1 2 /* $OpenBSD: servconf.c,v 1.281 2015/08/21 23:52:30 djm Exp $ */ 3 /* 4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland 5 * All rights reserved 6 * 7 * As far as I am concerned, the code I have written for this software 8 * can be used freely for any purpose. Any derived versions of this 9 * software must be clearly marked as such, and if the derived work is 10 * incompatible with the protocol description in the RFC file, it must be 11 * called by a name other than "ssh" or "Secure Shell". 12 */ 13 14 #include <sys/types.h> 15 #include <sys/socket.h> 16 #include <sys/queue.h> 17 18 #include <netinet/in.h> 19 #include <netinet/ip.h> 20 21 #include <ctype.h> 22 #include <netdb.h> 23 #include <pwd.h> 24 #include <stdio.h> 25 #include <stdlib.h> 26 #include <string.h> 27 #include <signal.h> 28 #include <unistd.h> 29 #include <limits.h> 30 #include <stdarg.h> 31 #include <errno.h> 32 #include <util.h> 33 34 #include "xmalloc.h" 35 #include "ssh.h" 36 #include "log.h" 37 #include "buffer.h" 38 #include "misc.h" 39 #include "servconf.h" 40 #include "compat.h" 41 #include "pathnames.h" 42 #include "cipher.h" 43 #include "key.h" 44 #include "kex.h" 45 #include "mac.h" 46 #include "match.h" 47 #include "channels.h" 48 #include "groupaccess.h" 49 #include "canohost.h" 50 #include "packet.h" 51 #include "hostfile.h" 52 #include "auth.h" 53 #include "myproposal.h" 54 #include "digest.h" 55 56 static void add_listen_addr(ServerOptions *, char *, int); 57 static void add_one_listen_addr(ServerOptions *, char *, int); 58 59 /* Use of privilege separation or not */ 60 extern int use_privsep; 61 extern Buffer cfg; 62 63 /* Initializes the server options to their default values. */ 64 65 void 66 initialize_server_options(ServerOptions *options) 67 { 68 memset(options, 0, sizeof(*options)); 69 options->num_ports = 0; 70 options->ports_from_cmdline = 0; 71 options->queued_listen_addrs = NULL; 72 options->num_queued_listens = 0; 73 options->listen_addrs = NULL; 74 options->address_family = -1; 75 options->num_host_key_files = 0; 76 options->num_host_cert_files = 0; 77 options->host_key_agent = NULL; 78 options->pid_file = NULL; 79 options->server_key_bits = -1; 80 options->login_grace_time = -1; 81 options->key_regeneration_time = -1; 82 options->permit_root_login = PERMIT_NOT_SET; 83 options->ignore_rhosts = -1; 84 options->ignore_user_known_hosts = -1; 85 options->print_motd = -1; 86 options->print_lastlog = -1; 87 options->x11_forwarding = -1; 88 options->x11_display_offset = -1; 89 options->x11_use_localhost = -1; 90 options->permit_tty = -1; 91 options->permit_user_rc = -1; 92 options->xauth_location = NULL; 93 options->strict_modes = -1; 94 options->tcp_keep_alive = -1; 95 options->log_facility = SYSLOG_FACILITY_NOT_SET; 96 options->log_level = SYSLOG_LEVEL_NOT_SET; 97 options->rhosts_rsa_authentication = -1; 98 options->hostbased_authentication = -1; 99 options->hostbased_uses_name_from_packet_only = -1; 100 options->hostbased_key_types = NULL; 101 options->hostkeyalgorithms = NULL; 102 options->rsa_authentication = -1; 103 options->pubkey_authentication = -1; 104 options->pubkey_key_types = NULL; 105 options->kerberos_authentication = -1; 106 options->kerberos_or_local_passwd = -1; 107 options->kerberos_ticket_cleanup = -1; 108 options->kerberos_get_afs_token = -1; 109 options->gss_authentication=-1; 110 options->gss_cleanup_creds = -1; 111 options->gss_strict_acceptor = -1; 112 options->password_authentication = -1; 113 options->kbd_interactive_authentication = -1; 114 options->challenge_response_authentication = -1; 115 options->permit_empty_passwd = -1; 116 options->permit_user_env = -1; 117 options->use_login = -1; 118 options->compression = -1; 119 options->rekey_limit = -1; 120 options->rekey_interval = -1; 121 options->allow_tcp_forwarding = -1; 122 options->allow_streamlocal_forwarding = -1; 123 options->allow_agent_forwarding = -1; 124 options->num_allow_users = 0; 125 options->num_deny_users = 0; 126 options->num_allow_groups = 0; 127 options->num_deny_groups = 0; 128 options->ciphers = NULL; 129 options->macs = NULL; 130 options->kex_algorithms = NULL; 131 options->protocol = SSH_PROTO_UNKNOWN; 132 options->fwd_opts.gateway_ports = -1; 133 options->fwd_opts.streamlocal_bind_mask = (mode_t)-1; 134 options->fwd_opts.streamlocal_bind_unlink = -1; 135 options->num_subsystems = 0; 136 options->max_startups_begin = -1; 137 options->max_startups_rate = -1; 138 options->max_startups = -1; 139 options->max_authtries = -1; 140 options->max_sessions = -1; 141 options->banner = NULL; 142 options->use_dns = -1; 143 options->client_alive_interval = -1; 144 options->client_alive_count_max = -1; 145 options->num_authkeys_files = 0; 146 options->num_accept_env = 0; 147 options->permit_tun = -1; 148 options->num_permitted_opens = -1; 149 options->adm_forced_command = NULL; 150 options->chroot_directory = NULL; 151 options->authorized_keys_command = NULL; 152 options->authorized_keys_command_user = NULL; 153 options->revoked_keys_file = NULL; 154 options->trusted_user_ca_keys = NULL; 155 options->authorized_principals_file = NULL; 156 options->authorized_principals_command = NULL; 157 options->authorized_principals_command_user = NULL; 158 options->ip_qos_interactive = -1; 159 options->ip_qos_bulk = -1; 160 options->version_addendum = NULL; 161 options->fingerprint_hash = -1; 162 } 163 164 /* Returns 1 if a string option is unset or set to "none" or 0 otherwise. */ 165 static int 166 option_clear_or_none(const char *o) 167 { 168 return o == NULL || strcasecmp(o, "none") == 0; 169 } 170 171 void 172 fill_default_server_options(ServerOptions *options) 173 { 174 int i; 175 176 if (options->protocol == SSH_PROTO_UNKNOWN) 177 options->protocol = SSH_PROTO_2; 178 if (options->num_host_key_files == 0) { 179 /* fill default hostkeys for protocols */ 180 if (options->protocol & SSH_PROTO_1) 181 options->host_key_files[options->num_host_key_files++] = 182 _PATH_HOST_KEY_FILE; 183 if (options->protocol & SSH_PROTO_2) { 184 options->host_key_files[options->num_host_key_files++] = 185 _PATH_HOST_RSA_KEY_FILE; 186 options->host_key_files[options->num_host_key_files++] = 187 _PATH_HOST_DSA_KEY_FILE; 188 options->host_key_files[options->num_host_key_files++] = 189 _PATH_HOST_ECDSA_KEY_FILE; 190 options->host_key_files[options->num_host_key_files++] = 191 _PATH_HOST_ED25519_KEY_FILE; 192 } 193 } 194 /* No certificates by default */ 195 if (options->num_ports == 0) 196 options->ports[options->num_ports++] = SSH_DEFAULT_PORT; 197 if (options->address_family == -1) 198 options->address_family = AF_UNSPEC; 199 if (options->listen_addrs == NULL) 200 add_listen_addr(options, NULL, 0); 201 if (options->pid_file == NULL) 202 options->pid_file = xstrdup(_PATH_SSH_DAEMON_PID_FILE); 203 if (options->server_key_bits == -1) 204 options->server_key_bits = 1024; 205 if (options->login_grace_time == -1) 206 options->login_grace_time = 120; 207 if (options->key_regeneration_time == -1) 208 options->key_regeneration_time = 3600; 209 if (options->permit_root_login == PERMIT_NOT_SET) 210 options->permit_root_login = PERMIT_NO_PASSWD; 211 if (options->ignore_rhosts == -1) 212 options->ignore_rhosts = 1; 213 if (options->ignore_user_known_hosts == -1) 214 options->ignore_user_known_hosts = 0; 215 if (options->print_motd == -1) 216 options->print_motd = 1; 217 if (options->print_lastlog == -1) 218 options->print_lastlog = 1; 219 if (options->x11_forwarding == -1) 220 options->x11_forwarding = 0; 221 if (options->x11_display_offset == -1) 222 options->x11_display_offset = 10; 223 if (options->x11_use_localhost == -1) 224 options->x11_use_localhost = 1; 225 if (options->xauth_location == NULL) 226 options->xauth_location = xstrdup(_PATH_XAUTH); 227 if (options->permit_tty == -1) 228 options->permit_tty = 1; 229 if (options->permit_user_rc == -1) 230 options->permit_user_rc = 1; 231 if (options->strict_modes == -1) 232 options->strict_modes = 1; 233 if (options->tcp_keep_alive == -1) 234 options->tcp_keep_alive = 1; 235 if (options->log_facility == SYSLOG_FACILITY_NOT_SET) 236 options->log_facility = SYSLOG_FACILITY_AUTH; 237 if (options->log_level == SYSLOG_LEVEL_NOT_SET) 238 options->log_level = SYSLOG_LEVEL_INFO; 239 if (options->rhosts_rsa_authentication == -1) 240 options->rhosts_rsa_authentication = 0; 241 if (options->hostbased_authentication == -1) 242 options->hostbased_authentication = 0; 243 if (options->hostbased_uses_name_from_packet_only == -1) 244 options->hostbased_uses_name_from_packet_only = 0; 245 if (options->rsa_authentication == -1) 246 options->rsa_authentication = 1; 247 if (options->pubkey_authentication == -1) 248 options->pubkey_authentication = 1; 249 if (options->kerberos_authentication == -1) 250 options->kerberos_authentication = 0; 251 if (options->kerberos_or_local_passwd == -1) 252 options->kerberos_or_local_passwd = 1; 253 if (options->kerberos_ticket_cleanup == -1) 254 options->kerberos_ticket_cleanup = 1; 255 if (options->kerberos_get_afs_token == -1) 256 options->kerberos_get_afs_token = 0; 257 if (options->gss_authentication == -1) 258 options->gss_authentication = 0; 259 if (options->gss_cleanup_creds == -1) 260 options->gss_cleanup_creds = 1; 261 if (options->gss_strict_acceptor == -1) 262 options->gss_strict_acceptor = 0; 263 if (options->password_authentication == -1) 264 options->password_authentication = 1; 265 if (options->kbd_interactive_authentication == -1) 266 options->kbd_interactive_authentication = 0; 267 if (options->challenge_response_authentication == -1) 268 