1 /* $OpenBSD: servconf.c,v 1.184 2008/06/15 16:58:40 dtucker Exp $ */ 2 /* 3 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland 4 * All rights reserved 5 * 6 * As far as I am concerned, the code I have written for this software 7 * can be used freely for any purpose. Any derived versions of this 8 * software must be clearly marked as such, and if the derived work is 9 * incompatible with the protocol description in the RFC file, it must be 10 * called by a name other than "ssh" or "Secure Shell". 11 */ 12 13 #include <sys/types.h> 14 #include <sys/socket.h> 15 #include <sys/queue.h> 16 17 #include <netdb.h> 18 #include <pwd.h> 19 #include <stdio.h> 20 #include <stdlib.h> 21 #include <string.h> 22 #include <signal.h> 23 #include <unistd.h> 24 #include <stdarg.h> 25 #include <errno.h> 26 27 #include "xmalloc.h" 28 #include "ssh.h" 29 #include "log.h" 30 #include "buffer.h" 31 #include "servconf.h" 32 #include "compat.h" 33 #include "pathnames.h" 34 #include "misc.h" 35 #include "cipher.h" 36 #include "key.h" 37 #include "kex.h" 38 #include "mac.h" 39 #include "match.h" 40 #include "channels.h" 41 #include "groupaccess.h" 42 43 static void add_listen_addr(ServerOptions *, char *, u_short); 44 static void add_one_listen_addr(ServerOptions *, char *, u_short); 45 46 /* Use of privilege separation or not */ 47 extern int use_privsep; 48 extern Buffer cfg; 49 50 /* Initializes the server options to their default values. */ 51 52 void 53 initialize_server_options(ServerOptions *options) 54 { 55 memset(options, 0, sizeof(*options)); 56 options->num_ports = 0; 57 options->ports_from_cmdline = 0; 58 options->listen_addrs = NULL; 59 options->address_family = -1; 60 options->num_host_key_files = 0; 61 options->pid_file = NULL; 62 options->server_key_bits = -1; 63 options->login_grace_time = -1; 64 options->key_regeneration_time = -1; 65 options->permit_root_login = PERMIT_NOT_SET; 66 options->ignore_rhosts = -1; 67 options->ignore_user_known_hosts = -1; 68 options->print_motd = -1; 69 options->print_lastlog = -1; 70 options->x11_forwarding = -1; 71 options->x11_display_offset = -1; 72 options->x11_use_localhost = -1; 73 options->xauth_location = NULL; 74 options->strict_modes = -1; 75 options->tcp_keep_alive = -1; 76 options->log_facility = SYSLOG_FACILITY_NOT_SET; 77 options->log_level = SYSLOG_LEVEL_NOT_SET; 78 options->rhosts_rsa_authentication = -1; 79 options->hostbased_authentication = -1; 80 options->hostbased_uses_name_from_packet_only = -1; 81 options->rsa_authentication = -1; 82 options->pubkey_authentication = -1; 83 options->kerberos_authentication = -1; 84 options->kerberos_or_local_passwd = -1; 85 options->kerberos_ticket_cleanup = -1; 86 options->kerberos_get_afs_token = -1; 87 options->gss_authentication=-1; 88 options->gss_cleanup_creds = -1; 89 options->password_authentication = -1; 90 options->kbd_interactive_authentication = -1; 91 options->challenge_response_authentication = -1; 92 options->permit_empty_passwd = -1; 93 options->permit_user_env = -1; 94 options->use_login = -1; 95 options->compression = -1; 96 options->allow_tcp_forwarding = -1; 97 options->allow_agent_forwarding = -1; 98 options->num_allow_users = 0; 99 options->num_deny_users = 0; 100 options->num_allow_groups = 0; 101 options->num_deny_groups = 0; 102 options->ciphers = NULL; 103 options->macs = NULL; 104 options->protocol = SSH_PROTO_UNKNOWN; 105 options->gateway_ports = -1; 106 options->num_subsystems = 0; 107 options->max_startups_begin = -1; 108 options->max_startups_rate = -1; 109 options->max_startups = -1; 110 options->max_authtries = -1; 111 options->max_sessions = -1; 112 options->banner = NULL; 113 options->use_dns = -1; 114 options->client_alive_interval = -1; 115 options->client_alive_count_max = -1; 116 options->authorized_keys_file = NULL; 117 options->authorized_keys_file2 = NULL; 118 options->num_accept_env = 0; 119 options->permit_tun = -1; 120 options->num_permitted_opens = -1; 121 options->adm_forced_command = NULL; 122 options->chroot_directory = NULL; 123 } 124 125 void 126 fill_default_server_options(ServerOptions *options) 127 { 128 if (options->protocol == SSH_PROTO_UNKNOWN) 129 options->protocol = SSH_PROTO_1|SSH_PROTO_2; 130 if (options->num_host_key_files == 0) { 131 /* fill default hostkeys for protocols */ 132 if (options->protocol & SSH_PROTO_1) 133 options->host_key_files[options->num_host_key_files++] = 134 _PATH_HOST_KEY_FILE; 135 if (options->protocol & SSH_PROTO_2) { 136 options->host_key_files[options->num_host_key_files++] = 137 _PATH_HOST_RSA_KEY_FILE; 138 options->host_key_files[options->num_host_key_files++] = 139 _PATH_HOST_DSA_KEY_FILE; 140 } 141 } 142 if (options->num_ports == 0) 143 options->ports[options->num_ports++] = SSH_DEFAULT_PORT; 144 if (options->listen_addrs == NULL) 145 add_listen_addr(options, NULL, 0); 146 if (options->pid_file == NULL) 147 options->pid_file = _PATH_SSH_DAEMON_PID_FILE; 148 if (options->server_key_bits == -1) 149 options->server_key_bits = 768; 150 if (options->login_grace_time == -1) 151 options->login_grace_time = 120; 152 if (options->key_regeneration_time == -1) 153 options->key_regeneration_time = 3600; 154 if (options->permit_root_login == PERMIT_NOT_SET) 155 options->permit_root_login = PERMIT_YES; 156 if (options->ignore_rhosts == -1) 157 options->ignore_rhosts = 1; 158 if (options->ignore_user_known_hosts == -1) 159 options->ignore_user_known_hosts = 0; 160 if (options->print_motd == -1) 161 options->print_motd = 1; 162 if (options->print_lastlog == -1) 163 options->print_lastlog = 1; 164 if (options->x11_forwarding == -1) 165 options->x11_forwarding = 0; 166 if (options->x11_display_offset == -1) 167 options->x11_display_offset = 10; 168 if (options->x11_use_localhost == -1) 169 options->x11_use_localhost = 1; 170 if (options->xauth_location == NULL) 171 options->xauth_location = _PATH_XAUTH; 172 if (options->strict_modes == -1) 173 options->strict_modes = 1; 174 if (options->tcp_keep_alive == -1) 175 options->tcp_keep_alive = 1; 176 if (options->log_facility == SYSLOG_FACILITY_NOT_SET) 177 options->log_facility = SYSLOG_FACILITY_AUTH; 178 if (options->log_level == SYSLOG_LEVEL_NOT_SET) 179 options->log_level = SYSLOG_LEVEL_INFO; 180 if (options->rhosts_rsa_authentication == -1) 181 options->rhosts_rsa_authentication = 0; 182 if (options->hostbased_authentication == -1) 183 options->hostbased_authentication = 0; 184 if (options->hostbased_uses_name_from_packet_only == -1) 185 options->hostbased_uses_name_from_packet_only = 0; 186 if (options->rsa_authentication == -1) 187 options->rsa_authentication = 