1 2 /* $OpenBSD: servconf.c,v 1.344 2018/11/19 04:12:32 djm Exp $ */ 3 /* 4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland 5 * All rights reserved 6 * 7 * As far as I am concerned, the code I have written for this software 8 * can be used freely for any purpose. Any derived versions of this 9 * software must be clearly marked as such, and if the derived work is 10 * incompatible with the protocol description in the RFC file, it must be 11 * called by a name other than "ssh" or "Secure Shell". 12 */ 13 14 #include <sys/types.h> 15 #include <sys/socket.h> 16 #include <sys/queue.h> 17 #include <sys/sysctl.h> 18 19 #include <netinet/in.h> 20 #include <netinet/ip.h> 21 #include <net/route.h> 22 23 #include <ctype.h> 24 #include <netdb.h> 25 #include <pwd.h> 26 #include <stdio.h> 27 #include <stdlib.h> 28 #include <string.h> 29 #include <signal.h> 30 #include <unistd.h> 31 #include <limits.h> 32 #include <stdarg.h> 33 #include <errno.h> 34 #include <util.h> 35 36 #include "xmalloc.h" 37 #include "ssh.h" 38 #include "log.h" 39 #include "sshbuf.h" 40 #include "misc.h" 41 #include "servconf.h" 42 #include "compat.h" 43 #include "pathnames.h" 44 #include "cipher.h" 45 #include "sshkey.h" 46 #include "kex.h" 47 #include "mac.h" 48 #include "match.h" 49 #include "channels.h" 50 #include "groupaccess.h" 51 #include "canohost.h" 52 #include "packet.h" 53 #include "ssherr.h" 54 #include "hostfile.h" 55 #include "auth.h" 56 #include "myproposal.h" 57 #include "digest.h" 58 59 static void add_listen_addr(ServerOptions *, const char *, 60 const char *, int); 61 static void add_one_listen_addr(ServerOptions *, const char *, 62 const char *, int); 63 64 /* Use of privilege separation or not */ 65 extern int use_privsep; 66 extern struct sshbuf *cfg; 67 68 /* Initializes the server options to their default values. */ 69 70 void 71 initialize_server_options(ServerOptions *options) 72 { 73 memset(options, 0, sizeof(*options)); 74 options->num_ports = 0; 75 options->ports_from_cmdline = 0; 76 options->queued_listen_addrs = NULL; 77 options->num_queued_listens = 0; 78 options->listen_addrs = NULL; 79 options->num_listen_addrs = 0; 80 options->address_family = -1; 81 options->routing_domain = NULL; 82 options->num_host_key_files = 0; 83 options->num_host_cert_files = 0; 84 options->host_key_agent = NULL; 85 options->pid_file = NULL; 86 options->login_grace_time = -1; 87 options->permit_root_login = PERMIT_NOT_SET; 88 options->ignore_rhosts = -1; 89 options->ignore_user_known_hosts = -1; 90 options->print_motd = -1; 91 options->print_lastlog = -1; 92 options->x11_forwarding = -1; 93 options->x11_display_offset = -1; 94 options->x11_use_localhost = -1; 95 options->permit_tty = -1; 96 options->permit_user_rc = -1; 97 options->xauth_location = NULL; 98 options->strict_modes = -1; 99 options->tcp_keep_alive = -1; 100 options->log_facility = SYSLOG_FACILITY_NOT_SET; 101 options->log_level = SYSLOG_LEVEL_NOT_SET; 102 options->hostbased_authentication = -1; 103 options->hostbased_uses_name_from_packet_only = -1; 104 options->hostbased_key_types = NULL; 105 options->hostkeyalgorithms = NULL; 106 options->pubkey_authentication = -1; 107 options->pubkey_key_types = NULL; 108 options->kerberos_authentication = -1; 109 options->kerberos_or_local_passwd = -1; 110 options->kerberos_ticket_cleanup = -1; 111 options->kerberos_get_afs_token = -1; 112 options->gss_authentication=-1; 113 options->gss_cleanup_creds = -1; 114 options->gss_strict_acceptor = -1; 115 options->password_authentication = -1; 116 options->kbd_interactive_authentication = -1; 117 options->challenge_response_authentication = -1; 118 options->permit_empty_passwd = -1; 119 options->permit_user_env = -1; 120 options->permit_user_env_whitelist = NULL; 121 options->compression = -1; 122 options->rekey_limit = -1; 123 options->rekey_interval = -1; 124 options->allow_tcp_forwarding = -1; 125 options->allow_streamlocal_forwarding = -1; 126 options->allow_agent_forwarding = -1; 127 options->num_allow_users = 0; 128 options->num_deny_users = 0; 129 options->num_allow_groups = 0; 130 options->num_deny_groups = 0; 131 options->ciphers = NULL; 132 options->macs = NULL; 133 options->kex_algorithms = NULL; 134 options->ca_sign_algorithms = NULL; 135 options->fwd_opts.gateway_ports = -1; 136 options->fwd_opts.streamlocal_bind_mask = (mode_t)-1; 137 options->fwd_opts.streamlocal_bind_unlink = -1; 138 options->num_subsystems = 0; 139 options->max_startups_begin = -1; 140 options->max_startups_rate = -1; 141 options->max_startups = -1; 142 options->max_authtries = -1; 143 options->max_sessions = -1; 144 options->banner = NULL; 145 options->use_dns = -1; 146 options->client_alive_interval = -1; 147 options->client_alive_count_max = -1; 148 options->num_authkeys_files = 0; 149 options->num_accept_env = 0; 150 options->num_setenv = 0; 151 options->permit_tun = -1; 152 options->permitted_opens = NULL; 153 options->permitted_listens = NULL; 154 options->adm_forced_command = NULL; 155 options->chroot_directory = NULL; 156 options->authorized_keys_command = NULL; 157 options->authorized_keys_command_user = NULL; 158 options->revoked_keys_file = NULL; 159 options->trusted_user_ca_keys = NULL; 160 options->authorized_principals_file = NULL; 161 options->authorized_principals_command = NULL; 162 options->authorized_principals_command_user = NULL; 163 options->ip_qos_interactive = -1; 164 options->ip_qos_bulk = -1; 165 options->version_addendum = NULL; 166 options->fingerprint_hash = -1; 167 options->disable_forwarding = -1; 168 options->expose_userauth_info = -1; 169 } 170 171 /* Returns 1 if a string option is unset or set to "none" or 0 otherwise. */ 172 static int 173 option_clear_or_none(const char *o) 174 { 175 return o == NULL || strcasecmp(o, "none") == 0; 176 } 177 178 static void 179 assemble_algorithms(ServerOptions *o) 180 { 181 char *all_cipher, *all_mac, *all_kex, *all_key, *all_sig; 182 int r; 183 184 all_cipher = cipher_alg_list(',', 0); 185 all_mac = mac_alg_list(','); 186 all_kex = kex_alg_list(','); 187 all_key = sshkey_alg_list(0, 0, 1, ','); 188 all_sig = sshkey_alg_list(0, 1, 1, ','); 189 #define ASSEMBLE(what, defaults, all) \ 190 do { \ 191 if ((r = kex_assemble_names(&o->what, defaults, all)) != 0) \ 192 fatal("%s: %s: %s", __func__, #what, ssh_err(r)); \ 193 } while (0) 194 ASSEMBLE(ciphers, KEX_SERVER_ENCRYPT, all_cipher); 195 ASSEMBLE(macs, KEX_SERVER_MAC, all_mac); 196 ASSEMBLE(kex_algorithms, KEX_SERVER_KEX, all_kex); 197 ASSEMBLE(hostkeyalgorithms, KEX_DEFAULT_PK_ALG, all_key); 198 ASSEMBLE(hostbased_key_types, KEX_DEFAULT_PK_ALG, all_key); 199 ASSEMBLE(pubkey_key_types, KEX_DEFAULT_PK_ALG, all_key); 200 ASSEMBLE(ca_sign_algorithms, SSH_ALLOWED_CA_SIGALGS, all_sig); 201 #undef ASSEMBLE 202 free(all_cipher); 203 free(all_mac); 204 free(all_kex); 205 free(all_key); 206 free(all_sig); 207 } 208 209 static void 210 array_append2(const char *file, const int line, const char *directive, 211 char ***array, int **iarray, u_int *lp, const char *s, int i) 212 { 213 214 if (*lp >= INT_MAX) 215 fatal("%s line %d: Too many %s entries", file, line, directive); 216 217 if (iarray != NULL) { 218 *iarray = xrecallocarray(*iarray, *lp, *lp + 1, 219 sizeof(**iarray)); 220 (*iarray)[*lp] = i; 221 } 222 223 *array = xrecallocarray(*array, *lp, *lp + 1, sizeof(**array)); 224 (*array)[*lp] = xstrdup(s); 225 (*lp)++; 226 } 227 228 static void 229 array_append(const char *file, const int line, const char *directive, 230 char ***array, u_int *lp, const char *s) 231 { 232 array_append2(file, line, directive, array, NULL, lp, s, 0); 233 } 234 235 void 236 servconf_add_hostkey(const char *file, const int line, 237 ServerOptions *options, const char *path, int userprovided) 238 { 239 char *apath = derelativise_path(path); 240 241 array_append2(file, line, "HostKey", 242 &options->host_key_files, &options->host_key_file_userprovided, 243 &options->num_host_key_files, apath, userprovided); 244 free(apath); 245 } 246 247 void 248 servconf_add_hostcert(const char *file, const int line, 249 ServerOptions *options, const char *path) 250 { 251 char *apath = derelativise_path(path); 252 253 array_append(file, line, "HostCertificate", 254 &options->host_cert_files, &options->num_host_cert_files, apath); 255 free(apath); 256 } 257 258 void 259 fill_default_server_options(ServerOptions *options) 260 { 261 u_int i; 262 263 if (options->num_host_key_files == 0) { 264 /* fill default hostkeys */ 265 servconf_add_hostkey("[default]", 0, options, 266 _PATH_HOST_RSA_KEY_FILE, 0); 267 servconf_add_hostkey("[default]", 0, options, 268 _PATH_HOST_ECDSA_KEY_FILE, 0); 269 servconf_add_hostkey("[default]", 0, options, 270 _PATH_HOST_ED25519_KEY_FILE, 0); 271 #ifdef WITH_XMSS 272 servconf_add_hostkey("[default]", 0, options, 273 _PATH_HOST_XMSS_KEY_FILE, 0); 274 #endif /* WITH_XMSS */ 275 } 276 /* No certificates by default */ 277 if (options->num_ports == 0) 278 options->ports[options->num_ports++] = SSH_DEFAULT_PORT; 279 if (options->address_family == -1) 280 options->address_family = AF_UNSPEC; 281 if (options->listen_addrs == NULL) 282 add_listen_addr(options, NULL, NULL, 0); 283 if (options->pid_file == NULL) 284 options->pid_file = xstrdup(_PATH_SSH_DAEMON_PID_FILE); 285 if (options->login_grace_time == -1) 286 options->login_grace_time = 120; 287 if (options->permit_root_login == PERMIT_NOT_SET) 288 options->permit_root_login = PERMIT_NO_PASSWD; 289 if (options->ignore_rhosts == -1) 290 options->ignore_rhosts = 1; 291 if (options->ignore_user_known_hosts == -1) 292 options->ignore_user_known_hosts = 0; 293 if (options->print_motd == -1) 294 options->print_motd = 1; 295 if (options->print_lastlog == -1) 296 options->print_lastlog = 1; 297 if (options->x11_forwarding == -1) 298 options->x11_forwarding = 0; 299 if (options->x11_display_offset == -1) 300 options->x11_display_offset = 10; 301 if (options->x11_use_localhost == -1) 302 options->x11_use_localhost = 1; 303 if (options->xauth_location == NULL) 304 options->xauth_location = xstrdup(_PATH_XAUTH); 305 if (options->permit_tty == -1) 306 options->permit_tty = 1; 307 if (options->permit_user_rc == -1) 308 options->permit_user_rc = 1; 309 if (options->strict_modes == -1) 310 options->strict_modes = 1; 311 if (options->tcp_keep_alive == -1) 312 options->tcp_keep_alive = 1; 313 if (options->log_facility == SYSLOG_FACILITY_NOT_SET) 314 options->log_facility = SYSLOG_FACILITY_AUTH; 315 if (options->log_level == SYSLOG_LEVEL_NOT_SET) 316 options->log_level = SYSLOG_LEVEL_INFO; 317 if (options->hostbased_authentication == -1) 318 options->hostbased_authentication = 0; 319 if (options->hostbased_uses_name_from_packet_only == -1) 320 options->hostbased_uses_name_from_packet_only = 0; 321 if (options->pubkey_authentication == -1) 322 options->pubkey_authentication = 1; 323 if (options->kerberos_authentication == -1) 324 options->kerberos_authentication = 0; 325 if (options->kerberos_or_local_passwd == -1) 326 options->kerberos_or_local_passwd = 1; 327 if (options->kerberos_ticket_cleanup == -1) 328 options->kerberos_ticket_cleanup = 1; 329 if (options->kerberos_get_afs_token == -1) 330 options->kerberos_get_afs_token = 0; 331 if (options->gss_authentication == -1) 332 options->gss_authentication = 0; 333 if (options->gss_cleanup_creds == -1) 334 options->gss_cleanup_creds = 1; 335 if (options->gss_strict_acceptor == -1) 336 options->gss_strict_acceptor = 1; 337 if (options->password_authentication == -1) 338 options->password_authentication = 1; 339 if (options->kbd_interactive_authentication == -1) 340 options->kbd_interactive_authentication = 0; 341 if (options->challenge_response_authentication == -1) 342 options->challenge_response_authentication = 1; 343 if (options->permit_empty_passwd == -1) 344 options->permit_empty_passwd = 0; 345 if (options->permit_user_env == -1) { 346 options->permit_user_env = 0; 347 options->permit_user_env_whitelist = NULL; 348 } 349 if (options->compression == -1) 350 options->compression = COMP_DELAYED; 351 if (options->rekey_limit == -1) 352 options->rekey_limit = 0; 353 if (options->rekey_interval == -1) 354 options->rekey_interval = 0; 355 if (options->allow_tcp_forwarding == -1) 356 options->allow_tcp_forwarding = FORWARD_ALLOW; 357 if (options->allow_streamlocal_forwarding == -1) 358 options->allow_streamlocal_forwarding = FORWARD_ALLOW; 359 if (options->allow_agent_forwarding == -1) 360 options->allow_agent_forwarding = 1; 361 if (options->fwd_opts.gateway_ports == -1) 362 options->fwd_opts.gateway_ports = 0; 363 if (options->max_startups == -1) 364 options->max_startups = 100; 365 if (options->max_startups_rate == -1) 366 options->max_startups_rate = 30; /* 30% */ 367 if (options->max_startups_begin == -1) 368 options->max_startups_begin = 10; 369 if (options->max_authtries == -1) 370 options->max_authtries = DEFAULT_AUTH_FAIL_MAX; 371 if (options->max_sessions == -1) 372 options->max_sessions = DEFAULT_SESSIONS_MAX; 373 if (options->use_dns == -1) 374 options->use_dns = 0; 375 if (options->client_alive_interval == -1) 376 options->client_alive_interval = 0; 377 if (options->client_alive_count_max == -1) 378 options->client_alive_count_max = 3; 379 if (options->num_authkeys_files == 0) { 380 array_append("[default]", 0, "AuthorizedKeysFiles", 381 &options->authorized_keys_files, 382 &options->num_authkeys_files, 383 _PATH_SSH_USER_PERMITTED_KEYS); 384 array_append("[default]", 0, "AuthorizedKeysFiles", 385 &options->authorized_keys_files, 386 &options->num_authkeys_files, 387 _PATH_SSH_USER_PERMITTED_KEYS2); 388 } 389 if (options->permit_tun == -1) 390 options->permit_tun = SSH_TUNMODE_NO; 391 if (options->ip_qos_interactive == -1) 392 options->ip_qos_interactive = IPTOS_DSCP_AF21; 393 if (options->ip_qos_bulk == -1) 394 options->ip_qos_bulk = IPTOS_DSCP_CS1; 395 if (options->version_addendum == NULL) 396 options->version_addendum = xstrdup(""); 397 if (options->fwd_opts.streamlocal_bind_mask == (mode_t)-1) 398 options->fwd_opts.streamlocal_bind_mask = 0177; 399 if (options->fwd_opts.streamlocal_bind_unlink == -1) 400 options->fwd_opts.streamlocal_bind_unlink = 0; 401 if (options->fingerprint_hash == -1) 402 options->fingerprint_hash = SSH_FP_HASH_DEFAULT; 403 if (options->disable_forwarding == -1) 404 options->disable_forwarding = 0; 405 if (options->expose_userauth_info == -1) 406 options->expose_userauth_info = 0; 407 408 assemble_algorithms(options); 409 410 /* Turn privilege separation and sandboxing on by default */ 411 if (use_privsep == -1) 412 use_privsep = PRIVSEP_ON; 413 414 #define CLEAR_ON_NONE(v) \ 415 do { \ 416 if (option_clear_or_none(v)) { \ 417 free(v); \ 418 v = NULL; \ 419 } \ 420 } while(0) 421 CLEAR_ON_NONE(options->pid_file); 422 CLEAR_ON_NONE(options->xauth_location); 423 CLEAR_ON_NONE(options->banner); 424 CLEAR_ON_NONE(options->trusted_user_ca_keys); 425 CLEAR_ON_NONE(options->revoked_keys_file); 426 CLEAR_ON_NONE(options->authorized_principals_file); 427 CLEAR_ON_NONE(options->adm_forced_command); 428 CLEAR_ON_NONE(options->chroot_directory); 429 CLEAR_ON_NONE(options->routing_domain); 430 for (i = 0; i < options->num_host_key_files; i++) 431 CLEAR_ON_NONE(options->host_key_files[i]); 432 for (i = 0; i < options->num_host_cert_files; i++) 433 CLEAR_ON_NONE(options->host_cert_files[i]); 434 #undef CLEAR_ON_NONE 435 436 /* Similar handling for AuthenticationMethods=any */ 437 if (options->num_auth_methods == 1 && 438 strcmp(options->auth_methods[0], "any") == 0) { 439 free(options->auth_methods[0]); 440 options->auth_methods[0] = NULL; 441 options->num_auth_methods = 0; 442 } 443 444 } 445 446 /* Keyword tokens. */ 447 typedef enum { 448 sBadOption, /* == unknown option */ 449 sPort, sHostKeyFile, sLoginGraceTime, 450 sPermitRootLogin, sLogFacility, sLogLevel, 451 sKerberosAuthentication, sKerberosOrLocalPasswd, sKerberosTicketCleanup, 452 sKerberosGetAFSToken, sChallengeResponseAuthentication, 453 sPasswordAuthentication, sKbdInteractiveAuthentication, 454 sListenAddress, sAddressFamily, 455 sPrintMotd, sPrintLastLog, sIgnoreRhosts, 456 sX11Forwarding, sX11DisplayOffset, sX11UseLocalhost, 457 sPermitTTY, sStrictModes, sEmptyPasswd, sTCPKeepAlive, 458 sPermitUserEnvironment, sAllowTcpForwarding, sCompression, 459 sRekeyLimit, sAllowUsers, sDenyUsers, sAllowGroups, sDenyGroups, 460 sIgnoreUserKnownHosts, sCiphers, sMacs, sPidFile, 461 sGatewayPorts, sPubkeyAuthentication, sPubkeyAcceptedKeyTypes, 462 sXAuthLocation, sSubsystem, sMaxStartups, sMaxAuthTries, sMaxSessions, 463 sBanner, sUseDNS, sHostbasedAuthentication, 464 sHostbasedUsesNameFromPacketOnly, sHostbasedAcceptedKeyTypes, 465 sHostKeyAlgorithms, 466 sClientAliveInterval, sClientAliveCountMax, sAuthorizedKeysFile, 467 sGssAuthentication, sGssCleanupCreds, sGssStrictAcceptor, 468 sAcceptEnv, sSetEnv, sPermitTunnel, 469 sMatch, sPermitOpen, sPermitListen, sForceCommand, sChrootDirectory, 470 sUsePrivilegeSeparation, sAllowAgentForwarding, 471 sHostCertificate, 472 sRevokedKeys, sTrustedUserCAKeys, sAuthorizedPrincipalsFile, 473 sAuthorizedPrincipalsCommand, sAuthorizedPrincipalsCommandUser, 474 sKexAlgorithms, sCASignatureAlgorithms, sIPQoS, sVersionAddendum, 475 sAuthorizedKeysCommand, sAuthorizedKeysCommandUser, 476 sAuthenticationMethods, sHostKeyAgent, sPermitUserRC, 477 sStreamLocalBindMask, sStreamLocalBindUnlink, 478 sAllowStreamLocalForwarding, sFingerprintHash, sDisableForwarding, 479 sExposeAuthInfo, sRDomain, 480 sDeprecated, sIgnore, sUnsupported 481 } ServerOpCodes; 482 483 #define SSHCFG_GLOBAL 0x01 /* allowed in main section of sshd_config */ 484 #define SSHCFG_MATCH 0x02 /* allowed inside a Match section */ 485 #define SSHCFG_ALL (SSHCFG_GLOBAL|SSHCFG_MATCH) 486 487 /* Textual representation of the tokens. */ 488 static struct { 489 const char *name; 490 ServerOpCodes opcode; 491 u_int flags; 492 } keywords[] = { 493 { "port", sPort, SSHCFG_GLOBAL }, 494 { "hostkey", sHostKeyFile, SSHCFG_GLOBAL }, 495 { "hostdsakey", sHostKeyFile, SSHCFG_GLOBAL }, /* alias */ 496 { "hostkeyagent", sHostKeyAgent, SSHCFG_GLOBAL }, 497 { "pidfile", sPidFile, SSHCFG_GLOBAL }, 498 { "serverkeybits", sDeprecated, SSHCFG_GLOBAL }, 499 { "logingracetime", sLoginGraceTime, SSHCFG_GLOBAL }, 500 { "keyregenerationinterval", sDeprecated, SSHCFG_GLOBAL }, 501 { "permitrootlogin", sPermitRootLogin, SSHCFG_ALL }, 502 { "syslogfacility", sLogFacility, SSHCFG_GLOBAL }, 503 { "loglevel", sLogLevel, SSHCFG_ALL }, 504 { "rhostsauthentication", sDeprecated, SSHCFG_GLOBAL }, 505 { "rhostsrsaauthentication", sDeprecated, SSHCFG_ALL }, 506 { "hostbasedauthentication", sHostbasedAuthentication, SSHCFG_ALL }, 507 { "hostbasedusesnamefrompacketonly", sHostbasedUsesNameFromPacketOnly, SSHCFG_ALL }, 508 { "hostbasedacceptedkeytypes", sHostbasedAcceptedKeyTypes, SSHCFG_ALL }, 509 { "hostkeyalgorithms", sHostKeyAlgorithms, SSHCFG_GLOBAL }, 510 { "rsaauthentication", sDeprecated, SSHCFG_ALL }, 511 { "pubkeyauthentication", sPubkeyAuthentication, SSHCFG_ALL }, 512 { "pubkeyacceptedkeytypes", sPubkeyAcceptedKeyTypes, SSHCFG_ALL }, 513 { "dsaauthentication", sPubkeyAuthentication, SSHCFG_GLOBAL }, /* alias */ 514 #ifdef KRB5 515 { "kerberosauthentication", sKerberosAuthentication, SSHCFG_ALL }, 516 { "kerberosorlocalpasswd", sKerberosOrLocalPasswd, SSHCFG_GLOBAL }, 517 { "kerberosticketcleanup", sKerberosTicketCleanup, SSHCFG_GLOBAL }, 518 { "kerberosgetafstoken", sKerberosGetAFSToken, SSHCFG_GLOBAL }, 519 #else 520 { "kerberosauthentication", sUnsupported, SSHCFG_ALL }, 521 { "kerberosorlocalpasswd", sUnsupported, SSHCFG_GLOBAL }, 522 { "kerberosticketcleanup", sUnsupported, SSHCFG_GLOBAL }, 523 { "kerberosgetafstoken", sUnsupported, SSHCFG_GLOBAL }, 524 #endif 525 { "kerberostgtpassing", sUnsupported, SSHCFG_GLOBAL }, 526 { "afstokenpassing", sUnsupported, SSHCFG_GLOBAL }, 527 #ifdef GSSAPI 528 { "gssapiauthentication", sGssAuthentication, SSHCFG_ALL }, 529 { "gssapicleanupcredentials", sGssCleanupCreds, SSHCFG_GLOBAL }, 530 { "gssapistrictacceptorcheck", sGssStrictAcceptor, SSHCFG_GLOBAL }, 531 #else 532 { "gssapiauthentication", sUnsupported, SSHCFG_ALL }, 533 { "gssapicleanupcredentials", sUnsupported, SSHCFG_GLOBAL }, 534 { "gssapistrictacceptorcheck", sUnsupported, SSHCFG_GLOBAL }, 535 #endif 536 { "passwordauthentication", sPasswordAuthentication, SSHCFG_ALL }, 537 { "kbdinteractiveauthentication", sKbdInteractiveAuthentication, SSHCFG_ALL }, 538 { "challengeresponseauthentication", sChallengeResponseAuthentication, SSHCFG_GLOBAL }, 539 { "skeyauthentication", sChallengeResponseAuthentication, SSHCFG_GLOBAL }, /* alias */ 540 { "checkmail", sDeprecated, SSHCFG_GLOBAL }, 541 { "listenaddress", sListenAddress, SSHCFG_GLOBAL }, 542 { "addressfamily", sAddressFamily, SSHCFG_GLOBAL }, 543 { "printmotd", sPrintMotd, SSHCFG_GLOBAL }, 544 { "printlastlog", sPrintLastLog, SSHCFG_GLOBAL }, 545 { "ignorerhosts", sIgnoreRhosts, SSHCFG_GLOBAL }, 546 { "ignoreuserknownhosts", sIgnoreUserKnownHosts, SSHCFG_GLOBAL }, 547 { "x11forwarding", sX11Forwarding, SSHCFG_ALL }, 548 { "x11displayoffset", sX11DisplayOffset, SSHCFG_ALL }, 549 { "x11uselocalhost", sX11UseLocalhost, SSHCFG_ALL }, 550 { "xauthlocation", sXAuthLocation, SSHCFG_GLOBAL }, 551 { "strictmodes", sStrictModes, SSHCFG_GLOBAL }, 552 { "permitemptypasswords", sEmptyPasswd, SSHCFG_ALL }, 553 { "permituserenvironment", sPermitUserEnvironment, SSHCFG_GLOBAL }, 554 { "uselogin", sDeprecated, SSHCFG_GLOBAL }, 555 { "compression", sCompression, SSHCFG_GLOBAL }, 556 { "rekeylimit", sRekeyLimit, SSHCFG_ALL }, 557 { "tcpkeepalive", sTCPKeepAlive, SSHCFG_GLOBAL }, 558 { "keepalive", sTCPKeepAlive, SSHCFG_GLOBAL }, /* obsolete alias */ 559 { "allowtcpforwarding", sAllowTcpForwarding, SSHCFG_ALL }, 560 { "allowagentforwarding", sAllowAgentForwarding, SSHCFG_ALL }, 561 { "allowusers", sAllowUsers, SSHCFG_ALL }, 562 { "denyusers", sDenyUsers, SSHCFG_ALL }, 563 { "allowgroups", sAllowGroups, SSHCFG_ALL }, 564 { "denygroups", sDenyGroups, SSHCFG_ALL }, 565 { "ciphers", sCiphers, SSHCFG_GLOBAL }, 566 { "macs", sMacs, SSHCFG_GLOBAL }, 567 { "protocol", sIgnore, SSHCFG_GLOBAL }, 568 { "gatewayports", sGatewayPorts, SSHCFG_ALL }, 569 { "subsystem", sSubsystem, SSHCFG_GLOBAL }, 570 { "maxstartups", sMaxStartups, SSHCFG_GLOBAL }, 571 { "maxauthtries", sMaxAuthTries, SSHCFG_ALL }, 572 { "maxsessions", sMaxSessions, SSHCFG_ALL }, 573 { "banner", sBanner, SSHCFG_ALL }, 574 { "usedns", sUseDNS, SSHCFG_GLOBAL }, 575 { "verifyreversemapping", sDeprecated, SSHCFG_GLOBAL }, 576 { "reversemappingcheck", sDeprecated, SSHCFG_GLOBAL }, 577 { "clientaliveinterval", sClientAliveInterval, SSHCFG_ALL }, 578 { "clientalivecountmax", sClientAliveCountMax, SSHCFG_ALL }, 579 { "authorizedkeysfile", sAuthorizedKeysFile, SSHCFG_ALL }, 580 { "authorizedkeysfile2", sDeprecated, SSHCFG_ALL }, 581 { "useprivilegeseparation", sDeprecated, SSHCFG_GLOBAL}, 582 { "acceptenv", sAcceptEnv, SSHCFG_ALL }, 583 { "setenv", sSetEnv, SSHCFG_ALL }, 584 { "permittunnel", sPermitTunnel, SSHCFG_ALL }, 585 { "permittty", sPermitTTY, SSHCFG_ALL }, 586 { "permituserrc", sPermitUserRC, SSHCFG_ALL }, 587 { "match", sMatch, SSHCFG_ALL }, 588 { "permitopen", sPermitOpen, SSHCFG_ALL }, 589 { "permitlisten", sPermitListen, SSHCFG_ALL }, 590 { "forcecommand", sForceCommand, SSHCFG_ALL }, 591 { "chrootdirectory", sChrootDirectory, SSHCFG_ALL }, 592 { "hostcertificate", sHostCertificate, SSHCFG_GLOBAL }, 593 { "revokedkeys", sRevokedKeys, SSHCFG_ALL }, 594 { "trustedusercakeys", sTrustedUserCAKeys, SSHCFG_ALL }, 595 { "authorizedprincipalsfile", sAuthorizedPrincipalsFile, SSHCFG_ALL }, 596 { "kexalgorithms", sKexAlgorithms, SSHCFG_GLOBAL }, 597 { "ipqos", sIPQoS, SSHCFG_ALL }, 598 { "authorizedkeyscommand", sAuthorizedKeysCommand, SSHCFG_ALL }, 599 { "authorizedkeyscommanduser", sAuthorizedKeysCommandUser, SSHCFG_ALL }, 600 { "authorizedprincipalscommand", sAuthorizedPrincipalsCommand, SSHCFG_ALL }, 601 { "authorizedprincipalscommanduser", sAuthorizedPrincipalsCommandUser, SSHCFG_ALL }, 602 { "versionaddendum", sVersionAddendum, SSHCFG_GLOBAL }, 603 { "authenticationmethods", sAuthenticationMethods, SSHCFG_ALL }, 604 { "streamlocalbindmask", sStreamLocalBindMask, SSHCFG_ALL }, 605 { "streamlocalbindunlink", sStreamLocalBindUnlink, SSHCFG_ALL }, 606 { "allowstreamlocalforwarding", sAllowStreamLocalForwarding, SSHCFG_ALL }, 607 { "fingerprinthash", sFingerprintHash, SSHCFG_GLOBAL }, 608 { "disableforwarding", sDisableForwarding, SSHCFG_ALL }, 609 { "exposeauthinfo", sExposeAuthInfo, SSHCFG_ALL }, 610 { "rdomain", sRDomain, SSHCFG_ALL }, 611 { "casignaturealgorithms", sCASignatureAlgorithms, SSHCFG_ALL }, 612 { NULL, sBadOption, 0 } 613 }; 614 615 static struct { 616 int val; 617 char *text; 618 } tunmode_desc[] = { 619 { SSH_TUNMODE_NO, "no" }, 620 { SSH_TUNMODE_POINTOPOINT, "point-to-point" }, 621 { SSH_TUNMODE_ETHERNET, "ethernet" }, 622 { SSH_TUNMODE_YES, "yes" }, 623 { -1, NULL } 624 }; 625 626 /* Returns an opcode name from its number */ 627 628 static const char * 629 lookup_opcode_name(ServerOpCodes code) 630 { 631 u_int i; 632 633 for (i = 0; keywords[i].name != NULL; i++) 634 if (keywords[i].opcode == code) 635 return(keywords[i].name); 636 return "UNKNOWN"; 637 } 638 639 640 /* 641 * Returns the number of the token pointed to by cp or sBadOption. 642 */ 643 644 static ServerOpCodes 645 parse_token(const char *cp, const char *filename, 646 int linenum, u_int *flags) 647 { 648 u_int i; 649 650 for (i = 0; keywords[i].name; i++) 651 if (strcasecmp(cp, keywords[i].name) == 0) { 652 *flags = keywords[i].flags; 653 return keywords[i].opcode; 654 } 655 656 error("%s: line %d: Bad configuration option: %s", 657 filename, linenum, cp); 658 return sBadOption; 659 } 660 661 char * 662 derelativise_path(const char *path) 663 { 664 char *expanded, *ret, cwd[PATH_MAX]; 665 666 if (strcasecmp(path, "none") == 0) 667 return xstrdup("none"); 668 expanded = tilde_expand_filename(path, getuid()); 669 if (path_absolute(expanded)) 670 return expanded; 671 if (getcwd(cwd, sizeof(cwd)) == NULL) 672 fatal("%s: getcwd: %s", __func__, strerror(errno)); 673 xasprintf(&ret, "%s/%s", cwd, expanded); 674 free(expanded); 675 return ret; 676 } 677 678 static void 679 add_listen_addr(ServerOptions *options, const char *addr, 680 const char *rdomain, int port) 681 { 682 u_int i; 683 684 if (port > 0) 685 add_one_listen_addr(options, addr, rdomain, port); 686 else { 687 for (i = 0; i < options->num_ports; i++) { 688 add_one_listen_addr(options, addr, rdomain, 689 options->ports[i]); 690 } 691 } 692 } 693 694 static void 695 add_one_listen_addr(ServerOptions *options, const char *addr, 696 const char *rdomain, int port) 697 { 698 struct addrinfo hints, *ai, *aitop; 699 char strport[NI_MAXSERV]; 700 int gaierr; 701 u_int i; 702 703 /* Find listen_addrs entry for this rdomain */ 704 for (i = 0; i < options->num_listen_addrs; i++) { 705 if (rdomain == NULL && options->listen_addrs[i].rdomain == NULL) 706 break; 707 if (rdomain == NULL || options->listen_addrs[i].rdomain == NULL) 708 continue; 709 if (strcmp(rdomain, options->listen_addrs[i].rdomain) == 0) 710 break; 711 } 712 if (i >= options->num_listen_addrs) { 713 /* No entry for this rdomain; allocate one */ 714 if (i >= INT_MAX) 715 fatal("%s: too many listen addresses", __func__); 716 options->listen_addrs = xrecallocarray(options->listen_addrs, 717 options->num_listen_addrs, options->num_listen_addrs + 1, 718 sizeof(*options->listen_addrs)); 719 i = options->num_listen_addrs++; 720 if (rdomain != NULL) 721 options->listen_addrs[i].rdomain = xstrdup(rdomain); 722 } 723 /* options->listen_addrs[i] points to the addresses for this rdomain */ 724 725 memset(&hints, 0, sizeof(hints)); 726 hints.ai_family = options->address_family; 727 hints.ai_socktype = SOCK_STREAM; 728 hints.ai_flags = (addr == NULL) ? AI_PASSIVE : 0; 729 snprintf(strport, sizeof strport, "%d", port); 730 if ((gaierr = getaddrinfo(addr, strport, &hints, &aitop)) != 0) 731 fatal("bad addr or host: %s (%s)", 732 addr ? addr : "<NULL>", 733 ssh_gai_strerror(gaierr)); 734 for (ai = aitop; ai->ai_next; ai = ai->ai_next) 735 ; 736 ai->ai_next = options->listen_addrs[i].addrs; 737 options->listen_addrs[i].addrs = aitop; 738 } 739 740 /* Returns nonzero if the routing domain name is valid */ 741 static int 742 valid_rdomain(const char *name) 743 { 744 const char *errstr; 745 long long num; 746 struct rt_tableinfo info; 747 int mib[6]; 748 size_t miblen = sizeof(mib); 749 750 if (name == NULL) 751 return 1; 752 753 num = strtonum(name, 0, 255, &errstr); 754 if (errstr != NULL) 755 return 0; 756 757 /* Check whether the table actually exists */ 758 memset(mib, 0, sizeof(mib)); 759 mib[0] = CTL_NET; 760 mib[1] = PF_ROUTE; 761 mib[4] = NET_RT_TABLE; 762 mib[5] = (int)num; 763 if (sysctl(mib, 6, &info, &miblen, NULL, 0) == -1) 764 return 0; 765 766 return 1; 767 } 768 769 /* 770 * Queue a ListenAddress to be processed once we have all of the Ports 771 * and AddressFamily options. 772 */ 773 static void 774 queue_listen_addr(ServerOptions *options, const char *addr, 775 const char *rdomain, int port) 776 { 777 struct queued_listenaddr *qla; 778 779 options->queued_listen_addrs = xrecallocarray( 780 options->queued_listen_addrs, 781 options->num_queued_listens, options->num_queued_listens + 1, 782 sizeof(*options->queued_listen_addrs)); 783 qla = &options->queued_listen_addrs[options->num_queued_listens++]; 784 qla->addr = xstrdup(addr); 785 qla->port = port; 786 qla->rdomain = rdomain == NULL ? NULL : xstrdup(rdomain); 787 } 788 789 /* 790 * Process queued (text) ListenAddress entries. 791 */ 792 static void 793 process_queued_listen_addrs(ServerOptions *options) 794 { 795 u_int i; 796 struct queued_listenaddr *qla; 797 798 if (options->num_ports == 0) 799 options->ports[options->num_ports++] = SSH_DEFAULT_PORT; 800 if (options->address_family == -1) 801 options->address_family = AF_UNSPEC; 802 803 for (i = 0; i < options->num_queued_listens; i++) { 804 qla = &options->queued_listen_addrs[i]; 805 add_listen_addr(options, qla->addr, qla->rdomain, qla->port); 806 free(qla->addr); 807 free(qla->rdomain); 808 } 809 free(options->queued_listen_addrs); 810 options->queued_listen_addrs = NULL; 811 options->num_queued_listens = 0; 812 } 813 814 /* 815 * Inform channels layer of permitopen options for a single forwarding 816 * direction (local/remote). 817 */ 818 static void 819 process_permitopen_list(struct ssh *ssh, ServerOpCodes opcode, 820 char **opens, u_int num_opens) 821 { 822 u_int i; 823 int port; 824 char *host, *arg, *oarg; 825 int where = opcode == sPermitOpen ? FORWARD_LOCAL : FORWARD_REMOTE; 826 const char *what = lookup_opcode_name(opcode); 827 828 channel_clear_permission(ssh, FORWARD_ADM, where); 829 if (num_opens == 0) 830 return; /* permit any */ 831 832 /* handle keywords: "any" / "none" */ 833 if (num_opens == 1 && strcmp(opens[0], "any") == 0) 834 return; 835 if (num_opens == 1 && strcmp(opens[0], "none") == 0) { 836 channel_disable_admin(ssh, where); 837 return; 838 } 839 /* Otherwise treat it as a list of permitted host:port */ 840 for (i = 0; i < num_opens; i++) { 841 oarg = arg = xstrdup(opens[i]); 842 host = hpdelim(&arg); 843 if (host == NULL) 844 fatal("%s: missing host in %s", __func__, what); 845 host = cleanhostname(host); 846 if (arg == NULL || ((port = permitopen_port(arg)) < 0)) 847 fatal("%s: bad port number in %s", __func__, what); 848 /* Send it to channels layer */ 849 channel_add_permission(ssh, FORWARD_ADM, 850 where, host, port); 851 free(oarg); 852 } 853 } 854 855 /* 856 * Inform channels layer of permitopen options from configuration. 857 */ 858 void 859 process_permitopen(struct ssh *ssh, ServerOptions *options) 860 { 861 process_permitopen_list(ssh, sPermitOpen, 862 options->permitted_opens, options->num_permitted_opens); 863 process_permitopen_list(ssh, sPermitListen, 864 options->permitted_listens, 865 options->num_permitted_listens); 866 } 867 868 struct connection_info * 869 get_connection_info(int populate, int use_dns) 870 { 871 struct ssh *ssh = active_state; /* XXX */ 872 static struct connection_info ci; 873 874 if (!populate) 875 return &ci; 876 ci.host = auth_get_canonical_hostname(ssh, use_dns); 877 ci.address = ssh_remote_ipaddr(ssh); 878 ci.laddress = ssh_local_ipaddr(ssh); 879 ci.lport = ssh_local_port(ssh); 880 ci.rdomain = ssh_packet_rdomain_in(ssh); 881 return &ci; 882 } 883 884 /* 885 * The strategy for the Match blocks is that the config file is parsed twice. 