options->challenge_response_authentication = 1; 269 if (options->permit_empty_passwd == -1) 270 options->permit_empty_passwd = 0; 271 if (options->permit_user_env == -1) 272 options->permit_user_env = 0; 273 if (options->use_login == -1) 274 options->use_login = 0; 275 if (options->compression == -1) 276 options->compression = COMP_DELAYED; 277 if (options->rekey_limit == -1) 278 options->rekey_limit = 0; 279 if (options->rekey_interval == -1) 280 options->rekey_interval = 0; 281 if (options->allow_tcp_forwarding == -1) 282 options->allow_tcp_forwarding = FORWARD_ALLOW; 283 if (options->allow_streamlocal_forwarding == -1) 284 options->allow_streamlocal_forwarding = FORWARD_ALLOW; 285 if (options->allow_agent_forwarding == -1) 286 options->allow_agent_forwarding = 1; 287 if (options->fwd_opts.gateway_ports == -1) 288 options->fwd_opts.gateway_ports = 0; 289 if (options->max_startups == -1) 290 options->max_startups = 100; 291 if (options->max_startups_rate == -1) 292 options->max_startups_rate = 30; /* 30% */ 293 if (options->max_startups_begin == -1) 294 options->max_startups_begin = 10; 295 if (options->max_authtries == -1) 296 options->max_authtries = DEFAULT_AUTH_FAIL_MAX; 297 if (options->max_sessions == -1) 298 options->max_sessions = DEFAULT_SESSIONS_MAX; 299 if (options->use_dns == -1) 300 options->use_dns = 0; 301 if (options->client_alive_interval == -1) 302 options->client_alive_interval = 0; 303 if (options->client_alive_count_max == -1) 304 options->client_alive_count_max = 3; 305 if (options->num_authkeys_files == 0) { 306 options->authorized_keys_files[options->num_authkeys_files++] = 307 xstrdup(_PATH_SSH_USER_PERMITTED_KEYS); 308 options->authorized_keys_files[options->num_authkeys_files++] = 309 xstrdup(_PATH_SSH_USER_PERMITTED_KEYS2); 310 } 311 if (options->permit_tun == -1) 312 options->permit_tun = SSH_TUNMODE_NO; 313 if (options->ip_qos_interactive == -1) 314 options->ip_qos_interactive = IPTOS_LOWDELAY; 315 if (options->ip_qos_bulk == -1) 316 options->ip_qos_bulk = IPTOS_THROUGHPUT; 317 if (options->version_addendum == NULL) 318 options->version_addendum = xstrdup(""); 319 if (options->fwd_opts.streamlocal_bind_mask == (mode_t)-1) 320 options->fwd_opts.streamlocal_bind_mask = 0177; 321 if (options->fwd_opts.streamlocal_bind_unlink == -1) 322 options->fwd_opts.streamlocal_bind_unlink = 0; 323 if (options->fingerprint_hash == -1) 324 options->fingerprint_hash = SSH_FP_HASH_DEFAULT; 325 326 if (kex_assemble_names(KEX_SERVER_ENCRYPT, &options->ciphers) != 0 || 327 kex_assemble_names(KEX_SERVER_MAC, &options->macs) != 0 || 328 kex_assemble_names(KEX_SERVER_KEX, &options->kex_algorithms) != 0 || 329 kex_assemble_names(KEX_DEFAULT_PK_ALG, 330 &options->hostkeyalgorithms) != 0 || 331 kex_assemble_names(KEX_DEFAULT_PK_ALG, 332 &options->hostbased_key_types) != 0 || 333 kex_assemble_names(KEX_DEFAULT_PK_ALG, 334 &options->pubkey_key_types) != 0) 335 fatal("%s: kex_assemble_names failed", __func__); 336 337 /* Turn privilege separation on by default */ 338 if (use_privsep == -1) 339 use_privsep = PRIVSEP_NOSANDBOX; 340 341 #define CLEAR_ON_NONE(v) \ 342 do { \ 343 if (option_clear_or_none(v)) { \ 344 free(v); \ 345 v = NULL; \ 346 } \ 347 } while(0) 348 CLEAR_ON_NONE(options->pid_file); 349 CLEAR_ON_NONE(options->xauth_location); 350 CLEAR_ON_NONE(options->banner); 351 CLEAR_ON_NONE(options->trusted_user_ca_keys); 352 CLEAR_ON_NONE(options->revoked_keys_file); 353 CLEAR_ON_NONE(options->authorized_principals_file); 354 for (i = 0; i < options->num_host_key_files; i++) 355 CLEAR_ON_NONE(options->host_key_files[i]); 356 for (i = 0; i < options->num_host_cert_files; i++) 357 CLEAR_ON_NONE(options->host_cert_files[i]); 358 #undef CLEAR_ON_NONE 359 } 360 361 /* Keyword tokens. */ 362 typedef enum { 363 sBadOption, /* == unknown option */ 364 sPort, sHostKeyFile, sServerKeyBits, sLoginGraceTime, 365 sKeyRegenerationTime, sPermitRootLogin, sLogFacility, sLogLevel, 366 sRhostsRSAAuthentication, sRSAAuthentication, 367 sKerberosAuthentication, sKerberosOrLocalPasswd, sKerberosTicketCleanup, 368 sKerberosGetAFSToken, 369 sKerberosTgtPassing, sChallengeResponseAuthentication, 370 sPasswordAuthentication, sKbdInteractiveAuthentication, 371 sListenAddress, sAddressFamily, 372 sPrintMotd, sPrintLastLog, sIgnoreRhosts, 373 sX11Forwarding, sX11DisplayOffset, sX11UseLocalhost, 374 sPermitTTY, sStrictModes, sEmptyPasswd, sTCPKeepAlive, 375 sPermitUserEnvironment, sUseLogin, sAllowTcpForwarding, sCompression, 376 sRekeyLimit, sAllowUsers, sDenyUsers, sAllowGroups, sDenyGroups, 377 sIgnoreUserKnownHosts, sCiphers, sMacs, sProtocol, sPidFile, 378 sGatewayPorts, sPubkeyAuthentication, sPubkeyAcceptedKeyTypes, 379 sXAuthLocation, sSubsystem, sMaxStartups, sMaxAuthTries, sMaxSessions, 380 sBanner, sUseDNS, sHostbasedAuthentication, 381 sHostbasedUsesNameFromPacketOnly, sHostbasedAcceptedKeyTypes, 382 sHostKeyAlgorithms, 383 sClientAliveInterval, sClientAliveCountMax, sAuthorizedKeysFile, 384 sGssAuthentication, sGssCleanupCreds, sGssStrictAcceptor, 385 sAcceptEnv, sPermitTunnel, 386 sMatch, sPermitOpen, sForceCommand, sChrootDirectory, 387 sUsePrivilegeSeparation, sAllowAgentForwarding, 388 sHostCertificate, 389 sRevokedKeys, sTrustedUserCAKeys, sAuthorizedPrincipalsFile, 390 sAuthorizedPrincipalsCommand, sAuthorizedPrincipalsCommandUser, 391 sKexAlgorithms, sIPQoS, sVersionAddendum, 392 sAuthorizedKeysCommand, sAuthorizedKeysCommandUser, 393 sAuthenticationMethods, sHostKeyAgent, sPermitUserRC, 394 sStreamLocalBindMask, sStreamLocalBindUnlink, 395 sAllowStreamLocalForwarding, sFingerprintHash, 396 sDeprecated, sUnsupported 397 } ServerOpCodes; 398 399 #define SSHCFG_GLOBAL 0x01 /* allowed in main section of sshd_config */ 400 #define SSHCFG_MATCH 0x02 /* allowed inside a Match section */ 401 #define SSHCFG_ALL (SSHCFG_GLOBAL|SSHCFG_MATCH) 402 403 /* Textual representation of the tokens. */ 404 static struct { 405 const char *name; 406 ServerOpCodes opcode; 407 u_int flags; 408 } keywords[] = { 409 { "port", sPort, SSHCFG_GLOBAL }, 410 { "hostkey", sHostKeyFile, SSHCFG_GLOBAL }, 411 { "hostdsakey", sHostKeyFile, SSHCFG_GLOBAL }, /* alias */ 412 { "hostkeyagent", sHostKeyAgent, SSHCFG_GLOBAL }, 413 { "pidfile", sPidFile, SSHCFG_GLOBAL }, 414 { "serverkeybits", sServerKeyBits, SSHCFG_GLOBAL }, 415 { "logingracetime", sLoginGraceTime, SSHCFG_GLOBAL }, 416 { "keyregenerationinterval", sKeyRegenerationTime, SSHCFG_GLOBAL }, 417 { "permitrootlogin", sPermitRootLogin, SSHCFG_ALL }, 418 { "syslogfacility", sLogFacility, SSHCFG_GLOBAL }, 419 { "loglevel", sLogLevel, SSHCFG_GLOBAL }, 420 { "rhostsauthentication", sDeprecated, SSHCFG_GLOBAL }, 421 { "rhostsrsaauthentication", sRhostsRSAAuthentication, SSHCFG_ALL }, 422 { "hostbasedauthentication", sHostbasedAuthentication, SSHCFG_ALL }, 423 { "hostbasedusesnamefrompacketonly", sHostbasedUsesNameFromPacketOnly, SSHCFG_ALL }, 424 { "hostbasedacceptedkeytypes", sHostbasedAcceptedKeyTypes, SSHCFG_ALL }, 425 { "hostkeyalgorithms", sHostKeyAlgorithms, SSHCFG_GLOBAL }, 426 { "rsaauthentication", sRSAAuthentication, SSHCFG_ALL }, 427 { "pubkeyauthentication", sPubkeyAuthentication, SSHCFG_ALL }, 428 { "pubkeyacceptedkeytypes", sPubkeyAcceptedKeyTypes, SSHCFG_ALL }, 429 { "dsaauthentication", sPubkeyAuthentication, SSHCFG_GLOBAL }, /* alias */ 430 #ifdef KRB5 431 { "kerberosauthentication", sKerberosAuthentication, SSHCFG_ALL }, 432 { "kerberosorlocalpasswd", sKerberosOrLocalPasswd, SSHCFG_GLOBAL }, 433 { "kerberosticketcleanup", sKerberosTicketCleanup, SSHCFG_GLOBAL }, 434 { "kerberosgetafstoken", sKerberosGetAFSToken, SSHCFG_GLOBAL }, 435 #else 436 { "kerberosauthentication", sUnsupported, SSHCFG_ALL }, 437 { "kerberosorlocalpasswd", sUnsupported, SSHCFG_GLOBAL }, 438 { "kerberosticketcleanup", sUnsupported, SSHCFG_GLOBAL }, 439 { "kerberosgetafstoken", sUnsupported, SSHCFG_GLOBAL }, 440 #endif 441 { "kerberostgtpassing", sUnsupported, SSHCFG_GLOBAL }, 442 { "afstokenpassing", sUnsupported, SSHCFG_GLOBAL }, 443 #ifdef GSSAPI 444 { "gssapiauthentication", sGssAuthentication, SSHCFG_ALL }, 445 { "gssapicleanupcredentials", sGssCleanupCreds, SSHCFG_GLOBAL }, 446 { "gssapistrictacceptorcheck", sGssStrictAcceptor, SSHCFG_GLOBAL }, 447 #else 448 { "gssapiauthentication", sUnsupported, SSHCFG_ALL }, 449 { "gssapicleanupcredentials", sUnsupported, SSHCFG_GLOBAL }, 450 { "gssapistrictacceptorcheck", sUnsupported, SSHCFG_GLOBAL }, 451 #endif 452 { "passwordauthentication", sPasswordAuthentication, SSHCFG_ALL }, 453 { "kbdinteractiveauthentication", sKbdInteractiveAuthentication, SSHCFG_ALL }, 454 { "challengeresponseauthentication", sChallengeResponseAuthentication, SSHCFG_GLOBAL }, 455 { "skeyauthentication", sChallengeResponseAuthentication, SSHCFG_GLOBAL }, /* alias */ 456 { "checkmail", sDeprecated, SSHCFG_GLOBAL }, 457 { "listenaddress", sListenAddress, SSHCFG_GLOBAL }, 458 { "addressfamily", sAddressFamily, SSHCFG_GLOBAL }, 459 { "printmotd", sPrintMotd, SSHCFG_GLOBAL }, 460 { "printlastlog", sPrintLastLog, SSHCFG_GLOBAL }, 461 { "ignorerhosts", sIgnoreRhosts, SSHCFG_GLOBAL }, 462 { "ignoreuserknownhosts", sIgnoreUserKnownHosts, SSHCFG_GLOBAL }, 463 { "x11forwarding", sX11Forwarding, SSHCFG_ALL }, 464 { "x11displayoffset", sX11DisplayOffset, SSHCFG_ALL }, 465 { "x11uselocalhost", sX11UseLocalhost, SSHCFG_ALL }, 466 { "xauthlocation", sXAuthLocation, SSHCFG_GLOBAL }, 467 { "strictmodes", sStrictModes, SSHCFG_GLOBAL }, 468 { "permitemptypasswords", sEmptyPasswd, SSHCFG_ALL }, 469 { "permituserenvironment", sPermitUserEnvironment, SSHCFG_GLOBAL }, 470 { "uselogin", sUseLogin, SSHCFG_GLOBAL }, 471 { "compression", sCompression, SSHCFG_GLOBAL }, 472 { "rekeylimit", sRekeyLimit, SSHCFG_ALL }, 473 { "tcpkeepalive", sTCPKeepAlive, SSHCFG_GLOBAL }, 474 { "keepalive", sTCPKeepAlive, SSHCFG_GLOBAL }, /* obsolete alias */ 475 { "allowtcpforwarding", sAllowTcpForwarding, SSHCFG_ALL }, 476 { "allowagentforwarding", sAllowAgentForwarding, SSHCFG_ALL }, 477 { "allowusers", sAllowUsers, SSHCFG_ALL }, 478 { "denyusers", sDenyUsers, SSHCFG_ALL }, 479 { "allowgroups", sAllowGroups, SSHCFG_ALL }, 480 { "denygroups", sDenyGroups, SSHCFG_ALL }, 481 { "ciphers", sCiphers, SSHCFG_GLOBAL }, 482 { "macs", sMacs, SSHCFG_GLOBAL }, 483 { "protocol", sProtocol, SSHCFG_GLOBAL }, 484 { "gatewayports", sGatewayPorts, SSHCFG_ALL }, 485 { "subsystem", sSubsystem, SSHCFG_GLOBAL }, 486 { "maxstartups", sMaxStartups, SSHCFG_GLOBAL }, 487 { "maxauthtries", sMaxAuthTries, SSHCFG_ALL }, 488 { "maxsessions", sMaxSessions, SSHCFG_ALL }, 489 { "banner", sBanner, SSHCFG_ALL }, 490 { "usedns", sUseDNS, SSHCFG_GLOBAL }, 491 { "verifyreversemapping", sDeprecated, SSHCFG_GLOBAL }, 492 { "reversemappingcheck", sDeprecated, SSHCFG_GLOBAL }, 493 { "clientaliveinterval", sClientAliveInterval, SSHCFG_GLOBAL }, 494 { "clientalivecountmax", sClientAliveCountMax, SSHCFG_GLOBAL }, 495 { "authorizedkeysfile", sAuthorizedKeysFile, SSHCFG_ALL }, 496 { "authorizedkeysfile2", sDeprecated, SSHCFG_ALL }, 497 { "useprivilegeseparation", sUsePrivilegeSeparation, SSHCFG_GLOBAL}, 498 { "acceptenv", sAcceptEnv, SSHCFG_ALL }, 499 { "permittunnel", sPermitTunnel, SSHCFG_ALL }, 500 { "permittty", sPermitTTY, SSHCFG_ALL }, 501 { "permituserrc", sPermitUserRC, SSHCFG_ALL }, 502 { "match", sMatch, SSHCFG_ALL }, 503 { "permitopen", sPermitOpen, SSHCFG_ALL }, 504 { "forcecommand", sForceCommand, SSHCFG_ALL }, 505 { "chrootdirectory", sChrootDirectory, SSHCFG_ALL }, 506 { "hostcertificate", sHostCertificate, SSHCFG_GLOBAL }, 507 { "revokedkeys", sRevokedKeys, SSHCFG_ALL }, 508 { "trustedusercakeys", sTrustedUserCAKeys, SSHCFG_ALL }, 509 { "authorizedprincipalsfile", sAuthorizedPrincipalsFile, SSHCFG_ALL }, 510 { "kexalgorithms", sKexAlgorithms, SSHCFG_GLOBAL }, 511 { "ipqos", sIPQoS, SSHCFG_ALL }, 512 { "authorizedkeyscommand", sAuthorizedKeysCommand, SSHCFG_ALL }, 513 { "authorizedkeyscommanduser", sAuthorizedKeysCommandUser, SSHCFG_ALL }, 514 { "authorizedprincipalscommand", sAuthorizedPrincipalsCommand, SSHCFG_ALL }, 515 { "authorizedprincipalscommanduser", sAuthorizedPrincipalsCommandUser, SSHCFG_ALL }, 516 { "versionaddendum", sVersionAddendum, SSHCFG_GLOBAL }, 517 { "authenticationmethods", sAuthenticationMethods, SSHCFG_ALL }, 518 { "streamlocalbindmask", sStreamLocalBindMask, SSHCFG_ALL }, 519 { "streamlocalbindunlink", sStreamLocalBindUnlink, SSHCFG_ALL }, 520 { "allowstreamlocalforwarding", sAllowStreamLocalForwarding, SSHCFG_ALL }, 521 { "fingerprinthash", sFingerprintHash, SSHCFG_GLOBAL }, 522 { NULL, sBadOption, 0 } 523 }; 524 525 static struct { 526 int val; 527 char *text; 528 } tunmode_desc[] = { 529 { SSH_TUNMODE_NO, "no" }, 530 { SSH_TUNMODE_POINTOPOINT, "point-to-point" }, 531 { SSH_TUNMODE_ETHERNET, "ethernet" }, 532 { SSH_TUNMODE_YES, "yes" }, 533 { -1, NULL } 534 }; 535 536 /* 537 * Returns the number of the token pointed to by cp or sBadOption. 538 */ 539 540 static ServerOpCodes 541 parse_token(const char *cp, const char *filename, 542 int linenum, u_int *flags) 543 { 544 u_int i; 545 546 for (i = 0; keywords[i].name; i++) 547 if (strcasecmp(cp, keywords[i].name) == 0) { 548 *flags = keywords[i].flags; 549 return keywords[i].opcode; 550 } 551 552 error("%s: line %d: Bad configuration option: %s", 553 filename, linenum, cp); 554 return sBadOption; 555 } 556 557 char * 558 derelativise_path(const char *path) 559 { 560 char *expanded, *ret, cwd[PATH_MAX]; 561 562 if (strcasecmp(path, "none") == 0) 563 return xstrdup("none"); 564 expanded = tilde_expand_filename(path, getuid()); 565 if (*expanded == '/') 566 return expanded; 567 if (getcwd(cwd, sizeof(cwd)) == NULL) 568 fatal("%s: getcwd: %s", __func__, strerror(errno)); 569 xasprintf(&ret, "%s/%s", cwd, expanded); 570 free(expanded); 571 return ret; 572 } 573 574 static void 575 add_listen_addr(ServerOptions *options, char *addr, int port) 576 { 577 u_int i; 578 579 if (port == 0) 580 for (i = 0; i < options->num_ports; i++) 581 add_one_listen_addr(options, addr, options->ports[i]); 582 else 583 add_one_listen_addr(options, addr, port); 584 } 585 586 static void 587 add_one_listen_addr(ServerOptions *options, char *addr, int port) 588 { 589 struct addrinfo hints, *ai, *aitop; 590 char strport[NI_MAXSERV]; 591 int gaierr; 592 593 memset(&hints, 0, sizeof(hints)); 594 hints.ai_family = options->address_family; 595 hints.ai_socktype = SOCK_STREAM; 596 hints.ai_flags = (addr == NULL) ? AI_PASSIVE : 0; 597 snprintf(strport, sizeof strport, "%d", port); 598 if ((gaierr = getaddrinfo(addr, strport, &hints, &aitop)) != 0) 599 fatal("bad addr or host: %s (%s)", 600 addr ? addr : "<NULL>", 601 ssh_gai_strerror(gaierr)); 602 for (ai = aitop; ai->ai_next; ai = ai->ai_next) 603 ; 604 ai->ai_next = options->listen_addrs; 605 options->listen_addrs = aitop; 606 } 607 608 /* 609 * Queue a ListenAddress to be processed once we have all of the Ports 610 * and AddressFamily options. 611 */ 612 static void 613 queue_listen_addr(ServerOptions *options, char *addr, int port) 614 { 615 options->queued_listen_addrs = xreallocarray( 616 options->queued_listen_addrs, options->num_queued_listens + 1, 617 sizeof(addr)); 618 options->queued_listen_ports = xreallocarray( 619 options->queued_listen_ports, options->num_queued_listens + 1, 620 sizeof(port)); 621 options->queued_listen_addrs[options->num_queued_listens] = 622 xstrdup(addr); 623 options->queued_listen_ports[options->num_queued_listens] = port; 624 options->num_queued_listens++; 625 } 626 627 /* 628 * Process queued (text) ListenAddress entries. 629 */ 630 static void 631 process_queued_listen_addrs(ServerOptions *options) 632 { 633 u_int i; 634 635 if (options->num_ports == 0) 636 options->ports[options->num_ports++] = SSH_DEFAULT_PORT; 637 if (options->address_family == -1) 638 options->address_family = AF_UNSPEC; 639 640 for (i = 0; i < options->num_queued_listens; i++) { 641 add_listen_addr(options, options->queued_listen_addrs[i], 642 options->queued_listen_ports[i]); 643 free(options->queued_listen_addrs[i]); 644 options->queued_listen_addrs[i] = NULL; 645 } 646 free(options->queued_listen_addrs); 647 options->queued_listen_addrs = NULL; 648 free(options->queued_listen_ports); 649 options->queued_listen_ports = NULL; 650 options->num_queued_listens = 0; 651 } 652 653 struct connection_info * 654 get_connection_info(int populate, int use_dns) 655 { 656 static struct connection_info ci; 657 658 if (!populate) 659 return &ci; 660 ci.host = get_canonical_hostname(use_dns); 661 ci.address = get_remote_ipaddr(); 662 ci.laddress = get_local_ipaddr(packet_get_connection_in()); 663 ci.lport = get_local_port(); 664 return &ci; 665 } 666 667 /* 668 * The strategy for the Match blocks is that the config file is parsed twice. 669 * 670 * The first time is at startup. activep is initialized to 1 and the 671 * directives in the global context are processed and acted on. Hitting a 672 * Match directive unsets activep and the directives inside the block are 673 * checked for syntax only. 674 * 675 * The second time is after a connection has been established but before 676 * authentication. activep is initialized to 2 and global config directives 677 * are ignored since they have already been processed. If the criteria in a 678 * Match block is met, activep is set and the subsequent directives 679 * processed and actioned until EOF or another Match block unsets it. Any 680 * options set are copied into the main server config. 681 * 682 * Potential additions/improvements: 683 * - Add Match support for pre-kex directives, eg Protocol, Ciphers. 684 * 685 * - Add a Tag directive (idea from David Leonard) ala pf, eg: 686 * Match Address 192.168.0.* 687 * Tag trusted 688 * Match Group wheel 689 * Tag trusted 690 * Match Tag trusted 691 * AllowTcpForwarding yes 692 * GatewayPorts clientspecified 693 * [...] 694 * 695 * - Add a PermittedChannelRequests directive 696 * Match Group shell 697 * PermittedChannelRequests session,forwarded-tcpip 698 */ 699 700 static int 701 match_cfg_line_group(const char *grps, int line, const char *user) 702 { 703 int result = 0; 704 struct passwd *pw; 705 706 if (user == NULL) 707 goto out; 708 709 if ((pw = getpwnam(user)) == NULL) { 710 debug("Can't match group at line %d because user %.100s does " 711 "not exist", line, user); 712 } else if (ga_init(pw->pw_name, pw->pw_gid) == 0) { 713 debug("Can't Match group because user %.100s not in any group " 714 "at line %d", user, line); 715 } else if (ga_match_pattern_list(grps) != 1) { 716 debug("user %.100s does not match group list %.100s at line %d", 717 user, grps, line); 718 } else { 719 debug("user %.100s matched group list %.100s at line %d", user, 720 grps, line); 721 result = 1; 722 } 723 out: 724 ga_free(); 725 return result; 726 } 727 728 /* 729 * All of the attributes on a single Match line are ANDed together, so we need 730 * to check every attribute and set the result to zero if any attribute does 731 * not match. 