "yes", IGNORE_RHOSTS_YES }, 1236 { "no", IGNORE_RHOSTS_NO }, 1237 { "shosts-only", IGNORE_RHOSTS_SHOSTS }, 1238 { NULL, -1 } 1239 }; 1240 static const struct multistate multistate_addressfamily[] = { 1241 { "inet", AF_INET }, 1242 { "inet6", AF_INET6 }, 1243 { "any", AF_UNSPEC }, 1244 { NULL, -1 } 1245 }; 1246 static const struct multistate multistate_permitrootlogin[] = { 1247 { "without-password", PERMIT_NO_PASSWD }, 1248 { "prohibit-password", PERMIT_NO_PASSWD }, 1249 { "forced-commands-only", PERMIT_FORCED_ONLY }, 1250 { "yes", PERMIT_YES }, 1251 { "no", PERMIT_NO }, 1252 { NULL, -1 } 1253 }; 1254 static const struct multistate multistate_compression[] = { 1255 #ifdef WITH_ZLIB 1256 { "yes", COMP_DELAYED }, 1257 { "delayed", COMP_DELAYED }, 1258 #endif 1259 { "no", COMP_NONE }, 1260 { NULL, -1 } 1261 }; 1262 static const struct multistate multistate_gatewayports[] = { 1263 { "clientspecified", 2 }, 1264 { "yes", 1 }, 1265 { "no", 0 }, 1266 { NULL, -1 } 1267 }; 1268 static const struct multistate multistate_tcpfwd[] = { 1269 { "yes", FORWARD_ALLOW }, 1270 { "all", FORWARD_ALLOW }, 1271 { "no", FORWARD_DENY }, 1272 { "remote", FORWARD_REMOTE }, 1273 { "local", FORWARD_LOCAL }, 1274 { NULL, -1 } 1275 }; 1276 1277 static int 1278 process_server_config_line_depth(ServerOptions *options, char *line, 1279 const char *filename, int linenum, int *activep, 1280 struct connection_info *connectinfo, int *inc_flags, int depth, 1281 struct include_list *includes) 1282 { 1283 char *str, ***chararrayptr, **charptr, *arg, *arg2, *p, *keyword; 1284 int cmdline = 0, *intptr, value, value2, n, port, oactive, r, found; 1285 SyslogFacility *log_facility_ptr; 1286 LogLevel *log_level_ptr; 1287 ServerOpCodes opcode; 1288 u_int i, *uintptr, uvalue, flags = 0; 1289 size_t len; 1290 long long val64; 1291 const struct multistate *multistate_ptr; 1292 const char *errstr; 1293 struct include_item *item; 1294 glob_t gbuf; 1295 char **oav = NULL, **av; 1296 int oac = 0, ac; 1297 int ret = -1; 1298 1299 /* Strip trailing whitespace. Allow \f (form feed) at EOL only */ 1300 if ((len = strlen(line)) == 0) 1301 return 0; 1302 for (len--; len > 0; len--) { 1303 if (strchr(WHITESPACE "\f", line[len]) == NULL) 1304 break; 1305 line[len] = '\0'; 1306 } 1307 1308 str = line; 1309 if ((keyword = strdelim(&str)) == NULL) 1310 return 0; 1311 /* Ignore leading whitespace */ 1312 if (*keyword == '\0') 1313 keyword = strdelim(&str); 1314 if (!keyword || !*keyword || *keyword == '#') 1315 return 0; 1316 if (str == NULL || *str == '\0') { 1317 error("%s line %d: no argument after keyword \"%s\"", 1318 filename, linenum, keyword); 1319 return -1; 1320 } 1321 intptr = NULL; 1322 charptr = NULL; 1323 opcode = parse_token(keyword, filename, linenum, &flags); 1324 1325 if (argv_split(str, &oac, &oav, 1) != 0) { 1326 error("%s line %d: invalid quotes", filename, linenum); 1327 return -1; 1328 } 1329 ac = oac; 1330 av = oav; 1331 1332 if (activep == NULL) { /* We are processing a command line directive */ 1333 cmdline = 1; 1334 activep = &cmdline; 1335 } 1336 if (*activep && opcode != sMatch && opcode != sInclude) 1337 debug3("%s:%d setting %s %s", filename, linenum, keyword, str); 1338 if (*activep == 0 && !(flags & SSHCFG_MATCH)) { 1339 if (connectinfo == NULL) { 1340 fatal("%s line %d: Directive '%s' is not allowed " 1341 "within a Match block", filename, linenum, keyword); 1342 } else { /* this is a directive we have already processed */ 1343 ret = 0; 1344 goto out; 1345 } 1346 } 1347 1348 switch (opcode) { 1349 case sBadOption: 1350 goto out; 1351 case sPort: 1352 /* ignore ports from configfile if cmdline specifies ports */ 1353 if (options->ports_from_cmdline) { 1354 argv_consume(&ac); 1355 break; 1356 } 1357 if (options->num_ports >= MAX_PORTS) 1358 fatal("%s line %d: too many ports.", 1359 filename, linenum); 1360 arg = argv_next(&ac, &av); 1361 if (!arg || *arg == '\0') 1362 fatal("%s line %d: missing port number.", 1363 filename, linenum); 1364 options->ports[options->num_ports++] = a2port(arg); 1365 if (options->ports[options->num_ports-1] <= 0) 1366 fatal("%s line %d: Badly formatted port number.", 1367 filename, linenum); 1368 break; 1369 1370 case sLoginGraceTime: 1371 intptr = &options->login_grace_time; 1372 parse_time: 1373 arg = argv_next(&ac, &av); 1374 if (!arg || *arg == '\0') 1375 fatal("%s line %d: missing time value.", 1376 filename, linenum); 1377 if ((value = convtime(arg)) == -1) 1378 fatal("%s line %d: invalid time value.", 1379 filename, linenum); 1380 if (*activep && *intptr == -1) 1381 *intptr = value; 1382 break; 1383 1384 case sListenAddress: 1385 arg = argv_next(&ac, &av); 1386 if (arg == NULL || *arg == '\0') 1387 fatal("%s line %d: missing address", 1388 filename, linenum); 1389 /* check for bare IPv6 address: no "[]" and 2 or more ":" */ 1390 if (strchr(arg, '[') == NULL && (p = strchr(arg, ':')) != NULL 1391 && strchr(p+1, ':') != NULL) { 1392 port = 0; 1393 p = arg; 1394 } else { 1395 arg2 = NULL; 1396 p = hpdelim(&arg); 1397 if (p == NULL) 1398 fatal("%s line %d: bad address:port usage", 1399 filename, linenum); 1400 p = cleanhostname(p); 1401 if (arg == NULL) 1402 port = 0; 1403 else if ((port = a2port(arg)) <= 0) 1404 fatal("%s line %d: bad port number", 1405 filename, linenum); 1406 } 1407 /* Optional routing table */ 1408 arg2 = NULL; 1409 if ((arg = argv_next(&ac, &av)) != NULL) { 1410 if (strcmp(arg, "rdomain") != 0 || 1411 (arg2 = argv_next(&ac, &av)) == NULL) 1412 fatal("%s line %d: bad ListenAddress syntax", 1413 filename, linenum); 1414 if (!valid_rdomain(arg2)) 1415 fatal("%s line %d: bad routing domain", 1416 filename, linenum); 1417 } 1418 queue_listen_addr(options, p, arg2, port); 1419 1420 break; 1421 1422 case sAddressFamily: 1423 intptr = &options->address_family; 1424 multistate_ptr = multistate_addressfamily; 1425 parse_multistate: 1426 arg = argv_next(&ac, &av); 1427 if (!arg || *arg == '\0') 1428 fatal("%s line %d: missing argument.", 1429 filename, linenum); 1430 value = -1; 1431 for (i = 0; multistate_ptr[i].key != NULL; i++) { 1432 if (strcasecmp(arg, multistate_ptr[i].key) == 0) { 1433 value = multistate_ptr[i].value; 1434 break; 1435 } 1436 } 1437 if (value == -1) 1438 fatal("%s line %d: unsupported option \"%s\".", 1439 filename, linenum, arg); 1440 if (*activep && *intptr == -1) 1441 *intptr = value; 1442 break; 1443 1444 case sHostKeyFile: 1445 arg = argv_next(&ac, &av); 1446 if (!arg || *arg == '\0') 1447 fatal("%s line %d: missing file name.", 1448 filename, linenum); 1449 if (*activep) { 1450 servconf_add_hostkey(filename, linenum, 1451 options, arg, 1); 1452 } 1453 break; 1454 1455 case sHostKeyAgent: 1456 charptr = &options->host_key_agent; 1457 arg = argv_next(&ac, &av); 1458 if (!arg || *arg == '\0') 1459 fatal("%s line %d: missing socket name.", 1460 filename, linenum); 1461 if (*activep && *charptr == NULL) 1462 *charptr = !strcmp(arg, SSH_AUTHSOCKET_ENV_NAME) ? 