886 * 887 * The first time is at startup. activep is initialized to 1 and the 888 * directives in the global context are processed and acted on. Hitting a 889 * Match directive unsets activep and the directives inside the block are 890 * checked for syntax only. 891 * 892 * The second time is after a connection has been established but before 893 * authentication. activep is initialized to 2 and global config directives 894 * are ignored since they have already been processed. If the criteria in a 895 * Match block is met, activep is set and the subsequent directives 896 * processed and actioned until EOF or another Match block unsets it. Any 897 * options set are copied into the main server config. 898 * 899 * Potential additions/improvements: 900 * - Add Match support for pre-kex directives, eg. Ciphers. 901 * 902 * - Add a Tag directive (idea from David Leonard) ala pf, eg: 903 * Match Address 192.168.0.* 904 * Tag trusted 905 * Match Group wheel 906 * Tag trusted 907 * Match Tag trusted 908 * AllowTcpForwarding yes 909 * GatewayPorts clientspecified 910 * [...] 911 * 912 * - Add a PermittedChannelRequests directive 913 * Match Group shell 914 * PermittedChannelRequests session,forwarded-tcpip 915 */ 916 917 static int 918 match_cfg_line_group(const char *grps, int line, const char *user) 919 { 920 int result = 0; 921 struct passwd *pw; 922 923 if (user == NULL) 924 goto out; 925 926 if ((pw = getpwnam(user)) == NULL) { 927 debug("Can't match group at line %d because user %.100s does " 928 "not exist", line, user); 929 } else if (ga_init(pw->pw_name, pw->pw_gid) == 0) { 930 debug("Can't Match group because user %.100s not in any group " 931 "at line %d", user, line); 932 } else if (ga_match_pattern_list(grps) != 1) { 933 debug("user %.100s does not match group list %.100s at line %d", 934 user, grps, line); 935 } else { 936 debug("user %.100s matched group list %.100s at line %d", user, 937 grps, line); 938 result = 1; 939 } 940 out: 941 ga_free(); 942 return result; 943 } 944 945 static void 946 match_test_missing_fatal(const char *criteria, const char *attrib) 947 { 948 fatal("'Match %s' in configuration but '%s' not in connection " 949 "test specification.", criteria, attrib); 950 } 951 952 /* 953 * All of the attributes on a single Match line are ANDed together, so we need 954 * to check every attribute and set the result to zero if any attribute does 955 * not match. 956 */ 957 static int 958 match_cfg_line(char **condition, int line, struct connection_info *ci) 959 { 960 int result = 1, attributes = 0, port; 961 char *arg, *attrib, *cp = *condition; 962 963 if (ci == NULL) 964 debug3("checking syntax for 'Match %s'", cp); 965 else 966 debug3("checking match for '%s' user %s host %s addr %s " 967 "laddr %s lport %d", cp, ci->user ? ci->user : "(null)", 968 ci->host ? ci->host : "(null)", 969 ci->address ? ci->address : "(null)", 970 ci->laddress ? ci->laddress : "(null)", ci->lport); 971 972 while ((attrib = strdelim(&cp)) && *attrib != '\0') { 973 attributes++; 974 if (strcasecmp(attrib, "all") == 0) { 975 if (attributes != 1 || 976 ((arg = strdelim(&cp)) != NULL && *arg != '\0')) { 977 error("'all' cannot be combined with other " 978 "Match attributes"); 979 return -1; 980 } 981 *condition = cp; 982 return 1; 983 } 984 if ((arg = strdelim(&cp)) == NULL || *arg == '\0') { 985 error("Missing Match criteria for %s", attrib); 986 return -1; 987 } 988 if (strcasecmp(attrib, "user") == 0) { 989 if (ci == NULL) { 990 result = 0; 991 continue; 992 } 993 if (ci->user == NULL) 994 match_test_missing_fatal("User", "user"); 995 if (match_pattern_list(ci->user, arg, 0) != 1) 996 result = 0; 997 else 998 debug("user %.100s matched 'User %.100s' at " 999 "line %d", ci->user, arg, line); 1000 } else if (strcasecmp(attrib, "group") == 0) { 1001 if (ci == NULL) { 1002 result = 0; 1003 continue; 1004 } 1005 if (ci->user == NULL) 1006 match_test_missing_fatal("Group", "user"); 1007 switch (match_cfg_line_group(arg, line, ci->user)) { 1008 case -1: 1009 return -1; 1010 case 0: 1011 result = 0; 1012 } 1013 } else if (strcasecmp(attrib, "host") == 0) { 1014 if (ci == NULL) { 1015 result = 0; 1016 continue; 1017 } 1018 if (ci->host == NULL) 1019 match_test_missing_fatal("Host", "host"); 1020 if (match_hostname(ci->host, arg) != 1) 1021 result = 0; 1022 else 1023 debug("connection from %.100s matched 'Host " 1024 "%.100s' at line %d", ci->host, arg, line); 1025 } else if (strcasecmp(attrib, "address") == 0) { 1026 if (ci == NULL) { 1027 result = 0; 1028 continue; 1029 } 1030 if (ci->address == NULL) 1031 match_test_missing_fatal("Address", "addr"); 1032 switch (addr_match_list(ci->address, arg)) { 1033 case 1: 1034 debug("connection from %.100s matched 'Address " 1035 "%.100s' at line %d", ci->address, arg, line); 1036 break; 1037 case 0: 1038 case -1: 1039 result = 0; 1040 break; 1041 case -2: 1042 return -1; 1043 } 1044 } else if (strcasecmp(attrib, "localaddress") == 0){ 1045 if (ci == NULL) { 1046 result = 0; 1047 continue; 1048 } 1049 if (ci->laddress == NULL) 1050 match_test_missing_fatal("LocalAddress", 1051 "laddr"); 1052 switch (addr_match_list(ci->laddress, arg)) { 1053 case 1: 1054 debug("connection from %.100s matched " 1055 "'LocalAddress %.100s' at line %d", 1056 ci->laddress, arg, line); 1057 break; 1058 case 0: 1059 case -1: 1060 result = 0; 1061 break; 1062 case -2: 1063 return -1; 1064 } 1065 } else if (strcasecmp(attrib, "localport") == 0) { 1066 if ((port = a2port(arg)) == -1) { 1067 error("Invalid LocalPort '%s' on Match line", 1068 arg); 1069 return -1; 1070 } 1071 if (ci == NULL) { 1072 result = 0; 1073 continue; 1074 } 1075 if (ci->lport == 0) 1076 match_test_missing_fatal("LocalPort", "lport"); 1077 /* TODO support port lists */ 1078 if (port == ci->lport) 1079 debug("connection from %.100s matched " 1080 "'LocalPort %d' at line %d", 1081 ci->laddress, port, line); 1082 else 1083 result = 0; 1084 } else if (strcasecmp(attrib, "rdomain") == 0) { 1085 if (ci == NULL || ci->rdomain == NULL) { 1086 result = 0; 1087 continue; 1088 } 1089 if (match_pattern_list(ci->rdomain, arg, 0) != 1) 1090 result = 0; 1091 else 1092 debug("user %.100s matched 'RDomain %.100s' at " 1093 "line %d", ci->rdomain, arg, line); 1094 } else { 1095 error("Unsupported Match attribute %s", attrib); 1096 return -1; 1097 } 1098 } 1099 if (attributes == 0) { 1100 error("One or more attributes required for Match"); 1101 return -1; 1102 } 1103 if (ci != NULL) 1104 debug3("match %sfound", result ? "" : "not "); 1105 *condition = cp; 1106 return result; 1107 } 1108 1109 #define WHITESPACE " \t\r\n" 1110 1111 /* Multistate option parsing */ 1112 struct multistate { 1113 char *key; 1114 int value; 1115 }; 1116 static const struct multistate multistate_flag[] = { 1117 { "yes", 1 }, 1118 { "no", 0 }, 1119 { NULL, -1 } 1120 }; 1121 static const struct multistate multistate_addressfamily[] = { 1122 { "inet", AF_INET }, 1123 { "inet6", AF_INET6 }, 1124 { "any", AF_UNSPEC }, 1125 { NULL, -1 } 1126 }; 1127 static const struct multistate multistate_permitrootlogin[] = { 1128 { "without-password", PERMIT_NO_PASSWD }, 1129 { "prohibit-password", PERMIT_NO_PASSWD }, 1130 { "forced-commands-only", PERMIT_FORCED_ONLY }, 1131 { "yes", PERMIT_YES }, 1132 { "no", PERMIT_NO }, 1133 { NULL, -1 } 1134 }; 1135 static const struct multistate multistate_compression[] = { 1136 { "yes", COMP_DELAYED }, 1137 { "delayed", COMP_DELAYED }, 1138 { "no", COMP_NONE }, 1139 { NULL, -1 } 1140 }; 1141 static const struct multistate multistate_gatewayports[] = { 1142 { "clientspecified", 2 }, 1143 { "yes", 1 }, 1144 { "no", 0 }, 1145 { NULL, -1 } 1146 }; 1147 static const struct multistate multistate_tcpfwd[] = { 1148 { "yes", FORWARD_ALLOW }, 1149 { "all", FORWARD_ALLOW }, 1150 { "no", FORWARD_DENY }, 1151 { "remote", FORWARD_REMOTE }, 1152 { "local", FORWARD_LOCAL }, 1153 { NULL, -1 } 1154 }; 1155 1156 int 1157 process_server_config_line(ServerOptions *options, char *line, 1158 const char *filename, int linenum, int *activep, 1159 struct connection_info *connectinfo) 1160 { 1161 char *cp, ***chararrayptr, **charptr, *arg, *arg2, *p; 1162 int cmdline = 0, *intptr, value, value2, n, port; 1163 SyslogFacility *log_facility_ptr; 1164 LogLevel *log_level_ptr; 1165 ServerOpCodes opcode; 1166 u_int i, *uintptr, uvalue, flags = 0; 1167 size_t len; 1168 long long val64; 1169 const struct multistate *multistate_ptr; 1170 const char *errstr; 1171 1172 /* Strip trailing whitespace. Allow \f (form feed) at EOL only */ 1173 if ((len = strlen(line)) == 0) 1174 return 0; 1175 for (len--; len > 0; len--) { 1176 if (strchr(WHITESPACE "\f", line[len]) == NULL) 1177 break; 1178 line[len] = '\0'; 1179 } 1180 1181 cp = line; 1182 if ((arg = strdelim(&cp)) == NULL) 1183 return 0; 1184 /* Ignore leading whitespace */ 1185 if (*arg == '\0') 1186 arg = strdelim(&cp); 1187 if (!arg || !*arg || *arg == '#') 1188 return 0; 1189 intptr = NULL; 1190 charptr = NULL; 1191 opcode = parse_token(arg, filename, linenum, &flags); 1192 1193 if (activep == NULL) { /* We are processing a command line directive */ 1194 cmdline = 1; 1195 activep = &cmdline; 1196 } 1197 if (*activep && opcode != sMatch) 1198 debug3("%s:%d setting %s %s", filename, linenum, arg, cp); 1199 if (*activep == 0 && !