1; 188 if (options->pubkey_authentication == -1) 189 options->pubkey_authentication = 1; 190 if (options->kerberos_authentication == -1) 191 options->kerberos_authentication = 0; 192 if (options->kerberos_or_local_passwd == -1) 193 options->kerberos_or_local_passwd = 1; 194 if (options->kerberos_ticket_cleanup == -1) 195 options->kerberos_ticket_cleanup = 1; 196 if (options->kerberos_get_afs_token == -1) 197 options->kerberos_get_afs_token = 0; 198 if (options->gss_authentication == -1) 199 options->gss_authentication = 0; 200 if (options->gss_cleanup_creds == -1) 201 options->gss_cleanup_creds = 1; 202 if (options->password_authentication == -1) 203 options->password_authentication = 1; 204 if (options->kbd_interactive_authentication == -1) 205 options->kbd_interactive_authentication = 0; 206 if (options->challenge_response_authentication == -1) 207 options->challenge_response_authentication = 1; 208 if (options->permit_empty_passwd == -1) 209 options->permit_empty_passwd = 0; 210 if (options->permit_user_env == -1) 211 options->permit_user_env = 0; 212 if (options->use_login == -1) 213 options->use_login = 0; 214 if (options->compression == -1) 215 options->compression = COMP_DELAYED; 216 if (options->allow_tcp_forwarding == -1) 217 options->allow_tcp_forwarding = 1; 218 if (options->allow_agent_forwarding == -1) 219 options->allow_agent_forwarding = 1; 220 if (options->gateway_ports == -1) 221 options->gateway_ports = 0; 222 if (options->max_startups == -1) 223 options->max_startups = 10; 224 if (options->max_startups_rate == -1) 225 options->max_startups_rate = 100; /* 100% */ 226 if (options->max_startups_begin == -1) 227 options->max_startups_begin = options->max_startups; 228 if (options->max_authtries == -1) 229 options->max_authtries = DEFAULT_AUTH_FAIL_MAX; 230 if (options->max_sessions == -1) 231 options->max_sessions = DEFAULT_SESSIONS_MAX; 232 if (options->use_dns == -1) 233 options->use_dns = 1; 234 if (options->client_alive_interval == -1) 235 options->client_alive_interval = 0; 236 if (options->client_alive_count_max == -1) 237 options->client_alive_count_max = 3; 238 if (options->authorized_keys_file2 == NULL) { 239 /* authorized_keys_file2 falls back to authorized_keys_file */ 240 if (options->authorized_keys_file != NULL) 241 options->authorized_keys_file2 = options->authorized_keys_file; 242 else 243 options->authorized_keys_file2 = _PATH_SSH_USER_PERMITTED_KEYS2; 244 } 245 if (options->authorized_keys_file == NULL) 246 options->authorized_keys_file = _PATH_SSH_USER_PERMITTED_KEYS; 247 if (options->permit_tun == -1) 248 options->permit_tun = SSH_TUNMODE_NO; 249 250 /* Turn privilege separation on by default */ 251 if (use_privsep == -1) 252 use_privsep = 1; 253 } 254 255 /* Keyword tokens. */ 256 typedef enum { 257 sBadOption, /* == unknown option */ 258 sPort, sHostKeyFile, sServerKeyBits, sLoginGraceTime, sKeyRegenerationTime, 259 sPermitRootLogin, sLogFacility, sLogLevel, 260 sRhostsRSAAuthentication, sRSAAuthentication, 261 sKerberosAuthentication, sKerberosOrLocalPasswd, sKerberosTicketCleanup, 262 sKerberosGetAFSToken, 263 sKerberosTgtPassing, sChallengeResponseAuthentication, 264 sPasswordAuthentication, sKbdInteractiveAuthentication, 265 sListenAddress, sAddressFamily, 266 sPrintMotd, sPrintLastLog, sIgnoreRhosts, 267 sX11Forwarding, sX11DisplayOffset, sX11UseLocalhost, 268 sStrictModes, sEmptyPasswd, sTCPKeepAlive, 269 sPermitUserEnvironment, sUseLogin, sAllowTcpForwarding, sCompression, 270 sAllowUsers, sDenyUsers, sAllowGroups, sDenyGroups, 271 sIgnoreUserKnownHosts, sCiphers, sMacs, sProtocol, sPidFile, 272 sGatewayPorts, sPubkeyAuthentication, sXAuthLocation, sSubsystem, 273 sMaxStartups, sMaxAuthTries, sMaxSessions, 274 sBanner, sUseDNS, sHostbasedAuthentication, 275 sHostbasedUsesNameFromPacketOnly, sClientAliveInterval, 276 sClientAliveCountMax, sAuthorizedKeysFile, sAuthorizedKeysFile2, 277 sGssAuthentication, sGssCleanupCreds, sAcceptEnv, sPermitTunnel, 278 sMatch, sPermitOpen, sForceCommand, sChrootDirectory, 279 sUsePrivilegeSeparation, sAllowAgentForwarding, 280 sDeprecated, sUnsupported 281 } ServerOpCodes; 282 283 #define SSHCFG_GLOBAL 0x01 /* allowed in main section of sshd_config */ 284 #define SSHCFG_MATCH 0x02 /* allowed inside a Match section */ 285 #define SSHCFG_ALL (SSHCFG_GLOBAL|SSHCFG_MATCH) 286 287 /* Textual representation of the tokens. */ 288 static struct { 289 const char *name; 290 ServerOpCodes opcode; 291 u_int flags; 292 } keywords[] = { 293 { "port", sPort, SSHCFG_GLOBAL }, 294 { "hostkey", sHostKeyFile, SSHCFG_GLOBAL }, 295 { "hostdsakey", sHostKeyFile, SSHCFG_GLOBAL }, /* alias */ 296 { "pidfile", sPidFile, SSHCFG_GLOBAL }, 297 { "serverkeybits", sServerKeyBits, SSHCFG_GLOBAL }, 298 { "logingracetime", sLoginGraceTime, SSHCFG_GLOBAL }, 299 { "keyregenerationinterval", sKeyRegenerationTime, SSHCFG_GLOBAL }, 300 { "permitrootlogin", sPermitRootLogin, SSHCFG_ALL }, 301 { "syslogfacility", sLogFacility, SSHCFG_GLOBAL }, 302 { "loglevel", sLogLevel, SSHCFG_GLOBAL }, 303 { "rhostsauthentication", sDeprecated, SSHCFG_GLOBAL }, 304 { "rhostsrsaauthentication", sRhostsRSAAuthentication, SSHCFG_ALL }, 305 { "hostbasedauthentication", sHostbasedAuthentication, SSHCFG_ALL }, 306 { "hostbasedusesnamefrompacketonly", sHostbasedUsesNameFromPacketOnly, SSHCFG_GLOBAL }, 307 { "rsaauthentication", sRSAAuthentication, SSHCFG_ALL }, 308 { "pubkeyauthentication", sPubkeyAuthentication, SSHCFG_ALL }, 309 { "dsaauthentication", sPubkeyAuthentication, SSHCFG_GLOBAL }, /* alias */ 310 #ifdef KRB5 311 { "kerberosauthentication", sKerberosAuthentication, SSHCFG_ALL }, 312 { "kerberosorlocalpasswd", sKerberosOrLocalPasswd, SSHCFG_GLOBAL }, 313 { "kerberosticketcleanup", sKerberosTicketCleanup, SSHCFG_GLOBAL }, 314 { "kerberosgetafstoken", sKerberosGetAFSToken, SSHCFG_GLOBAL }, 315 #else 316 { "kerberosauthentication", sUnsupported, SSHCFG_ALL }, 317 { "kerberosorlocalpasswd", sUnsupported, SSHCFG_GLOBAL }, 318 { "kerberosticketcleanup", sUnsupported, SSHCFG_GLOBAL }, 319 { "kerberosgetafstoken", sUnsupported, SSHCFG_GLOBAL }, 320 #endif 321 { "kerberostgtpassing", sUnsupported, SSHCFG_GLOBAL }, 322 { "afstokenpassing", sUnsupported, SSHCFG_GLOBAL }, 323 #ifdef GSSAPI 324 { "gssapiauthentication", sGssAuthentication, SSHCFG_ALL }, 325 { "gssapicleanupcredentials", sGssCleanupCreds, SSHCFG_GLOBAL }, 326 #else 327 { "gssapiauthentication", sUnsupported, SSHCFG_ALL }, 328 { "gssapicleanupcredentials", sUnsupported, SSHCFG_GLOBAL }, 329 #endif 330 { "passwordauthentication", sPasswordAuthentication, SSHCFG_ALL }, 331 { "kbdinteractiveauthentication", sKbdInteractiveAuthentication, SSHCFG_ALL }, 332 { "challengeresponseauthentication", sChallengeResponseAuthentication, SSHCFG_GLOBAL }, 333 { "skeyauthentication", sChallengeResponseAuthentication, SSHCFG_GLOBAL }, /* alias */ 334 { "checkmail", sDeprecated, SSHCFG_GLOBAL }, 335 { "listenaddress", sListenAddress, SSHCFG_GLOBAL }, 336 { "addressfamily", sAddressFamily, SSHCFG_GLOBAL }, 337 { "printmotd", sPrintMotd, SSHCFG_GLOBAL }, 338 { "printlastlog", sPrintLastLog, SSHCFG_GLOBAL }, 339 { "ignorerhosts", sIgnoreRhosts, SSHCFG_GLOBAL }, 340 { "ignoreuserknownhosts", sIgnoreUserKnownHosts, SSHCFG_GLOBAL }, 341 { "x11forwarding", sX11Forwarding, SSHCFG_ALL }, 342 { "x11displayoffset", sX11DisplayOffset, SSHCFG_ALL }, 343 { "x11uselocalhost", sX11UseLocalhost, SSHCFG_ALL }, 344 { "xauthlocation", sXAuthLocation, SSHCFG_GLOBAL }, 345 { "strictmodes", sStrictModes, SSHCFG_GLOBAL }, 346 { "permitemptypasswords", sEmptyPasswd, SSHCFG_GLOBAL }, 347 { "permituserenvironment", sPermitUserEnvironment, SSHCFG_GLOBAL }, 348 { "uselogin", sUseLogin, SSHCFG_GLOBAL }, 349 { "compression", sCompression, SSHCFG_GLOBAL }, 350 { "tcpkeepalive", sTCPKeepAlive, SSHCFG_GLOBAL }, 351 { "keepalive", sTCPKeepAlive, SSHCFG_GLOBAL }, /* obsolete alias */ 352 { "allowtcpforwarding", sAllowTcpForwarding, SSHCFG_ALL }, 353 { "allowagentforwarding", sAllowAgentForwarding, SSHCFG_ALL }, 354 { "allowusers", sAllowUsers, SSHCFG_GLOBAL }, 355 { "denyusers", sDenyUsers, SSHCFG_GLOBAL }, 356 { "allowgroups", sAllowGroups, SSHCFG_GLOBAL }, 357 { "denygroups", sDenyGroups, SSHCFG_GLOBAL }, 358 { "ciphers", sCiphers, SSHCFG_GLOBAL }, 359 { "macs", sMacs, SSHCFG_GLOBAL }, 360 { "protocol", sProtocol, SSHCFG_GLOBAL }, 361 { "gatewayports", sGatewayPorts, SSHCFG_ALL }, 362 { "subsystem", sSubsystem, SSHCFG_GLOBAL }, 363 { "maxstartups", sMaxStartups, SSHCFG_GLOBAL }, 364 { "maxauthtries", sMaxAuthTries, SSHCFG_ALL }, 365 { "maxsessions", sMaxSessions, SSHCFG_ALL }, 366 { "banner", sBanner, SSHCFG_ALL }, 367 { "usedns", sUseDNS, SSHCFG_GLOBAL }, 368 { "verifyreversemapping", sDeprecated, SSHCFG_GLOBAL }, 369 { "reversemappingcheck", sDeprecated, SSHCFG_GLOBAL }, 370 { "clientaliveinterval", sClientAliveInterval, SSHCFG_GLOBAL }, 371 { "clientalivecountmax", sClientAliveCountMax, SSHCFG_GLOBAL }, 372 { "authorizedkeysfile", sAuthorizedKeysFile, SSHCFG_GLOBAL }, 373 { "authorizedkeysfile2", sAuthorizedKeysFile2, SSHCFG_GLOBAL }, 374 { "useprivilegeseparation", sUsePrivilegeSeparation, SSHCFG_GLOBAL}, 375 { "acceptenv", sAcceptEnv, SSHCFG_GLOBAL }, 376 { "permittunnel", sPermitTunnel, SSHCFG_GLOBAL }, 377 { "match", sMatch, SSHCFG_ALL }, 378 { "permitopen", sPermitOpen, SSHCFG_ALL }, 379 { "forcecommand", sForceCommand, SSHCFG_ALL }, 380 { "chrootdirectory", sChrootDirectory, SSHCFG_ALL }, 381 { NULL, sBadOption, 0 } 382 }; 383 384 static struct { 385 int val; 386 char *text; 387 } tunmode_desc[] = { 388 { SSH_TUNMODE_NO, "no" }, 389 { SSH_TUNMODE_POINTOPOINT, "point-to-point" }, 390 { SSH_TUNMODE_ETHERNET, "ethernet" }, 391 { SSH_TUNMODE_YES, "yes" }, 392 { -1, NULL } 393 }; 394 395 /* 396 * Returns the number of the token pointed to by cp or sBadOption. 397 */ 398 399 static ServerOpCodes 400 parse_token(const char *cp, const char *filename, 401 int linenum, u_int *flags) 402 { 403 u_int i; 404 405 for (i = 0; keywords[i].name; i++) 406 if (strcasecmp(cp, keywords[i].name) == 0) { 407 *flags = keywords[i].flags; 408 return keywords[i].opcode; 409 } 410 411 error("%s: line %d: Bad configuration option: %s", 412 filename, linenum, cp); 413 return sBadOption; 414 } 415 416 static void 417 add_listen_addr(ServerOptions *options, char *addr, u_short port) 418 { 419 u_int i; 420 421 if (options->num_ports == 0) 422 options->ports[options->num_ports++] = SSH_DEFAULT_PORT; 423 if (options->address_family == -1) 424 options->address_family = AF_UNSPEC; 425 if (port == 0) 426 for (i = 0; i < options->num_ports; i++) 427 add_one_listen_addr(options, addr, options->ports[i]); 428 else 429 add_one_listen_addr(options, addr, port); 430 } 431 432 static void 433 add_one_listen_addr(ServerOptions *options, char *addr, u_short port) 434 { 435 struct addrinfo hints, *ai, *aitop; 436 char strport[NI_MAXSERV]; 437 int gaierr; 438 439 memset(&hints, 0, sizeof(hints)); 440 hints.ai_family = options->address_family; 441 hints.ai_socktype = SOCK_STREAM; 442 hints.ai_flags = (addr == NULL) ? AI_PASSIVE : 0; 443 snprintf(strport, sizeof strport, "%u", port); 444 if ((gaierr = getaddrinfo(addr, strport, &hints, &aitop)) != 0) 445 fatal("bad addr or host: %s (%s)", 446 addr ? addr : "<NULL>", 447 ssh_gai_strerror(gaierr)); 448 for (ai = aitop; ai->ai_next; ai = ai->ai_next) 449 ; 450 ai->ai_next = options->listen_addrs; 451 options->listen_addrs = aitop; 452 } 453 454 /* 455 * The strategy for the Match blocks is that the config file is parsed twice. 456 * 457 * The first time is at startup. activep is initialized to 1 and the 458 * directives in the global context are processed and acted on. Hitting a 459 * Match directive unsets activep and the directives inside the block are 460 * checked for syntax only. 461 * 462 * The second time is after a connection has been established but before 463 * authentication. activep is initialized to 2 and global config directives 464 * are ignored since they have already been processed. If the criteria in a 465 * Match block is met, activep is set and the subsequent directives 466 * processed and actioned until EOF or another Match block unsets it. Any 467 * options set are copied into the main server config. 468 * 469 * Potential additions/improvements: 470 * - Add Match support for pre-kex directives, eg Protocol, Ciphers. 471 * 472 * - Add a Tag directive (idea from David Leonard) ala pf, eg: 473 * Match Address 192.168.0.* 474 * Tag trusted 475 * Match Group wheel 476 * Tag trusted 477 * Match Tag trusted 478 * AllowTcpForwarding yes 479 * GatewayPorts clientspecified 480 * [...] 481 * 482 * - Add a PermittedChannelRequests directive 483 * Match Group shell 484 * PermittedChannelRequests session,forwarded-tcpip 485 */ 486 487 static int 488 match_cfg_line_group(const char *grps, int line, const char *user) 489 { 490 int result = 0; 491 u_int ngrps = 0; 492 char *arg, *p, *cp, *grplist[MAX_MATCH_GROUPS]; 493 struct passwd *pw; 494 495 /* 496 * Even if we do not have a user yet, we still need to check for 497 * valid syntax. 