1463 xstrdup(arg) : derelativise_path(arg); 1464 break; 1465 1466 case sHostCertificate: 1467 arg = argv_next(&ac, &av); 1468 if (!arg || *arg == '\0') 1469 fatal("%s line %d: missing file name.", 1470 filename, linenum); 1471 if (*activep) 1472 servconf_add_hostcert(filename, linenum, options, arg); 1473 break; 1474 1475 case sPidFile: 1476 charptr = &options->pid_file; 1477 parse_filename: 1478 arg = argv_next(&ac, &av); 1479 if (!arg || *arg == '\0') 1480 fatal("%s line %d: missing file name.", 1481 filename, linenum); 1482 if (*activep && *charptr == NULL) { 1483 *charptr = derelativise_path(arg); 1484 /* increase optional counter */ 1485 if (intptr != NULL) 1486 *intptr = *intptr + 1; 1487 } 1488 break; 1489 1490 case sModuliFile: 1491 charptr = &options->moduli_file; 1492 goto parse_filename; 1493 1494 case sPermitRootLogin: 1495 intptr = &options->permit_root_login; 1496 multistate_ptr = multistate_permitrootlogin; 1497 goto parse_multistate; 1498 1499 case sIgnoreRhosts: 1500 intptr = &options->ignore_rhosts; 1501 multistate_ptr = multistate_ignore_rhosts; 1502 goto parse_multistate; 1503 1504 case sIgnoreUserKnownHosts: 1505 intptr = &options->ignore_user_known_hosts; 1506 parse_flag: 1507 multistate_ptr = multistate_flag; 1508 goto parse_multistate; 1509 1510 case sHostbasedAuthentication: 1511 intptr = &options->hostbased_authentication; 1512 goto parse_flag; 1513 1514 case sHostbasedUsesNameFromPacketOnly: 1515 intptr = &options->hostbased_uses_name_from_packet_only; 1516 goto parse_flag; 1517 1518 case sHostbasedAcceptedAlgorithms: 1519 charptr = &options->hostbased_accepted_algos; 1520 parse_pubkey_algos: 1521 arg = argv_next(&ac, &av); 1522 if (!arg || *arg == '\0') 1523 fatal("%s line %d: Missing argument.", 1524 filename, linenum); 1525 if (*arg != '-' && 1526 !sshkey_names_valid2(*arg == '+' || *arg == '^' ? 1527 arg + 1 : arg, 1)) 1528 fatal("%s line %d: Bad key types '%s'.", 1529 filename, linenum, arg ? arg : "<NONE>"); 1530 if (*activep && *charptr == NULL) 1531 *charptr = xstrdup(arg); 1532 break; 1533 1534 case sHostKeyAlgorithms: 1535 charptr = &options->hostkeyalgorithms; 1536 goto parse_pubkey_algos; 1537 1538 case sCASignatureAlgorithms: 1539 charptr = &options->ca_sign_algorithms; 1540 goto parse_pubkey_algos; 1541 1542 case sPubkeyAuthentication: 1543 intptr = &options->pubkey_authentication; 1544 goto parse_flag; 1545 1546 case sPubkeyAcceptedAlgorithms: 1547 charptr = &options->pubkey_accepted_algos; 1548 goto parse_pubkey_algos; 1549 1550 case sPubkeyAuthOptions: 1551 intptr = &options->pubkey_auth_options; 1552 value = 0; 1553 while ((arg = argv_next(&ac, &av)) != NULL) { 1554 if (strcasecmp(arg, "none") == 0) 1555 continue; 1556 if (strcasecmp(arg, "touch-required") == 0) 1557 value |= PUBKEYAUTH_TOUCH_REQUIRED; 1558 else if (strcasecmp(arg, "verify-required") == 0) 1559 value |= PUBKEYAUTH_VERIFY_REQUIRED; 1560 else { 1561 error("%s line %d: unsupported %s option %s", 1562 filename, linenum, keyword, arg); 1563 goto out; 1564 } 1565 } 1566 if (*activep && *intptr == -1) 1567 *intptr = value; 1568 break; 1569 1570 case sKerberosAuthentication: 1571 intptr = &options->kerberos_authentication; 1572 goto parse_flag; 1573 1574 case sKerberosOrLocalPasswd: 1575 intptr = &options->kerberos_or_local_passwd; 1576 goto parse_flag; 1577 1578 case sKerberosTicketCleanup: 1579 intptr = &options->kerberos_ticket_cleanup; 1580 goto parse_flag; 1581 1582 case sKerberosGetAFSToken: 1583 intptr = &options->kerberos_get_afs_token; 1584 goto parse_flag; 1585 1586 case sGssAuthentication: 1587 intptr = &options->gss_authentication; 1588 goto parse_flag; 1589 1590 case sGssCleanupCreds: 1591 intptr = &options->gss_cleanup_creds; 1592 goto parse_flag; 1593 1594 case sGssStrictAcceptor: 1595 intptr = &options->gss_strict_acceptor; 1596 goto parse_flag; 1597 1598 case sPasswordAuthentication: 1599 intptr = &options->password_authentication; 1600 goto parse_flag; 1601 1602 case sKbdInteractiveAuthentication: 1603 intptr = &options->kbd_interactive_authentication; 1604 goto parse_flag; 1605 1606 case sPrintMotd: 1607 intptr = &options->print_motd; 1608 goto parse_flag; 1609 1610 case sPrintLastLog: 1611 intptr = &options->print_lastlog; 1612 goto parse_flag; 1613 1614 case sX11Forwarding: 1615 intptr = &options->x11_forwarding; 1616 goto parse_flag; 1617 1618 case sX11DisplayOffset: 1619 intptr = &options->x11_display_offset; 1620 parse_int: 1621 arg = argv_next(&ac, &av); 1622 if ((errstr = atoi_err(arg, &value)) != NULL) 1623 fatal("%s line %d: %s integer value %s.", 1624 filename, linenum, keyword, errstr); 1625 if (*activep && *intptr == -1) 1626 *intptr = value; 1627 break; 1628 1629 case sX11UseLocalhost: 1630 intptr = &options->x11_use_localhost; 1631 goto parse_flag; 1632 1633 case sXAuthLocation: 1634 charptr = &options->xauth_location; 1635 goto parse_filename; 1636 1637 case sPermitTTY: 1638 intptr = &options->permit_tty; 1639 goto parse_flag; 1640 1641 case sPermitUserRC: 1642 intptr = &options->permit_user_rc; 1643 goto parse_flag; 1644 1645 case sStrictModes: 1646 intptr = &options->strict_modes; 1647 goto parse_flag; 1648 1649 case sTCPKeepAlive: 1650 intptr = &options->tcp_keep_alive; 1651 goto parse_flag; 1652 1653 case sEmptyPasswd: 1654 intptr = &options->permit_empty_passwd; 1655 goto parse_flag; 1656 1657 case sPermitUserEnvironment: 1658 intptr = &options->permit_user_env; 1659 charptr = &options->permit_user_env_allowlist; 1660 arg = argv_next(&ac, &av); 1661 if (!arg || *arg == '\0') 1662 fatal("%s line %d: %s missing argument.", 1663 filename, linenum, keyword); 1664 value = 0; 1665 p = NULL; 1666 if (strcmp(arg, "yes") == 0) 1667 value = 1; 1668 else if (strcmp(arg, "no") == 0) 1669 value = 0; 1670 else { 1671 /* Pattern-list specified */ 1672 value = 1; 1673 p = xstrdup(arg); 1674 } 1675 if (*activep && *intptr == -1) { 1676 *intptr = value; 1677 *charptr = p; 1678 p = NULL; 1679 } 1680 free(p); 1681 break; 1682 1683 case sCompression: 1684 intptr = &options->compression; 1685 multistate_ptr = multistate_compression; 1686 goto parse_multistate; 1687 1688 case sRekeyLimit: 1689 arg = argv_next(&ac, &av); 1690 if (!arg || *arg == '\0') 1691 fatal("%s line %d: %s missing argument.", 1692 filename, linenum, keyword); 1693 if (strcmp(arg, "default") == 0) { 1694 val64 = 0; 1695 } else { 1696 if (scan_scaled(arg, &val64) == -1) 1697 fatal("%.200s line %d: Bad %s number '%s': %s", 1698 filename, linenum, keyword, 1699 arg, strerror(errno)); 1700 if (val64 != 0 && val64 < 16) 1701 fatal("%.200s line %d: %s too small", 1702 filename, linenum, keyword); 1703 } 1704 if (*activep && options->rekey_limit == -1) 1705 options->rekey_limit = val64; 1706 if (ac != 0) { /* optional rekey interval present */ 1707 if (strcmp(av[0], "none") == 0) { 1708 (void)argv_next(&ac, &av); /* discard */ 1709 break; 1710 } 1711 intptr = &options->rekey_interval; 1712 goto parse_time; 1713 } 1714 break; 1715 1716 case sGatewayPorts: 1717 intptr = &options->fwd_opts.gateway_ports; 1718 multistate_ptr = multistate_gatewayports; 1719 goto parse_multistate; 1720 1721 case sUseDNS: 1722 intptr = &options->use_dns; 1723 goto parse_flag; 1724 1725 case sLogFacility: 1726 log_facility_ptr = &options->log_facility; 1727 arg = argv_next(&ac, &av); 1728 value = log_facility_number(arg); 1729 if (value == SYSLOG_FACILITY_NOT_SET) 1730 fatal("%.200s line %d: unsupported log facility '%s'", 1731 filename, linenum, arg ? arg : "<NONE>"); 1732 if (*log_facility_ptr == -1) 1733 *log_facility_ptr = (SyslogFacility) value; 1734 break; 1735 1736 case sLogLevel: 1737 log_level_ptr = &options->log_level; 1738 arg = argv_next(&ac, &av); 1739 value = log_level_number(arg); 1740 if (value == SYSLOG_LEVEL_NOT_SET) 1741 fatal("%.200s line %d: unsupported log level '%s'", 1742 filename, linenum, arg ? arg : "<NONE>"); 1743 if (*activep && *log_level_ptr == -1) 1744 *log_level_ptr = (LogLevel) value; 1745 break; 1746 1747 case sLogVerbose: 1748 found = options->num_log_verbose == 0; 1749 i = 0; 1750 while ((arg = argv_next(&ac, &av)) != NULL) { 1751 if (*arg == '\0') { 1752 error("%s line %d: keyword %s empty argument", 1753 filename, linenum, keyword); 1754 goto out; 1755 } 1756 /* Allow "none" only in first position */ 1757 if (strcasecmp(arg, "none") == 0) { 1758 if (i > 0 || ac > 0) { 1759 error("%s line %d: keyword %s \"none\" " 1760 "argument must appear alone.", 1761 filename, linenum, keyword); 1762 goto out; 1763 } 1764 } 1765 i++; 1766 if (!found || !