(flags & SSHCFG_MATCH)) { 1200 if (connectinfo == NULL) { 1201 fatal("%s line %d: Directive '%s' is not allowed " 1202 "within a Match block", filename, linenum, arg); 1203 } else { /* this is a directive we have already processed */ 1204 while (arg) 1205 arg = strdelim(&cp); 1206 return 0; 1207 } 1208 } 1209 1210 switch (opcode) { 1211 case sBadOption: 1212 return -1; 1213 case sPort: 1214 /* ignore ports from configfile if cmdline specifies ports */ 1215 if (options->ports_from_cmdline) 1216 return 0; 1217 if (options->num_ports >= MAX_PORTS) 1218 fatal("%s line %d: too many ports.", 1219 filename, linenum); 1220 arg = strdelim(&cp); 1221 if (!arg || *arg == '\0') 1222 fatal("%s line %d: missing port number.", 1223 filename, linenum); 1224 options->ports[options->num_ports++] = a2port(arg); 1225 if (options->ports[options->num_ports-1] <= 0) 1226 fatal("%s line %d: Badly formatted port number.", 1227 filename, linenum); 1228 break; 1229 1230 case sLoginGraceTime: 1231 intptr = &options->login_grace_time; 1232 parse_time: 1233 arg = strdelim(&cp); 1234 if (!arg || *arg == '\0') 1235 fatal("%s line %d: missing time value.", 1236 filename, linenum); 1237 if ((value = convtime(arg)) == -1) 1238 fatal("%s line %d: invalid time value.", 1239 filename, linenum); 1240 if (*activep && *intptr == -1) 1241 *intptr = value; 1242 break; 1243 1244 case sListenAddress: 1245 arg = strdelim(&cp); 1246 if (arg == NULL || *arg == '\0') 1247 fatal("%s line %d: missing address", 1248 filename, linenum); 1249 /* check for bare IPv6 address: no "[]" and 2 or more ":" */ 1250 if (strchr(arg, '[') == NULL && (p = strchr(arg, ':')) != NULL 1251 && strchr(p+1, ':') != NULL) { 1252 port = 0; 1253 p = arg; 1254 } else { 1255 p = hpdelim(&arg); 1256 if (p == NULL) 1257 fatal("%s line %d: bad address:port usage", 1258 filename, linenum); 1259 p = cleanhostname(p); 1260 if (arg == NULL) 1261 port = 0; 1262 else if ((port = a2port(arg)) <= 0) 1263 fatal("%s line %d: bad port number", 1264 filename, linenum); 1265 } 1266 /* Optional routing table */ 1267 arg2 = NULL; 1268 if ((arg = strdelim(&cp)) != NULL) { 1269 if (strcmp(arg, "rdomain") != 0 || 1270 (arg2 = strdelim(&cp)) == NULL) 1271 fatal("%s line %d: bad ListenAddress syntax", 1272 filename, linenum); 1273 if (!valid_rdomain(arg2)) 1274 fatal("%s line %d: bad routing domain", 1275 filename, linenum); 1276 } 1277 1278 queue_listen_addr(options, p, arg2, port); 1279 1280 break; 1281 1282 case sAddressFamily: 1283 intptr = &options->address_family; 1284 multistate_ptr = multistate_addressfamily; 1285 parse_multistate: 1286 arg = strdelim(&cp); 1287 if (!arg || *arg == '\0') 1288 fatal("%s line %d: missing argument.", 1289 filename, linenum); 1290 value = -1; 1291 for (i = 0; multistate_ptr[i].key != NULL; i++) { 1292 if (strcasecmp(arg, multistate_ptr[i].key) == 0) { 1293 value = multistate_ptr[i].value; 1294 break; 1295 } 1296 } 1297 if (value == -1) 1298 fatal("%s line %d: unsupported option \"%s\".", 1299 filename, linenum, arg); 1300 if (*activep && *intptr == -1) 1301 *intptr = value; 1302 break; 1303 1304 case sHostKeyFile: 1305 arg = strdelim(&cp); 1306 if (!arg || *arg == '\0') 1307 fatal("%s line %d: missing file name.", 1308 filename, linenum); 1309 if (*activep) { 1310 servconf_add_hostkey(filename, linenum, 1311 options, arg, 1); 1312 } 1313 break; 1314 1315 case sHostKeyAgent: 1316 charptr = &options->host_key_agent; 1317 arg = strdelim(&cp); 1318 if (!arg || *arg == '\0') 1319 fatal("%s line %d: missing socket name.", 1320 filename, linenum); 1321 if (*activep && *charptr == NULL) 1322 *charptr = !strcmp(arg, SSH_AUTHSOCKET_ENV_NAME) ? 1323 xstrdup(arg) : derelativise_path(arg); 1324 break; 1325 1326 case sHostCertificate: 1327 arg = strdelim(&cp); 1328 if (!arg || *arg == '\0') 1329 fatal("%s line %d: missing file name.", 1330 filename, linenum); 1331 if (*activep) 1332 servconf_add_hostcert(filename, linenum, options, arg); 1333 break; 1334 1335 case sPidFile: 1336 charptr = &options->pid_file; 1337 parse_filename: 1338 arg = strdelim(&cp); 1339 if (!arg || *arg == '\0') 1340 fatal("%s line %d: missing file name.", 1341 filename, linenum); 1342 if (*activep && *charptr == NULL) { 1343 *charptr = derelativise_path(arg); 1344 /* increase optional counter */ 1345 if (intptr != NULL) 1346 *intptr = *intptr + 1; 1347 } 1348 break; 1349 1350 case sPermitRootLogin: 1351 intptr = &options->permit_root_login; 1352 multistate_ptr = multistate_permitrootlogin; 1353 goto parse_multistate; 1354 1355 case sIgnoreRhosts: 1356 intptr = &options->ignore_rhosts; 1357 parse_flag: 1358 multistate_ptr = multistate_flag; 1359 goto parse_multistate; 1360 1361 case sIgnoreUserKnownHosts: 1362 intptr = &options->ignore_user_known_hosts; 1363 goto parse_flag; 1364 1365 case sHostbasedAuthentication: 1366 intptr = &options->hostbased_authentication; 1367 goto parse_flag; 1368 1369 case sHostbasedUsesNameFromPacketOnly: 1370 intptr = &options->hostbased_uses_name_from_packet_only; 1371 goto parse_flag; 1372 1373 case sHostbasedAcceptedKeyTypes: 1374 charptr = &options->hostbased_key_types; 1375 parse_keytypes: 1376 arg = strdelim(&cp); 1377 if (!arg || *arg == '\0') 1378 fatal("%s line %d: Missing argument.", 1379 filename, linenum); 1380 if (*arg != '-' && 1381 !sshkey_names_valid2(*arg == '+' ? arg + 1 : arg, 1)) 1382 fatal("%s line %d: Bad key types '%s'.", 1383 filename, linenum, arg ? arg : "<NONE>"); 1384 if (*activep && *charptr == NULL) 1385 *charptr = xstrdup(arg); 1386 break; 1387 1388 case sHostKeyAlgorithms: 1389 charptr = &options->hostkeyalgorithms; 1390 goto parse_keytypes; 1391 1392 case sCASignatureAlgorithms: 1393 charptr = &options->ca_sign_algorithms; 1394 goto parse_keytypes; 1395 1396 case sPubkeyAuthentication: 1397 intptr = &options->pubkey_authentication; 1398 goto parse_flag; 1399 1400 case sPubkeyAcceptedKeyTypes: 1401 charptr = &options->pubkey_key_types; 1402 goto parse_keytypes; 1403 1404 case sKerberosAuthentication: 1405 intptr = &options->kerberos_authentication; 1406 goto parse_flag; 1407 1408 case sKerberosOrLocalPasswd: 1409 intptr = &options->kerberos_or_local_passwd; 1410 goto parse_flag; 1411 1412 case sKerberosTicketCleanup: 1413 intptr = &options->kerberos_ticket_cleanup; 1414 goto parse_flag; 1415 1416 case sKerberosGetAFSToken: 1417 intptr = &options->kerberos_get_afs_token; 1418 goto parse_flag; 1419 1420 case sGssAuthentication: 1421 intptr = &options->gss_authentication; 1422 goto parse_flag; 1423 1424 case sGssCleanupCreds: 1425 intptr = &options->gss_cleanup_creds; 1426 goto parse_flag; 1427 1428 case sGssStrictAcceptor: 1429 intptr = &options->gss_strict_acceptor; 1430 goto parse_flag; 1431 1432 case sPasswordAuthentication: 1433 intptr = &options->password_authentication; 1434 goto parse_flag; 1435 1436 case sKbdInteractiveAuthentication: 1437 intptr = &options->kbd_interactive_authentication; 1438 goto parse_flag; 1439 1440 case sChallengeResponseAuthentication: 1441 intptr = &options->challenge_response_authentication; 1442 goto parse_flag; 1443 1444 case sPrintMotd: 1445 intptr = &options->print_motd; 1446 goto parse_flag; 1447 1448 case sPrintLastLog: 1449 intptr = &options->print_lastlog; 1450 goto parse_flag; 1451 1452 case sX11Forwarding: 1453 intptr = &options->x11_forwarding; 1454 goto parse_flag; 1455 1456 case sX11DisplayOffset: 1457 intptr = &options->x11_display_offset; 1458 parse_int: 1459 arg = strdelim(&cp); 1460 if ((errstr = atoi_err(arg, &value)) != NULL) 1461 fatal("%s line %d: integer value %s.", 1462 filename, linenum, errstr); 1463 if (*activep && *intptr == -1) 1464 *intptr = value; 1465 break; 1466 1467 case sX11UseLocalhost: 1468 intptr = &options->x11_use_localhost; 1469 goto parse_flag; 1470 1471 case sXAuthLocation: 1472 charptr = &options->xauth_location; 1473 goto parse_filename; 1474 1475 case sPermitTTY: 1476 intptr = &options->permit_tty; 1477 goto parse_flag; 1478 1479 case sPermitUserRC: 1480 intptr = &options->permit_user_rc; 1481 goto parse_flag; 1482 1483 case sStrictModes: 1484 intptr = &options->strict_modes; 1485 goto parse_flag; 1486 1487 case sTCPKeepAlive: 1488 intptr = &options->tcp_keep_alive; 1489 goto parse_flag; 1490 1491 case sEmptyPasswd: 1492 intptr = &options->permit_empty_passwd; 1493 goto parse_flag; 1494 1495 case sPermitUserEnvironment: 1496 intptr = &options->permit_user_env; 1497 charptr = &options->permit_user_env_whitelist; 1498 arg = strdelim(&cp); 1499 if (!arg || *arg == '\0') 1500 fatal("%s line %d: missing argument.", 1501 filename, linenum); 1502 value = 0; 1503 p = NULL; 1504 if (strcmp(arg, "yes") == 0) 1505 value = 1; 1506 else if (strcmp(arg, "no") == 0) 1507 value = 0; 1508 else { 1509 /* Pattern-list specified */ 1510 value = 1; 1511 p = xstrdup(arg); 1512 } 1513 if (*activep && *intptr == -1) { 1514 *intptr = value; 1515 *charptr = p; 1516 p = NULL; 1517 } 1518 free(p); 1519 break; 1520 1521 case sCompression: 1522 intptr = &options->compression; 1523 multistate_ptr = multistate_compression; 1524 goto parse_multistate; 1525 1526 case sRekeyLimit: 1527 arg = strdelim(&cp); 1528 if (!arg || *arg == '\0') 1529 fatal("%.200s line %d: Missing argument.", filename, 1530 linenum); 1531 if (strcmp(arg, "default") == 0) { 1532 val64 = 0; 1533 } else { 1534 if (scan_scaled(arg, &val64) == -1) 1535 fatal("%.200s line %d: Bad number '%s': %s", 1536 filename, linenum, arg, strerror(errno)); 1537 if (val64 != 0 && val64 < 16) 1538 fatal("%.200s line %d: RekeyLimit too small", 1539 filename, linenum); 1540 } 1541 if (*activep && options->rekey_limit == -1) 1542 options->rekey_limit = val64; 1543 if (cp != NULL) { /* optional rekey interval present */ 1544 if (strcmp(cp, "none") == 0) { 1545 (void)strdelim(&cp); /* discard */ 1546 break; 1547 } 1548 intptr = &options->rekey_interval; 1549 goto parse_time; 1550 } 1551 break; 1552 1553 case sGatewayPorts: 1554 intptr = &options->fwd_opts.gateway_ports; 1555 multistate_ptr = multistate_gatewayports; 1556 goto parse_multistate; 1557 1558 case sUseDNS: 1559 intptr = &options->use_dns; 1560 goto parse_flag; 1561 1562 case sLogFacility: 1563 log_facility_ptr = &options->log_facility; 1564 arg = strdelim(&cp); 1565 value = log_facility_number(arg); 1566 if (value == SYSLOG_FACILITY_NOT_SET) 1567 fatal("%.200s line %d: unsupported log facility '%s'", 1568 filename, linenum, arg ? arg : "<NONE>"); 1569 if (*log_facility_ptr == -1) 1570 *log_facility_ptr = (SyslogFacility) value; 1571 break; 1572 1573 case sLogLevel: 1574 log_level_ptr = &options->log_level; 1575 arg = strdelim(&cp); 1576 value = log_level_number(arg); 1577 if (value == SYSLOG_LEVEL_NOT_SET) 1578 fatal("%.200s line %d: unsupported log level '%s'", 1579 filename, linenum, arg ? arg : "<NONE>"); 1580 if (*activep && *log_level_ptr == -1) 1581 *log_level_ptr = (LogLevel) value; 1582 break; 1583 1584 case sAllowTcpForwarding: 1585 intptr = &options->allow_tcp_forwarding; 1586 multistate_ptr = multistate_tcpfwd; 1587 goto parse_multistate; 1588 1589 case sAllowStreamLocalForwarding: 1590 intptr = &options->allow_streamlocal_forwarding; 1591 multistate_ptr = multistate_tcpfwd; 1592 goto parse_multistate; 1593 1594 case sAllowAgentForwarding: 1595 intptr = &options->allow_agent_forwarding; 1596 goto parse_flag; 1597 1598 case sDisableForwarding: 1599 intptr = &options->disable_forwarding; 1600 goto parse_flag; 1601 1602 case sAllowUsers: 1603 while ((arg = strdelim(&cp)) && *arg != '\0') { 1604 if (match_user(NULL, NULL, NULL, arg) == -1) 1605 fatal("%s line %d: invalid AllowUsers pattern: " 1606 "\"%.100s\"", filename, linenum, arg); 1607 if (!*activep) 1608 continue; 1609 array_append(filename, linenum, "AllowUsers", 1610 &options->allow_users, &options->num_allow_users, 1611 arg); 1612 } 1613 break; 1614 1615 case sDenyUsers: 1616 while ((arg = strdelim(&cp)) && *arg != '\0') { 1617 if (match_user(NULL, NULL, NULL, arg) == -1) 1618 fatal("%s line %d: invalid DenyUsers pattern: " 1619 "\"%.100s\"", filename, linenum, arg); 1620 if (!*activep) 1621 continue; 1622 array_append(filename, linenum, "DenyUsers", 1623 &options->deny_users, &options->num_deny_users, 1624 arg); 1625 } 1626 break; 1627 1628 case sAllowGroups: 1629 while ((arg = strdelim(&cp)) && *arg != '\0') { 1630 if (!*activep) 1631 continue; 1632 array_append(filename, linenum, "AllowGroups", 1633 &options->allow_groups, &options->num_allow_groups, 1634 arg); 1635 } 1636 break; 1637 1638 case sDenyGroups: 1639 while ((arg = strdelim(&cp)) && *arg != '\0') { 1640 if (!