498 */ 499 arg = cp = xstrdup(grps); 500 while ((p = strsep(&cp, ",")) != NULL && *p != '\0') { 501 if (ngrps >= MAX_MATCH_GROUPS) { 502 error("line %d: too many groups in Match Group", line); 503 result = -1; 504 goto out; 505 } 506 grplist[ngrps++] = p; 507 } 508 509 if (user == NULL) 510 goto out; 511 512 if ((pw = getpwnam(user)) == NULL) { 513 debug("Can't match group at line %d because user %.100s does " 514 "not exist", line, user); 515 } else if (ga_init(pw->pw_name, pw->pw_gid) == 0) { 516 debug("Can't Match group because user %.100s not in any group " 517 "at line %d", user, line); 518 } else if (ga_match(grplist, ngrps) != 1) { 519 debug("user %.100s does not match group %.100s at line %d", 520 user, arg, line); 521 } else { 522 debug("user %.100s matched group %.100s at line %d", user, 523 arg, line); 524 result = 1; 525 } 526 out: 527 ga_free(); 528 xfree(arg); 529 return result; 530 } 531 532 static int 533 match_cfg_line(char **condition, int line, const char *user, const char *host, 534 const char *address) 535 { 536 int result = 1; 537 char *arg, *attrib, *cp = *condition; 538 size_t len; 539 540 if (user == NULL) 541 debug3("checking syntax for 'Match %s'", cp); 542 else 543 debug3("checking match for '%s' user %s host %s addr %s", cp, 544 user ? user : "(null)", host ? host : "(null)", 545 address ? address : "(null)"); 546 547 while ((attrib = strdelim(&cp)) && *attrib != '\0') { 548 if ((arg = strdelim(&cp)) == NULL || *arg == '\0') { 549 error("Missing Match criteria for %s", attrib); 550 return -1; 551 } 552 len = strlen(arg); 553 if (strcasecmp(attrib, "user") == 0) { 554 if (!user) { 555 result = 0; 556 continue; 557 } 558 if (match_pattern_list(user, arg, len, 0) != 1) 559 result = 0; 560 else 561 debug("user %.100s matched 'User %.100s' at " 562 "line %d", user, arg, line); 563 } else if (strcasecmp(attrib, "group") == 0) { 564 switch (match_cfg_line_group(arg, line, user)) { 565 case -1: 566 return -1; 567 case 0: 568 result = 0; 569 } 570 } else if (strcasecmp(attrib, "host") == 0) { 571 if (!host) { 572 result = 0; 573 continue; 574 } 575 if (match_hostname(host, arg, len) != 1) 576 result = 0; 577 else 578 debug("connection from %.100s matched 'Host " 579 "%.100s' at line %d", host, arg, line); 580 } else if (strcasecmp(attrib, "address") == 0) { 581 switch (addr_match_list(address, arg)) { 582 case 1: 583 debug("connection from %.100s matched 'Address " 584 "%.100s' at line %d", address, arg, line); 585 break; 586 case 0: 587 case -1: 588 result = 0; 589 break; 590 case -2: 591 return -1; 592 } 593 } else { 594 error("Unsupported Match attribute %s", attrib); 595 return -1; 596 } 597 } 598 if (user != NULL) 599 debug3("match %sfound", result ? "" : "not "); 600 *condition = cp; 601 return result; 602 } 603 604 #define WHITESPACE " \t\r\n" 605 606 int 607 process_server_config_line(ServerOptions *options, char *line, 608 const char *filename, int linenum, int *activep, const char *user, 609 const char *host, const char *address) 610 { 611 char *cp, **charptr, *arg, *p; 612 int cmdline = 0, *intptr, value, n; 613 SyslogFacility *log_facility_ptr; 614 LogLevel *log_level_ptr; 615 ServerOpCodes opcode; 616 u_short port; 617 u_int i, flags = 0; 618 size_t len; 619 620 cp = line; 621 if ((arg = strdelim(&cp)) == NULL) 622 return 0; 623 /* Ignore leading whitespace */ 624 if (*arg == '\0') 625 arg = strdelim(&cp); 626 if (!arg || !*arg || *arg == '#') 627 return 0; 628 intptr = NULL; 629 charptr = NULL; 630 opcode = parse_token(arg, filename, linenum, &flags); 631 632 if (activep == NULL) { /* We are processing a command line directive */ 633 cmdline = 1; 634 activep = &cmdline; 635 } 636 if (*activep && opcode != sMatch) 637 debug3("%s:%d setting %s %s", filename, linenum, arg, cp); 638 if (*activep == 0 && !(flags & SSHCFG_MATCH)) { 639 if (user == NULL) { 640 fatal("%s line %d: Directive '%s' is not allowed " 641 "within a Match block", filename, linenum, arg); 642 } else { /* this is a directive we have already processed */ 643 while (arg) 644 arg = strdelim(&cp); 645 return 0; 646 } 647 } 648 649 switch (opcode) { 650 case sBadOption: 651 return -1; 652 case sPort: 653 /* ignore ports from configfile if cmdline specifies ports */ 654 if (options->ports_from_cmdline) 655 return 0; 656 if (options->listen_addrs != NULL) 657 fatal("%s line %d: ports must be specified before " 658 "ListenAddress.", filename, linenum); 659 if (options->num_ports >= MAX_PORTS) 660 fatal("%s line %d: too many ports.", 661 filename, linenum); 662 arg = strdelim(&cp); 663 if (!arg || *arg == '\0') 664 fatal("%s line %d: missing port number.", 665 filename, linenum); 666 options->ports[options->num_ports++] = a2port(arg); 667 if (options->ports[options->num_ports-1] == 0) 668 fatal("%s line %d: Badly formatted port number.", 669 filename, linenum); 670 break; 671 672 case sServerKeyBits: 673 intptr = &options->server_key_bits; 674 parse_int: 675 arg = strdelim(&cp); 676 if (!arg || *arg == '\0') 677 fatal("%s line %d: missing integer value.", 678 filename, linenum); 679 value = atoi(arg); 680 if (*activep && *intptr == -1) 681 *intptr = value; 682 break; 683 684 case sLoginGraceTime: 685 intptr = &options->login_grace_time; 686 parse_time: 687 arg = strdelim(&cp); 688 if (!arg || *arg == '\0') 689 fatal("%s line %d: missing time value.", 690 filename, linenum); 691 if ((value = convtime(arg)) == -1) 692 fatal("%s line %d: invalid time value.", 693 filename, linenum); 694 if (*intptr == -1) 695 *intptr = value; 696 break; 697 698 case sKeyRegenerationTime: 699 intptr = &options->key_regeneration_time; 700 goto parse_time; 701 702 case sListenAddress: 703 arg = strdelim(&cp); 704 if (arg == NULL || *arg == '\0') 705 fatal("%s line %d: missing address", 706 filename, linenum); 707 /* check for bare IPv6 address: no "[]" and 2 or more ":" */ 708 if (strchr(arg, '[') == NULL && (p = strchr(arg, ':')) != NULL 709 && strchr(p+1, ':') != NULL) { 710 add_listen_addr(options, arg, 0); 711 break; 712 } 713 p = hpdelim(&arg); 714 if (p == NULL) 715 fatal("%s line %d: bad address:port usage", 716 filename, linenum); 717 p = cleanhostname(p); 718 if (arg == NULL) 719 port = 0; 720 else if ((port = a2port(arg)) == 0) 721 fatal("%s line %d: bad port number", filename, linenum); 722 723 add_listen_addr(options, p, port); 724 725 break; 726 727 case sAddressFamily: 728 arg = strdelim(&cp); 729 if (!arg || *arg == '\0') 730 fatal("%s line %d: missing address family.", 731 filename, linenum); 732 intptr = &options->address_family; 733 if (options->listen_addrs != NULL) 734 fatal("%s line %d: address family must be specified before " 735 "ListenAddress.", filename, linenum); 736 if (strcasecmp(arg, "inet") == 0) 737 value = AF_INET; 738 else if (strcasecmp(arg, "inet6") == 0) 739 value = AF_INET6; 740 else if (strcasecmp(arg, "any") == 0) 741 value = AF_UNSPEC; 742 else 743 fatal("%s line %d: unsupported address family \"%s\".", 744 filename, linenum, arg); 745 if (*intptr == -1) 746 *intptr = value; 747 break; 748 749 case sHostKeyFile: 750 intptr = &options->num_host_key_files; 751 if (*intptr >= MAX_HOSTKEYS) 752 fatal("%s line %d: too many host keys specified (max %d).", 753 filename, linenum, MAX_HOSTKEYS); 754 charptr = &options->host_key_files[*intptr]; 755 parse_filename: 756 arg = strdelim(&cp); 757 if (!arg || *arg == '\0') 758 fatal("%s line %d: missing file name.", 759 filename, linenum); 760 if (*activep && *charptr == NULL) { 761 *charptr = tilde_expand_filename(arg, getuid()); 762 /* increase optional counter */ 763 if (intptr != NULL) 764 *intptr = *intptr + 1; 765 } 766 break; 767 768 case sPidFile: 769 charptr = &options->pid_file; 770 goto parse_filename; 771 772 case sPermitRootLogin: 773 intptr = &options->permit_root_login; 774 arg = strdelim(&cp); 775 if (!arg || *arg == '\0') 776 fatal("%s line %d: missing yes/" 777 "without-password/forced-commands-only/no " 778 "argument.", filename, linenum); 779 value = 0; /* silence compiler */ 780 if (strcmp(arg, "without-password") == 0) 781 value = PERMIT_NO_PASSWD; 782 else if (strcmp(arg, "forced-commands-only") == 0) 783 value = PERMIT_FORCED_ONLY; 784 else if (strcmp(arg, "yes") == 0) 785 value = PERMIT_YES; 786 else if (strcmp(arg, "no") == 0) 787 value = PERMIT_NO; 788 else 789 fatal("%s line %d: Bad yes/" 790 "without-password/forced-commands-only/no " 791 "argument: %s", filename, linenum, arg); 792 if (*activep && *intptr == -1) 793 *intptr = value; 794 break; 795 796 case sIgnoreRhosts: 797 intptr = &options->ignore_rhosts; 798 parse_flag: 799 arg = strdelim(&cp); 800 if (!arg || *arg == '\0') 801 fatal("%s line %d: missing yes/no argument.", 802 filename, linenum); 803 value = 0; /* silence compiler */ 804 if (strcmp(arg, "yes") == 0) 805 value = 1; 806 else if (strcmp(arg, "no") == 0) 807 value = 0; 808 else 809 fatal("%s line %d: Bad yes/no argument: %s", 810 filename, linenum, arg); 811 if (*activep && *intptr == -1) 812 *intptr = value; 813 break; 814 815 case sIgnoreUserKnownHosts: 816 intptr = &options->ignore_user_known_hosts; 817 goto parse_flag; 818 819 case sRhostsRSAAuthentication: 820 intptr = &options->rhosts_rsa_authentication; 821 goto parse_flag; 822 823 case sHostbasedAuthentication: 824 intptr = &options->hostbased_authentication; 825 goto parse_flag; 826 827 case sHostbasedUsesNameFromPacketOnly: 828 intptr = &options->hostbased_uses_name_from_packet_only; 829 goto parse_flag; 830 831 case sRSAAuthentication: 832 intptr = &options->rsa_authentication; 833 goto parse_flag; 834 835 case sPubkeyAuthentication: 836 intptr = &options->pubkey_authentication; 837 goto parse_flag; 838 839 case sKerberosAuthentication: 840 intptr = &options->kerberos_authentication; 841 goto parse_flag; 842 843 case sKerberosOrLocalPasswd: 844 intptr = &options->kerberos_or_local_passwd; 845 goto parse_flag; 846 847 case sKerberosTicketCleanup: 848 intptr = &options->kerberos_ticket_cleanup; 849 goto parse_flag; 850 851 case sKerberosGetAFSToken: 852 intptr = &options->kerberos_get_afs_token; 853 goto parse_flag; 854 855 case sGssAuthentication: 856 intptr = &options->gss_authentication; 857 goto parse_flag; 858 859 case sGssCleanupCreds: 860 intptr = &options->gss_cleanup_creds; 861 goto parse_flag; 862 863 case sPasswordAuthentication: 864 intptr = &options->password_authentication; 865 goto parse_flag; 866 867 case sKbdInteractiveAuthentication: 868 intptr = &options->kbd_interactive_authentication; 869 goto parse_flag; 870 871 case sChallengeResponseAuthentication: 872 intptr = &options->challenge_response_authentication; 873 goto parse_flag; 874 875 case sPrintMotd: 876 intptr = &options->print_motd; 877 goto parse_flag; 878 879 case sPrintLastLog: 880 intptr = &options->print_lastlog; 881 goto parse_flag; 882 883 case sX11Forwarding: 884 intptr = &options->x11_forwarding; 885 goto parse_flag; 886 887 case sX11DisplayOffset: 888 intptr = &options->x11_display_offset; 889 goto parse_int; 890 891 case sX11UseLocalhost: 892 intptr = &options->x11_use_localhost; 893 goto parse_flag; 894 895 case sXAuthLocation: 896 charptr = &options->xauth_location; 897 goto parse_filename; 898 899 case sStrictModes: 900 intptr = &options->strict_modes; 901 goto parse_flag; 902 903 case sTCPKeepAlive: 904 intptr = &options->tcp_keep_alive; 905 goto parse_flag; 906 907 case sEmptyPasswd: 908 intptr = &options->permit_empty_passwd; 909 goto parse_flag; 910 911 case sPermitUserEnvironment: 912 intptr = &options->permit_user_env; 913 goto parse_flag; 914 915 case sUseLogin: 916 intptr = &options->use_login; 917 goto parse_flag; 918 919 case sCompression: 920 intptr = &options->compression; 921 arg = strdelim(&cp); 922 if (!arg || *arg == '\0') 923 fatal("%s line %d: missing yes/no/delayed " 924 "argument.", filename, linenum); 925 value = 0; /* silence compiler */ 926 if (strcmp(arg, "delayed") == 0) 927 value = COMP_DELAYED; 928 else if (strcmp(arg, "yes") == 0) 929 value = COMP_ZLIB; 930 else if (strcmp(arg, "no") == 0) 931 value = COMP_NONE; 932 else 933 fatal("%s line %d: Bad yes/no/delayed " 934 "argument: %s", filename, linenum, arg); 935 if (*intptr == -1) 936 *intptr = value; 937 break; 938 939 case sGatewayPorts: 940 intptr = &options->gateway_ports; 941 arg = strdelim(&cp); 942 if (!arg || *arg == '\0') 943 fatal("%s line %d: missing yes/no/clientspecified " 944 "argument.", filename, linenum); 945 value = 0; /* silence compiler */ 946 if (strcmp(arg, "clientspecified") == 0) 947 value = 2; 948 else if (strcmp(arg, "yes") == 0) 949 value = 1; 950 else if (strcmp(arg, "no") == 0) 951 value = 0; 952 else 953 fatal("%s line %d: Bad yes/no/clientspecified " 954 "argument: %s", filename, linenum, arg); 955 if (*activep && *intptr == -1) 956 *intptr = value; 957 break; 958 959 case sUseDNS: 960 intptr = &options->use_dns; 961 goto parse_flag; 962 963 case sLogFacility: 964 log_facility_ptr = &options->log_facility; 965 arg = strdelim(&cp); 966 value = log_facility_number(arg); 967 if (value == SYSLOG_FACILITY_NOT_SET) 968 fatal("%.200s line %d: unsupported log facility '%s'", 969 filename, linenum, arg ? arg : "<NONE>"); 970 if (*log_facility_ptr == -1) 971 *log_facility_ptr = (SyslogFacility) value; 972 break; 973 974 case sLogLevel: 975 log_level_ptr = &options->log_level; 976 arg = strdelim(&cp); 977 value = log_level_number(arg); 978 if (value == SYSLOG_LEVEL_NOT_SET) 979 fatal("%.200s line %d: unsupported log level '%s'", 980 filename, linenum, arg ? arg : "<NONE>"); 981 if (*log_level_ptr == -1) 982 *log_level_ptr = (LogLevel) value; 983 break; 984 985 case sAllowTcpForwarding: 986 intptr = &options->allow_tcp_forwarding; 987 goto parse_flag; 988 989 case sAllowAgentForwarding: 990 intptr = &options->allow_agent_forwarding; 991 goto parse_flag; 992 993 case sUsePrivilegeSeparation: 994 intptr = &use_privsep; 995 goto parse_flag; 996 997 case sAllowUsers: 998 while ((arg = strdelim(&cp)) && *arg != '\0') { 999 if (options->num_allow_users >= MAX_ALLOW_USERS) 1000 fatal("%s line %d: too many allow users.", 1001 filename, linenum); 1002 options->allow_users[options->num_allow_users++] = 1003 xstrdup(arg); 1004 } 1005 break; 1006 1007 case sDenyUsers: 1008 while ((arg = strdelim(&cp)) && *arg != '\0') { 1009 if (options->num_deny_users >= MAX_DENY_USERS) 1010 fatal("%s line %d: too many deny users.", 1011 filename, linenum); 1012 options->deny_users[options->num_deny_users++] = 1013 xstrdup(arg); 1014 } 1015 break; 1016 1017 case sAllowGroups: 1018 while ((arg = strdelim(&cp)) && *arg != '\0') { 1019 if (options->num_allow_groups >= MAX_ALLOW_GROUPS) 1020 fatal("%s line %d: too many allow groups.", 1021 filename, linenum); 1022 options->allow_groups[options->num_allow_groups++] = 1023 xstrdup(arg); 1024 } 1025 break; 1026 1027 case sDenyGroups: 1028 while ((arg = strdelim(&cp)) && *arg != '\0') { 1029 if (options->num_deny_groups >= MAX_DENY_GROUPS) 1030 fatal("%s line %d: too many deny groups.", 1031 filename, linenum); 1032 options->deny_groups[options->num_deny_groups++] = xstrdup(arg); 1033 } 1034 break; 1035 1036 case sCiphers: 1037 arg = strdelim(&cp); 1038 if (!arg || *arg == '\0') 1039 fatal("%s line %d: Missing argument.", filename, linenum); 1040 if (!ciphers_valid(arg)) 1041 fatal("%s line %d: Bad SSH2 cipher spec '%s'.", 1042 filename, linenum, arg ? arg : "<NONE>"); 1043 if (options->ciphers == NULL) 1044 options->ciphers = xstrdup(arg); 1045 break; 1046 1047 case sMacs: 1048 arg = strdelim(&cp); 1049 if (!arg || *arg == '\0') 1050 fatal("%s line %d: Missing argument.", filename, linenum); 1051 if (!mac_valid(arg)) 1052 fatal("%s line %d: Bad SSH2 mac spec '%s'.", 1053 filename, linenum, arg ? arg : "<NONE>"); 1054 if (options->macs == NULL) 1055 options->macs = xstrdup(arg); 1056 break; 1057 1058 case sProtocol: 1059 intptr = &options->protocol; 1060 arg = strdelim(&cp); 1061 if (!arg || *arg == '\0') 1062 fatal("%s line %d: Missing argument.", filename, linenum); 1063 value = proto_spec(arg); 1064 if (value == SSH_PROTO_UNKNOWN) 1065 fatal("%s line %d: Bad protocol spec '%s'.", 1066 filename, linenum, arg ? arg : "<NONE>"); 1067 if (*intptr == SSH_PROTO_UNKNOWN) 1068 *intptr = value; 1069 break; 1070 1071 case sSubsystem: 1072 if (options->num_subsystems >= MAX_SUBSYSTEMS) { 1073 fatal("%s line %d: too many subsystems defined.", 1074 filename, linenum); 1075 } 1076 arg = strdelim(&cp); 1077 if (!arg || *arg == '\0') 1078 fatal("%s line %d: Missing subsystem name.", 1079 filename, linenum); 1080 if (!*activep) { 1081 arg = strdelim(&cp); 1082 break; 1083 } 1084 for (i = 0; i < options->num_subsystems; i++) 1085 if (strcmp(arg, options->subsystem_name[i]) == 0) 1086 fatal("%s line %d: Subsystem '%s' already defined.", 1087 filename, linenum, arg); 1088 options->subsystem_name[options->num_subsystems] = xstrdup(arg); 1089 arg = strdelim(&cp); 1090 if (!arg || *arg == '\0') 1091 fatal("%s line %d: Missing subsystem command.", 1092 filename, linenum); 1093 options->subsystem_command[options->num_subsystems] = xstrdup(arg); 1094 1095 /* Collect arguments (separate to executable) */ 1096 p = xstrdup(arg); 1097 len = strlen(p) + 1; 1098 while ((arg = strdelim(&cp)) != NULL && *arg != '\0') { 1099 len += 1 + strlen(arg); 1100 p = xrealloc(p, 1, len); 1101 strlcat(p, " ", len); 1102 strlcat(p, arg, len); 1103 } 1104 options->subsystem_args[options->num_subsystems] = p; 1105 options->num_subsystems++; 1106 break; 1107 1108 case sMaxStartups: 1109 arg = strdelim(&cp); 1110 if (!arg || *arg == '\0') 1111 fatal("%s line %d: Missing MaxStartups spec.", 1112 filename, linenum); 1113 if ((n = sscanf(arg, "%d:%d:%d", 1114 &options->max_startups_begin, 1115 &options->max_startups_rate, 1116 &options->max_startups)) == 3) { 1117 if (options->max_startups_begin > 1118 options->max_startups || 1119 options->max_startups_rate > 100 || 1120 options->max_startups_rate < 1) 1121 fatal("%s line %d: Illegal MaxStartups spec.", 1122 filename, linenum); 1123 } else if (n != 1) 1124 fatal("%s line %d: Illegal MaxStartups spec.", 1125 filename, linenum); 1126 else 1127 options->max_startups = options->max_startups_begin; 1128 break; 1129 1130 case sMaxAuthTries: 1131 intptr = &options->max_authtries; 1132 goto parse_int; 1133 1134 case sMaxSessions: 1135 intptr = &options->max_sessions; 1136 goto parse_int; 1137 1138 case sBanner: 1139 charptr = &options->banner; 1140 goto parse_filename; 1141 1142 /* 1143 * These options can contain %X options expanded at 1144 * connect time, so that you can specify paths like: 1145 * 1146 * AuthorizedKeysFile /etc/ssh_keys/%u 1147 */ 1148 case sAuthorizedKeysFile: 1149 case sAuthorizedKeysFile2: 1150 charptr = (opcode == sAuthorizedKeysFile) ? 1151 &options->authorized_keys_file : 1152 &options->authorized_keys_file2; 1153 goto parse_filename; 1154 1155 case sClientAliveInterval: 1156 intptr = &options->client_alive_interval; 1157 goto parse_time; 1158 1159 case sClientAliveCountMax: 1160 intptr = &options->client_alive_count_max; 1161 goto parse_int; 1162 1163 case sAcceptEnv: 1164 while ((arg = strdelim(&cp)) && *arg != '\0') { 1165 if (strchr(arg, '=') != NULL) 1166 fatal("%s line %d: Invalid environment name.", 1167 filename, linenum); 1168 if (options->num_accept_env >= MAX_ACCEPT_ENV) 1169 fatal("%s line %d: too many allow env.", 1170 filename, linenum); 1171 if (!