1 2 /* $OpenBSD: servconf.c,v 1.292 2016/06/23 05:17:51 djm Exp $ */ 3 /* 4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland 5 * All rights reserved 6 * 7 * As far as I am concerned, the code I have written for this software 8 * can be used freely for any purpose. Any derived versions of this 9 * software must be clearly marked as such, and if the derived work is 10 * incompatible with the protocol description in the RFC file, it must be 11 * called by a name other than "ssh" or "Secure Shell". 12 */ 13 14 #include <sys/types.h> 15 #include <sys/socket.h> 16 #include <sys/queue.h> 17 18 #include <netinet/in.h> 19 #include <netinet/ip.h> 20 21 #include <ctype.h> 22 #include <netdb.h> 23 #include <pwd.h> 24 #include <stdio.h> 25 #include <stdlib.h> 26 #include <string.h> 27 #include <signal.h> 28 #include <unistd.h> 29 #include <limits.h> 30 #include <stdarg.h> 31 #include <errno.h> 32 #include <util.h> 33 34 #include "xmalloc.h" 35 #include "ssh.h" 36 #include "log.h" 37 #include "buffer.h" 38 #include "misc.h" 39 #include "servconf.h" 40 #include "compat.h" 41 #include "pathnames.h" 42 #include "cipher.h" 43 #include "key.h" 44 #include "kex.h" 45 #include "mac.h" 46 #include "match.h" 47 #include "channels.h" 48 #include "groupaccess.h" 49 #include "canohost.h" 50 #include "packet.h" 51 #include "hostfile.h" 52 #include "auth.h" 53 #include "myproposal.h" 54 #include "digest.h" 55 56 static void add_listen_addr(ServerOptions *, char *, int); 57 static void add_one_listen_addr(ServerOptions *, char *, int); 58 59 /* Use of privilege separation or not */ 60 extern int use_privsep; 61 extern Buffer cfg; 62 63 /* Initializes the server options to their default values. */ 64 65 void 66 initialize_server_options(ServerOptions *options) 67 { 68 memset(options, 0, sizeof(*options)); 69 options->num_ports = 0; 70 options->ports_from_cmdline = 0; 71 options->queued_listen_addrs = NULL; 72 options->num_queued_listens = 0; 73 options->listen_addrs = NULL; 74 options->address_family = -1; 75 options->num_host_key_files = 0; 76 options->num_host_cert_files = 0; 77 options->host_key_agent = NULL; 78 options->pid_file = NULL; 79 options->server_key_bits = -1; 80 options->login_grace_time = -1; 81 options->key_regeneration_time = -1; 82 options->permit_root_login = PERMIT_NOT_SET; 83 options->ignore_rhosts = -1; 84 options->ignore_user_known_hosts = -1; 85 options->print_motd = -1; 86 options->print_lastlog = -1; 87 options->x11_forwarding = -1; 88 options->x11_display_offset = -1; 89 options->x11_use_localhost = -1; 90 options->permit_tty = -1; 91 options->permit_user_rc = -1; 92 options->xauth_location = NULL; 93 options->strict_modes = -1; 94 options->tcp_keep_alive = -1; 95 options->log_facility = SYSLOG_FACILITY_NOT_SET; 96 options->log_level = SYSLOG_LEVEL_NOT_SET; 97 options->rhosts_rsa_authentication = -1; 98 options->hostbased_authentication = -1; 99 options->hostbased_uses_name_from_packet_only = -1; 100 options->hostbased_key_types = NULL; 101 options->hostkeyalgorithms = NULL; 102 options->rsa_authentication = -1; 103 options->pubkey_authentication = -1; 104 options->pubkey_key_types = NULL; 105 options->kerberos_authentication = -1; 106 options->kerberos_or_local_passwd = -1; 107 options->kerberos_ticket_cleanup = -1; 108 options->kerberos_get_afs_token = -1; 109 options->gss_authentication=-1; 110 options->gss_cleanup_creds = -1; 111 options->gss_strict_acceptor = -1; 112 options->password_authentication = -1; 113 options->kbd_interactive_authentication = -1; 114 options->challenge_response_authentication = -1; 115 options->permit_empty_passwd = -1; 116 options->permit_user_env = -1; 117 options->use_login = -1; 118 options->compression = -1; 119 options->rekey_limit = -1; 120 options->rekey_interval = -1; 121 options->allow_tcp_forwarding = -1; 122 options->allow_streamlocal_forwarding = -1; 123 options->allow_agent_forwarding = -1; 124 options->num_allow_users = 0; 125 options->num_deny_users = 0; 126 options->num_allow_groups = 0; 127 options->num_deny_groups = 0; 128 options->ciphers = NULL; 129 options->macs = NULL; 130 options->kex_algorithms = NULL; 131 options->protocol = SSH_PROTO_UNKNOWN; 132 options->fwd_opts.gateway_ports = -1; 133 options->fwd_opts.streamlocal_bind_mask = (mode_t)-1; 134 options->fwd_opts.streamlocal_bind_unlink = -1; 135 options->num_subsystems = 0; 136 options->max_startups_begin = -1; 137 options->max_startups_rate = -1; 138 options->max_startups = -1; 139 options->max_authtries = -1; 140 options->max_sessions = -1; 141 options->banner = NULL; 142 options->use_dns = -1; 143 options->client_alive_interval = -1; 144 options->client_alive_count_max = -1; 145 options->num_authkeys_files = 0; 146 options->num_accept_env = 0; 147 options->permit_tun = -1; 148 options->num_permitted_opens = -1; 149 options->adm_forced_command = NULL; 150 options->chroot_directory = NULL; 151 options->authorized_keys_command = NULL; 152 options->authorized_keys_command_user = NULL; 153 options->revoked_keys_file = NULL; 154 options->trusted_user_ca_keys = NULL; 155 options->authorized_principals_file = NULL; 156 options->authorized_principals_command = NULL; 157 options->authorized_principals_command_user = NULL; 158 options->ip_qos_interactive = -1; 159 options->ip_qos_bulk = -1; 160 options->version_addendum = NULL; 161 options->fingerprint_hash = -1; 162 } 163 164 /* Returns 1 if a string option is unset or set to "none" or 0 otherwise. */ 165 static int 166 option_clear_or_none(const char *o) 167 { 168 return o == NULL || strcasecmp(o, "none") == 0; 169 } 170 171 static void 172 assemble_algorithms(ServerOptions *o) 173 { 174 if (kex_assemble_names(KEX_SERVER_ENCRYPT, &o->ciphers) != 0 || 175 kex_assemble_names(KEX_SERVER_MAC, &o->macs) != 0 || 176 kex_assemble_names(KEX_SERVER_KEX, &o->kex_algorithms) != 0 || 177 kex_assemble_names(KEX_DEFAULT_PK_ALG, 178 &o->hostkeyalgorithms) != 0 || 179 kex_assemble_names(KEX_DEFAULT_PK_ALG, 180 &o->hostbased_key_types) != 0 || 181 kex_assemble_names(KEX_DEFAULT_PK_ALG, &o->pubkey_key_types) != 0) 182 fatal("kex_assemble_names failed"); 183 } 184 185 void 186 fill_default_server_options(ServerOptions *options) 187 { 188 int i; 189 190 if (options->protocol == SSH_PROTO_UNKNOWN) 191 options->protocol = SSH_PROTO_2; 192 if (options->num_host_key_files == 0) { 193 /* fill default hostkeys for protocols */ 194 if (options->protocol & SSH_PROTO_1) 195 options->host_key_files[options->num_host_key_files++] = 196 _PATH_HOST_KEY_FILE; 197 if (options->protocol & SSH_PROTO_2) { 198 options->host_key_files[options->num_host_key_files++] = 199 _PATH_HOST_RSA_KEY_FILE; 200 options->host_key_files[options->num_host_key_files++] = 201 _PATH_HOST_DSA_KEY_FILE; 202 options->host_key_files[options->num_host_key_files++] = 203 _PATH_HOST_ECDSA_KEY_FILE; 204 options->host_key_files[options->num_host_key_files++] = 205 _PATH_HOST_ED25519_KEY_FILE; 206 } 207 } 208 /* No certificates by default */ 209 if (options->num_ports == 0) 210 options->ports[options->num_ports++] = SSH_DEFAULT_PORT; 211 if (options->address_family == -1) 212 options->address_family = AF_UNSPEC; 213 if (options->listen_addrs == NULL) 214 add_listen_addr(options, NULL, 0); 215 if (options->pid_file == NULL) 216 options->pid_file = xstrdup(_PATH_SSH_DAEMON_PID_FILE); 217 if (options->server_key_bits == -1) 218 options->server_key_bits = 1024; 219 if (options->login_grace_time == -1) 220 options->login_grace_time = 120; 221 if (options->key_regeneration_time == -1) 222 options->key_regeneration_time = 3600; 223 if (options->permit_root_login == PERMIT_NOT_SET) 224 options->permit_root_login = PERMIT_NO_PASSWD; 225 if (options->ignore_rhosts == -1) 226 options->ignore_rhosts = 1; 227 if (options->ignore_user_known_hosts == -1) 228 options->ignore_user_known_hosts = 0; 229 if (options->print_motd == -1) 230 options->print_motd = 1; 231 if (options->print_lastlog == -1) 232 options->print_lastlog = 1; 233 if (options->x11_forwarding == -1) 234 options->x11_forwarding = 0; 235 if (options->x11_display_offset == -1) 236 options->x11_display_offset = 10; 237 if (options->x11_use_localhost == -1) 238 options->x11_use_localhost = 1; 239 if (options->xauth_location == NULL) 240 options->xauth_location = xstrdup(_PATH_XAUTH); 241 if (options->permit_tty == -1) 242 options->permit_tty = 1; 243 if (options->permit_user_rc == -1) 244 options->permit_user_rc = 1; 245 if (options->strict_modes == -1) 246 options->strict_modes = 1; 247 if (options->tcp_keep_alive == -1) 248 options->tcp_keep_alive = 1; 249 if (options->log_facility == SYSLOG_FACILITY_NOT_SET) 250 options->log_facility = SYSLOG_FACILITY_AUTH; 251 if (options->log_level == SYSLOG_LEVEL_NOT_SET) 252 options->log_level = SYSLOG_LEVEL_INFO; 253 if (options->rhosts_rsa_authentication == -1) 254 options->rhosts_rsa_authentication = 0; 255 if (options->hostbased_authentication == -1) 256 options->hostbased_authentication = 0; 257 if (options->hostbased_uses_name_from_packet_only == -1) 258 options->hostbased_uses_name_from_packet_only = 0; 259 if (options->rsa_authentication == -1) 260 options->rsa_authentication = 1; 261 if (options->pubkey_authentication == -1) 262 options->pubkey_authentication = 1; 263 if (options->kerberos_authentication == -1) 264 options->kerberos_authentication = 0; 265 if (options->kerberos_or_local_passwd == -1) 266 options->kerberos_or_local_passwd = 1; 267 if (options->kerberos_ticket_cleanup == -1) 268 options->kerberos_ticket_cleanup = 1; 269 if (options->kerberos_get_afs_token == -1) 270 options->kerberos_get_afs_token = 0; 271 if (options->gss_authentication == -1) 272 options->gss_authentication = 0; 273 if (options->gss_cleanup_creds == -1) 274 options->gss_cleanup_creds = 1; 275 if (options->gss_strict_acceptor == -1) 276 options->gss_strict_acceptor = 0; 277 if (options->password_authentication == -1) 278 options->password_authentication = 1; 279 if (options->kbd_interactive_authentication == -1) 280 options->kbd_interactive_authentication = 0; 281 if (options->challenge_response_authentication == -1) 282 options->challenge_response_authentication = 1; 283 if (options->permit_empty_passwd == -1) 284 options->permit_empty_passwd = 0; 285 if (options->permit_user_env == -1) 286 options->permit_user_env = 0; 287 if (options->use_login == -1) 288 options->use_login = 0; 289 if (options->compression == -1) 290 options->compression = COMP_DELAYED; 291 if (options->rekey_limit == -1) 292 options->rekey_limit = 0; 293 if (options->rekey_interval == -1) 294 options->rekey_interval = 0; 295 if (options->allow_tcp_forwarding == -1) 296 options->allow_tcp_forwarding = FORWARD_ALLOW; 297 if (options->allow_streamlocal_forwarding == -1) 298 options->allow_streamlocal_forwarding = FORWARD_ALLOW; 299 if (options->allow_agent_forwarding == -1) 300 options->allow_agent_forwarding = 1; 301 if (options->fwd_opts.gateway_ports == -1) 302 options->fwd_opts.gateway_ports = 0; 303 if (options->max_startups == -1) 304 options->max_startups = 100; 305 if (options->max_startups_rate == -1) 306 options->max_startups_rate = 30; /* 30% */ 307 if (options->max_startups_begin == -1) 308 options->max_startups_begin = 10; 309 if (options->max_authtries == -1) 310 options->max_authtries = DEFAULT_AUTH_FAIL_MAX; 311 if (options->max_sessions == -1) 312 options->max_sessions = DEFAULT_SESSIONS_MAX; 313 if (options->use_dns == -1) 314 options->use_dns = 0; 315 if (options->client_alive_interval == -1) 316 options->client_alive_interval = 0; 317 if (options->client_alive_count_max == -1) 318 options->client_alive_count_max = 3; 319 if (options->num_authkeys_files == 0) { 320 options->authorized_keys_files[options->num_authkeys_files++] = 321 xstrdup(_PATH_SSH_USER_PERMITTED_KEYS); 322 options->authorized_keys_files[options->num_authkeys_files++] = 323 xstrdup(_PATH_SSH_USER_PERMITTED_KEYS2); 324 } 325 if (options->permit_tun == -1) 326 options->permit_tun = SSH_TUNMODE_NO; 327 if (options->ip_qos_interactive == -1) 328 options->ip_qos_interactive = IPTOS_LOWDELAY; 329 if (options->ip_qos_bulk == -1) 330 options->ip_qos_bulk = IPTOS_THROUGHPUT; 331 if (options->version_addendum == NULL) 332 options->version_addendum = xstrdup(""); 333 if (options->fwd_opts.streamlocal_bind_mask == (mode_t)-1) 334 options->fwd_opts.streamlocal_bind_mask = 0177; 335 if (options->fwd_opts.streamlocal_bind_unlink == -1) 336 options->fwd_opts.streamlocal_bind_unlink = 0; 337 if (options->fingerprint_hash == -1) 338 options->fingerprint_hash = SSH_FP_HASH_DEFAULT; 339 340 assemble_algorithms(options); 341 342 /* Turn privilege separation and sandboxing on by default */ 343 if (use_privsep == -1) 344 use_privsep = PRIVSEP_ON; 345 346 #define CLEAR_ON_NONE(v) \ 347 do { \ 348 if (option_clear_or_none(v)) { \ 349 free(v); \ 350 v = NULL; \ 351 } \ 352 } while(0) 353 CLEAR_ON_NONE(options->pid_file); 354 CLEAR_ON_NONE(options->xauth_location); 355 CLEAR_ON_NONE(options->banner); 356 CLEAR_ON_NONE(options->trusted_user_ca_keys); 357 CLEAR_ON_NONE(options->revoked_keys_file); 358 CLEAR_ON_NONE(options->authorized_principals_file); 359 CLEAR_ON_NONE(options->adm_forced_command); 360 CLEAR_ON_NONE(options->chroot_directory); 361 for (i = 0; i < options->num_host_key_files; i++) 362 CLEAR_ON_NONE(options->host_key_files[i]); 363 for (i = 0; i < options->num_host_cert_files; i++) 364 CLEAR_ON_NONE(options->host_cert_files[i]); 365 #undef CLEAR_ON_NONE 366 367 /* Similar handling for AuthenticationMethods=any */ 368 if (options->num_auth_methods == 1 && 369 strcmp(options->auth_methods[0], "any") == 0) { 370 free(options->auth_methods[0]); 371 options->auth_methods[0] = NULL; 372 options->num_auth_methods = 0; 373 } 374 375 } 376 377 /* Keyword tokens. */ 378 typedef enum { 379 sBadOption, /* == unknown option */ 380 sPort, sHostKeyFile, sServerKeyBits, sLoginGraceTime, 381 sKeyRegenerationTime, sPermitRootLogin, sLogFacility, sLogLevel, 382 sRhostsRSAAuthentication, sRSAAuthentication, 383 sKerberosAuthentication, sKerberosOrLocalPasswd, sKerberosTicketCleanup, 384 sKerberosGetAFSToken, 385 sKerberosTgtPassing, sChallengeResponseAuthentication, 386 sPasswordAuthentication, sKbdInteractiveAuthentication, 387 sListenAddress, sAddressFamily, 388 sPrintMotd, sPrintLastLog, sIgnoreRhosts, 389 sX11Forwarding, sX11DisplayOffset, sX11UseLocalhost, 390 sPermitTTY, sStrictModes, sEmptyPasswd, sTCPKeepAlive, 391 sPermitUserEnvironment, sUseLogin, sAllowTcpForwarding, sCompression, 392 sRekeyLimit, sAllowUsers, sDenyUsers, sAllowGroups, sDenyGroups, 393 sIgnoreUserKnownHosts, sCiphers, sMacs, sProtocol, sPidFile, 394 sGatewayPorts, sPubkeyAuthentication, sPubkeyAcceptedKeyTypes, 395 sXAuthLocation, sSubsystem, sMaxStartups, sMaxAuthTries, sMaxSessions, 396 sBanner, sUseDNS, sHostbasedAuthentication, 397 sHostbasedUsesNameFromPacketOnly, sHostbasedAcceptedKeyTypes, 398 sHostKeyAlgorithms, 399 sClientAliveInterval, sClientAliveCountMax, sAuthorizedKeysFile, 400 sGssAuthentication, sGssCleanupCreds, sGssStrictAcceptor, 401 sAcceptEnv, sPermitTunnel, 402 sMatch, sPermitOpen, sForceCommand, sChrootDirectory, 403 sUsePrivilegeSeparation, sAllowAgentForwarding, 404 sHostCertificate, 405 sRevokedKeys, sTrustedUserCAKeys, sAuthorizedPrincipalsFile, 406 sAuthorizedPrincipalsCommand, sAuthorizedPrincipalsCommandUser, 407 sKexAlgorithms, sIPQoS, sVersionAddendum, 408 sAuthorizedKeysCommand, sAuthorizedKeysCommandUser, 409 sAuthenticationMethods, sHostKeyAgent, sPermitUserRC, 410 sStreamLocalBindMask, sStreamLocalBindUnlink, 411 sAllowStreamLocalForwarding, sFingerprintHash, 412 sDeprecated, sUnsupported 413 } ServerOpCodes; 414 415 #define SSHCFG_GLOBAL 0x01 /* allowed in main section of sshd_config */ 416 #define SSHCFG_MATCH 0x02 /* allowed inside a Match section */ 417 #define SSHCFG_ALL (SSHCFG_GLOBAL|SSHCFG_MATCH) 418 419 /* Textual representation of the tokens. */ 420 static struct { 421 const char *name; 422 ServerOpCodes opcode; 423 u_int flags; 424 } keywords[] = { 425 { "port", sPort, SSHCFG_GLOBAL }, 426 { "hostkey", sHostKeyFile, SSHCFG_GLOBAL }, 427 { "hostdsakey", sHostKeyFile, SSHCFG_GLOBAL }, /* alias */ 428 { "hostkeyagent", sHostKeyAgent, SSHCFG_GLOBAL }, 429 { "pidfile", sPidFile, SSHCFG_GLOBAL }, 430 { "serverkeybits", sServerKeyBits, SSHCFG_GLOBAL }, 431 { "logingracetime", sLoginGraceTime, SSHCFG_GLOBAL }, 432 { "keyregenerationinterval", sKeyRegenerationTime, SSHCFG_GLOBAL }, 433 { "permitrootlogin", sPermitRootLogin, SSHCFG_ALL }, 434 { "syslogfacility", sLogFacility, SSHCFG_GLOBAL }, 435 { "loglevel", sLogLevel, SSHCFG_GLOBAL }, 436 { "rhostsauthentication", sDeprecated, SSHCFG_GLOBAL }, 437 { "rhostsrsaauthentication", sRhostsRSAAuthentication, SSHCFG_ALL }, 438 { "hostbasedauthentication", sHostbasedAuthentication, SSHCFG_ALL }, 439 { "hostbasedusesnamefrompacketonly", sHostbasedUsesNameFromPacketOnly, SSHCFG_ALL }, 440 { "hostbasedacceptedkeytypes", sHostbasedAcceptedKeyTypes, SSHCFG_ALL }, 441 { "hostkeyalgorithms", sHostKeyAlgorithms, SSHCFG_GLOBAL }, 442 { "rsaauthentication", sRSAAuthentication, SSHCFG_ALL }, 443 { "pubkeyauthentication", sPubkeyAuthentication, SSHCFG_ALL }, 444 { "pubkeyacceptedkeytypes", sPubkeyAcceptedKeyTypes, SSHCFG_ALL }, 445 { "dsaauthentication", sPubkeyAuthentication, SSHCFG_GLOBAL }, /* alias */ 446 #ifdef KRB5 447 { "kerberosauthentication", sKerberosAuthentication, SSHCFG_ALL }, 448 { "kerberosorlocalpasswd", sKerberosOrLocalPasswd, SSHCFG_GLOBAL }, 449 { "kerberosticketcleanup", sKerberosTicketCleanup, SSHCFG_GLOBAL }, 450 { "kerberosgetafstoken", sKerberosGetAFSToken, SSHCFG_GLOBAL }, 451 #else 452 { "kerberosauthentication", sUnsupported, SSHCFG_ALL }, 453 { "kerberosorlocalpasswd", sUnsupported, SSHCFG_GLOBAL }, 454 { "kerberosticketcleanup", sUnsupported, SSHCFG_GLOBAL }, 455 { "kerberosgetafstoken", sUnsupported, SSHCFG_GLOBAL }, 456 #endif 457 { "kerberostgtpassing", sUnsupported, SSHCFG_GLOBAL }, 458 { "afstokenpassing", sUnsupported, SSHCFG_GLOBAL }, 459 #ifdef GSSAPI 460 { "gssapiauthentication", sGssAuthentication, SSHCFG_ALL }, 461 { "gssapicleanupcredentials", sGssCleanupCreds, SSHCFG_GLOBAL }, 462 { "gssapistrictacceptorcheck", sGssStrictAcceptor, SSHCFG_GLOBAL }, 463 #else 464 { "gssapiauthentication", sUnsupported, SSHCFG_ALL }, 465 { "gssapicleanupcredentials", sUnsupported, SSHCFG_GLOBAL }, 466 { "gssapistrictacceptorcheck", sUnsupported, SSHCFG_GLOBAL }, 467 #endif 468 { "passwordauthentication", sPasswordAuthentication, SSHCFG_ALL }, 469 { "kbdinteractiveauthentication", sKbdInteractiveAuthentication, SSHCFG_ALL }, 470 { "challengeresponseauthentication", sChallengeResponseAuthentication, SSHCFG_GLOBAL }, 471 { "skeyauthentication", sChallengeResponseAuthentication, SSHCFG_GLOBAL }, /* alias */ 472 { "checkmail", sDeprecated, SSHCFG_GLOBAL }, 473 { "listenaddress", sListenAddress, SSHCFG_GLOBAL }, 474 { "addressfamily", sAddressFamily, SSHCFG_GLOBAL }, 475 { "printmotd", sPrintMotd, SSHCFG_GLOBAL }, 476 { "printlastlog", sPrintLastLog, SSHCFG_GLOBAL }, 477 { "ignorerhosts", sIgnoreRhosts, SSHCFG_GLOBAL }, 478 { "ignoreuserknownhosts", sIgnoreUserKnownHosts, SSHCFG_GLOBAL }, 479 { "x11forwarding", sX11Forwarding, SSHCFG_ALL }, 480 { "x11displayoffset", sX11DisplayOffset, SSHCFG_ALL }, 481 { "x11uselocalhost", sX11UseLocalhost, SSHCFG_ALL }, 482 { "xauthlocation", sXAuthLocation, SSHCFG_GLOBAL }, 483 { "strictmodes", sStrictModes, SSHCFG_GLOBAL }, 484 { "permitemptypasswords", sEmptyPasswd, SSHCFG_ALL }, 485 { "permituserenvironment", sPermitUserEnvironment, SSHCFG_GLOBAL }, 486 { "uselogin", sUseLogin, SSHCFG_GLOBAL }, 487 { "compression", sCompression, SSHCFG_GLOBAL }, 488 { "rekeylimit", sRekeyLimit, SSHCFG_ALL }, 489 { "tcpkeepalive", sTCPKeepAlive, SSHCFG_GLOBAL }, 490 { "keepalive", sTCPKeepAlive, SSHCFG_GLOBAL }, /* obsolete alias */ 491 { "allowtcpforwarding", sAllowTcpForwarding, SSHCFG_ALL }, 492 { "allowagentforwarding", sAllowAgentForwarding, SSHCFG_ALL }, 493 { "allowusers", sAllowUsers, SSHCFG_ALL }, 494 { "denyusers", sDenyUsers, SSHCFG_ALL }, 495 { "allowgroups", sAllowGroups, SSHCFG_ALL }, 496 { "denygroups", sDenyGroups, SSHCFG_ALL }, 497 { "ciphers", sCiphers, SSHCFG_GLOBAL }, 498 { "macs", sMacs, SSHCFG_GLOBAL }, 499 { "protocol", sProtocol, SSHCFG_GLOBAL }, 500 { "gatewayports", sGatewayPorts, SSHCFG_ALL }, 501 { "subsystem", sSubsystem, SSHCFG_GLOBAL }, 502 { "maxstartups", sMaxStartups, SSHCFG_GLOBAL }, 503 { "maxauthtries", sMaxAuthTries, SSHCFG_ALL }, 504 { "maxsessions", sMaxSessions, SSHCFG_ALL }, 505 { "banner", sBanner, SSHCFG_ALL }, 506 { "usedns", sUseDNS, SSHCFG_GLOBAL }, 507 { "verifyreversemapping", sDeprecated, SSHCFG_GLOBAL }, 508 { "reversemappingcheck", sDeprecated, SSHCFG_GLOBAL }, 509 { "clientaliveinterval", sClientAliveInterval, SSHCFG_GLOBAL }, 510 { "clientalivecountmax", sClientAliveCountMax, SSHCFG_GLOBAL }, 511 { "authorizedkeysfile", sAuthorizedKeysFile, SSHCFG_ALL }, 512 { "authorizedkeysfile2", sDeprecated, SSHCFG_ALL }, 513 { "useprivilegeseparation", sUsePrivilegeSeparation, SSHCFG_GLOBAL}, 514 { "acceptenv", sAcceptEnv, SSHCFG_ALL }, 515 { "permittunnel", sPermitTunnel, SSHCFG_ALL }, 516 { "permittty", sPermitTTY, SSHCFG_ALL }, 517 { "permituserrc", sPermitUserRC, SSHCFG_ALL }, 518 { "match", sMatch, SSHCFG_ALL }, 519 { "permitopen", sPermitOpen, SSHCFG_ALL }, 520 { "forcecommand", sForceCommand, SSHCFG_ALL }, 521 { "chrootdirectory", sChrootDirectory, SSHCFG_ALL }, 522 { "hostcertificate", sHostCertificate, SSHCFG_GLOBAL }, 523 { "revokedkeys", sRevokedKeys, SSHCFG_ALL }, 524 { "trustedusercakeys", sTrustedUserCAKeys, SSHCFG_ALL }, 525 { "authorizedprincipalsfile", sAuthorizedPrincipalsFile, SSHCFG_ALL }, 526 { "kexalgorithms", sKexAlgorithms, SSHCFG_GLOBAL }, 527 { "ipqos", sIPQoS, SSHCFG_ALL }, 528 { "authorizedkeyscommand", sAuthorizedKeysCommand, SSHCFG_ALL }, 529 { "authorizedkeyscommanduser", sAuthorizedKeysCommandUser, SSHCFG_ALL }, 530 { "authorizedprincipalscommand", sAuthorizedPrincipalsCommand, SSHCFG_ALL }, 531 { "authorizedprincipalscommanduser", sAuthorizedPrincipalsCommandUser, SSHCFG_ALL }, 532 { "versionaddendum", sVersionAddendum, SSHCFG_GLOBAL }, 533 { "authenticationmethods", sAuthenticationMethods, SSHCFG_ALL }, 534 { "streamlocalbindmask", sStreamLocalBindMask, SSHCFG_ALL }, 535 { "streamlocalbindunlink", sStreamLocalBindUnlink, SSHCFG_ALL }, 536 { "allowstreamlocalforwarding", sAllowStreamLocalForwarding, SSHCFG_ALL }, 537 { "fingerprinthash", sFingerprintHash, SSHCFG_GLOBAL }, 538 { NULL, sBadOption, 0 } 539 }; 540 541 static struct { 542 int val; 543 char *text; 544 } tunmode_desc[] = { 545 { SSH_TUNMODE_NO, "no" }, 546 { SSH_TUNMODE_POINTOPOINT, "point-to-point" }, 547 { SSH_TUNMODE_ETHERNET, "ethernet" }, 548 { SSH_TUNMODE_YES, "yes" }, 549 { -1, NULL } 550 }; 551 552 /* 553 * Returns the number of the token pointed to by cp or sBadOption. 554 */ 555 556 static ServerOpCodes 557 parse_token(const char *cp, const char *filename, 558 int linenum, u_int *flags) 559 { 560 u_int i; 561 562 for (i = 0; keywords[i].name; i++) 563 if (strcasecmp(cp, keywords[i].name) == 0) { 564 *flags = keywords[i].flags; 565 return keywords[i].opcode; 566 } 567 568 error("%s: line %d: Bad configuration option: %s", 569 filename, linenum, cp); 570 return sBadOption; 571 } 572 573 char * 574 derelativise_path(const char *path) 575 { 576 char *expanded, *ret, cwd[PATH_MAX]; 577 578 if (strcasecmp(path, "none") == 0) 579 return xstrdup("none"); 580 expanded = tilde_expand_filename(path, getuid()); 581 if (*expanded == '/') 582 return expanded; 583 if (getcwd(cwd, sizeof(cwd)) == NULL) 584 fatal("%s: getcwd: %s", __func__, strerror(errno)); 585 xasprintf(&ret, "%s/%s", cwd, expanded); 586 free(expanded); 587 return ret; 588 } 589 590 static void 591 add_listen_addr(ServerOptions *options, char *addr, int port) 592 { 593 u_int i; 594 595 if (port == 0) 596 for (i = 0; i < options->num_ports; i++) 597 add_one_listen_addr(options, addr, options->ports[i]); 598 else 599 add_one_listen_addr(options, addr, port); 600 } 601 602 static void 603 add_one_listen_addr(ServerOptions *options, char *addr, int port) 604 { 605 struct addrinfo hints, *ai, *aitop; 606 char strport[NI_MAXSERV]; 607 int gaierr; 608 609 memset(&hints, 0, sizeof(hints)); 610 hints.ai_family = options->address_family; 611 hints.ai_socktype = SOCK_STREAM; 612 hints.ai_flags = (addr == NULL) ? AI_PASSIVE : 0; 613 snprintf(strport, sizeof strport, "%d", port); 614 if ((gaierr = getaddrinfo(addr, strport, &hints, &aitop)) != 0) 615 fatal("bad addr or host: %s (%s)", 616 addr ? addr : "<NULL>", 617 ssh_gai_strerror(gaierr)); 618 for (ai = aitop; ai->ai_next; ai = ai->ai_next) 619 ; 620 ai->ai_next = options->listen_addrs; 621 options->listen_addrs = aitop; 622 } 623 624 /* 625 * Queue a ListenAddress to be processed once we have all of the Ports 626 * and AddressFamily options. 