*activep) 1767 continue; 1768 opt_array_append(filename, linenum, keyword, 1769 &options->log_verbose, &options->num_log_verbose, 1770 arg); 1771 } 1772 break; 1773 1774 case sAllowTcpForwarding: 1775 intptr = &options->allow_tcp_forwarding; 1776 multistate_ptr = multistate_tcpfwd; 1777 goto parse_multistate; 1778 1779 case sAllowStreamLocalForwarding: 1780 intptr = &options->allow_streamlocal_forwarding; 1781 multistate_ptr = multistate_tcpfwd; 1782 goto parse_multistate; 1783 1784 case sAllowAgentForwarding: 1785 intptr = &options->allow_agent_forwarding; 1786 goto parse_flag; 1787 1788 case sDisableForwarding: 1789 intptr = &options->disable_forwarding; 1790 goto parse_flag; 1791 1792 case sAllowUsers: 1793 chararrayptr = &options->allow_users; 1794 uintptr = &options->num_allow_users; 1795 parse_allowdenyusers: 1796 while ((arg = argv_next(&ac, &av)) != NULL) { 1797 if (*arg == '\0' || 1798 match_user(NULL, NULL, NULL, arg) == -1) 1799 fatal("%s line %d: invalid %s pattern: \"%s\"", 1800 filename, linenum, keyword, arg); 1801 if (!*activep) 1802 continue; 1803 opt_array_append(filename, linenum, keyword, 1804 chararrayptr, uintptr, arg); 1805 } 1806 break; 1807 1808 case sDenyUsers: 1809 chararrayptr = &options->deny_users; 1810 uintptr = &options->num_deny_users; 1811 goto parse_allowdenyusers; 1812 1813 case sAllowGroups: 1814 chararrayptr = &options->allow_groups; 1815 uintptr = &options->num_allow_groups; 1816 parse_allowdenygroups: 1817 while ((arg = argv_next(&ac, &av)) != NULL) { 1818 if (*arg == '\0') 1819 fatal("%s line %d: empty %s pattern", 1820 filename, linenum, keyword); 1821 if (!*activep) 1822 continue; 1823 opt_array_append(filename, linenum, keyword, 1824 chararrayptr, uintptr, arg); 1825 } 1826 break; 1827 1828 case sDenyGroups: 1829 chararrayptr = &options->deny_groups; 1830 uintptr = &options->num_deny_groups; 1831 goto parse_allowdenygroups; 1832 1833 case sCiphers: 1834 arg = argv_next(&ac, &av); 1835 if (!arg || *arg == '\0') 1836 fatal("%s line %d: %s missing argument.", 1837 filename, linenum, keyword); 1838 if (*arg != '-' && 1839 !ciphers_valid(*arg == '+' || *arg == '^' ? arg + 1 : arg)) 1840 fatal("%s line %d: Bad SSH2 cipher spec '%s'.", 1841 filename, linenum, arg ? arg : "<NONE>"); 1842 if (options->ciphers == NULL) 1843 options->ciphers = xstrdup(arg); 1844 break; 1845 1846 case sMacs: 1847 arg = argv_next(&ac, &av); 1848 if (!arg || *arg == '\0') 1849 fatal("%s line %d: %s missing argument.", 1850 filename, linenum, keyword); 1851 if (*arg != '-' && 1852 !mac_valid(*arg == '+' || *arg == '^' ? arg + 1 : arg)) 1853 fatal("%s line %d: Bad SSH2 mac spec '%s'.", 1854 filename, linenum, arg ? arg : "<NONE>"); 1855 if (options->macs == NULL) 1856 options->macs = xstrdup(arg); 1857 break; 1858 1859 case sKexAlgorithms: 1860 arg = argv_next(&ac, &av); 1861 if (!arg || *arg == '\0') 1862 fatal("%s line %d: %s missing argument.", 1863 filename, linenum, keyword); 1864 if (*arg != '-' && 1865 !kex_names_valid(*arg == '+' || *arg == '^' ? 1866 arg + 1 : arg)) 1867 fatal("%s line %d: Bad SSH2 KexAlgorithms '%s'.", 1868 filename, linenum, arg ? arg : "<NONE>"); 1869 if (options->kex_algorithms == NULL) 1870 options->kex_algorithms = xstrdup(arg); 1871 break; 1872 1873 case sSubsystem: 1874 if (options->num_subsystems >= MAX_SUBSYSTEMS) { 1875 fatal("%s line %d: too many subsystems defined.", 1876 filename, linenum); 1877 } 1878 arg = argv_next(&ac, &av); 1879 if (!arg || *arg == '\0') 1880 fatal("%s line %d: %s missing argument.", 1881 filename, linenum, keyword); 1882 if (!*activep) { 1883 arg = argv_next(&ac, &av); 1884 break; 1885 } 1886 for (i = 0; i < options->num_subsystems; i++) 1887 if (strcmp(arg, options->subsystem_name[i]) == 0) 1888 fatal("%s line %d: Subsystem '%s' " 1889 "already defined.", filename, linenum, arg); 1890 options->subsystem_name[options->num_subsystems] = xstrdup(arg); 1891 arg = argv_next(&ac, &av); 1892 if (!arg || *arg == '\0') 1893 fatal("%s line %d: Missing subsystem command.", 1894 filename, linenum); 1895 options->subsystem_command[options->num_subsystems] = xstrdup(arg); 1896 1897 /* Collect arguments (separate to executable) */ 1898 p = xstrdup(arg); 1899 len = strlen(p) + 1; 1900 while ((arg = argv_next(&ac, &av)) != NULL) { 1901 len += 1 + strlen(arg); 1902 p = xreallocarray(p, 1, len); 1903 strlcat(p, " ", len); 1904 strlcat(p, arg, len); 1905 } 1906 options->subsystem_args[options->num_subsystems] = p; 1907 options->num_subsystems++; 1908 break; 1909 1910 case sMaxStartups: 1911 arg = argv_next(&ac, &av); 1912 if (!arg || *arg == '\0') 1913 fatal("%s line %d: %s missing argument.", 1914 filename, linenum, keyword); 1915 if ((n = sscanf(arg, "%d:%d:%d", 1916 &options->max_startups_begin, 1917 &options->max_startups_rate, 1918 &options->max_startups)) == 3) { 1919 if (options->max_startups_begin > 1920 options->max_startups || 1921 options->max_startups_rate > 100 || 1922 options->max_startups_rate < 1) 1923 fatal("%s line %d: Invalid %s spec.", 1924 filename, linenum, keyword); 1925 } else if (n != 1) 1926 fatal("%s line %d: Invalid %s spec.", 1927 filename, linenum, keyword); 1928 else 1929 options->max_startups = options->max_startups_begin; 1930 if (options->max_startups <= 0 || 1931 options->max_startups_begin <= 0) 1932 fatal("%s line %d: Invalid %s spec.", 1933 filename, linenum, keyword); 1934 break; 1935 1936 case sPerSourceNetBlockSize: 1937 arg = argv_next(&ac, &av); 1938 if (!arg || *arg == '\0') 1939 fatal("%s line %d: %s missing argument.", 1940 filename, linenum, keyword); 1941 switch (n = sscanf(arg, "%d:%d", &value, &value2)) { 1942 case 2: 1943 if (value2 < 0 || value2 > 128) 1944 n = -1; 1945 /* FALLTHROUGH */ 1946 case 1: 1947 if (value < 0 || value > 32) 1948 n = -1; 1949 } 1950 if (n != 1 && n != 2) 1951 fatal("%s line %d: Invalid %s spec.", 1952 filename, linenum, keyword); 1953 if (*activep) { 1954 options->per_source_masklen_ipv4 = value; 1955 options->per_source_masklen_ipv6 = value2; 1956 } 1957 break; 1958 1959 case sPerSourceMaxStartups: 1960 arg = argv_next(&ac, &av); 1961 if (!arg || *arg == '\0') 1962 fatal("%s line %d: %s missing argument.", 1963 filename, linenum, keyword); 1964 if (strcmp(arg, "none") == 0) { /* no limit */ 1965 value = INT_MAX; 1966 } else { 1967 if ((errstr = atoi_err(arg, &value)) != NULL) 1968 fatal("%s line %d: %s integer value %s.", 1969 filename, linenum, keyword, errstr); 1970 } 1971 if (*activep) 1972 options->per_source_max_startups = value; 1973 break; 1974 1975 case sMaxAuthTries: 1976 intptr = &options->max_authtries; 1977 goto parse_int; 1978 1979 case sMaxSessions: 1980 intptr = &options->max_sessions; 1981 goto parse_int; 1982 1983 case sBanner: 1984 charptr = &options->banner; 1985 goto parse_filename; 1986 1987 /* 1988 * These options can contain %X options expanded at 1989 * connect time, so that you can specify paths like: 1990 * 1991 * AuthorizedKeysFile /etc/ssh_keys/%u 1992 */ 1993 case sAuthorizedKeysFile: 1994 uvalue = options->num_authkeys_files; 1995 while ((arg = argv_next(&ac, &av)) != NULL) { 1996 if (*arg == '\0') { 1997 error("%s line %d: keyword %s empty argument", 1998 filename, linenum, keyword); 1999 goto out; 2000 } 2001 arg2 = tilde_expand_filename(arg, getuid()); 2002 if (*activep && uvalue == 0) { 2003 opt_array_append(filename, linenum, keyword, 2004 &options->authorized_keys_files, 2005 &options->num_authkeys_files, arg2); 2006 } 2007 free(arg2); 2008 } 2009 break; 2010 2011 case sAuthorizedPrincipalsFile: 2012 charptr = &options->authorized_principals_file; 2013 arg = argv_next(&ac, &av); 2014 if (!arg || *arg == '\0') 2015 fatal("%s line %d: %s missing argument.", 2016 filename, linenum, keyword); 2017 if (*activep && *charptr == NULL) { 2018 *charptr = tilde_expand_filename(arg, getuid()); 2019 /* increase optional counter */ 2020 if (intptr != NULL) 2021 *intptr = *intptr + 1; 2022 } 2023 break; 2024 2025 case sClientAliveInterval: 2026 intptr = &options->client_alive_interval; 2027 goto parse_time; 2028 2029 case sClientAliveCountMax: 2030 intptr = &options->client_alive_count_max; 2031 goto parse_int; 2032 2033 case sAcceptEnv: 2034 while ((arg = argv_next(&ac, &av)) != NULL) { 2035 if (*arg == '\0' || strchr(arg, '=') != NULL) 2036 fatal("%s line %d: Invalid environment name.", 2037 filename, linenum); 2038 if (!*activep) 2039 continue; 2040 opt_array_append(filename, linenum, keyword, 2041 &options->accept_env, &options->num_accept_env, 2042 arg); 2043 } 2044 break; 2045 2046 case sSetEnv: 2047 uvalue = options->num_setenv; 2048 while ((arg = argv_next(&ac, &av)) != NULL) { 2049 if (*arg == '\0' || strchr(arg, '=') == NULL) 2050 fatal("%s line %d: Invalid environment.", 2051 filename, linenum); 2052 if (!*activep || uvalue != 0) 2053 continue; 2054 if (lookup_setenv_in_list(arg, options->setenv, 2055 options->num_setenv) != NULL) { 2056 debug2("%s line %d: ignoring duplicate env " 2057 "name \"%.64s\"", filename, linenum, arg); 2058 continue; 2059 } 2060 opt_array_append(filename, linenum, keyword, 2061 &options->setenv, &options->num_setenv, arg); 2062 } 2063 break; 2064 2065 case sPermitTunnel: 2066 intptr = &options->permit_tun; 2067 arg = argv_next(&ac, &av); 2068 if (!arg || *arg == '\0') 2069 fatal("%s line %d: %s missing argument.", 2070 filename, linenum, keyword); 2071 value = -1; 2072 for (i = 0; tunmode_desc[i].val != -1; i++) 2073 if (strcmp(tunmode_desc[i].text, arg) == 0) { 2074 value = tunmode_desc[i].val; 2075 break; 2076 } 2077 if (value == -1) 2078 fatal("%s line %d: bad %s argument %s", 2079 filename, linenum, keyword, arg); 2080 if (*activep && *intptr == -1) 2081 *intptr = value; 2082 break; 2083 2084 case sInclude: 2085 if (cmdline) { 2086 fatal("Include directive not supported as a " 2087 "command-line option"); 2088 } 2089 value = 0; 2090 while ((arg2 = argv_next(&ac, &av)) != NULL) { 2091 if (*arg2 == '\0') { 2092 error("%s line %d: keyword %s empty argument", 2093 filename, linenum, keyword); 2094 goto out; 2095 } 2096 value++; 2097 found = 0; 2098 if (*arg2 != '/' && *arg2 != '~') { 2099 xasprintf(&arg, "%s/%s", SSHDIR, arg2); 2100 } else 2101 arg = xstrdup(arg2); 2102 2103 /* 2104 * Don't let included files clobber the containing 2105 * file's Match state. 2106 */ 2107 oactive = *activep; 2108 2109 /* consult cache of include files */ 2110 TAILQ_FOREACH(item, includes, entry) { 2111 if (strcmp(item->selector, arg) != 0) 2112 continue; 2113 if (item->filename != NULL) { 2114 parse_server_config_depth(options, 2115 item->filename, item->contents, 2116 includes, connectinfo, 2117 (*inc_flags & SSHCFG_MATCH_ONLY 2118 ? SSHCFG_MATCH_ONLY : (oactive 2119 ? 0 : SSHCFG_NEVERMATCH)), 2120 activep, depth + 1); 2121 } 2122 found = 1; 2123 *activep = oactive; 2124 } 2125 if (found != 0) { 2126 free(arg); 2127 continue; 2128 } 2129 2130 /* requested glob was not in cache */ 2131 debug2("%s line %d: new include %s", 2132 filename, linenum, arg); 2133 if ((r = glob(arg, 0, NULL, &gbuf)) != 0) { 2134 if (r != GLOB_NOMATCH) { 2135 fatal("%s line %d: include \"%s\" glob " 2136 "failed", filename, linenum, arg); 2137 } 2138 /* 2139 * If no entry matched then record a 2140 * placeholder to skip later glob calls. 2141 */ 2142 debug2("%s line %d: no match for %s", 2143 filename, linenum, arg); 2144 item = xcalloc(1, sizeof(*item)); 2145 item->selector = strdup(arg); 2146 TAILQ_INSERT_TAIL(includes, 2147 item, entry); 2148 } 2149 if (gbuf.gl_pathc > INT_MAX) 2150 fatal_f("too many glob results"); 2151 for (n = 0; n < (int)gbuf.gl_pathc; n++) { 2152 debug2("%s line %d: including %s", 2153 filename, linenum, gbuf.gl_pathv[n]); 2154 item = xcalloc(1, sizeof(*item)); 2155 item->selector = strdup(arg); 2156 item->filename = strdup(gbuf.gl_pathv[n]); 2157 if ((item->contents = sshbuf_new()) == NULL) 2158 fatal_f("sshbuf_new failed"); 2159 load_server_config(item->filename, 2160 item->contents); 2161 parse_server_config_depth(options, 2162 item->filename, item->contents, 2163 includes, connectinfo, 2164 (*inc_flags & SSHCFG_MATCH_ONLY 2165 ? SSHCFG_MATCH_ONLY : (oactive 2166 ? 0 : SSHCFG_NEVERMATCH)), 2167 activep, depth + 1); 2168 *activep = oactive; 2169 TAILQ_INSERT_TAIL(includes, item, entry); 2170 } 2171 globfree(&gbuf); 2172 free(arg); 2173 } 2174 if (value == 0) { 2175 fatal("%s line %d: %s missing filename argument", 2176 filename, linenum, keyword); 2177 } 2178 break; 2179 2180 case sMatch: 2181 if (cmdline) 2182 fatal("Match directive not supported as a command-line " 2183 "option"); 2184 value = match_cfg_line(&str, linenum, 2185 (*inc_flags & SSHCFG_NEVERMATCH ? NULL : connectinfo)); 2186 if (value < 0) 2187 fatal("%s line %d: Bad Match condition", filename, 2188 linenum); 2189 *activep = (*inc_flags & SSHCFG_NEVERMATCH) ? 0 : value; 2190 /* 2191 * The MATCH_ONLY flag is applicable only until the first 2192 * match block. 