732 */ 733 static int 734 match_cfg_line(char **condition, int line, struct connection_info *ci) 735 { 736 int result = 1, attributes = 0, port; 737 char *arg, *attrib, *cp = *condition; 738 739 if (ci == NULL) 740 debug3("checking syntax for 'Match %s'", cp); 741 else 742 debug3("checking match for '%s' user %s host %s addr %s " 743 "laddr %s lport %d", cp, ci->user ? ci->user : "(null)", 744 ci->host ? ci->host : "(null)", 745 ci->address ? ci->address : "(null)", 746 ci->laddress ? ci->laddress : "(null)", ci->lport); 747 748 while ((attrib = strdelim(&cp)) && *attrib != '\0') { 749 attributes++; 750 if (strcasecmp(attrib, "all") == 0) { 751 if (attributes != 1 || 752 ((arg = strdelim(&cp)) != NULL && *arg != '\0')) { 753 error("'all' cannot be combined with other " 754 "Match attributes"); 755 return -1; 756 } 757 *condition = cp; 758 return 1; 759 } 760 if ((arg = strdelim(&cp)) == NULL || *arg == '\0') { 761 error("Missing Match criteria for %s", attrib); 762 return -1; 763 } 764 if (strcasecmp(attrib, "user") == 0) { 765 if (ci == NULL || ci->user == NULL) { 766 result = 0; 767 continue; 768 } 769 if (match_pattern_list(ci->user, arg, 0) != 1) 770 result = 0; 771 else 772 debug("user %.100s matched 'User %.100s' at " 773 "line %d", ci->user, arg, line); 774 } else if (strcasecmp(attrib, "group") == 0) { 775 if (ci == NULL || ci->user == NULL) { 776 result = 0; 777 continue; 778 } 779 switch (match_cfg_line_group(arg, line, ci->user)) { 780 case -1: 781 return -1; 782 case 0: 783 result = 0; 784 } 785 } else if (strcasecmp(attrib, "host") == 0) { 786 if (ci == NULL || ci->host == NULL) { 787 result = 0; 788 continue; 789 } 790 if (match_hostname(ci->host, arg) != 1) 791 result = 0; 792 else 793 debug("connection from %.100s matched 'Host " 794 "%.100s' at line %d", ci->host, arg, line); 795 } else if (strcasecmp(attrib, "address") == 0) { 796 if (ci == NULL || ci->address == NULL) { 797 result = 0; 798 continue; 799 } 800 switch (addr_match_list(ci->address, arg)) { 801 case 1: 802 debug("connection from %.100s matched 'Address " 803 "%.100s' at line %d", ci->address, arg, line); 804 break; 805 case 0: 806 case -1: 807 result = 0; 808 break; 809 case -2: 810 return -1; 811 } 812 } else if (strcasecmp(attrib, "localaddress") == 0){ 813 if (ci == NULL || ci->laddress == NULL) { 814 result = 0; 815 continue; 816 } 817 switch (addr_match_list(ci->laddress, arg)) { 818 case 1: 819 debug("connection from %.100s matched " 820 "'LocalAddress %.100s' at line %d", 821 ci->laddress, arg, line); 822 break; 823 case 0: 824 case -1: 825 result = 0; 826 break; 827 case -2: 828 return -1; 829 } 830 } else if (strcasecmp(attrib, "localport") == 0) { 831 if ((port = a2port(arg)) == -1) { 832 error("Invalid LocalPort '%s' on Match line", 833 arg); 834 return -1; 835 } 836 if (ci == NULL || ci->lport == 0) { 837 result = 0; 838 continue; 839 } 840 /* TODO support port lists */ 841 if (port == ci->lport) 842 debug("connection from %.100s matched " 843 "'LocalPort %d' at line %d", 844 ci->laddress, port, line); 845 else 846 result = 0; 847 } else { 848 error("Unsupported Match attribute %s", attrib); 849 return -1; 850 } 851 } 852 if (attributes == 0) { 853 error("One or more attributes required for Match"); 854 return -1; 855 } 856 if (ci != NULL) 857 debug3("match %sfound", result ? "" : "not "); 858 *condition = cp; 859 return result; 860 } 861 862 #define WHITESPACE " \t\r\n" 863 864 /* Multistate option parsing */ 865 struct multistate { 866 char *key; 867 int value; 868 }; 869 static const struct multistate multistate_addressfamily[] = { 870 { "inet", AF_INET }, 871 { "inet6", AF_INET6 }, 872 { "any", AF_UNSPEC }, 873 { NULL, -1 } 874 }; 875 static const struct multistate multistate_permitrootlogin[] = { 876 { "without-password", PERMIT_NO_PASSWD }, 877 { "prohibit-password", PERMIT_NO_PASSWD }, 878 { "forced-commands-only", PERMIT_FORCED_ONLY }, 879 { "yes", PERMIT_YES }, 880 { "no", PERMIT_NO }, 881 { NULL, -1 } 882 }; 883 static const struct multistate multistate_compression[] = { 884 { "delayed", COMP_DELAYED }, 885 { "yes", COMP_ZLIB }, 886 { "no", COMP_NONE }, 887 { NULL, -1 } 888 }; 889 static const struct multistate multistate_gatewayports[] = { 890 { "clientspecified", 2 }, 891 { "yes", 1 }, 892 { "no", 0 }, 893 { NULL, -1 } 894 }; 895 static const struct multistate multistate_privsep[] = { 896 { "yes", PRIVSEP_NOSANDBOX }, 897 { "sandbox", PRIVSEP_ON }, 898 { "nosandbox", PRIVSEP_NOSANDBOX }, 899 { "no", PRIVSEP_OFF }, 900 { NULL, -1 } 901 }; 902 static const struct multistate multistate_tcpfwd[] = { 903 { "yes", FORWARD_ALLOW }, 904 { "all", FORWARD_ALLOW }, 905 { "no", FORWARD_DENY }, 906 { "remote", FORWARD_REMOTE }, 907 { "local", FORWARD_LOCAL }, 908 { NULL, -1 } 909 }; 910 911 int 912 process_server_config_line(ServerOptions *options, char *line, 913 const char *filename, int linenum, int *activep, 914 struct connection_info *connectinfo) 915 { 916 char *cp, **charptr, *arg, *p; 917 int cmdline = 0, *intptr, value, value2, n, port; 918 SyslogFacility *log_facility_ptr; 919 LogLevel *log_level_ptr; 920 ServerOpCodes opcode; 921 u_int i, flags = 0; 922 size_t len; 923 long long val64; 924 const struct multistate *multistate_ptr; 925 926 cp = line; 927 if ((arg = strdelim(&cp)) == NULL) 928 return 0; 929 /* Ignore leading whitespace */ 930 if (*arg == '\0') 931 arg = strdelim(&cp); 932 if (!arg || !*arg || *arg == '#') 933 return 0; 934 intptr = NULL; 935 charptr = NULL; 936 opcode = parse_token(arg, filename, linenum, &flags); 937 938 if (activep == NULL) { /* We are processing a command line directive */ 939 cmdline = 1; 940 activep = &cmdline; 941 } 942 if (*activep && opcode != sMatch) 943 debug3("%s:%d setting %s %s", filename, linenum, arg, cp); 944 if (*activep == 0 && !(flags & SSHCFG_MATCH)) { 945 if (connectinfo == NULL) { 946 fatal("%s line %d: Directive '%s' is not allowed " 947 "within a Match block", filename, linenum, arg); 948 } else { /* this is a directive we have already processed */ 949 while (arg) 950 arg = strdelim(&cp); 951 return 0; 952 } 953 } 954 955 switch (opcode) { 956 case sBadOption: 957 return -1; 958 case sPort: 959 /* ignore ports from configfile if cmdline specifies ports */ 960 if (options->ports_from_cmdline) 961 return 0; 962 if (options->num_ports >= MAX_PORTS) 963 fatal("%s line %d: too many ports.", 964 filename, linenum); 965 arg = strdelim(&cp); 966 if (!arg || *arg == '\0') 967 fatal("%s line %d: missing port number.", 968 filename, linenum); 969 options->ports[options->num_ports++] = a2port(arg); 970 if (options->ports[options->num_ports-1] <= 0) 971 fatal("%s line %d: Badly formatted port number.", 972 filename, linenum); 973 break; 974 975 case sServerKeyBits: 976 intptr = &options->server_key_bits; 977 parse_int: 978 arg = strdelim(&cp); 979 if (!arg || *arg == '\0') 980 fatal("%s line %d: missing integer value.", 981 filename, linenum); 982 value = atoi(arg); 983 if (*activep && *intptr == -1) 984 *intptr = value; 985 break; 986 987 case sLoginGraceTime: 988 intptr = &options->login_grace_time; 989 parse_time: 990 arg = strdelim(&cp); 991 if (!arg || *arg == '\0') 992 fatal("%s line %d: missing time value.", 993 filename, linenum); 994 if ((value = convtime(arg)) == -1) 995 fatal("%s line %d: invalid time value.", 996 filename, linenum); 997 if (*activep && *intptr == -1) 998 *intptr = value; 999 break; 1000 1001 case sKeyRegenerationTime: 1002 intptr = &options->key_regeneration_time; 1003 goto parse_time; 1004 1005 case sListenAddress: 1006 arg = strdelim(&cp); 1007 if (arg == NULL || *arg == '\0') 1008 fatal("%s line %d: missing address", 1009 filename, linenum); 1010 /* check for bare IPv6 address: no "[]" and 2 or more ":" */ 1011 if (strchr(arg, '[') == NULL && (p = strchr(arg, ':')) != NULL 1012 && strchr(p+1, ':') != NULL) { 1013 queue_listen_addr(options, arg, 0); 1014 break; 1015 } 1016 p = hpdelim(&arg); 1017 if (p == NULL) 1018 fatal("%s line %d: bad address:port usage", 1019 filename, linenum); 1020 p = cleanhostname(p); 1021 if (arg == NULL) 1022 port = 0; 1023 else if ((port = a2port(arg)) <= 0) 1024 fatal("%s line %d: bad port number", filename, linenum); 1025 1026 queue_listen_addr(options, p, port); 1027 1028 break; 1029 1030 case sAddressFamily: 1031 intptr = &options->address_family; 1032 multistate_ptr = multistate_addressfamily; 1033 parse_multistate: 1034 arg = strdelim(&cp); 1035 if (!arg || *arg == '\0') 1036 fatal("%s line %d: missing argument.", 1037 filename, linenum); 1038 value = -1; 1039 for (i = 0; multistate_ptr[i].key != NULL; i++) { 1040 if (strcasecmp(arg, multistate_ptr[i].key) == 0) { 1041 value = multistate_ptr[i].value; 1042 break; 1043 } 1044 } 1045 if (value == -1) 1046 fatal("%s line %d: unsupported option \"%s\".", 1047 filename, linenum, arg); 1048 if (*activep && *intptr == -1) 1049 *intptr = value; 1050 break; 1051 1052 case sHostKeyFile: 1053 intptr = &options->num_host_key_files; 1054 if (*intptr >= MAX_HOSTKEYS) 1055 fatal("%s line %d: too many host keys specified (max %d).", 1056 filename, linenum, MAX_HOSTKEYS); 1057 charptr = &options->host_key_files[*intptr]; 1058 parse_filename: 1059 arg = strdelim(&cp); 1060 if (!arg || *arg == '\0') 1061 fatal("%s line %d: missing file name.", 1062 filename, linenum); 1063 if (*activep && *charptr == NULL) { 1064 *charptr = derelativise_path(arg); 1065 /* increase optional counter */ 1066 if (intptr != NULL) 1067 *intptr = *intptr + 1; 1068 } 1069 break; 1070 1071 case sHostKeyAgent: 1072 charptr = &options->host_key_agent; 1073 arg = strdelim(&cp); 1074 if (!arg || *arg == '\0') 1075 fatal("%s line %d: missing socket name.", 1076 filename, linenum); 1077 if (*activep && *charptr == NULL) 1078 *charptr = !strcmp(arg, SSH_AUTHSOCKET_ENV_NAME) ? 