627 */ 628 static void 629 queue_listen_addr(ServerOptions *options, char *addr, int port) 630 { 631 options->queued_listen_addrs = xreallocarray( 632 options->queued_listen_addrs, options->num_queued_listens + 1, 633 sizeof(addr)); 634 options->queued_listen_ports = xreallocarray( 635 options->queued_listen_ports, options->num_queued_listens + 1, 636 sizeof(port)); 637 options->queued_listen_addrs[options->num_queued_listens] = 638 xstrdup(addr); 639 options->queued_listen_ports[options->num_queued_listens] = port; 640 options->num_queued_listens++; 641 } 642 643 /* 644 * Process queued (text) ListenAddress entries. 645 */ 646 static void 647 process_queued_listen_addrs(ServerOptions *options) 648 { 649 u_int i; 650 651 if (options->num_ports == 0) 652 options->ports[options->num_ports++] = SSH_DEFAULT_PORT; 653 if (options->address_family == -1) 654 options->address_family = AF_UNSPEC; 655 656 for (i = 0; i < options->num_queued_listens; i++) { 657 add_listen_addr(options, options->queued_listen_addrs[i], 658 options->queued_listen_ports[i]); 659 free(options->queued_listen_addrs[i]); 660 options->queued_listen_addrs[i] = NULL; 661 } 662 free(options->queued_listen_addrs); 663 options->queued_listen_addrs = NULL; 664 free(options->queued_listen_ports); 665 options->queued_listen_ports = NULL; 666 options->num_queued_listens = 0; 667 } 668 669 struct connection_info * 670 get_connection_info(int populate, int use_dns) 671 { 672 struct ssh *ssh = active_state; /* XXX */ 673 static struct connection_info ci; 674 675 if (!populate) 676 return &ci; 677 ci.host = auth_get_canonical_hostname(ssh, use_dns); 678 ci.address = ssh_remote_ipaddr(ssh); 679 ci.laddress = ssh_local_ipaddr(ssh); 680 ci.lport = ssh_local_port(ssh); 681 return &ci; 682 } 683 684 /* 685 * The strategy for the Match blocks is that the config file is parsed twice. 686 * 687 * The first time is at startup. activep is initialized to 1 and the 688 * directives in the global context are processed and acted on. Hitting a 689 * Match directive unsets activep and the directives inside the block are 690 * checked for syntax only. 691 * 692 * The second time is after a connection has been established but before 693 * authentication. activep is initialized to 2 and global config directives 694 * are ignored since they have already been processed. If the criteria in a 695 * Match block is met, activep is set and the subsequent directives 696 * processed and actioned until EOF or another Match block unsets it. Any 697 * options set are copied into the main server config. 698 * 699 * Potential additions/improvements: 700 * - Add Match support for pre-kex directives, eg Protocol, Ciphers. 701 * 702 * - Add a Tag directive (idea from David Leonard) ala pf, eg: 703 * Match Address 192.168.0.* 704 * Tag trusted 705 * Match Group wheel 706 * Tag trusted 707 * Match Tag trusted 708 * AllowTcpForwarding yes 709 * GatewayPorts clientspecified 710 * [...] 711 * 712 * - Add a PermittedChannelRequests directive 713 * Match Group shell 714 * PermittedChannelRequests session,forwarded-tcpip 715 */ 716 717 static int 718 match_cfg_line_group(const char *grps, int line, const char *user) 719 { 720 int result = 0; 721 struct passwd *pw; 722 723 if (user == NULL) 724 goto out; 725 726 if ((pw = getpwnam(user)) == NULL) { 727 debug("Can't match group at line %d because user %.100s does " 728 "not exist", line, user); 729 } else if (ga_init(pw->pw_name, pw->pw_gid) == 0) { 730 debug("Can't Match group because user %.100s not in any group " 731 "at line %d", user, line); 732 } else if (ga_match_pattern_list(grps) != 1) { 733 debug("user %.100s does not match group list %.100s at line %d", 734 user, grps, line); 735 } else { 736 debug("user %.100s matched group list %.100s at line %d", user, 737 grps, line); 738 result = 1; 739 } 740 out: 741 ga_free(); 742 return result; 743 } 744 745 /* 746 * All of the attributes on a single Match line are ANDed together, so we need 747 * to check every attribute and set the result to zero if any attribute does 748 * not match. 