2193 */ 2194 *inc_flags &= ~SSHCFG_MATCH_ONLY; 2195 /* 2196 * If match_cfg_line() didn't consume all its arguments then 2197 * arrange for the extra arguments check below to fail. 2198 */ 2199 if (str == NULL || *str == '\0') 2200 argv_consume(&ac); 2201 break; 2202 2203 case sPermitListen: 2204 case sPermitOpen: 2205 if (opcode == sPermitListen) { 2206 uintptr = &options->num_permitted_listens; 2207 chararrayptr = &options->permitted_listens; 2208 } else { 2209 uintptr = &options->num_permitted_opens; 2210 chararrayptr = &options->permitted_opens; 2211 } 2212 arg = argv_next(&ac, &av); 2213 if (!arg || *arg == '\0') 2214 fatal("%s line %d: %s missing argument.", 2215 filename, linenum, keyword); 2216 uvalue = *uintptr; /* modified later */ 2217 if (strcmp(arg, "any") == 0 || strcmp(arg, "none") == 0) { 2218 if (*activep && uvalue == 0) { 2219 *uintptr = 1; 2220 *chararrayptr = xcalloc(1, 2221 sizeof(**chararrayptr)); 2222 (*chararrayptr)[0] = xstrdup(arg); 2223 } 2224 break; 2225 } 2226 for (; arg != NULL && *arg != '\0'; arg = argv_next(&ac, &av)) { 2227 if (opcode == sPermitListen && 2228 strchr(arg, ':') == NULL) { 2229 /* 2230 * Allow bare port number for PermitListen 2231 * to indicate a wildcard listen host. 2232 */ 2233 xasprintf(&arg2, "*:%s", arg); 2234 } else { 2235 arg2 = xstrdup(arg); 2236 p = hpdelim(&arg); 2237 if (p == NULL) { 2238 fatal("%s line %d: %s missing host", 2239 filename, linenum, keyword); 2240 } 2241 p = cleanhostname(p); 2242 } 2243 if (arg == NULL || 2244 ((port = permitopen_port(arg)) < 0)) { 2245 fatal("%s line %d: %s bad port number", 2246 filename, linenum, keyword); 2247 } 2248 if (*activep && uvalue == 0) { 2249 opt_array_append(filename, linenum, keyword, 2250 chararrayptr, uintptr, arg2); 2251 } 2252 free(arg2); 2253 } 2254 break; 2255 2256 case sForceCommand: 2257 if (str == NULL || *str == '\0') 2258 fatal("%s line %d: %s missing argument.", 2259 filename, linenum, keyword); 2260 len = strspn(str, WHITESPACE); 2261 if (*activep && options->adm_forced_command == NULL) 2262 options->adm_forced_command = xstrdup(str + len); 2263 argv_consume(&ac); 2264 break; 2265 2266 case sChrootDirectory: 2267 charptr = &options->chroot_directory; 2268 2269 arg = argv_next(&ac, &av); 2270 if (!arg || *arg == '\0') 2271 fatal("%s line %d: %s missing argument.", 2272 filename, linenum, keyword); 2273 if (*activep && *charptr == NULL) 2274 *charptr = xstrdup(arg); 2275 break; 2276 2277 case sTrustedUserCAKeys: 2278 charptr = &options->trusted_user_ca_keys; 2279 goto parse_filename; 2280 2281 case sRevokedKeys: 2282 charptr = &options->revoked_keys_file; 2283 goto parse_filename; 2284 2285 case sSecurityKeyProvider: 2286 charptr = &options->sk_provider; 2287 arg = argv_next(&ac, &av); 2288 if (!arg || *arg == '\0') 2289 fatal("%s line %d: %s missing argument.", 2290 filename, linenum, keyword); 2291 if (*activep && *charptr == NULL) { 2292 *charptr = strcasecmp(arg, "internal") == 0 ? 2293 xstrdup(arg) : derelativise_path(arg); 2294 /* increase optional counter */ 2295 if (intptr != NULL) 2296 *intptr = *intptr + 1; 2297 } 2298 break; 2299 2300 case sIPQoS: 2301 arg = argv_next(&ac, &av); 2302 if (!arg || *arg == '\0') 2303 fatal("%s line %d: %s missing argument.", 2304 filename, linenum, keyword); 2305 if ((value = parse_ipqos(arg)) == -1) 2306 fatal("%s line %d: Bad %s value: %s", 2307 filename, linenum, keyword, arg); 2308 arg = argv_next(&ac, &av); 2309 if (arg == NULL) 2310 value2 = value; 2311 else if ((value2 = parse_ipqos(arg)) == -1) 2312 fatal("%s line %d: Bad %s value: %s", 2313 filename, linenum, keyword, arg); 2314 if (*activep) { 2315 options->ip_qos_interactive = value; 2316 options->ip_qos_bulk = value2; 2317 } 2318 break; 2319 2320 case sVersionAddendum: 2321 if (str == NULL || *str == '\0') 2322 fatal("%s line %d: %s missing argument.", 2323 filename, linenum, keyword); 2324 len = strspn(str, WHITESPACE); 2325 if (strchr(str + len, '\r') != NULL) { 2326 fatal("%.200s line %d: Invalid %s argument", 2327 filename, linenum, keyword); 2328 } 2329 if ((arg = strchr(line, '#')) != NULL) { 2330 *arg = '\0'; 2331 rtrim(line); 2332 } 2333 if (*activep && options->version_addendum == NULL) { 2334 if (strcasecmp(str + len, "none") == 0) 2335 options->version_addendum = xstrdup(""); 2336 else 2337 options->version_addendum = xstrdup(str + len); 2338 } 2339 argv_consume(&ac); 2340 break; 2341 2342 case sAuthorizedKeysCommand: 2343 charptr = &options->authorized_keys_command; 2344 parse_command: 2345 len = strspn(str, WHITESPACE); 2346 if (str[len] != '/' && strcasecmp(str + len, "none") != 0) { 2347 fatal("%.200s line %d: %s must be an absolute path", 2348 filename, linenum, keyword); 2349 } 2350 if (*activep && options->authorized_keys_command == NULL) 2351 *charptr = xstrdup(str + len); 2352 argv_consume(&ac); 2353 break; 2354 2355 case sAuthorizedKeysCommandUser: 2356 charptr = &options->authorized_keys_command_user; 2357 parse_localuser: 2358 arg = argv_next(&ac, &av); 2359 if (!arg || *arg == '\0') { 2360 fatal("%s line %d: missing %s argument.", 2361 filename, linenum, keyword); 2362 } 2363 if (*activep && *charptr == NULL) 2364 *charptr = xstrdup(arg); 2365 break; 2366 2367 case sAuthorizedPrincipalsCommand: 2368 charptr = &options->authorized_principals_command; 2369 goto parse_command; 2370 2371 case sAuthorizedPrincipalsCommandUser: 2372 charptr = &options->authorized_principals_command_user; 2373 goto parse_localuser; 2374 2375 case sAuthenticationMethods: 2376 found = options->num_auth_methods == 0; 2377 value = 0; /* seen "any" pseudo-method */ 2378 value2 = 0; /* successfully parsed any method */ 2379 while ((arg = argv_next(&ac, &av)) != NULL) { 2380 if (strcmp(arg, "any") == 0) { 2381 if (options->num_auth_methods > 0) { 2382 fatal("%s line %d: \"any\" must " 2383 "appear alone in %s", 2384 filename, linenum, keyword); 2385 } 2386 value = 1; 2387 } else if (value) { 2388 fatal("%s line %d: \"any\" must appear " 2389 "alone in %s", filename, linenum, keyword); 2390 } else if (auth2_methods_valid(arg, 0) != 0) { 2391 fatal("%s line %d: invalid %s method list.", 2392 filename, linenum, keyword); 2393 } 2394 value2 = 1; 2395 if (!found || !*activep) 2396 continue; 2397 opt_array_append(filename, linenum, keyword, 2398 &options->auth_methods, 2399 &options->num_auth_methods, arg); 2400 } 2401 if (value2 == 0) { 2402 fatal("%s line %d: no %s specified", 2403 filename, linenum, keyword); 2404 } 2405 break; 2406 2407 case sStreamLocalBindMask: 2408 arg = argv_next(&ac, &av); 2409 if (!arg || *arg == '\0') 2410 fatal("%s line %d: %s missing argument.", 2411 filename, linenum, keyword); 2412 /* Parse mode in octal format */ 2413 value = strtol(arg, &p, 8); 2414 if (arg == p || value < 0 || value > 0777) 2415 fatal("%s line %d: Invalid %s.", 2416 filename, linenum, keyword); 2417 if (*activep) 2418 options->fwd_opts.streamlocal_bind_mask = (mode_t)value; 2419 break; 2420 2421 case sStreamLocalBindUnlink: 2422 intptr = &options->fwd_opts.streamlocal_bind_unlink; 2423 goto parse_flag; 2424 2425 case sFingerprintHash: 2426 arg = argv_next(&ac, &av); 2427 if (!arg || *arg == '\0') 2428 fatal("%s line %d: %s missing argument.", 2429 filename, linenum, keyword); 2430 if ((value = ssh_digest_alg_by_name(arg)) == -1) 2431 fatal("%.200s line %d: Invalid %s algorithm \"%s\".", 2432 filename, linenum, keyword, arg); 2433 if (*activep) 2434 options->fingerprint_hash = value; 2435 break; 2436 2437 case sExposeAuthInfo: 2438 intptr = &options->expose_userauth_info; 2439 goto parse_flag; 2440 2441 case sRDomain: 2442 charptr = &options->routing_domain; 2443 arg = argv_next(&ac, &av); 2444 if (!arg || *arg == '\0') 2445 fatal("%s line %d: %s missing argument.", 2446 filename, linenum, keyword); 2447 if (strcasecmp(arg, "none") != 0 && strcmp(arg, "%D") != 0 && 2448 !valid_rdomain(arg)) 2449 fatal("%s line %d: invalid routing domain", 2450 filename, linenum); 2451 if (*activep && *charptr == NULL) 2452 *charptr = xstrdup(arg); 2453 break; 2454 2455 case sRequiredRSASize: 2456 intptr = &options->required_rsa_size; 2457 goto parse_int; 2458 2459 case sChannelTimeout: 2460 uvalue = options->num_channel_timeouts; 2461 i = 0; 2462 while ((arg = argv_next(&ac, &av)) != NULL) { 2463 /* Allow "none" only in first position */ 2464 if (strcasecmp(arg, "none") == 0) { 2465 if (i > 0 || ac > 0) { 2466 error("%s line %d: keyword %s \"none\" " 2467 "argument must appear alone.", 2468 filename, linenum, keyword); 2469 goto out; 2470 } 2471 } else if (parse_timeout(arg, NULL, NULL) != 0) { 2472 fatal("%s line %d: invalid channel timeout %s", 2473 filename, linenum, arg); 2474 } 2475 if (!