1079 xstrdup(arg) : derelativise_path(arg); 1080 break; 1081 1082 case sHostCertificate: 1083 intptr = &options->num_host_cert_files; 1084 if (*intptr >= MAX_HOSTKEYS) 1085 fatal("%s line %d: too many host certificates " 1086 "specified (max %d).", filename, linenum, 1087 MAX_HOSTCERTS); 1088 charptr = &options->host_cert_files[*intptr]; 1089 goto parse_filename; 1090 break; 1091 1092 case sPidFile: 1093 charptr = &options->pid_file; 1094 goto parse_filename; 1095 1096 case sPermitRootLogin: 1097 intptr = &options->permit_root_login; 1098 multistate_ptr = multistate_permitrootlogin; 1099 goto parse_multistate; 1100 1101 case sIgnoreRhosts: 1102 intptr = &options->ignore_rhosts; 1103 parse_flag: 1104 arg = strdelim(&cp); 1105 if (!arg || *arg == '\0') 1106 fatal("%s line %d: missing yes/no argument.", 1107 filename, linenum); 1108 value = 0; /* silence compiler */ 1109 if (strcmp(arg, "yes") == 0) 1110 value = 1; 1111 else if (strcmp(arg, "no") == 0) 1112 value = 0; 1113 else 1114 fatal("%s line %d: Bad yes/no argument: %s", 1115 filename, linenum, arg); 1116 if (*activep && *intptr == -1) 1117 *intptr = value; 1118 break; 1119 1120 case sIgnoreUserKnownHosts: 1121 intptr = &options->ignore_user_known_hosts; 1122 goto parse_flag; 1123 1124 case sRhostsRSAAuthentication: 1125 intptr = &options->rhosts_rsa_authentication; 1126 goto parse_flag; 1127 1128 case sHostbasedAuthentication: 1129 intptr = &options->hostbased_authentication; 1130 goto parse_flag; 1131 1132 case sHostbasedUsesNameFromPacketOnly: 1133 intptr = &options->hostbased_uses_name_from_packet_only; 1134 goto parse_flag; 1135 1136 case sHostbasedAcceptedKeyTypes: 1137 charptr = &options->hostbased_key_types; 1138 parse_keytypes: 1139 arg = strdelim(&cp); 1140 if (!arg || *arg == '\0') 1141 fatal("%s line %d: Missing argument.", 1142 filename, linenum); 1143 if (!sshkey_names_valid2(*arg == '+' ? arg + 1 : arg, 1)) 1144 fatal("%s line %d: Bad key types '%s'.", 1145 filename, linenum, arg ? arg : "<NONE>"); 1146 if (*activep && *charptr == NULL) 1147 *charptr = xstrdup(arg); 1148 break; 1149 1150 case sHostKeyAlgorithms: 1151 charptr = &options->hostkeyalgorithms; 1152 goto parse_keytypes; 1153 1154 case sRSAAuthentication: 1155 intptr = &options->rsa_authentication; 1156 goto parse_flag; 1157 1158 case sPubkeyAuthentication: 1159 intptr = &options->pubkey_authentication; 1160 goto parse_flag; 1161 1162 case sPubkeyAcceptedKeyTypes: 1163 charptr = &options->pubkey_key_types; 1164 goto parse_keytypes; 1165 1166 case sKerberosAuthentication: 1167 intptr = &options->kerberos_authentication; 1168 goto parse_flag; 1169 1170 case sKerberosOrLocalPasswd: 1171 intptr = &options->kerberos_or_local_passwd; 1172 goto parse_flag; 1173 1174 case sKerberosTicketCleanup: 1175 intptr = &options->kerberos_ticket_cleanup; 1176 goto parse_flag; 1177 1178 case sKerberosGetAFSToken: 1179 intptr = &options->kerberos_get_afs_token; 1180 goto parse_flag; 1181 1182 case sGssAuthentication: 1183 intptr = &options->gss_authentication; 1184 goto parse_flag; 1185 1186 case sGssCleanupCreds: 1187 intptr = &options->gss_cleanup_creds; 1188 goto parse_flag; 1189 1190 case sGssStrictAcceptor: 1191 intptr = &options->gss_strict_acceptor; 1192 goto parse_flag; 1193 1194 case sPasswordAuthentication: 1195 intptr = &options->password_authentication; 1196 goto parse_flag; 1197 1198 case sKbdInteractiveAuthentication: 1199 intptr = &options->kbd_interactive_authentication; 1200 goto parse_flag; 1201 1202 case sChallengeResponseAuthentication: 1203 intptr = &options->challenge_response_authentication; 1204 goto parse_flag; 1205 1206 case sPrintMotd: 1207 intptr = &options->print_motd; 1208 goto parse_flag; 1209 1210 case sPrintLastLog: 1211 intptr = &options->print_lastlog; 1212 goto parse_flag; 1213 1214 case sX11Forwarding: 1215 intptr = &options->x11_forwarding; 1216 goto parse_flag; 1217 1218 case sX11DisplayOffset: 1219 intptr = &options->x11_display_offset; 1220 goto parse_int; 1221 1222 case sX11UseLocalhost: 1223 intptr = &options->x11_use_localhost; 1224 goto parse_flag; 1225 1226 case sXAuthLocation: 1227 charptr = &options->xauth_location; 1228 goto parse_filename; 1229 1230 case sPermitTTY: 1231 intptr = &options->permit_tty; 1232 goto parse_flag; 1233 1234 case sPermitUserRC: 1235 intptr = &options->permit_user_rc; 1236 goto parse_flag; 1237 1238 case sStrictModes: 1239 intptr = &options->strict_modes; 1240 goto parse_flag; 1241 1242 case sTCPKeepAlive: 1243 intptr = &options->tcp_keep_alive; 1244 goto parse_flag; 1245 1246 case sEmptyPasswd: 1247 intptr = &options->permit_empty_passwd; 1248 goto parse_flag; 1249 1250 case sPermitUserEnvironment: 1251 intptr = &options->permit_user_env; 1252 goto parse_flag; 1253 1254 case sUseLogin: 1255 intptr = &options->use_login; 1256 goto parse_flag; 1257 1258 case sCompression: 1259 intptr = &options->compression; 1260 multistate_ptr = multistate_compression; 1261 goto parse_multistate; 1262 1263 case sRekeyLimit: 1264 arg = strdelim(&cp); 1265 if (!arg || *arg == '\0') 1266 fatal("%.200s line %d: Missing argument.", filename, 1267 linenum); 1268 if (strcmp(arg, "default") == 0) { 1269 val64 = 0; 1270 } else { 1271 if (scan_scaled(arg, &val64) == -1) 1272 fatal("%.200s line %d: Bad number '%s': %s", 1273 filename, linenum, arg, strerror(errno)); 1274 /* check for too-large or too-small limits */ 1275 if (val64 > UINT_MAX) 1276 fatal("%.200s line %d: RekeyLimit too large", 1277 filename, linenum); 1278 if (val64 != 0 && val64 < 16) 1279 fatal("%.200s line %d: RekeyLimit too small", 1280 filename, linenum); 1281 } 1282 if (*activep && options->rekey_limit == -1) 1283 options->rekey_limit = (u_int32_t)val64; 1284 if (cp != NULL) { /* optional rekey interval present */ 1285 if (strcmp(cp, "none") == 0) { 1286 (void)strdelim(&cp); /* discard */ 1287 break; 1288 } 1289 intptr = &options->rekey_interval; 1290 goto parse_time; 1291 } 1292 break; 1293 1294 case sGatewayPorts: 1295 intptr = &options->fwd_opts.gateway_ports; 1296 multistate_ptr = multistate_gatewayports; 1297 goto parse_multistate; 1298 1299 case sUseDNS: 1300 intptr = &options->use_dns; 1301 goto parse_flag; 1302 1303 case sLogFacility: 1304 log_facility_ptr = &options->log_facility; 1305 arg = strdelim(&cp); 1306 value = log_facility_number(arg); 1307 if (value == SYSLOG_FACILITY_NOT_SET) 1308 fatal("%.200s line %d: unsupported log facility '%s'", 1309 filename, linenum, arg ? arg : "<NONE>"); 1310 if (*log_facility_ptr == -1) 1311 *log_facility_ptr = (SyslogFacility) value; 1312 break; 1313 1314 case sLogLevel: 1315 log_level_ptr = &options->log_level; 1316 arg = strdelim(&cp); 1317 value = log_level_number(arg); 1318 if (value == SYSLOG_LEVEL_NOT_SET) 1319 fatal("%.200s line %d: unsupported log level '%s'", 1320 filename, linenum, arg ? arg : "<NONE>"); 1321 if (*log_level_ptr == -1) 1322 *log_level_ptr = (LogLevel) value; 1323 break; 1324 1325 case sAllowTcpForwarding: 1326 intptr = &options->allow_tcp_forwarding; 1327 multistate_ptr = multistate_tcpfwd; 1328 goto parse_multistate; 1329 1330 case sAllowStreamLocalForwarding: 1331 intptr = &options->allow_streamlocal_forwarding; 1332 multistate_ptr = multistate_tcpfwd; 1333 goto parse_multistate; 1334 1335 case sAllowAgentForwarding: 1336 intptr = &options->allow_agent_forwarding; 1337 goto parse_flag; 1338 1339 case sUsePrivilegeSeparation: 1340 intptr = &use_privsep; 1341 multistate_ptr = multistate_privsep; 1342 goto parse_multistate; 1343 1344 case sAllowUsers: 1345 while ((arg = strdelim(&cp)) && *arg != '\0') { 1346 if (options->num_allow_users >= MAX_ALLOW_USERS) 1347 fatal("%s line %d: too many allow users.", 1348 filename, linenum); 1349 if (!*activep) 1350 continue; 1351 options->allow_users[options->num_allow_users++] = 1352 xstrdup(arg); 1353 } 1354 break; 1355 1356 case sDenyUsers: 1357 while ((arg = strdelim(&cp)) && *arg != '\0') { 1358 if (options->num_deny_users >= MAX_DENY_USERS) 1359 fatal("%s line %d: too many deny users.", 1360 filename, linenum); 1361 if (!*activep) 1362 continue; 1363 options->deny_users[options->num_deny_users++] = 1364 xstrdup(arg); 1365 } 1366 break; 1367 1368 case sAllowGroups: 1369 while ((arg = strdelim(&cp)) && *arg != '\0') { 1370 if (options->num_allow_groups >= MAX_ALLOW_GROUPS) 1371 fatal("%s line %d: too many allow groups.", 1372 filename, linenum); 1373 if (!*activep) 1374 continue; 1375 options->allow_groups[options->num_allow_groups++] = 1376 xstrdup(arg); 1377 } 1378 break; 1379 1380 case sDenyGroups: 1381 while ((arg = strdelim(&cp)) && *arg != '\0') { 1382 if (options->num_deny_groups >= MAX_DENY_GROUPS) 1383 fatal("%s line %d: too many deny groups.", 1384 filename, linenum); 1385 if (!