*activep) 1641 continue; 1642 array_append(filename, linenum, "DenyGroups", 1643 &options->deny_groups, &options->num_deny_groups, 1644 arg); 1645 } 1646 break; 1647 1648 case sCiphers: 1649 arg = strdelim(&cp); 1650 if (!arg || *arg == '\0') 1651 fatal("%s line %d: Missing argument.", filename, linenum); 1652 if (*arg != '-' && !ciphers_valid(*arg == '+' ? arg + 1 : arg)) 1653 fatal("%s line %d: Bad SSH2 cipher spec '%s'.", 1654 filename, linenum, arg ? arg : "<NONE>"); 1655 if (options->ciphers == NULL) 1656 options->ciphers = xstrdup(arg); 1657 break; 1658 1659 case sMacs: 1660 arg = strdelim(&cp); 1661 if (!arg || *arg == '\0') 1662 fatal("%s line %d: Missing argument.", filename, linenum); 1663 if (*arg != '-' && !mac_valid(*arg == '+' ? arg + 1 : arg)) 1664 fatal("%s line %d: Bad SSH2 mac spec '%s'.", 1665 filename, linenum, arg ? arg : "<NONE>"); 1666 if (options->macs == NULL) 1667 options->macs = xstrdup(arg); 1668 break; 1669 1670 case sKexAlgorithms: 1671 arg = strdelim(&cp); 1672 if (!arg || *arg == '\0') 1673 fatal("%s line %d: Missing argument.", 1674 filename, linenum); 1675 if (*arg != '-' && 1676 !kex_names_valid(*arg == '+' ? arg + 1 : arg)) 1677 fatal("%s line %d: Bad SSH2 KexAlgorithms '%s'.", 1678 filename, linenum, arg ? arg : "<NONE>"); 1679 if (options->kex_algorithms == NULL) 1680 options->kex_algorithms = xstrdup(arg); 1681 break; 1682 1683 case sSubsystem: 1684 if (options->num_subsystems >= MAX_SUBSYSTEMS) { 1685 fatal("%s line %d: too many subsystems defined.", 1686 filename, linenum); 1687 } 1688 arg = strdelim(&cp); 1689 if (!arg || *arg == '\0') 1690 fatal("%s line %d: Missing subsystem name.", 1691 filename, linenum); 1692 if (!*activep) { 1693 arg = strdelim(&cp); 1694 break; 1695 } 1696 for (i = 0; i < options->num_subsystems; i++) 1697 if (strcmp(arg, options->subsystem_name[i]) == 0) 1698 fatal("%s line %d: Subsystem '%s' already defined.", 1699 filename, linenum, arg); 1700 options->subsystem_name[options->num_subsystems] = xstrdup(arg); 1701 arg = strdelim(&cp); 1702 if (!arg || *arg == '\0') 1703 fatal("%s line %d: Missing subsystem command.", 1704 filename, linenum); 1705 options->subsystem_command[options->num_subsystems] = xstrdup(arg); 1706 1707 /* Collect arguments (separate to executable) */ 1708 p = xstrdup(arg); 1709 len = strlen(p) + 1; 1710 while ((arg = strdelim(&cp)) != NULL && *arg != '\0') { 1711 len += 1 + strlen(arg); 1712 p = xreallocarray(p, 1, len); 1713 strlcat(p, " ", len); 1714 strlcat(p, arg, len); 1715 } 1716 options->subsystem_args[options->num_subsystems] = p; 1717 options->num_subsystems++; 1718 break; 1719 1720 case sMaxStartups: 1721 arg = strdelim(&cp); 1722 if (!arg || *arg == '\0') 1723 fatal("%s line %d: Missing MaxStartups spec.", 1724 filename, linenum); 1725 if ((n = sscanf(arg, "%d:%d:%d", 1726 &options->max_startups_begin, 1727 &options->max_startups_rate, 1728 &options->max_startups)) == 3) { 1729 if (options->max_startups_begin > 1730 options->max_startups || 1731 options->max_startups_rate > 100 || 1732 options->max_startups_rate < 1) 1733 fatal("%s line %d: Illegal MaxStartups spec.", 1734 filename, linenum); 1735 } else if (n != 1) 1736 fatal("%s line %d: Illegal MaxStartups spec.", 1737 filename, linenum); 1738 else 1739 options->max_startups = options->max_startups_begin; 1740 break; 1741 1742 case sMaxAuthTries: 1743 intptr = &options->max_authtries; 1744 goto parse_int; 1745 1746 case sMaxSessions: 1747 intptr = &options->max_sessions; 1748 goto parse_int; 1749 1750 case sBanner: 1751 charptr = &options->banner; 1752 goto parse_filename; 1753 1754 /* 1755 * These options can contain %X options expanded at 1756 * connect time, so that you can specify paths like: 1757 * 1758 * AuthorizedKeysFile /etc/ssh_keys/%u 1759 */ 1760 case sAuthorizedKeysFile: 1761 if (*activep && options->num_authkeys_files == 0) { 1762 while ((arg = strdelim(&cp)) && *arg != '\0') { 1763 arg = tilde_expand_filename(arg, getuid()); 1764 array_append(filename, linenum, 1765 "AuthorizedKeysFile", 1766 &options->authorized_keys_files, 1767 &options->num_authkeys_files, arg); 1768 free(arg); 1769 } 1770 } 1771 return 0; 1772 1773 case sAuthorizedPrincipalsFile: 1774 charptr = &options->authorized_principals_file; 1775 arg = strdelim(&cp); 1776 if (!arg || *arg == '\0') 1777 fatal("%s line %d: missing file name.", 1778 filename, linenum); 1779 if (*activep && *charptr == NULL) { 1780 *charptr = tilde_expand_filename(arg, getuid()); 1781 /* increase optional counter */ 1782 if (intptr != NULL) 1783 *intptr = *intptr + 1; 1784 } 1785 break; 1786 1787 case sClientAliveInterval: 1788 intptr = &options->client_alive_interval; 1789 goto parse_time; 1790 1791 case sClientAliveCountMax: 1792 intptr = &options->client_alive_count_max; 1793 goto parse_int; 1794 1795 case sAcceptEnv: 1796 while ((arg = strdelim(&cp)) && *arg != '\0') { 1797 if (strchr(arg, '=') != NULL) 1798 fatal("%s line %d: Invalid environment name.", 1799 filename, linenum); 1800 if (!*activep) 1801 continue; 1802 array_append(filename, linenum, "AcceptEnv", 1803 &options->accept_env, &options->num_accept_env, 1804 arg); 1805 } 1806 break; 1807 1808 case sSetEnv: 1809 uvalue = options->num_setenv; 1810 while ((arg = strdelimw(&cp)) && *arg != '\0') { 1811 if (strchr(arg, '=') == NULL) 1812 fatal("%s line %d: Invalid environment.", 1813 filename, linenum); 1814 if (!*activep || uvalue != 0) 1815 continue; 1816 array_append(filename, linenum, "SetEnv", 1817 &options->setenv, &options->num_setenv, arg); 1818 } 1819 break; 1820 1821 case sPermitTunnel: 1822 intptr = &options->permit_tun; 1823 arg = strdelim(&cp); 1824 if (!arg || *arg == '\0') 1825 fatal("%s line %d: Missing yes/point-to-point/" 1826 "ethernet/no argument.", filename, linenum); 1827 value = -1; 1828 for (i = 0; tunmode_desc[i].val != -1; i++) 1829 if (strcmp(tunmode_desc[i].text, arg) == 0) { 1830 value = tunmode_desc[i].val; 1831 break; 1832 } 1833 if (value == -1) 1834 fatal("%s line %d: Bad yes/point-to-point/ethernet/" 1835 "no argument: %s", filename, linenum, arg); 1836 if (*activep && *intptr == -1) 1837 *intptr = value; 1838 break; 1839 1840 case sMatch: 1841 if (cmdline) 1842 fatal("Match directive not supported as a command-line " 1843 "option"); 1844 value = match_cfg_line(&cp, linenum, connectinfo); 1845 if (value < 0) 1846 fatal("%s line %d: Bad Match condition", filename, 1847 linenum); 1848 *activep = value; 1849 break; 1850 1851 case sPermitListen: 1852 case sPermitOpen: 1853 if (opcode == sPermitListen) { 1854 uintptr = &options->num_permitted_listens; 1855 chararrayptr = &options->permitted_listens; 1856 } else { 1857 uintptr = &options->num_permitted_opens; 1858 chararrayptr = &options->permitted_opens; 1859 } 1860 arg = strdelim(&cp); 1861 if (!arg || *arg == '\0') 1862 fatal("%s line %d: missing %s specification", 1863 filename, linenum, lookup_opcode_name(opcode)); 1864 uvalue = *uintptr; /* modified later */ 1865 if (strcmp(arg, "any") == 0 || strcmp(arg, "none") == 0) { 1866 if (*activep && uvalue == 0) { 1867 *uintptr = 1; 1868 *chararrayptr = xcalloc(1, 1869 sizeof(**chararrayptr)); 1870 (*chararrayptr)[0] = xstrdup(arg); 1871 } 1872 break; 1873 } 1874 for (; arg != NULL && *arg != '\0'; arg = strdelim(&cp)) { 1875 if (opcode == sPermitListen && 1876 strchr(arg, ':') == NULL) { 1877 /* 1878 * Allow bare port number for PermitListen 1879 * to indicate a wildcard listen host. 1880 */ 1881 xasprintf(&arg2, "*:%s", arg); 1882 } else { 1883 arg2 = xstrdup(arg); 1884 p = hpdelim(&arg); 1885 if (p == NULL) { 1886 fatal("%s line %d: missing host in %s", 1887 filename, linenum, 1888 lookup_opcode_name(opcode)); 1889 } 1890 p = cleanhostname(p); 1891 } 1892 if (arg == NULL || 1893 ((port = permitopen_port(arg)) < 0)) { 1894 fatal("%s line %d: bad port number in %s", 1895 filename, linenum, 1896 lookup_opcode_name(opcode)); 1897 } 1898 if (*activep && uvalue == 0) { 1899 array_append(filename, linenum, 1900 lookup_opcode_name(opcode), 1901 chararrayptr, uintptr, arg2); 1902 } 1903 free(arg2); 1904 } 1905 break; 1906 1907 case sForceCommand: 1908 if (cp == NULL || *cp == '\0') 1909 fatal("%.200s line %d: Missing argument.", filename, 1910 linenum); 1911 len = strspn(cp, WHITESPACE); 1912 if (*activep && options->adm_forced_command == NULL) 1913 options->adm_forced_command = xstrdup(cp + len); 1914 return 0; 1915 1916 case sChrootDirectory: 1917 charptr = &options->chroot_directory; 1918 1919 arg = strdelim(&cp); 1920 if (!arg || *arg == '\0') 1921 fatal("%s line %d: missing file name.", 1922 filename, linenum); 1923 if (*activep && *charptr == NULL) 1924 *charptr = xstrdup(arg); 1925 break; 1926 1927 case sTrustedUserCAKeys: 1928 charptr = &options->trusted_user_ca_keys; 1929 goto parse_filename; 1930 1931 case sRevokedKeys: 1932 charptr = &options->revoked_keys_file; 1933 goto parse_filename; 1934 1935 case sIPQoS: 1936 arg = strdelim(&cp); 1937 if ((value = parse_ipqos(arg)) == -1) 1938 fatal("%s line %d: Bad IPQoS value: %s", 1939 filename, linenum, arg); 1940 arg = strdelim(&cp); 1941 if (arg == NULL) 1942 value2 = value; 1943 else if ((value2 = parse_ipqos(arg)) == -1) 1944 fatal("%s line %d: Bad IPQoS value: %s", 1945 filename, linenum, arg); 1946 if (*activep) { 1947 options->ip_qos_interactive = value; 1948 options->ip_qos_bulk = value2; 1949 } 1950 break; 1951 1952 case sVersionAddendum: 1953 if (cp == NULL || *cp == '\0') 1954 fatal("%.200s line %d: Missing argument.", filename, 1955 linenum); 1956 len = strspn(cp, WHITESPACE); 1957 if (*activep && options->version_addendum == NULL) { 1958 if (strcasecmp(cp + len, "none") == 0) 1959 options->version_addendum = xstrdup(""); 1960 else if (strchr(cp + len, '\r') != NULL) 1961 fatal("%.200s line %d: Invalid argument", 1962 filename, linenum); 1963 else 1964 options->version_addendum = xstrdup(cp + len); 1965 } 1966 return 0; 1967 1968 case sAuthorizedKeysCommand: 1969 if (cp == NULL) 1970 fatal("%.200s line %d: Missing argument.", filename, 1971 linenum); 1972 len = strspn(cp, WHITESPACE); 1973 if (*activep && options->authorized_keys_command == NULL) { 1974 if (cp[len] != '/' && strcasecmp(cp + len, "none") != 0) 1975 fatal("%.200s line %d: AuthorizedKeysCommand " 1976 "must be an absolute path", 1977 filename, linenum); 1978 options->authorized_keys_command = xstrdup(cp + len); 1979 } 1980 return 0; 1981 1982 case sAuthorizedKeysCommandUser: 1983 charptr = &options->authorized_keys_command_user; 1984 1985 arg = strdelim(&cp); 1986 if (!arg || *arg == '\0') 1987 fatal("%s line %d: missing AuthorizedKeysCommandUser " 1988 "argument.", filename, linenum); 1989 if (*activep && *charptr == NULL) 1990 *charptr = xstrdup(arg); 1991 break; 1992 1993 case sAuthorizedPrincipalsCommand: 1994 if (cp == NULL) 1995 fatal("%.200s line %d: Missing argument.", filename, 1996 linenum); 1997 len = strspn(cp, WHITESPACE); 1998 if (*activep && 1999 options->authorized_principals_command == NULL) { 2000 if (cp[len] != '/' && strcasecmp(cp + len, "none") != 0) 2001 fatal("%.200s line %d: " 2002 "AuthorizedPrincipalsCommand must be " 2003 "an absolute path", filename, linenum); 2004 options->authorized_principals_command = 2005 xstrdup(cp + len); 2006 } 2007 return 0; 2008 2009 case sAuthorizedPrincipalsCommandUser: 2010 charptr = &options->authorized_principals_command_user; 2011 2012 arg = strdelim(&cp); 2013 if (!arg || *arg == '\0') 2014 fatal("%s line %d: missing " 2015 "AuthorizedPrincipalsCommandUser argument.", 2016 filename, linenum); 2017 if (*activep && *charptr == NULL) 2018 *charptr = xstrdup(arg); 2019 break; 2020 2021 case sAuthenticationMethods: 2022 if (options->num_auth_methods == 0) { 2023 value = 0; /* seen "any" pseudo-method */ 2024 value2 = 0; /* successfully parsed any method */ 2025 while ((arg = strdelim(&cp)) && *arg != '\0') { 2026 if (strcmp(arg, "any") == 0) { 2027 if (options->num_auth_methods > 0) { 2028 fatal("%s line %d: \"any\" " 2029 "must appear alone in " 2030 "AuthenticationMethods", 2031 filename, linenum); 2032 } 2033 value = 1; 2034 } else if (value) { 2035 fatal("%s line %d: \"any\" must appear " 2036 "alone in AuthenticationMethods", 2037 filename, linenum); 2038 } else if (auth2_methods_valid(arg, 0) != 0) { 2039 fatal("%s line %d: invalid " 2040 "authentication method list.", 2041 filename, linenum); 2042 } 2043 value2 = 1; 2044 if (!