*activep || uvalue != 0) 2476 continue; 2477 opt_array_append(filename, linenum, keyword, 2478 &options->channel_timeouts, 2479 &options->num_channel_timeouts, arg); 2480 } 2481 break; 2482 2483 case sUnusedConnectionTimeout: 2484 intptr = &options->unused_connection_timeout; 2485 /* peek at first arg for "none" so we can reuse parse_time */ 2486 if (av[0] != NULL && strcasecmp(av[0], "none") == 0) { 2487 (void)argv_next(&ac, &av); /* consume arg */ 2488 if (*activep) 2489 *intptr = 0; 2490 break; 2491 } 2492 goto parse_time; 2493 2494 case sDeprecated: 2495 case sIgnore: 2496 case sUnsupported: 2497 do_log2(opcode == sIgnore ? 2498 SYSLOG_LEVEL_DEBUG2 : SYSLOG_LEVEL_INFO, 2499 "%s line %d: %s option %s", filename, linenum, 2500 opcode == sUnsupported ? "Unsupported" : "Deprecated", 2501 keyword); 2502 argv_consume(&ac); 2503 break; 2504 2505 default: 2506 fatal("%s line %d: Missing handler for opcode %s (%d)", 2507 filename, linenum, keyword, opcode); 2508 } 2509 /* Check that there is no garbage at end of line. */ 2510 if (ac > 0) { 2511 error("%.200s line %d: keyword %s extra arguments " 2512 "at end of line", filename, linenum, keyword); 2513 goto out; 2514 } 2515 2516 /* success */ 2517 ret = 0; 2518 out: 2519 argv_free(oav, oac); 2520 return ret; 2521 } 2522 2523 int 2524 process_server_config_line(ServerOptions *options, char *line, 2525 const char *filename, int linenum, int *activep, 2526 struct connection_info *connectinfo, struct include_list *includes) 2527 { 2528 int inc_flags = 0; 2529 2530 return process_server_config_line_depth(options, line, filename, 2531 linenum, activep, connectinfo, &inc_flags, 0, includes); 2532 } 2533 2534 2535 /* Reads the server configuration file. */ 2536 2537 void 2538 load_server_config(const char *filename, struct sshbuf *conf) 2539 { 2540 struct stat st; 2541 char *line = NULL, *cp; 2542 size_t linesize = 0; 2543 FILE *f; 2544 int r; 2545 2546 debug2_f("filename %s", filename); 2547 if ((f = fopen(filename, "r")) == NULL) { 2548 perror(filename); 2549 exit(1); 2550 } 2551 sshbuf_reset(conf); 2552 /* grow buffer, so realloc is avoided for large config files */ 2553 if (fstat(fileno(f), &st) == 0 && st.st_size > 0 && 2554 (r = sshbuf_allocate(conf, st.st_size)) != 0) 2555 fatal_fr(r, "allocate"); 2556 while (getline(&line, &linesize, f) != -1) { 2557 /* 2558 * Strip whitespace 2559 * NB - preserve newlines, they are needed to reproduce 2560 * line numbers later for error messages 2561 */ 2562 cp = line + strspn(line, " \t\r"); 2563 if ((r = sshbuf_put(conf, cp, strlen(cp))) != 0) 2564 fatal_fr(r, "sshbuf_put"); 2565 } 2566 free(line); 2567 if ((r = sshbuf_put_u8(conf, 0)) != 0) 2568 fatal_fr(r, "sshbuf_put_u8"); 2569 fclose(f); 2570 debug2_f("done config len = %zu", sshbuf_len(conf)); 2571 } 2572 2573 void 2574 parse_server_match_config(ServerOptions *options, 2575 struct include_list *includes, struct connection_info *connectinfo) 2576 { 2577 ServerOptions mo; 2578 2579 initialize_server_options(&mo); 2580 parse_server_config(&mo, "reprocess config", cfg, includes, 2581 connectinfo, 0); 2582 copy_set_server_options(options, &mo, 0); 2583 } 2584 2585 int parse_server_match_testspec(struct connection_info *ci, char *spec) 2586 { 2587 char *p; 2588 2589 while ((p = strsep(&spec, ",")) && *p != '\0') { 2590 if (strncmp(p, "addr=", 5) == 0) { 2591 ci->address = xstrdup(p + 5); 2592 } else if (strncmp(p, "host=", 5) == 0) { 2593 ci->host = xstrdup(p + 5); 2594 } else if (strncmp(p, "user=", 5) == 0) { 2595 ci->user = xstrdup(p + 5); 2596 } else if (strncmp(p, "laddr=", 6) == 0) { 2597 ci->laddress = xstrdup(p + 6); 2598 } else if (strncmp(p, "rdomain=", 8) == 0) { 2599 ci->rdomain = xstrdup(p + 8); 2600 } else if (strncmp(p, "lport=", 6) == 0) { 2601 ci->lport = a2port(p + 6); 2602 if (ci->lport == -1) { 2603 fprintf(stderr, "Invalid port '%s' in test mode" 2604 " specification %s\n", p+6, p); 2605 return -1; 2606 } 2607 } else { 2608 fprintf(stderr, "Invalid test mode specification %s\n", 2609 p); 2610 return -1; 2611 } 2612 } 2613 return 0; 2614 } 2615 2616 /* 2617 * Copy any supported values that are set. 2618 * 2619 * If the preauth flag is set, we do not bother copying the string or 2620 * array values that are not used pre-authentication, because any that we 2621 * do use must be explicitly sent in mm_getpwnamallow(). 2622 */ 2623 void 2624 copy_set_server_options(ServerOptions *dst, ServerOptions *src, int preauth) 2625 { 2626 #define M_CP_INTOPT(n) do {\ 2627 if (src->n != -1) \ 2628 dst->n = src->n; \ 2629 } while (0) 2630 2631 M_CP_INTOPT(password_authentication); 2632 M_CP_INTOPT(gss_authentication); 2633 M_CP_INTOPT(pubkey_authentication); 2634 M_CP_INTOPT(pubkey_auth_options); 2635 M_CP_INTOPT(kerberos_authentication); 2636 M_CP_INTOPT(hostbased_authentication); 2637 M_CP_INTOPT(hostbased_uses_name_from_packet_only); 2638 M_CP_INTOPT(kbd_interactive_authentication); 2639 M_CP_INTOPT(permit_root_login); 2640 M_CP_INTOPT(permit_empty_passwd); 2641 M_CP_INTOPT(ignore_rhosts); 2642 2643 M_CP_INTOPT(allow_tcp_forwarding); 2644 M_CP_INTOPT(allow_streamlocal_forwarding); 2645 M_CP_INTOPT(allow_agent_forwarding); 2646 M_CP_INTOPT(disable_forwarding); 2647 M_CP_INTOPT(expose_userauth_info); 2648 M_CP_INTOPT(permit_tun); 2649 M_CP_INTOPT(fwd_opts.gateway_ports); 2650 M_CP_INTOPT(fwd_opts.streamlocal_bind_unlink); 2651 M_CP_INTOPT(x11_display_offset); 2652 M_CP_INTOPT(x11_forwarding); 2653 M_CP_INTOPT(x11_use_localhost); 2654 M_CP_INTOPT(permit_tty); 2655 M_CP_INTOPT(permit_user_rc); 2656 M_CP_INTOPT(max_sessions); 2657 M_CP_INTOPT(max_authtries); 2658 M_CP_INTOPT(client_alive_count_max); 2659 M_CP_INTOPT(client_alive_interval); 2660 M_CP_INTOPT(ip_qos_interactive); 2661 M_CP_INTOPT(ip_qos_bulk); 2662 M_CP_INTOPT(rekey_limit); 2663 M_CP_INTOPT(rekey_interval); 2664 M_CP_INTOPT(log_level); 2665 M_CP_INTOPT(required_rsa_size); 2666 M_CP_INTOPT(unused_connection_timeout); 2667 2668 /* 2669 * The bind_mask is a mode_t that may be unsigned, so we can't use 2670 * M_CP_INTOPT - it does a signed comparison that causes compiler 2671 * warnings. 2672 */ 2673 if (src->fwd_opts.streamlocal_bind_mask != (mode_t)-1) { 2674 dst->fwd_opts.streamlocal_bind_mask = 2675 src->fwd_opts.streamlocal_bind_mask; 2676 } 2677 2678 /* M_CP_STROPT and M_CP_STRARRAYOPT should not appear before here */ 2679 #define M_CP_STROPT(n) do {\ 2680 if (src->n != NULL && dst->n != src->n) { \ 2681 free(dst->n); \ 2682 dst->n = src->n; \ 2683 } \ 2684 } while(0) 2685 #define M_CP_STRARRAYOPT(s, num_s) do {\ 2686 u_int i; \ 2687 if (src->num_s != 0) { \ 2688 for (i = 0; i < dst->num_s; i++) \ 2689 free(dst->s[i]); \ 2690 free(dst->s); \ 2691 dst->s = xcalloc(src->num_s, sizeof(*dst->s)); \ 2692 for (i = 0; i < src->num_s; i++) \ 2693 dst->s[i] = xstrdup(src->s[i]); \ 2694 dst->num_s = src->num_s; \ 2695 } \ 2696 } while(0) 2697 2698 /* See comment in servconf.h */ 2699 COPY_MATCH_STRING_OPTS(); 2700 2701 /* Arguments that accept '+...' need to be expanded */ 2702 assemble_algorithms(dst); 2703 2704 /* 2705 * The only things that should be below this point are string options 2706 * which are only used after authentication. 