*activep) 1172 break; 1173 options->accept_env[options->num_accept_env++] = 1174 xstrdup(arg); 1175 } 1176 break; 1177 1178 case sPermitTunnel: 1179 intptr = &options->permit_tun; 1180 arg = strdelim(&cp); 1181 if (!arg || *arg == '\0') 1182 fatal("%s line %d: Missing yes/point-to-point/" 1183 "ethernet/no argument.", filename, linenum); 1184 value = -1; 1185 for (i = 0; tunmode_desc[i].val != -1; i++) 1186 if (strcmp(tunmode_desc[i].text, arg) == 0) { 1187 value = tunmode_desc[i].val; 1188 break; 1189 } 1190 if (value == -1) 1191 fatal("%s line %d: Bad yes/point-to-point/ethernet/" 1192 "no argument: %s", filename, linenum, arg); 1193 if (*intptr == -1) 1194 *intptr = value; 1195 break; 1196 1197 case sMatch: 1198 if (cmdline) 1199 fatal("Match directive not supported as a command-line " 1200 "option"); 1201 value = match_cfg_line(&cp, linenum, user, host, address); 1202 if (value < 0) 1203 fatal("%s line %d: Bad Match condition", filename, 1204 linenum); 1205 *activep = value; 1206 break; 1207 1208 case sPermitOpen: 1209 arg = strdelim(&cp); 1210 if (!arg || *arg == '\0') 1211 fatal("%s line %d: missing PermitOpen specification", 1212 filename, linenum); 1213 n = options->num_permitted_opens; /* modified later */ 1214 if (strcmp(arg, "any") == 0) { 1215 if (*activep && n == -1) { 1216 channel_clear_adm_permitted_opens(); 1217 options->num_permitted_opens = 0; 1218 } 1219 break; 1220 } 1221 if (*activep && n == -1) 1222 channel_clear_adm_permitted_opens(); 1223 for (; arg != NULL && *arg != '\0'; arg = strdelim(&cp)) { 1224 p = hpdelim(&arg); 1225 if (p == NULL) 1226 fatal("%s line %d: missing host in PermitOpen", 1227 filename, linenum); 1228 p = cleanhostname(p); 1229 if (arg == NULL || (port = a2port(arg)) == 0) 1230 fatal("%s line %d: bad port number in " 1231 "PermitOpen", filename, linenum); 1232 if (*activep && n == -1) 1233 options->num_permitted_opens = 1234 channel_add_adm_permitted_opens(p, port); 1235 } 1236 break; 1237 1238 case sForceCommand: 1239 if (cp == NULL) 1240 fatal("%.200s line %d: Missing argument.", filename, 1241 linenum); 1242 len = strspn(cp, WHITESPACE); 1243 if (*activep && options->adm_forced_command == NULL) 1244 options->adm_forced_command = xstrdup(cp + len); 1245 return 0; 1246 1247 case sChrootDirectory: 1248 charptr = &options->chroot_directory; 1249 1250 arg = strdelim(&cp); 1251 if (!arg || *arg == '\0') 1252 fatal("%s line %d: missing file name.", 1253 filename, linenum); 1254 if (*activep && *charptr == NULL) 1255 *charptr = xstrdup(arg); 1256 break; 1257 1258 case sDeprecated: 1259 logit("%s line %d: Deprecated option %s", 1260 filename, linenum, arg); 1261 while (arg) 1262 arg = strdelim(&cp); 1263 break; 1264 1265 case sUnsupported: 1266 logit("%s line %d: Unsupported option %s", 1267 filename, linenum, arg); 1268 while (arg) 1269 arg = strdelim(&cp); 1270 break; 1271 1272 default: 1273 fatal("%s line %d: Missing handler for opcode %s (%d)", 1274 filename, linenum, arg, opcode); 1275 } 1276 if ((arg = strdelim(&cp)) != NULL && *arg != '\0') 1277 fatal("%s line %d: garbage at end of line; \"%.200s\".", 1278 filename, linenum, arg); 1279 return 0; 1280 } 1281 1282 /* Reads the server configuration file. */ 1283 1284 void 1285 load_server_config(const char *filename, Buffer *conf) 1286 { 1287 char line[1024], *cp; 1288 FILE *f; 1289 1290 debug2("%s: filename %s", __func__, filename); 1291 if ((f = fopen(filename, "r")) == NULL) { 1292 perror(filename); 1293 exit(1); 1294 } 1295 buffer_clear(conf); 1296 while (fgets(line, sizeof(line), f)) { 1297 /* 1298 * Trim out comments and strip whitespace 1299 * NB - preserve newlines, they are needed to reproduce 1300 * line numbers later for error messages 1301 */ 1302 if ((cp = strchr(line, '#')) != NULL) 1303 memcpy(cp, "\n", 2); 1304 cp = line + strspn(line, " \t\r"); 1305 1306 buffer_append(conf, cp, strlen(cp)); 1307 } 1308 buffer_append(conf, "\0", 1); 1309 fclose(f); 1310 debug2("%s: done config len = %d", __func__, buffer_len(conf)); 1311 } 1312 1313 void 1314 parse_server_match_config(ServerOptions *options, const char *user, 1315 const char *host, const char *address) 1316 { 1317 ServerOptions mo; 1318 1319 initialize_server_options(&mo); 1320 parse_server_config(&mo, "reprocess config", &cfg, user, host, address); 1321 copy_set_server_options(options, &mo, 0); 1322 } 1323 1324 /* Helper macros */ 1325 #define M_CP_INTOPT(n) do {\ 1326 if (src->n != -1) \ 1327 dst->n = src->n; \ 1328 } while (0) 1329 #define M_CP_STROPT(n) do {\ 1330 if (src->n != NULL) { \ 1331 if (dst->n != NULL) \ 1332 xfree(dst->n); \ 1333 dst->n = src->n; \ 1334 } \ 1335 } while(0) 1336 1337 /* 1338 * Copy any supported values that are set. 1339 * 1340 * If the preauth flag is set, we do not bother copying the the string or 1341 * array values that are not used pre-authentication, because any that we 1342 * do use must be explictly sent in mm_getpwnamallow(). 1343 */ 1344 void 1345 copy_set_server_options(ServerOptions *dst, ServerOptions *src, int preauth) 1346 { 1347 M_CP_INTOPT(password_authentication); 1348 M_CP_INTOPT(gss_authentication); 1349 M_CP_INTOPT(rsa_authentication); 1350 M_CP_INTOPT(pubkey_authentication); 1351 M_CP_INTOPT(kerberos_authentication); 1352 M_CP_INTOPT(hostbased_authentication); 1353 M_CP_INTOPT(kbd_interactive_authentication); 1354 M_CP_INTOPT(permit_root_login); 1355 1356 M_CP_INTOPT(allow_tcp_forwarding); 1357 M_CP_INTOPT(allow_agent_forwarding); 1358 M_CP_INTOPT(gateway_ports); 1359 M_CP_INTOPT(x11_display_offset); 1360 M_CP_INTOPT(x11_forwarding); 1361 M_CP_INTOPT(x11_use_localhost); 1362 M_CP_INTOPT(max_sessions); 1363 M_CP_INTOPT(max_authtries); 1364 1365 M_CP_STROPT(banner); 1366 if (preauth) 1367 return; 1368 M_CP_STROPT(adm_forced_command); 1369 M_CP_STROPT(chroot_directory); 1370 } 1371 1372 #undef M_CP_INTOPT 1373 #undef M_CP_STROPT 1374 1375 void 1376 parse_server_config(ServerOptions *options, const char *filename, Buffer *conf, 1377 const char *user, const char *host, const char *address) 1378 { 1379 int active, linenum, bad_options = 0; 1380 char *cp, *obuf, *cbuf; 1381 1382 debug2("%s: config %s len %d", __func__, filename, buffer_len(conf)); 1383 1384 obuf = cbuf = xstrdup(buffer_ptr(conf)); 1385 active = user ? 0 : 1; 1386 linenum = 1; 1387 while ((cp = strsep(&cbuf, "\n")) != NULL) { 1388 if (process_server_config_line(options, cp, filename, 1389 linenum++, &active, user, host, address) != 0) 1390 bad_options++; 1391 } 1392 xfree(obuf); 1393 if (bad_options > 0) 1394 fatal("%s: terminating, %d bad configuration options", 1395 filename, bad_options); 1396 } 1397 1398 static const char * 1399 fmt_intarg(ServerOpCodes code, int val) 1400 { 1401 if (code == sAddressFamily) { 1402 switch (val) { 1403 case AF_INET: 1404 return "inet"; 1405 case AF_INET6: 1406 return "inet6"; 1407 case AF_UNSPEC: 1408 return "any"; 1409 default: 1410 return "UNKNOWN"; 1411 } 1412 } 1413 if (code == sPermitRootLogin) { 1414 switch (val) { 1415 case PERMIT_NO_PASSWD: 1416 return "without-passord"; 1417 case PERMIT_FORCED_ONLY: 1418 return "forced-commands-only"; 1419 case PERMIT_YES: 1420 return "yes"; 1421 } 1422 } 1423 if (code == sProtocol) { 1424 switch (val) { 1425 case SSH_PROTO_1: 1426 return "1"; 1427 case