*activep) 2045 continue; 2046 array_append(filename, linenum, 2047 "AuthenticationMethods", 2048 &options->auth_methods, 2049 &options->num_auth_methods, arg); 2050 } 2051 if (value2 == 0) { 2052 fatal("%s line %d: no AuthenticationMethods " 2053 "specified", filename, linenum); 2054 } 2055 } 2056 return 0; 2057 2058 case sStreamLocalBindMask: 2059 arg = strdelim(&cp); 2060 if (!arg || *arg == '\0') 2061 fatal("%s line %d: missing StreamLocalBindMask " 2062 "argument.", filename, linenum); 2063 /* Parse mode in octal format */ 2064 value = strtol(arg, &p, 8); 2065 if (arg == p || value < 0 || value > 0777) 2066 fatal("%s line %d: Bad mask.", filename, linenum); 2067 if (*activep) 2068 options->fwd_opts.streamlocal_bind_mask = (mode_t)value; 2069 break; 2070 2071 case sStreamLocalBindUnlink: 2072 intptr = &options->fwd_opts.streamlocal_bind_unlink; 2073 goto parse_flag; 2074 2075 case sFingerprintHash: 2076 arg = strdelim(&cp); 2077 if (!arg || *arg == '\0') 2078 fatal("%.200s line %d: Missing argument.", 2079 filename, linenum); 2080 if ((value = ssh_digest_alg_by_name(arg)) == -1) 2081 fatal("%.200s line %d: Invalid hash algorithm \"%s\".", 2082 filename, linenum, arg); 2083 if (*activep) 2084 options->fingerprint_hash = value; 2085 break; 2086 2087 case sExposeAuthInfo: 2088 intptr = &options->expose_userauth_info; 2089 goto parse_flag; 2090 2091 case sRDomain: 2092 charptr = &options->routing_domain; 2093 arg = strdelim(&cp); 2094 if (!arg || *arg == '\0') 2095 fatal("%.200s line %d: Missing argument.", 2096 filename, linenum); 2097 if (strcasecmp(arg, "none") != 0 && strcmp(arg, "%D") != 0 && 2098 !valid_rdomain(arg)) 2099 fatal("%s line %d: bad routing domain", 2100 filename, linenum); 2101 if (*activep && *charptr == NULL) 2102 *charptr = xstrdup(arg); 2103 break; 2104 2105 case sDeprecated: 2106 case sIgnore: 2107 case sUnsupported: 2108 do_log2(opcode == sIgnore ? 2109 SYSLOG_LEVEL_DEBUG2 : SYSLOG_LEVEL_INFO, 2110 "%s line %d: %s option %s", filename, linenum, 2111 opcode == sUnsupported ? "Unsupported" : "Deprecated", arg); 2112 while (arg) 2113 arg = strdelim(&cp); 2114 break; 2115 2116 default: 2117 fatal("%s line %d: Missing handler for opcode %s (%d)", 2118 filename, linenum, arg, opcode); 2119 } 2120 if ((arg = strdelim(&cp)) != NULL && *arg != '\0') 2121 fatal("%s line %d: garbage at end of line; \"%.200s\".", 2122 filename, linenum, arg); 2123 return 0; 2124 } 2125 2126 /* Reads the server configuration file. */ 2127 2128 void 2129 load_server_config(const char *filename, struct sshbuf *conf) 2130 { 2131 char *line = NULL, *cp; 2132 size_t linesize = 0; 2133 FILE *f; 2134 int r, lineno = 0; 2135 2136 debug2("%s: filename %s", __func__, filename); 2137 if ((f = fopen(filename, "r")) == NULL) { 2138 perror(filename); 2139 exit(1); 2140 } 2141 sshbuf_reset(conf); 2142 while (getline(&line, &linesize, f) != -1) { 2143 lineno++; 2144 /* 2145 * Trim out comments and strip whitespace 2146 * NB - preserve newlines, they are needed to reproduce 2147 * line numbers later for error messages 2148 */ 2149 if ((cp = strchr(line, '#')) != NULL) 2150 memcpy(cp, "\n", 2); 2151 cp = line + strspn(line, " \t\r"); 2152 if ((r = sshbuf_put(conf, cp, strlen(cp))) != 0) 2153 fatal("%s: buffer error: %s", __func__, ssh_err(r)); 2154 } 2155 free(line); 2156 if ((r = sshbuf_put_u8(conf, 0)) != 0) 2157 fatal("%s: buffer error: %s", __func__, ssh_err(r)); 2158 fclose(f); 2159 debug2("%s: done config len = %zu", __func__, sshbuf_len(conf)); 2160 } 2161 2162 void 2163 parse_server_match_config(ServerOptions *options, 2164 struct connection_info *connectinfo) 2165 { 2166 ServerOptions mo; 2167 2168 initialize_server_options(&mo); 2169 parse_server_config(&mo, "reprocess config", cfg, connectinfo); 2170 copy_set_server_options(options, &mo, 0); 2171 } 2172 2173 int parse_server_match_testspec(struct connection_info *ci, char *spec) 2174 { 2175 char *p; 2176 2177 while ((p = strsep(&spec, ",")) && *p != '\0') { 2178 if (strncmp(p, "addr=", 5) == 0) { 2179 ci->address = xstrdup(p + 5); 2180 } else if (strncmp(p, "host=", 5) == 0) { 2181 ci->host = xstrdup(p + 5); 2182 } else if (strncmp(p, "user=", 5) == 0) { 2183 ci->user = xstrdup(p + 5); 2184 } else if (strncmp(p, "laddr=", 6) == 0) { 2185 ci->laddress = xstrdup(p + 6); 2186 } else if (strncmp(p, "rdomain=", 8) == 0) { 2187 ci->rdomain = xstrdup(p + 8); 2188 } else if (strncmp(p, "lport=", 6) == 0) { 2189 ci->lport = a2port(p + 6); 2190 if (ci->lport == -1) { 2191 fprintf(stderr, "Invalid port '%s' in test mode" 2192 " specification %s\n", p+6, p); 2193 return -1; 2194 } 2195 } else { 2196 fprintf(stderr, "Invalid test mode specification %s\n", 2197 p); 2198 return -1; 2199 } 2200 } 2201 return 0; 2202 } 2203 2204 /* 2205 * Copy any supported values that are set. 2206 * 2207 * If the preauth flag is set, we do not bother copying the string or 2208 * array values that are not used pre-authentication, because any that we 2209 * do use must be explicitly sent in mm_getpwnamallow(). 2210 */ 2211 void 2212 copy_set_server_options(ServerOptions *dst, ServerOptions *src, int preauth) 2213 { 2214 #define M_CP_INTOPT(n) do {\ 2215 if (src->n != -1) \ 2216 dst->n = src->n; \ 2217 } while (0) 2218 2219 M_CP_INTOPT(password_authentication); 2220 M_CP_INTOPT(gss_authentication); 2221 M_CP_INTOPT(pubkey_authentication); 2222 M_CP_INTOPT(kerberos_authentication); 2223 M_CP_INTOPT(hostbased_authentication); 2224 M_CP_INTOPT(hostbased_uses_name_from_packet_only); 2225 M_CP_INTOPT(kbd_interactive_authentication); 2226 M_CP_INTOPT(permit_root_login); 2227 M_CP_INTOPT(permit_empty_passwd); 2228 2229 M_CP_INTOPT(allow_tcp_forwarding); 2230 M_CP_INTOPT(allow_streamlocal_forwarding); 2231 M_CP_INTOPT(allow_agent_forwarding); 2232 M_CP_INTOPT(disable_forwarding); 2233 M_CP_INTOPT(expose_userauth_info); 2234 M_CP_INTOPT(permit_tun); 2235 M_CP_INTOPT(fwd_opts.gateway_ports); 2236 M_CP_INTOPT(fwd_opts.streamlocal_bind_unlink); 2237 M_CP_INTOPT(x11_display_offset); 2238 M_CP_INTOPT(x11_forwarding); 2239 M_CP_INTOPT(x11_use_localhost); 2240 M_CP_INTOPT(permit_tty); 2241 M_CP_INTOPT(permit_user_rc); 2242 M_CP_INTOPT(max_sessions); 2243 M_CP_INTOPT(max_authtries); 2244 M_CP_INTOPT(client_alive_count_max); 2245 M_CP_INTOPT(client_alive_interval); 2246 M_CP_INTOPT(ip_qos_interactive); 2247 M_CP_INTOPT(ip_qos_bulk); 2248 M_CP_INTOPT(rekey_limit); 2249 M_CP_INTOPT(rekey_interval); 2250 M_CP_INTOPT(log_level); 2251 2252 /* 2253 * The bind_mask is a mode_t that may be unsigned, so we can't use 2254 * M_CP_INTOPT - it does a signed comparison that causes compiler 2255 * warnings. 2256 */ 2257 if (src->fwd_opts.streamlocal_bind_mask != (mode_t)-1) { 2258 dst->fwd_opts.streamlocal_bind_mask = 2259 src->fwd_opts.streamlocal_bind_mask; 2260 } 2261 2262 /* M_CP_STROPT and M_CP_STRARRAYOPT should not appear before here */ 2263 #define M_CP_STROPT(n) do {\ 2264 if (src->n != NULL && dst->n != src->n) { \ 2265 free(dst->n); \ 2266 dst->n = src->n; \ 2267 } \ 2268 } while(0) 2269 #define M_CP_STRARRAYOPT(s, num_s) do {\ 2270 u_int i; \ 2271 if (src->num_s != 0) { \ 2272 for (i = 0; i < dst->num_s; i++) \ 2273 free(dst->s[i]); \ 2274 free(dst->s); \ 2275 dst->s = xcalloc(src->num_s, sizeof(*dst->s)); \ 2276 for (i = 0; i < src->num_s; i++) \ 2277 dst->s[i] = xstrdup(src->s[i]); \ 2278 dst->num_s = src->num_s; \ 2279 } \ 2280 } while(0) 2281 2282 /* See comment in servconf.h */ 2283 COPY_MATCH_STRING_OPTS(); 2284 2285 /* Arguments that accept '+...' need to be expanded */ 2286 assemble_algorithms(dst); 2287 2288 /* 2289 * The only things that should be below this point are string options 2290 * which are only used after authentication. 2291 */ 2292 if (preauth) 2293 return; 2294 2295 /* These options may be "none" to clear a global setting */ 2296 M_CP_STROPT(adm_forced_command); 2297 if (option_clear_or_none(dst->adm_forced_command)) { 2298 free(dst->adm_forced_command); 2299 dst->adm_forced_command = NULL; 2300 } 2301 M_CP_STROPT(chroot_directory); 2302 if (option_clear_or_none(dst->chroot_directory)) { 2303 free(dst->chroot_directory); 2304 dst->chroot_directory = NULL; 2305 } 2306 } 2307 2308 #undef M_CP_INTOPT 2309 #undef M_CP_STROPT 2310 #undef M_CP_STRARRAYOPT 2311 2312 void 2313 parse_server_config(ServerOptions *options, const char *filename, 2314 struct sshbuf *conf, struct connection_info *connectinfo) 2315 { 2316 int active, linenum, bad_options = 0; 2317 char *cp, *obuf, *cbuf; 2318 2319 debug2("%s: config %s len %zu", __func__, filename, sshbuf_len(conf)); 2320 2321 if ((obuf = cbuf = sshbuf_dup_string(conf)) == NULL) 2322 fatal("%s: sshbuf_dup_string failed", __func__); 2323 active = connectinfo ? 