2707 */ 2708 if (preauth) 2709 return; 2710 2711 /* These options may be "none" to clear a global setting */ 2712 M_CP_STROPT(adm_forced_command); 2713 if (option_clear_or_none(dst->adm_forced_command)) { 2714 free(dst->adm_forced_command); 2715 dst->adm_forced_command = NULL; 2716 } 2717 M_CP_STROPT(chroot_directory); 2718 if (option_clear_or_none(dst->chroot_directory)) { 2719 free(dst->chroot_directory); 2720 dst->chroot_directory = NULL; 2721 } 2722 } 2723 2724 #undef M_CP_INTOPT 2725 #undef M_CP_STROPT 2726 #undef M_CP_STRARRAYOPT 2727 2728 #define SERVCONF_MAX_DEPTH 16 2729 static void 2730 parse_server_config_depth(ServerOptions *options, const char *filename, 2731 struct sshbuf *conf, struct include_list *includes, 2732 struct connection_info *connectinfo, int flags, int *activep, int depth) 2733 { 2734 int linenum, bad_options = 0; 2735 char *cp, *obuf, *cbuf; 2736 2737 if (depth < 0 || depth > SERVCONF_MAX_DEPTH) 2738 fatal("Too many recursive configuration includes"); 2739 2740 debug2_f("config %s len %zu%s", filename, sshbuf_len(conf), 2741 (flags & SSHCFG_NEVERMATCH ? " [checking syntax only]" : "")); 2742 2743 if ((obuf = cbuf = sshbuf_dup_string(conf)) == NULL) 2744 fatal_f("sshbuf_dup_string failed"); 2745 linenum = 1; 2746 while ((cp = strsep(&cbuf, "\n")) != NULL) { 2747 if (process_server_config_line_depth(options, cp, 2748 filename, linenum++, activep, connectinfo, &flags, 2749 depth, includes) != 0) 2750 bad_options++; 2751 } 2752 free(obuf); 2753 if (bad_options > 0) 2754 fatal("%s: terminating, %d bad configuration options", 2755 filename, bad_options); 2756 } 2757 2758 void 2759 parse_server_config(ServerOptions *options, const char *filename, 2760 struct sshbuf *conf, struct include_list *includes, 2761 struct connection_info *connectinfo, int reexec) 2762 { 2763 int active = connectinfo ? 0 : 1; 2764 parse_server_config_depth(options, filename, conf, includes, 2765 connectinfo, (connectinfo ? SSHCFG_MATCH_ONLY : 0), &active, 0); 2766 if (!reexec) 2767 process_queued_listen_addrs(options); 2768 } 2769 2770 static const char * 2771 fmt_multistate_int(int val, const struct multistate *m) 2772 { 2773 u_int i; 2774 2775 for (i = 0; m[i].key != NULL; i++) { 2776 if (m[i].value == val) 2777 return m[i].key; 2778 } 2779 return "UNKNOWN"; 2780 } 2781 2782 static const char * 2783 fmt_intarg(ServerOpCodes code, int val) 2784 { 2785 if (val == -1) 2786 return "unset"; 2787 switch (code) { 2788 case sAddressFamily: 2789 return fmt_multistate_int(val, multistate_addressfamily); 2790 case sPermitRootLogin: 2791 return fmt_multistate_int(val, multistate_permitrootlogin); 2792 case sGatewayPorts: 2793 return fmt_multistate_int(val, multistate_gatewayports); 2794 case sCompression: 2795 return fmt_multistate_int(val, multistate_compression); 2796 case sAllowTcpForwarding: 2797 return fmt_multistate_int(val, multistate_tcpfwd); 2798 case sAllowStreamLocalForwarding: 2799 return fmt_multistate_int(val, multistate_tcpfwd); 2800 case sIgnoreRhosts: 2801 return fmt_multistate_int(val, multistate_ignore_rhosts); 2802 case sFingerprintHash: 2803 return ssh_digest_alg_name(val); 2804 default: 2805 switch (val) { 2806 case 0: 2807 return "no"; 2808 case 1: 2809 return "yes"; 2810 default: 2811 return "UNKNOWN"; 2812 } 2813 } 2814 } 2815 2816 static void 2817 dump_cfg_int(ServerOpCodes code, int val) 2818 { 2819 if (code == sUnusedConnectionTimeout && val == 0) { 2820 printf("%s none\n", lookup_opcode_name(code)); 2821 return; 2822 } 2823 printf("%s %d\n", lookup_opcode_name(code), val); 2824 } 2825 2826 static void 2827 dump_cfg_oct(ServerOpCodes code, int val) 2828 { 2829 printf("%s 0%o\n", lookup_opcode_name(code), val); 2830 } 2831 2832 static void 2833 dump_cfg_fmtint(ServerOpCodes code, int val) 2834 { 2835 printf("%s %s\n", lookup_opcode_name(code), fmt_intarg(code, val)); 2836 } 2837 2838 static void 2839 dump_cfg_string(ServerOpCodes code, const char *val) 2840 { 2841 printf("%s %s\n", lookup_opcode_name(code), 2842 val == NULL ? "none" : val); 2843 } 2844 2845 static void 2846 dump_cfg_strarray(ServerOpCodes code, u_int count, char **vals) 2847 { 2848 u_int i; 2849 2850 for (i = 0; i < count; i++) 2851 printf("%s %s\n", lookup_opcode_name(code), vals[i]); 2852 } 2853 2854 static void 2855 dump_cfg_strarray_oneline(ServerOpCodes code, u_int count, char **vals) 2856 { 2857 u_int i; 2858 2859 if (count <= 0 && code != sAuthenticationMethods) 2860 return; 2861 printf("%s", lookup_opcode_name(code)); 2862 for (i = 0; i < count; i++) 2863 printf(" %s", vals[i]); 2864 if (code == sAuthenticationMethods && count == 0) 2865 printf(" any"); 2866 else if (code == sChannelTimeout && count == 0) 2867 printf(" none"); 2868 printf("\n"); 2869 } 2870 2871 static char * 2872 format_listen_addrs(struct listenaddr *la) 2873 { 2874 int r; 2875 struct addrinfo *ai; 2876 char addr[NI_MAXHOST], port[NI_MAXSERV]; 2877 char *laddr1 = xstrdup(""), *laddr2 = NULL; 2878 2879 /* 2880 * ListenAddress must be after Port. add_one_listen_addr pushes 2881 * addresses onto a stack, so to maintain ordering we need to 2882 * print these in reverse order. 2883 */ 2884 for (ai = la->addrs; ai; ai = ai->ai_next) { 2885 if ((r = getnameinfo(ai->ai_addr, ai->ai_addrlen, addr, 2886 sizeof(addr), port, sizeof(port), 2887 NI_NUMERICHOST|NI_NUMERICSERV)) != 0) { 2888 error("getnameinfo: %.100s", ssh_gai_strerror(r)); 2889 continue; 2890 } 2891 laddr2 = laddr1; 2892 if (ai->ai_family == AF_INET6) { 2893 xasprintf(&laddr1, "listenaddress [%s]:%s%s%s\n%s", 2894 addr, port, 2895 la->rdomain == NULL ? "" : " rdomain ", 2896 la->rdomain == NULL ? "" : la->rdomain, 2897 laddr2); 2898 } else { 2899 xasprintf(&laddr1, "listenaddress %s:%s%s%s\n%s", 2900 addr, port, 2901 la->rdomain == NULL ? "" : " rdomain ", 2902 la->rdomain == NULL ? "" : la->rdomain, 2903 laddr2); 2904 } 2905 free(laddr2); 2906 } 2907 return laddr1; 2908 } 2909 2910 void 2911 dump_config(ServerOptions *o) 2912 { 2913 char *s; 2914 u_int i; 2915 2916 /* these are usually at the top of the config */ 2917 for (i = 0; i < o->num_ports; i++) 2918 printf("port %d\n", o->ports[i]); 2919 dump_cfg_fmtint(sAddressFamily, o->address_family); 2920 2921 for (i = 0; i < o->num_listen_addrs; i++) { 2922 s = format_listen_addrs(&o->listen_addrs[i]); 2923 printf("%s", s); 2924 free(s); 2925 } 2926 2927 /* integer arguments */ 2928 dump_cfg_int(sLoginGraceTime, o->login_grace_time); 2929 dump_cfg_int(sX11DisplayOffset, o->x11_display_offset); 2930 dump_cfg_int(sMaxAuthTries, o->max_authtries); 2931 dump_cfg_int(sMaxSessions, o->max_sessions); 2932 dump_cfg_int(sClientAliveInterval, o->client_alive_interval); 2933 dump_cfg_int(sClientAliveCountMax, o->client_alive_count_max); 2934 