*activep) 1386 continue; 1387 options->deny_groups[options->num_deny_groups++] = 1388 xstrdup(arg); 1389 } 1390 break; 1391 1392 case sCiphers: 1393 arg = strdelim(&cp); 1394 if (!arg || *arg == '\0') 1395 fatal("%s line %d: Missing argument.", filename, linenum); 1396 if (!ciphers_valid(*arg == '+' ? arg + 1 : arg)) 1397 fatal("%s line %d: Bad SSH2 cipher spec '%s'.", 1398 filename, linenum, arg ? arg : "<NONE>"); 1399 if (options->ciphers == NULL) 1400 options->ciphers = xstrdup(arg); 1401 break; 1402 1403 case sMacs: 1404 arg = strdelim(&cp); 1405 if (!arg || *arg == '\0') 1406 fatal("%s line %d: Missing argument.", filename, linenum); 1407 if (!mac_valid(*arg == '+' ? arg + 1 : arg)) 1408 fatal("%s line %d: Bad SSH2 mac spec '%s'.", 1409 filename, linenum, arg ? arg : "<NONE>"); 1410 if (options->macs == NULL) 1411 options->macs = xstrdup(arg); 1412 break; 1413 1414 case sKexAlgorithms: 1415 arg = strdelim(&cp); 1416 if (!arg || *arg == '\0') 1417 fatal("%s line %d: Missing argument.", 1418 filename, linenum); 1419 if (!kex_names_valid(*arg == '+' ? arg + 1 : arg)) 1420 fatal("%s line %d: Bad SSH2 KexAlgorithms '%s'.", 1421 filename, linenum, arg ? arg : "<NONE>"); 1422 if (options->kex_algorithms == NULL) 1423 options->kex_algorithms = xstrdup(arg); 1424 break; 1425 1426 case sProtocol: 1427 intptr = &options->protocol; 1428 arg = strdelim(&cp); 1429 if (!arg || *arg == '\0') 1430 fatal("%s line %d: Missing argument.", filename, linenum); 1431 value = proto_spec(arg); 1432 if (value == SSH_PROTO_UNKNOWN) 1433 fatal("%s line %d: Bad protocol spec '%s'.", 1434 filename, linenum, arg ? arg : "<NONE>"); 1435 if (*intptr == SSH_PROTO_UNKNOWN) 1436 *intptr = value; 1437 break; 1438 1439 case sSubsystem: 1440 if (options->num_subsystems >= MAX_SUBSYSTEMS) { 1441 fatal("%s line %d: too many subsystems defined.", 1442 filename, linenum); 1443 } 1444 arg = strdelim(&cp); 1445 if (!arg || *arg == '\0') 1446 fatal("%s line %d: Missing subsystem name.", 1447 filename, linenum); 1448 if (!*activep) { 1449 arg = strdelim(&cp); 1450 break; 1451 } 1452 for (i = 0; i < options->num_subsystems; i++) 1453 if (strcmp(arg, options->subsystem_name[i]) == 0) 1454 fatal("%s line %d: Subsystem '%s' already defined.", 1455 filename, linenum, arg); 1456 options->subsystem_name[options->num_subsystems] = xstrdup(arg); 1457 arg = strdelim(&cp); 1458 if (!arg || *arg == '\0') 1459 fatal("%s line %d: Missing subsystem command.", 1460 filename, linenum); 1461 options->subsystem_command[options->num_subsystems] = xstrdup(arg); 1462 1463 /* Collect arguments (separate to executable) */ 1464 p = xstrdup(arg); 1465 len = strlen(p) + 1; 1466 while ((arg = strdelim(&cp)) != NULL && *arg != '\0') { 1467 len += 1 + strlen(arg); 1468 p = xreallocarray(p, 1, len); 1469 strlcat(p, " ", len); 1470 strlcat(p, arg, len); 1471 } 1472 options->subsystem_args[options->num_subsystems] = p; 1473 options->num_subsystems++; 1474 break; 1475 1476 case sMaxStartups: 1477 arg = strdelim(&cp); 1478 if (!arg || *arg == '\0') 1479 fatal("%s line %d: Missing MaxStartups spec.", 1480 filename, linenum); 1481 if ((n = sscanf(arg, "%d:%d:%d", 1482 &options->max_startups_begin, 1483 &options->max_startups_rate, 1484 &options->max_startups)) == 3) { 1485 if (options->max_startups_begin > 1486 options->max_startups || 1487 options->max_startups_rate > 100 || 1488 options->max_startups_rate < 1) 1489 fatal("%s line %d: Illegal MaxStartups spec.", 1490 filename, linenum); 1491 } else if (n != 1) 1492 fatal("%s line %d: Illegal MaxStartups spec.", 1493 filename, linenum); 1494 else 1495 options->max_startups = options->max_startups_begin; 1496 break; 1497 1498 case sMaxAuthTries: 1499 intptr = &options->max_authtries; 1500 goto parse_int; 1501 1502 case sMaxSessions: 1503 intptr = &options->max_sessions; 1504 goto parse_int; 1505 1506 case sBanner: 1507 charptr = &options->banner; 1508 goto parse_filename; 1509 1510 /* 1511 * These options can contain %X options expanded at 1512 * connect time, so that you can specify paths like: 1513 * 1514 * AuthorizedKeysFile /etc/ssh_keys/%u 1515 */ 1516 case sAuthorizedKeysFile: 1517 if (*activep && options->num_authkeys_files == 0) { 1518 while ((arg = strdelim(&cp)) && *arg != '\0') { 1519 if (options->num_authkeys_files >= 1520 MAX_AUTHKEYS_FILES) 1521 fatal("%s line %d: " 1522 "too many authorized keys files.", 1523 filename, linenum); 1524 options->authorized_keys_files[ 1525 options->num_authkeys_files++] = 1526 tilde_expand_filename(arg, getuid()); 1527 } 1528 } 1529 return 0; 1530 1531 case sAuthorizedPrincipalsFile: 1532 charptr = &options->authorized_principals_file; 1533 arg = strdelim(&cp); 1534 if (!arg || *arg == '\0') 1535 fatal("%s line %d: missing file name.", 1536 filename, linenum); 1537 if (*activep && *charptr == NULL) { 1538 *charptr = tilde_expand_filename(arg, getuid()); 1539 /* increase optional counter */ 1540 if (intptr != NULL) 1541 *intptr = *intptr + 1; 1542 } 1543 break; 1544 1545 case sClientAliveInterval: 1546 intptr = &options->client_alive_interval; 1547 goto parse_time; 1548 1549 case sClientAliveCountMax: 1550 intptr = &options->client_alive_count_max; 1551 goto parse_int; 1552 1553 case sAcceptEnv: 1554 while ((arg = strdelim(&cp)) && *arg != '\0') { 1555 if (strchr(arg, '=') != NULL) 1556 fatal("%s line %d: Invalid environment name.", 1557 filename, linenum); 1558 if (options->num_accept_env >= MAX_ACCEPT_ENV) 1559 fatal("%s line %d: too many allow env.", 1560 filename, linenum); 1561 if (!*activep) 1562 continue; 1563 options->accept_env[options->num_accept_env++] = 1564 xstrdup(arg); 1565 } 1566 break; 1567 1568 case sPermitTunnel: 1569 intptr = &options->permit_tun; 1570 arg = strdelim(&cp); 1571 if (!arg || *arg == '\0') 1572 fatal("%s line %d: Missing yes/point-to-point/" 1573 "ethernet/no argument.", filename, linenum); 1574 value = -1; 1575 for (i = 0; tunmode_desc[i].val != -1; i++) 1576 if (strcmp(tunmode_desc[i].text, arg) == 0) { 1577 value = tunmode_desc[i].val; 1578 break; 1579 } 1580 if (value == -1) 1581 fatal("%s line %d: Bad yes/point-to-point/ethernet/" 1582 "no argument: %s", filename, linenum, arg); 1583 if (*activep && *intptr == -1) 1584 *intptr = value; 1585 break; 1586 1587 case sMatch: 1588 if (cmdline) 1589 fatal("Match directive not supported as a command-line " 1590 "option"); 1591 value = match_cfg_line(&cp, linenum, connectinfo); 1592 if (value < 0) 1593 fatal("%s line %d: Bad Match condition", filename, 1594 linenum); 1595 *activep = value; 1596 break; 1597 1598 case sPermitOpen: 1599 arg = strdelim(&cp); 1600 if (!arg || *arg == '\0') 1601 fatal("%s line %d: missing PermitOpen specification", 1602 filename, linenum); 1603 n = options->num_permitted_opens; /* modified later */ 1604 if (strcmp(arg, "any") == 0) { 1605 if (*activep && n == -1) { 1606 channel_clear_adm_permitted_opens(); 1607 options->num_permitted_opens = 0; 1608 } 1609 break; 1610 } 1611 if (strcmp(arg, "none") == 0) { 1612 if (*activep && n == -1) { 1613 options->num_permitted_opens = 1; 1614 channel_disable_adm_local_opens(); 1615 } 1616 break; 1617 } 1618 if (*activep && n == -1) 1619 channel_clear_adm_permitted_opens(); 1620 for (; arg != NULL && *arg != '\0'; arg = strdelim(&cp)) { 1621 p = hpdelim(&arg); 1622 if (p == NULL) 1623 fatal("%s line %d: missing host in PermitOpen", 1624 filename, linenum); 1625 p = cleanhostname(p); 1626 if (arg == NULL || ((port = permitopen_port(arg)) < 0)) 1627 fatal("%s line %d: bad port number in " 1628 "PermitOpen", filename, linenum); 1629 if (*activep && n == -1) 1630 options->num_permitted_opens = 1631 channel_add_adm_permitted_opens(p, port); 1632 } 1633 break; 1634 1635 case sForceCommand: 1636 if (cp == NULL || *cp == '\0') 1637 fatal("%.200s line %d: Missing argument.", filename, 1638 linenum); 1639 len = strspn(cp, WHITESPACE); 1640 if (*activep && options->adm_forced_command == NULL) 1641 options->adm_forced_command = xstrdup(cp + len); 1642 return 0; 1643 1644 case sChrootDirectory: 1645 charptr = &options->chroot_directory; 1646 1647 arg = strdelim(&cp); 1648 if (!arg || *arg == '\0') 1649 fatal("%s line %d: missing file name.", 1650 filename, linenum); 1651 if (*activep && *charptr == NULL) 1652 *charptr = xstrdup(arg); 1653 break; 1654 1655 case sTrustedUserCAKeys: 1656 charptr = &options->trusted_user_ca_keys; 1657 goto parse_filename; 1658 1659 case sRevokedKeys: 1660 charptr = &options->revoked_keys_file; 1661 goto parse_filename; 1662 1663 case sIPQoS: 1664 arg = strdelim(&cp); 1665 if ((value = parse_ipqos(arg)) == -1) 1666 fatal("%s line %d: Bad IPQoS value: %s", 1667 filename, linenum, arg); 1668 arg = strdelim(&cp); 1669 if (arg == NULL) 1670 value2 = value; 1671 else if ((value2 = parse_ipqos(arg)) == -1) 1672 fatal("%s line %d: Bad IPQoS value: %s", 1673 filename, linenum, arg); 1674 if (*activep) { 1675 options->ip_qos_interactive = value; 1676 options->ip_qos_bulk = value2; 1677 } 1678 break; 1679 1680 case sVersionAddendum: 1681 if (cp == NULL || *cp == '\0') 1682 fatal("%.200s line %d: Missing argument.", filename, 1683 linenum); 1684 len = strspn(cp, WHITESPACE); 1685 if (*activep && options->version_addendum == NULL) { 1686 if (strcasecmp(cp + len, "none") == 0) 1687 options->version_addendum = xstrdup(""); 1688 else if (strchr(cp + len, '\r') != NULL) 1689 fatal("%.200s line %d: Invalid argument", 1690 filename, linenum); 1691 else 1692 options->version_addendum = xstrdup(cp + len); 1693 } 1694 return 0; 1695 1696 case sAuthorizedKeysCommand: 1697 if (cp == NULL) 1698 fatal("%.200s line %d: Missing argument.", filename, 1699 linenum); 1700 len = strspn(cp, WHITESPACE); 1701 if (*activep && options->authorized_keys_command == NULL) { 1702 if (cp[len] != '/' && strcasecmp(cp + len, "none") != 0) 1703 fatal("%.200s line %d: AuthorizedKeysCommand " 1704 "must be an absolute path", 1705 filename, linenum); 1706 options->authorized_keys_command = xstrdup(cp + len); 1707 } 1708 return 0; 1709 1710 case sAuthorizedKeysCommandUser: 1711 charptr = &options->authorized_keys_command_user; 1712 1713 arg = strdelim(&cp); 1714 if (!arg || *arg == '\0') 1715 fatal("%s line %d: missing AuthorizedKeysCommandUser " 1716 "argument.", filename, linenum); 1717 if (*activep && *charptr == NULL) 1718 *charptr = xstrdup(arg); 1719 break; 1720 1721 case sAuthorizedPrincipalsCommand: 1722 if (cp == NULL) 1723 fatal("%.200s line %d: Missing argument.", filename, 1724 linenum); 1725 len = strspn(cp, WHITESPACE); 1726 if (*activep && 1727 options->authorized_principals_command == NULL) { 1728 if (cp[len] != '/' && strcasecmp(cp + len, "none") != 0) 1729 fatal("%.200s line %d: " 1730 "AuthorizedPrincipalsCommand must be " 1731 "an absolute path", filename, linenum); 1732 options->authorized_principals_command = 1733 xstrdup(cp + len); 1734 } 1735 return 0; 1736 1737 case sAuthorizedPrincipalsCommandUser: 1738 charptr = &options->authorized_principals_command_user; 1739 1740 arg = strdelim(&cp); 1741 if (!arg || *arg == '\0') 1742 fatal("%s line %d: missing " 1743 "AuthorizedPrincipalsCommandUser argument.", 1744 filename, linenum); 1745 if (*activep && *charptr == NULL) 1746 *charptr = xstrdup(arg); 1747 break; 1748 1749 case sAuthenticationMethods: 1750 if (options->num_auth_methods == 0) { 1751 while ((arg = strdelim(&cp)) && *arg != '\0') { 1752 if (options->num_auth_methods >= 1753 MAX_AUTH_METHODS) 1754 fatal("%s line %d: " 1755 "too many authentication methods.", 1756 filename, linenum); 1757 if (auth2_methods_valid(arg, 0) != 0) 1758 fatal("%s line %d: invalid " 1759 "authentication method list.", 1760 filename, linenum); 1761 if (!