SSH_PROTO_2: 1428 return "2"; 1429 case (SSH_PROTO_1|SSH_PROTO_2): 1430 return "2,1"; 1431 default: 1432 return "UNKNOWN"; 1433 } 1434 } 1435 if (code == sGatewayPorts && val == 2) 1436 return "clientspecified"; 1437 if (code == sCompression && val == COMP_DELAYED) 1438 return "delayed"; 1439 switch (val) { 1440 case -1: 1441 return "unset"; 1442 case 0: 1443 return "no"; 1444 case 1: 1445 return "yes"; 1446 } 1447 return "UNKNOWN"; 1448 } 1449 1450 static const char * 1451 lookup_opcode_name(ServerOpCodes code) 1452 { 1453 u_int i; 1454 1455 for (i = 0; keywords[i].name != NULL; i++) 1456 if (keywords[i].opcode == code) 1457 return(keywords[i].name); 1458 return "UNKNOWN"; 1459 } 1460 1461 static void 1462 dump_cfg_int(ServerOpCodes code, int val) 1463 { 1464 printf("%s %d\n", lookup_opcode_name(code), val); 1465 } 1466 1467 static void 1468 dump_cfg_fmtint(ServerOpCodes code, int val) 1469 { 1470 printf("%s %s\n", lookup_opcode_name(code), fmt_intarg(code, val)); 1471 } 1472 1473 static void 1474 dump_cfg_string(ServerOpCodes code, const char *val) 1475 { 1476 if (val == NULL) 1477 return; 1478 printf("%s %s\n", lookup_opcode_name(code), val); 1479 } 1480 1481 static void 1482 dump_cfg_strarray(ServerOpCodes code, u_int count, char **vals) 1483 { 1484 u_int i; 1485 1486 for (i = 0; i < count; i++) 1487 printf("%s %s\n", lookup_opcode_name(code), vals[i]); 1488 } 1489 1490 void 1491 dump_config(ServerOptions *o) 1492 { 1493 u_int i; 1494 int ret; 1495 struct addrinfo *ai; 1496 char addr[NI_MAXHOST], port[NI_MAXSERV], *s = NULL; 1497 1498 /* these are usually at the top of the config */ 1499 for (i = 0; i < o->num_ports; i++) 1500 printf("port %d\n", o->ports[i]); 1501 dump_cfg_fmtint(sProtocol, o->protocol); 1502 dump_cfg_fmtint(sAddressFamily, o->address_family); 1503 1504 /* ListenAddress must be after Port */ 1505 for (ai = o->listen_addrs; ai; ai = ai->ai_next) { 1506 if ((ret = getnameinfo(ai->ai_addr, ai->ai_addrlen, addr, 1507 sizeof(addr), port, sizeof(port), 1508 NI_NUMERICHOST|NI_NUMERICSERV)) != 0) { 1509 error("getnameinfo failed: %.100s", 1510 (ret != EAI_SYSTEM) ? gai_strerror(ret) : 1511 strerror(errno)); 1512 } else { 1513 if (ai->ai_family == AF_INET6) 1514 printf("listenaddress [%s]:%s\n", addr, port); 1515 else 1516 printf("listenaddress %s:%s\n", addr, port); 1517 } 1518 } 1519 1520 /* integer arguments */ 1521 dump_cfg_int(sServerKeyBits, o->server_key_bits); 1522 dump_cfg_int(sLoginGraceTime, o->login_grace_time); 1523 dump_cfg_int(sKeyRegenerationTime, o->key_regeneration_time); 1524 dump_cfg_int(sX11DisplayOffset, o->x11_display_offset); 1525 dump_cfg_int(sMaxAuthTries, o->max_authtries); 1526 dump_cfg_int(sClientAliveInterval, o->client_alive_interval); 1527 dump_cfg_int(sClientAliveCountMax, o->client_alive_count_max); 1528 1529 /* formatted integer arguments */ 1530 dump_cfg_fmtint(sPermitRootLogin, o->permit_root_login); 1531 dump_cfg_fmtint(sIgnoreRhosts, o->ignore_rhosts); 1532 dump_cfg_fmtint(sIgnoreUserKnownHosts, o->ignore_user_known_hosts); 1533 dump_cfg_fmtint(sRhostsRSAAuthentication, o->rhosts_rsa_authentication); 1534 dump_cfg_fmtint(sHostbasedAuthentication, o->hostbased_authentication); 1535 dump_cfg_fmtint(sHostbasedUsesNameFromPacketOnly, 1536 o->hostbased_uses_name_from_packet_only); 1537 dump_cfg_fmtint(sRSAAuthentication, o->rsa_authentication); 1538 dump_cfg_fmtint(sPubkeyAuthentication, o->pubkey_authentication); 1539 dump_cfg_fmtint(sKerberosAuthentication, o->kerberos_authentication); 1540 dump_cfg_fmtint(sKerberosOrLocalPasswd, o->kerberos_or_local_passwd); 1541 dump_cfg_fmtint(sKerberosTicketCleanup, o->kerberos_ticket_cleanup); 1542 dump_cfg_fmtint(sKerberosGetAFSToken, o->kerberos_get_afs_token); 1543 dump_cfg_fmtint(sGssAuthentication, o->gss_authentication); 1544 dump_cfg_fmtint(sGssCleanupCreds, o->gss_cleanup_creds); 1545 dump_cfg_fmtint(sPasswordAuthentication, o->password_authentication); 1546 dump_cfg_fmtint(sKbdInteractiveAuthentication, 1547 o->kbd_interactive_authentication); 1548 dump_cfg_fmtint(sChallengeResponseAuthentication, 1549 o->challenge_response_authentication); 1550 dump_cfg_fmtint(sPrintMotd, o->print_motd); 1551 dump_cfg_fmtint(sPrintLastLog, o->print_lastlog); 1552 dump_cfg_fmtint(sX11Forwarding, o->x11_forwarding); 1553 dump_cfg_fmtint(sX11UseLocalhost, o->x11_use_localhost); 1554 dump_cfg_fmtint(sStrictModes, o->strict_modes); 1555 dump_cfg_fmtint(sTCPKeepAlive, o->tcp_keep_alive); 1556 dump_cfg_fmtint(sEmptyPasswd, o->permit_empty_passwd); 1557 dump_cfg_fmtint(sPermitUserEnvironment, o->permit_user_env); 1558 dump_cfg_fmtint(sUseLogin, o->use_login); 1559 dump_cfg_fmtint(sCompression, o->compression); 1560 dump_cfg_fmtint(sGatewayPorts, o->gateway_ports); 1561 dump_cfg_fmtint(sUseDNS, o->use_dns); 1562 dump_cfg_fmtint(sAllowTcpForwarding, o->allow_tcp_forwarding); 1563 dump_cfg_fmtint(sUsePrivilegeSeparation, use_privsep); 1564 1565 /* string arguments */ 1566 dump_cfg_string(sPidFile, o->pid_file); 1567 dump_cfg_string(sXAuthLocation, o->xauth_location); 1568 dump_cfg_string(sCiphers, o->ciphers); 1569 dump_cfg_string(sMacs, o->macs); 1570 dump_cfg_string(sBanner, o->banner); 1571 dump_cfg_string(sAuthorizedKeysFile, o->authorized_keys_file); 1572 dump_cfg_string(sAuthorizedKeysFile2, o->authorized_keys_file2); 1573 dump_cfg_string(sForceCommand, o->adm_forced_command); 1574 1575 /* string arguments requiring a lookup */ 1576 dump_cfg_string(sLogLevel, log_level_name(o->log_level)); 1577 dump_cfg_string(sLogFacility, log_facility_name(o->log_facility)); 1578 1579 /* string array arguments */ 1580 dump_cfg_strarray(sHostKeyFile, o->num_host_key_files, 1581 o->host_key_files); 1582 dump_cfg_strarray(sAllowUsers, o->num_allow_users, o->allow_users); 1583 dump_cfg_strarray(sDenyUsers, o->num_deny_users, o->deny_users); 1584 dump_cfg_strarray(sAllowGroups, o->num_allow_groups, o->allow_groups); 1585 dump_cfg_strarray(sDenyGroups, o->num_deny_groups, o->deny_groups); 1586 dump_cfg_strarray(sAcceptEnv, o->num_accept_env, o->accept_env); 1587 1588 /* other arguments */ 1589 for (i = 0; i < o->num_subsystems; i++) 1590 printf("subsystem %s %s\n", o->subsystem_name[i], 1591 o->subsystem_args[i]); 1592 1593 printf("maxstartups %d:%d:%d\n", o->max_startups_begin, 1594 o->max_startups_rate, o->max_startups); 1595 1596 for (i = 0; tunmode_desc[i].val != -1; i++) 1597 if (tunmode_desc[i].val == o->permit_tun) { 1598 s = tunmode_desc[i].text; 1599 break; 1600 } 1601 dump_cfg_string(sPermitTunnel, s); 1602 1603 printf("permitopen"); 1604 channel_print_adm_permitted_opens(); 1605 printf("\n"); 1606 } 1607