dump_cfg_int(sRequiredRSASize, o->required_rsa_size); 2935 dump_cfg_oct(sStreamLocalBindMask, o->fwd_opts.streamlocal_bind_mask); 2936 dump_cfg_int(sUnusedConnectionTimeout, o->unused_connection_timeout); 2937 2938 /* formatted integer arguments */ 2939 dump_cfg_fmtint(sPermitRootLogin, o->permit_root_login); 2940 dump_cfg_fmtint(sIgnoreRhosts, o->ignore_rhosts); 2941 dump_cfg_fmtint(sIgnoreUserKnownHosts, o->ignore_user_known_hosts); 2942 dump_cfg_fmtint(sHostbasedAuthentication, o->hostbased_authentication); 2943 dump_cfg_fmtint(sHostbasedUsesNameFromPacketOnly, 2944 o->hostbased_uses_name_from_packet_only); 2945 dump_cfg_fmtint(sPubkeyAuthentication, o->pubkey_authentication); 2946 #ifdef KRB5 2947 dump_cfg_fmtint(sKerberosAuthentication, o->kerberos_authentication); 2948 dump_cfg_fmtint(sKerberosOrLocalPasswd, o->kerberos_or_local_passwd); 2949 dump_cfg_fmtint(sKerberosTicketCleanup, o->kerberos_ticket_cleanup); 2950 dump_cfg_fmtint(sKerberosGetAFSToken, o->kerberos_get_afs_token); 2951 #endif 2952 #ifdef GSSAPI 2953 dump_cfg_fmtint(sGssAuthentication, o->gss_authentication); 2954 dump_cfg_fmtint(sGssCleanupCreds, o->gss_cleanup_creds); 2955 #endif 2956 dump_cfg_fmtint(sPasswordAuthentication, o->password_authentication); 2957 dump_cfg_fmtint(sKbdInteractiveAuthentication, 2958 o->kbd_interactive_authentication); 2959 dump_cfg_fmtint(sPrintMotd, o->print_motd); 2960 dump_cfg_fmtint(sPrintLastLog, o->print_lastlog); 2961 dump_cfg_fmtint(sX11Forwarding, o->x11_forwarding); 2962 dump_cfg_fmtint(sX11UseLocalhost, o->x11_use_localhost); 2963 dump_cfg_fmtint(sPermitTTY, o->permit_tty); 2964 dump_cfg_fmtint(sPermitUserRC, o->permit_user_rc); 2965 dump_cfg_fmtint(sStrictModes, o->strict_modes); 2966 dump_cfg_fmtint(sTCPKeepAlive, o->tcp_keep_alive); 2967 dump_cfg_fmtint(sEmptyPasswd, o->permit_empty_passwd); 2968 dump_cfg_fmtint(sCompression, o->compression); 2969 dump_cfg_fmtint(sGatewayPorts, o->fwd_opts.gateway_ports); 2970 dump_cfg_fmtint(sUseDNS, o->use_dns); 2971 dump_cfg_fmtint(sAllowTcpForwarding, o->allow_tcp_forwarding); 2972 dump_cfg_fmtint(sAllowAgentForwarding, o->allow_agent_forwarding); 2973 dump_cfg_fmtint(sDisableForwarding, o->disable_forwarding); 2974 dump_cfg_fmtint(sAllowStreamLocalForwarding, o->allow_streamlocal_forwarding); 2975 dump_cfg_fmtint(sStreamLocalBindUnlink, o->fwd_opts.streamlocal_bind_unlink); 2976 dump_cfg_fmtint(sFingerprintHash, o->fingerprint_hash); 2977 dump_cfg_fmtint(sExposeAuthInfo, o->expose_userauth_info); 2978 2979 /* string arguments */ 2980 dump_cfg_string(sPidFile, o->pid_file); 2981 dump_cfg_string(sModuliFile, o->moduli_file); 2982 dump_cfg_string(sXAuthLocation, o->xauth_location); 2983 dump_cfg_string(sCiphers, o->ciphers); 2984 dump_cfg_string(sMacs, o->macs); 2985 dump_cfg_string(sBanner, o->banner); 2986 dump_cfg_string(sForceCommand, o->adm_forced_command); 2987 dump_cfg_string(sChrootDirectory, o->chroot_directory); 2988 dump_cfg_string(sTrustedUserCAKeys, o->trusted_user_ca_keys); 2989 dump_cfg_string(sRevokedKeys, o->revoked_keys_file); 2990 dump_cfg_string(sSecurityKeyProvider, o->sk_provider); 2991 dump_cfg_string(sAuthorizedPrincipalsFile, 2992 o->authorized_principals_file); 2993 dump_cfg_string(sVersionAddendum, *o->version_addendum == '\0' 2994 ? "none" : o->version_addendum); 2995 dump_cfg_string(sAuthorizedKeysCommand, o->authorized_keys_command); 2996 dump_cfg_string(sAuthorizedKeysCommandUser, o->authorized_keys_command_user); 2997 dump_cfg_string(sAuthorizedPrincipalsCommand, o->authorized_principals_command); 2998 dump_cfg_string(sAuthorizedPrincipalsCommandUser, o->authorized_principals_command_user); 2999 dump_cfg_string(sHostKeyAgent, o->host_key_agent); 3000 dump_cfg_string(sKexAlgorithms, o->kex_algorithms); 3001 dump_cfg_string(sCASignatureAlgorithms, o->ca_sign_algorithms); 3002 dump_cfg_string(sHostbasedAcceptedAlgorithms, o->hostbased_accepted_algos); 3003 dump_cfg_string(sHostKeyAlgorithms, o->hostkeyalgorithms); 3004 dump_cfg_string(sPubkeyAcceptedAlgorithms, o->pubkey_accepted_algos); 3005 dump_cfg_string(sRDomain, o->routing_domain); 3006 3007 /* string arguments requiring a lookup */ 3008 dump_cfg_string(sLogLevel, log_level_name(o->log_level)); 3009 dump_cfg_string(sLogFacility, log_facility_name(o->log_facility)); 3010 3011 /* string array arguments */ 3012 dump_cfg_strarray_oneline(sAuthorizedKeysFile, o->num_authkeys_files, 3013 o->authorized_keys_files); 3014 dump_cfg_strarray(sHostKeyFile, o->num_host_key_files, 3015 o->host_key_files); 3016 dump_cfg_strarray(sHostCertificate, o->num_host_cert_files, 3017 o->host_cert_files); 3018 dump_cfg_strarray(sAllowUsers, o->num_allow_users, o->allow_users); 3019 dump_cfg_strarray(sDenyUsers, o->num_deny_users, o->deny_users); 3020 dump_cfg_strarray(sAllowGroups, o->num_allow_groups, o->allow_groups); 3021 dump_cfg_strarray(sDenyGroups, o->num_deny_groups, o->deny_groups); 3022 dump_cfg_strarray(sAcceptEnv, o->num_accept_env, o->accept_env); 3023 dump_cfg_strarray(sSetEnv, o->num_setenv, o->setenv); 3024 dump_cfg_strarray_oneline(sAuthenticationMethods, 3025 o->num_auth_methods, o->auth_methods); 3026 dump_cfg_strarray_oneline(sLogVerbose, 3027 o->num_log_verbose, o->log_verbose); 3028 dump_cfg_strarray_oneline(sChannelTimeout, 3029 o->num_channel_timeouts, o->channel_timeouts); 3030 3031 /* other arguments */ 3032 for (i = 0; i < o->num_subsystems; i++) 3033 printf("subsystem %s %s\n", o->subsystem_name[i], 3034 o->subsystem_args[i]); 3035 3036 printf("maxstartups %d:%d:%d\n", o->max_startups_begin, 3037 o->max_startups_rate, o->max_startups); 3038 printf("persourcemaxstartups "); 3039 if (o->per_source_max_startups == INT_MAX) 3040 printf("none\n"); 3041 else 3042 printf("%d\n", o->per_source_max_startups); 3043 printf("persourcenetblocksize %d:%d\n", o->per_source_masklen_ipv4, 3044 o->per_source_masklen_ipv6); 3045 3046 s = NULL; 3047 for (i = 0; tunmode_desc[i].val != -1; i++) { 3048 if (tunmode_desc[i].val == o->permit_tun) { 3049 s = tunmode_desc[i].text; 3050 break; 3051 } 3052 } 3053 dump_cfg_string(sPermitTunnel, s); 3054 3055 printf("ipqos %s ", iptos2str(o->ip_qos_interactive)); 3056 printf("%s\n", iptos2str(o->ip_qos_bulk)); 3057 3058 printf("rekeylimit %llu %d\n", (unsigned long long)o->rekey_limit, 3059 o->rekey_interval); 3060 3061 printf("permitopen"); 3062 if (o->num_permitted_opens == 0) 3063 printf(" any"); 3064 else { 3065 for (i = 0; i < o->num_permitted_opens; i++) 3066 printf(" %s", o->permitted_opens[i]); 3067 } 3068 printf("\n"); 3069 printf("permitlisten"); 3070 if (o->num_permitted_listens == 0) 3071 printf(" any"); 3072 else { 3073 for (i = 0; i < o->num_permitted_listens; i++) 3074 printf(" %s", o->permitted_listens[i]); 3075 } 3076 printf("\n"); 3077 3078 if (o->permit_user_env_allowlist == NULL) { 3079 dump_cfg_fmtint(sPermitUserEnvironment, o->permit_user_env); 3080 } else { 3081 printf("permituserenvironment %s\n", 3082 o->permit_user_env_allowlist); 3083 } 3084 3085 printf("pubkeyauthoptions"); 3086 if (o->pubkey_auth_options == 0) 3087 printf(" none"); 3088 if (o->pubkey_auth_options & PUBKEYAUTH_TOUCH_REQUIRED) 3089 printf(" touch-required"); 3090 if (o->pubkey_auth_options & PUBKEYAUTH_VERIFY_REQUIRED) 3091 printf(" verify-required"); 3092 printf("\n"); 3093 } 3094