*activep) 1762 continue; 1763 options->auth_methods[ 1764 options->num_auth_methods++] = xstrdup(arg); 1765 } 1766 } 1767 return 0; 1768 1769 case sStreamLocalBindMask: 1770 arg = strdelim(&cp); 1771 if (!arg || *arg == '\0') 1772 fatal("%s line %d: missing StreamLocalBindMask " 1773 "argument.", filename, linenum); 1774 /* Parse mode in octal format */ 1775 value = strtol(arg, &p, 8); 1776 if (arg == p || value < 0 || value > 0777) 1777 fatal("%s line %d: Bad mask.", filename, linenum); 1778 if (*activep) 1779 options->fwd_opts.streamlocal_bind_mask = (mode_t)value; 1780 break; 1781 1782 case sStreamLocalBindUnlink: 1783 intptr = &options->fwd_opts.streamlocal_bind_unlink; 1784 goto parse_flag; 1785 1786 case sFingerprintHash: 1787 arg = strdelim(&cp); 1788 if (!arg || *arg == '\0') 1789 fatal("%.200s line %d: Missing argument.", 1790 filename, linenum); 1791 if ((value = ssh_digest_alg_by_name(arg)) == -1) 1792 fatal("%.200s line %d: Invalid hash algorithm \"%s\".", 1793 filename, linenum, arg); 1794 if (*activep) 1795 options->fingerprint_hash = value; 1796 break; 1797 1798 case sDeprecated: 1799 logit("%s line %d: Deprecated option %s", 1800 filename, linenum, arg); 1801 while (arg) 1802 arg = strdelim(&cp); 1803 break; 1804 1805 case sUnsupported: 1806 logit("%s line %d: Unsupported option %s", 1807 filename, linenum, arg); 1808 while (arg) 1809 arg = strdelim(&cp); 1810 break; 1811 1812 default: 1813 fatal("%s line %d: Missing handler for opcode %s (%d)", 1814 filename, linenum, arg, opcode); 1815 } 1816 if ((arg = strdelim(&cp)) != NULL && *arg != '\0') 1817 fatal("%s line %d: garbage at end of line; \"%.200s\".", 1818 filename, linenum, arg); 1819 return 0; 1820 } 1821 1822 /* Reads the server configuration file. */ 1823 1824 void 1825 load_server_config(const char *filename, Buffer *conf) 1826 { 1827 char line[4096], *cp; 1828 FILE *f; 1829 int lineno = 0; 1830 1831 debug2("%s: filename %s", __func__, filename); 1832 if ((f = fopen(filename, "r")) == NULL) { 1833 perror(filename); 1834 exit(1); 1835 } 1836 buffer_clear(conf); 1837 while (fgets(line, sizeof(line), f)) { 1838 lineno++; 1839 if (strlen(line) == sizeof(line) - 1) 1840 fatal("%s line %d too long", filename, lineno); 1841 /* 1842 * Trim out comments and strip whitespace 1843 * NB - preserve newlines, they are needed to reproduce 1844 * line numbers later for error messages 1845 */ 1846 if ((cp = strchr(line, '#')) != NULL) 1847 memcpy(cp, "\n", 2); 1848 cp = line + strspn(line, " \t\r"); 1849 1850 buffer_append(conf, cp, strlen(cp)); 1851 } 1852 buffer_append(conf, "\0", 1); 1853 fclose(f); 1854 debug2("%s: done config len = %d", __func__, buffer_len(conf)); 1855 } 1856 1857 void 1858 parse_server_match_config(ServerOptions *options, 1859 struct connection_info *connectinfo) 1860 { 1861 ServerOptions mo; 1862 1863 initialize_server_options(&mo); 1864 parse_server_config(&mo, "reprocess config", &cfg, connectinfo); 1865 copy_set_server_options(options, &mo, 0); 1866 } 1867 1868 int parse_server_match_testspec(struct connection_info *ci, char *spec) 1869 { 1870 char *p; 1871 1872 while ((p = strsep(&spec, ",")) && *p != '\0') { 1873 if (strncmp(p, "addr=", 5) == 0) { 1874 ci->address = xstrdup(p + 5); 1875 } else if (strncmp(p, "host=", 5) == 0) { 1876 ci->host = xstrdup(p + 5); 1877 } else if (strncmp(p, "user=", 5) == 0) { 1878 ci->user = xstrdup(p + 5); 1879 } else if (strncmp(p, "laddr=", 6) == 0) { 1880 ci->laddress = xstrdup(p + 6); 1881 } else if (strncmp(p, "lport=", 6) == 0) { 1882 ci->lport = a2port(p + 6); 1883 if (ci->lport == -1) { 1884 fprintf(stderr, "Invalid port '%s' in test mode" 1885 " specification %s\n", p+6, p); 1886 return -1; 1887 } 1888 } else { 1889 fprintf(stderr, "Invalid test mode specification %s\n", 1890 p); 1891 return -1; 1892 } 1893 } 1894 return 0; 1895 } 1896 1897 /* 1898 * returns 1 for a complete spec, 0 for partial spec and -1 for an 1899 * empty spec. 1900 */ 1901 int server_match_spec_complete(struct connection_info *ci) 1902 { 1903 if (ci->user && ci->host && ci->address) 1904 return 1; /* complete */ 1905 if (!ci->user && !ci->host && !ci->address) 1906 return -1; /* empty */ 1907 return 0; /* partial */ 1908 } 1909 1910 /* 1911 * Copy any supported values that are set. 1912 * 1913 * If the preauth flag is set, we do not bother copying the string or 1914 * array values that are not used pre-authentication, because any that we 1915 * do use must be explictly sent in mm_getpwnamallow(). 1916 */ 1917 void 1918 copy_set_server_options(ServerOptions *dst, ServerOptions *src, int preauth) 1919 { 1920 #define M_CP_INTOPT(n) do {\ 1921 if (src->n != -1) \ 1922 dst->n = src->n; \ 1923 } while (0) 1924 1925 M_CP_INTOPT(password_authentication); 1926 M_CP_INTOPT(gss_authentication); 1927 M_CP_INTOPT(rsa_authentication); 1928 M_CP_INTOPT(pubkey_authentication); 1929 M_CP_INTOPT(kerberos_authentication); 1930 M_CP_INTOPT(hostbased_authentication); 1931 M_CP_INTOPT(hostbased_uses_name_from_packet_only); 1932 M_CP_INTOPT(kbd_interactive_authentication); 1933 M_CP_INTOPT(permit_root_login); 1934 M_CP_INTOPT(permit_empty_passwd); 1935 1936 M_CP_INTOPT(allow_tcp_forwarding); 1937 M_CP_INTOPT(allow_streamlocal_forwarding); 1938 M_CP_INTOPT(allow_agent_forwarding); 1939 M_CP_INTOPT(permit_tun); 1940 M_CP_INTOPT(fwd_opts.gateway_ports); 1941 M_CP_INTOPT(x11_display_offset); 1942 M_CP_INTOPT(x11_forwarding); 1943 M_CP_INTOPT(x11_use_localhost); 1944 M_CP_INTOPT(permit_tty); 1945 M_CP_INTOPT(permit_user_rc); 1946 M_CP_INTOPT(max_sessions); 1947 M_CP_INTOPT(max_authtries); 1948 M_CP_INTOPT(ip_qos_interactive); 1949 M_CP_INTOPT(ip_qos_bulk); 1950 M_CP_INTOPT(rekey_limit); 1951 M_CP_INTOPT(rekey_interval); 1952 1953 /* M_CP_STROPT and M_CP_STRARRAYOPT should not appear before here */ 1954 #define M_CP_STROPT(n) do {\ 1955 if (src->n != NULL && dst->n != src->n) { \ 1956 free(dst->n); \ 1957 dst->n = src->n; \ 1958 } \ 1959 } while(0) 1960 #define M_CP_STRARRAYOPT(n, num_n) do {\ 1961 if (src->num_n != 0) { \ 1962 for (dst->num_n = 0; dst->num_n < src->num_n; dst->num_n++) \ 1963 dst->n[dst->num_n] = xstrdup(src->n[dst->num_n]); \ 1964 } \ 1965 } while(0) 1966 1967 /* See comment in servconf.h */ 1968 COPY_MATCH_STRING_OPTS(); 1969 1970 /* 1971 * The only things that should be below this point are string options 1972 * which are only used after authentication. 1973 */ 1974 if (preauth) 1975 return; 1976 1977 M_CP_STROPT(adm_forced_command); 1978 M_CP_STROPT(chroot_directory); 1979 } 1980 1981 #undef M_CP_INTOPT 1982 #undef M_CP_STROPT 1983 #undef M_CP_STRARRAYOPT 1984 1985 void 1986 parse_server_config(ServerOptions *options, const char *filename, Buffer *conf, 1987 struct connection_info *connectinfo) 1988 { 1989 int active, linenum, bad_options = 0; 1990 char *cp, *obuf, *cbuf; 1991 1992 debug2("%s: config %s len %d", __func__, filename, buffer_len(conf)); 1993 1994 obuf = cbuf = xstrdup(buffer_ptr(conf)); 1995 active = connectinfo ? 