0 : 1; 2324 linenum = 1; 2325 while ((cp = strsep(&cbuf, "\n")) != NULL) { 2326 if (process_server_config_line(options, cp, filename, 2327 linenum++, &active, connectinfo) != 0) 2328 bad_options++; 2329 } 2330 free(obuf); 2331 if (bad_options > 0) 2332 fatal("%s: terminating, %d bad configuration options", 2333 filename, bad_options); 2334 process_queued_listen_addrs(options); 2335 } 2336 2337 static const char * 2338 fmt_multistate_int(int val, const struct multistate *m) 2339 { 2340 u_int i; 2341 2342 for (i = 0; m[i].key != NULL; i++) { 2343 if (m[i].value == val) 2344 return m[i].key; 2345 } 2346 return "UNKNOWN"; 2347 } 2348 2349 static const char * 2350 fmt_intarg(ServerOpCodes code, int val) 2351 { 2352 if (val == -1) 2353 return "unset"; 2354 switch (code) { 2355 case sAddressFamily: 2356 return fmt_multistate_int(val, multistate_addressfamily); 2357 case sPermitRootLogin: 2358 return fmt_multistate_int(val, multistate_permitrootlogin); 2359 case sGatewayPorts: 2360 return fmt_multistate_int(val, multistate_gatewayports); 2361 case sCompression: 2362 return fmt_multistate_int(val, multistate_compression); 2363 case sAllowTcpForwarding: 2364 return fmt_multistate_int(val, multistate_tcpfwd); 2365 case sAllowStreamLocalForwarding: 2366 return fmt_multistate_int(val, multistate_tcpfwd); 2367 case sFingerprintHash: 2368 return ssh_digest_alg_name(val); 2369 default: 2370 switch (val) { 2371 case 0: 2372 return "no"; 2373 case 1: 2374 return "yes"; 2375 default: 2376 return "UNKNOWN"; 2377 } 2378 } 2379 } 2380 2381 static void 2382 dump_cfg_int(ServerOpCodes code, int val) 2383 { 2384 printf("%s %d\n", lookup_opcode_name(code), val); 2385 } 2386 2387 static void 2388 dump_cfg_oct(ServerOpCodes code, int val) 2389 { 2390 printf("%s 0%o\n", lookup_opcode_name(code), val); 2391 } 2392 2393 static void 2394 dump_cfg_fmtint(ServerOpCodes code, int val) 2395 { 2396 printf("%s %s\n", lookup_opcode_name(code), fmt_intarg(code, val)); 2397 } 2398 2399 static void 2400 dump_cfg_string(ServerOpCodes code, const char *val) 2401 { 2402 printf("%s %s\n", lookup_opcode_name(code), 2403 val == NULL ? "none" : val); 2404 } 2405 2406 static void 2407 dump_cfg_strarray(ServerOpCodes code, u_int count, char **vals) 2408 { 2409 u_int i; 2410 2411 for (i = 0; i < count; i++) 2412 printf("%s %s\n", lookup_opcode_name(code), vals[i]); 2413 } 2414 2415 static void 2416 dump_cfg_strarray_oneline(ServerOpCodes code, u_int count, char **vals) 2417 { 2418 u_int i; 2419 2420 if (count <= 0 && code != sAuthenticationMethods) 2421 return; 2422 printf("%s", lookup_opcode_name(code)); 2423 for (i = 0; i < count; i++) 2424 printf(" %s", vals[i]); 2425 if (code == sAuthenticationMethods && count == 0) 2426 printf(" any"); 2427 printf("\n"); 2428 } 2429 2430 static char * 2431 format_listen_addrs(struct listenaddr *la) 2432 { 2433 int r; 2434 struct addrinfo *ai; 2435 char addr[NI_MAXHOST], port[NI_MAXSERV]; 2436 char *laddr1 = xstrdup(""), *laddr2 = NULL; 2437 2438 /* 2439 * ListenAddress must be after Port. add_one_listen_addr pushes 2440 * addresses onto a stack, so to maintain ordering we need to 2441 * print these in reverse order. 2442 */ 2443 for (ai = la->addrs; ai; ai = ai->ai_next) { 2444 if ((r = getnameinfo(ai->ai_addr, ai->ai_addrlen, addr, 2445 sizeof(addr), port, sizeof(port), 2446 NI_NUMERICHOST|NI_NUMERICSERV)) != 0) { 2447 error("getnameinfo: %.100s", ssh_gai_strerror(r)); 2448 continue; 2449 } 2450 laddr2 = laddr1; 2451 if (ai->ai_family == AF_INET6) { 2452 xasprintf(&laddr1, "listenaddress [%s]:%s%s%s\n%s", 2453 addr, port, 2454 la->rdomain == NULL ? "" : " rdomain ", 2455 la->rdomain == NULL ? "" : la->rdomain, 2456 laddr2); 2457 } else { 2458 xasprintf(&laddr1, "listenaddress %s:%s%s%s\n%s", 2459 addr, port, 2460 la->rdomain == NULL ? "" : " rdomain ", 2461 la->rdomain == NULL ? "" : la->rdomain, 2462 laddr2); 2463 } 2464 free(laddr2); 2465 } 2466 return laddr1; 2467 } 2468 2469 void 2470 dump_config(ServerOptions *o) 2471 { 2472 char *s; 2473 u_int i; 2474 2475 /* these are usually at the top of the config */ 2476 for (i = 0; i < o->num_ports; i++) 2477 printf("port %d\n", o->ports[i]); 2478 dump_cfg_fmtint(sAddressFamily, o->address_family); 2479 2480 for (i = 0; i < o->num_listen_addrs; i++) { 2481 s = format_listen_addrs(&o->listen_addrs[i]); 2482 printf("%s", s); 2483 free(s); 2484 } 2485 2486 /* integer arguments */ 2487 dump_cfg_int(sLoginGraceTime, o->login_grace_time); 2488 dump_cfg_int(sX11DisplayOffset, o->x11_display_offset); 2489 dump_cfg_int(sMaxAuthTries, o->max_authtries); 2490 dump_cfg_int(sMaxSessions, o->max_sessions); 2491 dump_cfg_int(sClientAliveInterval, o->client_alive_interval); 2492 dump_cfg_int(sClientAliveCountMax, o->client_alive_count_max); 2493 dump_cfg_oct(sStreamLocalBindMask, o->fwd_opts.streamlocal_bind_mask); 2494 2495 /* formatted integer arguments */ 2496 dump_cfg_fmtint(sPermitRootLogin, o->permit_root_login); 2497 dump_cfg_fmtint(sIgnoreRhosts, o->ignore_rhosts); 2498 dump_cfg_fmtint(sIgnoreUserKnownHosts, o->ignore_user_known_hosts); 2499 dump_cfg_fmtint(sHostbasedAuthentication, o->hostbased_authentication); 2500 dump_cfg_fmtint(sHostbasedUsesNameFromPacketOnly, 2501 o->hostbased_uses_name_from_packet_only); 2502 dump_cfg_fmtint(sPubkeyAuthentication, o->pubkey_authentication); 2503 #ifdef KRB5 2504 dump_cfg_fmtint(sKerberosAuthentication, o->kerberos_authentication); 2505 dump_cfg_fmtint(sKerberosOrLocalPasswd, o->kerberos_or_local_passwd); 2506 dump_cfg_fmtint(sKerberosTicketCleanup, o->kerberos_ticket_cleanup); 2507 dump_cfg_fmtint(sKerberosGetAFSToken, o->kerberos_get_afs_token); 2508 #endif 2509 #ifdef GSSAPI 2510 dump_cfg_fmtint(sGssAuthentication, o->gss_authentication); 2511 dump_cfg_fmtint(sGssCleanupCreds, o->gss_cleanup_creds); 2512 #endif 2513 dump_cfg_fmtint(sPasswordAuthentication, o->password_authentication); 2514 dump_cfg_fmtint(sKbdInteractiveAuthentication, 2515 o->kbd_interactive_authentication); 2516 dump_cfg_fmtint(sChallengeResponseAuthentication, 2517 o->challenge_response_authentication); 2518 dump_cfg_fmtint(sPrintMotd, o->print_motd); 2519 dump_cfg_fmtint(sPrintLastLog, o->print_lastlog); 2520 dump_cfg_fmtint(sX11Forwarding, o->x11_forwarding); 2521 dump_cfg_fmtint(sX11UseLocalhost, o->x11_use_localhost); 2522 dump_cfg_fmtint(sPermitTTY, o->permit_tty); 2523 dump_cfg_fmtint(sPermitUserRC, o->permit_user_rc); 2524 dump_cfg_fmtint(sStrictModes, o->strict_modes); 2525 dump_cfg_fmtint(sTCPKeepAlive, o->tcp_keep_alive); 2526 dump_cfg_fmtint(sEmptyPasswd, o->permit_empty_passwd); 2527 dump_cfg_fmtint(sCompression, o->compression); 2528 dump_cfg_fmtint(sGatewayPorts, o->fwd_opts.gateway_ports); 2529 dump_cfg_fmtint(sUseDNS, o->use_dns); 2530 dump_cfg_fmtint(sAllowTcpForwarding, o->allow_tcp_forwarding); 2531 dump_cfg_fmtint(sAllowAgentForwarding, o->allow_agent_forwarding); 2532 dump_cfg_fmtint(sDisableForwarding, o->disable_forwarding); 2533 dump_cfg_fmtint(sAllowStreamLocalForwarding, o->allow_streamlocal_forwarding); 2534 dump_cfg_fmtint(sStreamLocalBindUnlink, o->fwd_opts.streamlocal_bind_unlink); 2535 dump_cfg_fmtint(sFingerprintHash, o->fingerprint_hash); 2536 dump_cfg_fmtint(sExposeAuthInfo, o->expose_userauth_info); 2537 2538 /* string arguments */ 2539 dump_cfg_string(sPidFile, o->pid_file); 2540 dump_cfg_string(sXAuthLocation, o->xauth_location); 2541 dump_cfg_string(sCiphers, o->ciphers ? o->ciphers : KEX_SERVER_ENCRYPT); 2542 dump_cfg_string(sMacs, o->macs ? o->macs : KEX_SERVER_MAC); 2543 dump_cfg_string(sBanner, o->banner); 2544 dump_cfg_string(sForceCommand, o->adm_forced_command); 2545 dump_cfg_string(sChrootDirectory, o->chroot_directory); 2546 dump_cfg_string(sTrustedUserCAKeys, o->trusted_user_ca_keys); 2547 dump_cfg_string(sRevokedKeys, o->revoked_keys_file); 2548 dump_cfg_string(sAuthorizedPrincipalsFile, 2549 o->authorized_principals_file); 2550 dump_cfg_string(sVersionAddendum, *o->version_addendum == '\0' 2551 ? "none" : o->version_addendum); 2552 dump_cfg_string(sAuthorizedKeysCommand, o->authorized_keys_command); 2553 dump_cfg_string(sAuthorizedKeysCommandUser, o->authorized_keys_command_user); 2554 dump_cfg_string(sAuthorizedPrincipalsCommand, o->authorized_principals_command); 2555 dump_cfg_string(sAuthorizedPrincipalsCommandUser, o->authorized_principals_command_user); 2556 dump_cfg_string(sHostKeyAgent, o->host_key_agent); 2557 dump_cfg_string(sKexAlgorithms, 2558 o->kex_algorithms ? o->kex_algorithms : KEX_SERVER_KEX); 2559 dump_cfg_string(sCASignatureAlgorithms, o->ca_sign_algorithms ? 2560 o->ca_sign_algorithms : SSH_ALLOWED_CA_SIGALGS); 2561 dump_cfg_string(sHostbasedAcceptedKeyTypes, o->hostbased_key_types ? 2562 o->hostbased_key_types : KEX_DEFAULT_PK_ALG); 2563 dump_cfg_string(sHostKeyAlgorithms, o->hostkeyalgorithms ? 2564 o->hostkeyalgorithms : KEX_DEFAULT_PK_ALG); 2565 dump_cfg_string(sPubkeyAcceptedKeyTypes, o->pubkey_key_types ? 2566 o->pubkey_key_types : KEX_DEFAULT_PK_ALG); 2567 dump_cfg_string(sRDomain, o->routing_domain); 2568 2569 /* string arguments requiring a lookup */ 2570 dump_cfg_string(sLogLevel, log_level_name(o->log_level)); 2571 dump_cfg_string(sLogFacility, log_facility_name(o->log_facility)); 2572 2573 /* string array arguments */ 2574 dump_cfg_strarray_oneline(sAuthorizedKeysFile, o->num_authkeys_files, 2575 o->authorized_keys_files); 2576 dump_cfg_strarray(sHostKeyFile, o->num_host_key_files, 2577 o->host_key_files); 2578 dump_cfg_strarray(sHostCertificate, o->num_host_cert_files, 2579 o->host_cert_files); 2580 dump_cfg_strarray(sAllowUsers, o->num_allow_users, o->allow_users); 2581 dump_cfg_strarray(sDenyUsers, o->num_deny_users, o->deny_users); 2582 dump_cfg_strarray(sAllowGroups, o->num_allow_groups, o->allow_groups); 2583 dump_cfg_strarray(sDenyGroups, o->num_deny_groups, o->deny_groups); 2584 dump_cfg_strarray(sAcceptEnv, o->num_accept_env, o->accept_env); 2585 dump_cfg_strarray(sSetEnv, o->num_setenv, o->setenv); 2586 dump_cfg_strarray_oneline(sAuthenticationMethods, 2587 o->num_auth_methods, o->auth_methods); 2588 2589 /* other arguments */ 2590 for (i = 0; i < o->num_subsystems; i++) 2591 printf("subsystem %s %s\n", o->subsystem_name[i], 2592 o->subsystem_args[i]); 2593 2594 printf("maxstartups %d:%d:%d\n", o->max_startups_begin, 2595 o->max_startups_rate, o->max_startups); 2596 2597 s = NULL; 2598 for (i = 0; tunmode_desc[i].val != -1; i++) { 2599 if (tunmode_desc[i].val == o->permit_tun) { 2600 s = tunmode_desc[i].text; 2601 break; 2602 } 2603 } 2604 dump_cfg_string(sPermitTunnel, s); 2605 2606 printf("ipqos %s ", iptos2str(o->ip_qos_interactive)); 2607 printf("%s\n", iptos2str(o->ip_qos_bulk)); 2608 2609 printf("rekeylimit %llu %d\n", (unsigned long long)o->rekey_limit, 2610 o->rekey_interval); 2611 2612 printf("permitopen"); 2613 if (o->num_permitted_opens == 0) 2614 printf(" any"); 2615 else { 2616 for (i = 0; i < o->num_permitted_opens; i++) 2617 printf(" %s", o->permitted_opens[i]); 2618 } 2619 printf("\n"); 2620 printf("permitlisten"); 2621 if (o->num_permitted_listens == 0) 2622 printf(" any"); 2623 else { 2624 for (i = 0; i < o->num_permitted_listens; i++) 2625 printf(" %s", o->permitted_listens[i]); 2626 } 2627 printf("\n"); 2628 2629 if (o->permit_user_env_whitelist == NULL) { 2630 dump_cfg_fmtint(sPermitUserEnvironment, o->permit_user_env); 2631 } else { 2632 printf("permituserenvironment %s\n", 2633 o->permit_user_env_whitelist); 2634 } 2635 2636 } 2637