0 : 1; 1996 linenum = 1; 1997 while ((cp = strsep(&cbuf, "\n")) != NULL) { 1998 if (process_server_config_line(options, cp, filename, 1999 linenum++, &active, connectinfo) != 0) 2000 bad_options++; 2001 } 2002 free(obuf); 2003 if (bad_options > 0) 2004 fatal("%s: terminating, %d bad configuration options", 2005 filename, bad_options); 2006 process_queued_listen_addrs(options); 2007 } 2008 2009 static const char * 2010 fmt_multistate_int(int val, const struct multistate *m) 2011 { 2012 u_int i; 2013 2014 for (i = 0; m[i].key != NULL; i++) { 2015 if (m[i].value == val) 2016 return m[i].key; 2017 } 2018 return "UNKNOWN"; 2019 } 2020 2021 static const char * 2022 fmt_intarg(ServerOpCodes code, int val) 2023 { 2024 if (val == -1) 2025 return "unset"; 2026 switch (code) { 2027 case sAddressFamily: 2028 return fmt_multistate_int(val, multistate_addressfamily); 2029 case sPermitRootLogin: 2030 return fmt_multistate_int(val, multistate_permitrootlogin); 2031 case sGatewayPorts: 2032 return fmt_multistate_int(val, multistate_gatewayports); 2033 case sCompression: 2034 return fmt_multistate_int(val, multistate_compression); 2035 case sUsePrivilegeSeparation: 2036 return fmt_multistate_int(val, multistate_privsep); 2037 case sAllowTcpForwarding: 2038 return fmt_multistate_int(val, multistate_tcpfwd); 2039 case sAllowStreamLocalForwarding: 2040 return fmt_multistate_int(val, multistate_tcpfwd); 2041 case sFingerprintHash: 2042 return ssh_digest_alg_name(val); 2043 case sProtocol: 2044 switch (val) { 2045 case SSH_PROTO_1: 2046 return "1"; 2047 case SSH_PROTO_2: 2048 return "2"; 2049 case (SSH_PROTO_1|SSH_PROTO_2): 2050 return "2,1"; 2051 default: 2052 return "UNKNOWN"; 2053 } 2054 default: 2055 switch (val) { 2056 case 0: 2057 return "no"; 2058 case 1: 2059 return "yes"; 2060 default: 2061 return "UNKNOWN"; 2062 } 2063 } 2064 } 2065 2066 static const char * 2067 lookup_opcode_name(ServerOpCodes code) 2068 { 2069 u_int i; 2070 2071 for (i = 0; keywords[i].name != NULL; i++) 2072 if (keywords[i].opcode == code) 2073 return(keywords[i].name); 2074 return "UNKNOWN"; 2075 } 2076 2077 static void 2078 dump_cfg_int(ServerOpCodes code, int val) 2079 { 2080 printf("%s %d\n", lookup_opcode_name(code), val); 2081 } 2082 2083 static void 2084 dump_cfg_oct(ServerOpCodes code, int val) 2085 { 2086 printf("%s 0%o\n", lookup_opcode_name(code), val); 2087 } 2088 2089 static void 2090 dump_cfg_fmtint(ServerOpCodes code, int val) 2091 { 2092 printf("%s %s\n", lookup_opcode_name(code), fmt_intarg(code, val)); 2093 } 2094 2095 static void 2096 dump_cfg_string(ServerOpCodes code, const char *val) 2097 { 2098 if (val == NULL) 2099 return; 2100 printf("%s %s\n", lookup_opcode_name(code), 2101 val == NULL ? "none" : val); 2102 } 2103 2104 static void 2105 dump_cfg_strarray(ServerOpCodes code, u_int count, char **vals) 2106 { 2107 u_int i; 2108 2109 for (i = 0; i < count; i++) 2110 printf("%s %s\n", lookup_opcode_name(code), vals[i]); 2111 } 2112 2113 static void 2114 dump_cfg_strarray_oneline(ServerOpCodes code, u_int count, char **vals) 2115 { 2116 u_int i; 2117 2118 if (count <= 0) 2119 return; 2120 printf("%s", lookup_opcode_name(code)); 2121 for (i = 0; i < count; i++) 2122 printf(" %s", vals[i]); 2123 printf("\n"); 2124 } 2125 2126 void 2127 dump_config(ServerOptions *o) 2128 { 2129 u_int i; 2130 int ret; 2131 struct addrinfo *ai; 2132 char addr[NI_MAXHOST], port[NI_MAXSERV], *s = NULL; 2133 char *laddr1 = xstrdup(""), *laddr2 = NULL; 2134 2135 /* these are usually at the top of the config */ 2136 for (i = 0; i < o->num_ports; i++) 2137 printf("port %d\n", o->ports[i]); 2138 dump_cfg_fmtint(sProtocol, o->protocol); 2139 dump_cfg_fmtint(sAddressFamily, o->address_family); 2140 2141 /* 2142 * ListenAddress must be after Port. add_one_listen_addr pushes 2143 * addresses onto a stack, so to maintain ordering we need to 2144 * print these in reverse order. 2145 */ 2146 for (ai = o->listen_addrs; ai; ai = ai->ai_next) { 2147 if ((ret = getnameinfo(ai->ai_addr, ai->ai_addrlen, addr, 2148 sizeof(addr), port, sizeof(port), 2149 NI_NUMERICHOST|NI_NUMERICSERV)) != 0) { 2150 error("getnameinfo failed: %.100s", 2151 (ret != EAI_SYSTEM) ? gai_strerror(ret) : 2152 strerror(errno)); 2153 } else { 2154 laddr2 = laddr1; 2155 if (ai->ai_family == AF_INET6) 2156 xasprintf(&laddr1, "listenaddress [%s]:%s\n%s", 2157 addr, port, laddr2); 2158 else 2159 xasprintf(&laddr1, "listenaddress %s:%s\n%s", 2160 addr, port, laddr2); 2161 free(laddr2); 2162 } 2163 } 2164 printf("%s", laddr1); 2165 free(laddr1); 2166 2167 /* integer arguments */ 2168 dump_cfg_int(sServerKeyBits, o->server_key_bits); 2169 dump_cfg_int(sLoginGraceTime, o->login_grace_time); 2170 dump_cfg_int(sKeyRegenerationTime, o->key_regeneration_time); 2171 dump_cfg_int(sX11DisplayOffset, o->x11_display_offset); 2172 dump_cfg_int(sMaxAuthTries, o->max_authtries); 2173 dump_cfg_int(sMaxSessions, o->max_sessions); 2174 dump_cfg_int(sClientAliveInterval, o->client_alive_interval); 2175 dump_cfg_int(sClientAliveCountMax, o->client_alive_count_max); 2176 dump_cfg_oct(sStreamLocalBindMask, o->fwd_opts.streamlocal_bind_mask); 2177 2178 /* formatted integer arguments */ 2179 dump_cfg_fmtint(sPermitRootLogin, o->permit_root_login); 2180 dump_cfg_fmtint(sIgnoreRhosts, o->ignore_rhosts); 2181 dump_cfg_fmtint(sIgnoreUserKnownHosts, o->ignore_user_known_hosts); 2182 dump_cfg_fmtint(sRhostsRSAAuthentication, o->rhosts_rsa_authentication); 2183 dump_cfg_fmtint(sHostbasedAuthentication, o->hostbased_authentication); 2184 dump_cfg_fmtint(sHostbasedUsesNameFromPacketOnly, 2185 o->hostbased_uses_name_from_packet_only); 2186 dump_cfg_fmtint(sRSAAuthentication, o->rsa_authentication); 2187 dump_cfg_fmtint(sPubkeyAuthentication, o->pubkey_authentication); 2188 #ifdef KRB5 2189 dump_cfg_fmtint(sKerberosAuthentication, o->kerberos_authentication); 2190 dump_cfg_fmtint(sKerberosOrLocalPasswd, o->kerberos_or_local_passwd); 2191 dump_cfg_fmtint(sKerberosTicketCleanup, o->kerberos_ticket_cleanup); 2192 dump_cfg_fmtint(sKerberosGetAFSToken, o->kerberos_get_afs_token); 2193 #endif 2194 #ifdef GSSAPI 2195 dump_cfg_fmtint(sGssAuthentication, o->gss_authentication); 2196 dump_cfg_fmtint(sGssCleanupCreds, o->gss_cleanup_creds); 2197 #endif 2198 dump_cfg_fmtint(sPasswordAuthentication, o->password_authentication); 2199 dump_cfg_fmtint(sKbdInteractiveAuthentication, 2200 o->kbd_interactive_authentication); 2201 dump_cfg_fmtint(sChallengeResponseAuthentication, 2202 o->challenge_response_authentication); 2203 dump_cfg_fmtint(sPrintMotd, o->print_motd); 2204 dump_cfg_fmtint(sPrintLastLog, o->print_lastlog); 2205 dump_cfg_fmtint(sX11Forwarding, o->x11_forwarding); 2206 dump_cfg_fmtint(sX11UseLocalhost, o->x11_use_localhost); 2207 dump_cfg_fmtint(sPermitTTY, o->permit_tty); 2208 dump_cfg_fmtint(sPermitUserRC, o->permit_user_rc); 2209 dump_cfg_fmtint(sStrictModes, o->strict_modes); 2210 dump_cfg_fmtint(sTCPKeepAlive, o->tcp_keep_alive); 2211 dump_cfg_fmtint(sEmptyPasswd, o->permit_empty_passwd); 2212 dump_cfg_fmtint(sPermitUserEnvironment, o->permit_user_env); 2213 dump_cfg_fmtint(sUseLogin, o->use_login); 2214 dump_cfg_fmtint(sCompression, o->compression); 2215 dump_cfg_fmtint(sGatewayPorts, o->fwd_opts.gateway_ports); 2216 dump_cfg_fmtint(sUseDNS, o->use_dns); 2217 dump_cfg_fmtint(sAllowTcpForwarding, o->allow_tcp_forwarding); 2218 dump_cfg_fmtint(sAllowAgentForwarding, o->allow_agent_forwarding); 2219 dump_cfg_fmtint(sAllowStreamLocalForwarding, o->allow_streamlocal_forwarding); 2220 dump_cfg_fmtint(sUsePrivilegeSeparation, use_privsep); 2221 dump_cfg_fmtint(sFingerprintHash, o->fingerprint_hash); 2222 2223 /* string arguments */ 2224 dump_cfg_string(sPidFile, o->pid_file); 2225 dump_cfg_string(sXAuthLocation, o->xauth_location); 2226 dump_cfg_string(sCiphers, o->ciphers ? o->ciphers : KEX_SERVER_ENCRYPT); 2227 dump_cfg_string(sMacs, o->macs ? o->macs : KEX_SERVER_MAC); 2228 dump_cfg_string(sBanner, o->banner); 2229 dump_cfg_string(sForceCommand, o->adm_forced_command); 2230 dump_cfg_string(sChrootDirectory, o->chroot_directory); 2231 dump_cfg_string(sTrustedUserCAKeys, o->trusted_user_ca_keys); 2232 dump_cfg_string(sRevokedKeys, o->revoked_keys_file); 2233 dump_cfg_string(sAuthorizedPrincipalsFile, 2234 o->authorized_principals_file); 2235 dump_cfg_string(sVersionAddendum, *o->version_addendum == '\0' 2236 ? "none" : o->version_addendum); 2237 dump_cfg_string(sAuthorizedKeysCommand, o->authorized_keys_command); 2238 dump_cfg_string(sAuthorizedKeysCommandUser, o->authorized_keys_command_user); 2239 dump_cfg_string(sAuthorizedPrincipalsCommand, o->authorized_principals_command); 2240 dump_cfg_string(sAuthorizedPrincipalsCommandUser, o->authorized_principals_command_user); 2241 dump_cfg_string(sHostKeyAgent, o->host_key_agent); 2242 dump_cfg_string(sKexAlgorithms, 2243 o->kex_algorithms ? o->kex_algorithms : KEX_SERVER_KEX); 2244 dump_cfg_string(sHostbasedAcceptedKeyTypes, o->hostbased_key_types ? 2245 o->hostbased_key_types : KEX_DEFAULT_PK_ALG); 2246 dump_cfg_string(sHostKeyAlgorithms, o->hostkeyalgorithms ? 2247 o->hostkeyalgorithms : KEX_DEFAULT_PK_ALG); 2248 dump_cfg_string(sPubkeyAcceptedKeyTypes, o->pubkey_key_types ? 2249 o->pubkey_key_types : KEX_DEFAULT_PK_ALG); 2250 2251 /* string arguments requiring a lookup */ 2252 dump_cfg_string(sLogLevel, log_level_name(o->log_level)); 2253 dump_cfg_string(sLogFacility, log_facility_name(o->log_facility)); 2254 2255 /* string array arguments */ 2256 dump_cfg_strarray_oneline(sAuthorizedKeysFile, o->num_authkeys_files, 2257 o->authorized_keys_files); 2258 dump_cfg_strarray(sHostKeyFile, o->num_host_key_files, 2259 o->host_key_files); 2260 dump_cfg_strarray(sHostCertificate, o->num_host_cert_files, 2261 o->host_cert_files); 2262 dump_cfg_strarray(sAllowUsers, o->num_allow_users, o->allow_users); 2263 dump_cfg_strarray(sDenyUsers, o->num_deny_users, o->deny_users); 2264 dump_cfg_strarray(sAllowGroups, o->num_allow_groups, o->allow_groups); 2265 dump_cfg_strarray(sDenyGroups, o->num_deny_groups, o->deny_groups); 2266 dump_cfg_strarray(sAcceptEnv, o->num_accept_env, o->accept_env); 2267 dump_cfg_strarray_oneline(sAuthenticationMethods, 2268 o->num_auth_methods, o->auth_methods); 2269 2270 /* other arguments */ 2271 for (i = 0; i < o->num_subsystems; i++) 2272 printf("subsystem %s %s\n", o->subsystem_name[i], 2273 o->subsystem_args[i]); 2274 2275 printf("maxstartups %d:%d:%d\n", o->max_startups_begin, 2276 o->max_startups_rate, o->max_startups); 2277 2278 for (i = 0; tunmode_desc[i].val != -1; i++) 2279 if (tunmode_desc[i].val == o->permit_tun) { 2280 s = tunmode_desc[i].text; 2281 break; 2282 } 2283 dump_cfg_string(sPermitTunnel, s); 2284 2285 printf("ipqos %s ", iptos2str(o->ip_qos_interactive)); 2286 printf("%s\n", iptos2str(o->ip_qos_bulk)); 2287 2288 printf("rekeylimit %lld %d\n", (long long)o->rekey_limit, 2289 o->rekey_interval); 2290 2291 channel_print_adm_permitted_opens(); 2292 } 2293