749 */ 750 static int 751 match_cfg_line(char **condition, int line, struct connection_info *ci) 752 { 753 int result = 1, attributes = 0, port; 754 char *arg, *attrib, *cp = *condition; 755 756 if (ci == NULL) 757 debug3("checking syntax for 'Match %s'", cp); 758 else 759 debug3("checking match for '%s' user %s host %s addr %s " 760 "laddr %s lport %d", cp, ci->user ? ci->user : "(null)", 761 ci->host ? ci->host : "(null)", 762 ci->address ? ci->address : "(null)", 763 ci->laddress ? ci->laddress : "(null)", ci->lport); 764 765 while ((attrib = strdelim(&cp)) && *attrib != '\0') { 766 attributes++; 767 if (strcasecmp(attrib, "all") == 0) { 768 if (attributes != 1 || 769 ((arg = strdelim(&cp)) != NULL && *arg != '\0')) { 770 error("'all' cannot be combined with other " 771 "Match attributes"); 772 return -1; 773 } 774 *condition = cp; 775 return 1; 776 } 777 if ((arg = strdelim(&cp)) == NULL || *arg == '\0') { 778 error("Missing Match criteria for %s", attrib); 779 return -1; 780 } 781 if (strcasecmp(attrib, "user") == 0) { 782 if (ci == NULL || ci->user == NULL) { 783 result = 0; 784 continue; 785 } 786 if (match_pattern_list(ci->user, arg, 0) != 1) 787 result = 0; 788 else 789 debug("user %.100s matched 'User %.100s' at " 790 "line %d", ci->user, arg, line); 791 } else if (strcasecmp(attrib, "group") == 0) { 792 if (ci == NULL || ci->user == NULL) { 793 result = 0; 794 continue; 795 } 796 switch (match_cfg_line_group(arg, line, ci->user)) { 797 case -1: 798 return -1; 799 case 0: 800 result = 0; 801 } 802 } else if (strcasecmp(attrib, "host") == 0) { 803 if (ci == NULL || ci->host == NULL) { 804 result = 0; 805 continue; 806 } 807 if (match_hostname(ci->host, arg) != 1) 808 result = 0; 809 else 810 debug("connection from %.100s matched 'Host " 811 "%.100s' at line %d", ci->host, arg, line); 812 } else if (strcasecmp(attrib, "address") == 0) { 813 if (ci == NULL || ci->address == NULL) { 814 result = 0; 815 continue; 816 } 817 switch (addr_match_list(ci->address, arg)) { 818 case 1: 819 debug("connection from %.100s matched 'Address " 820 "%.100s' at line %d", ci->address, arg, line); 821 break; 822 case 0: 823 case -1: 824 result = 0; 825 break; 826 case -2: 827 return -1; 828 } 829 } else if (strcasecmp(attrib, "localaddress") == 0){ 830 if (ci == NULL || ci->laddress == NULL) { 831 result = 0; 832 continue; 833 } 834 switch (addr_match_list(ci->laddress, arg)) { 835 case 1: 836 debug("connection from %.100s matched " 837 "'LocalAddress %.100s' at line %d", 838 ci->laddress, arg, line); 839 break; 840 case 0: 841 case -1: 842 result = 0; 843 break; 844 case -2: 845 return -1; 846 } 847 } else if (strcasecmp(attrib, "localport") == 0) { 848 if ((port = a2port(arg)) == -1) { 849 error("Invalid LocalPort '%s' on Match line", 850 arg); 851 return -1; 852 } 853 if (ci == NULL || ci->lport == 0) { 854 result = 0; 855 continue; 856 } 857 /* TODO support port lists */ 858 if (port == ci->lport) 859 debug("connection from %.100s matched " 860 "'LocalPort %d' at line %d", 861 ci->laddress, port, line); 862 else 863 result = 0; 864 } else { 865 error("Unsupported Match attribute %s", attrib); 866 return -1; 867 } 868 } 869 if (attributes == 0) { 870 error("One or more attributes required for Match"); 871 return -1; 872 } 873 if (ci != NULL) 874 debug3("match %sfound", result ? "" : "not "); 875 *condition = cp; 876 return result; 877 } 878 879 #define WHITESPACE " \t\r\n" 880 881 /* Multistate option parsing */ 882 struct multistate { 883 char *key; 884 int value; 885 }; 886 static const struct multistate multistate_addressfamily[] = { 887 { "inet", AF_INET }, 888 { "inet6", AF_INET6 }, 889 { "any", AF_UNSPEC }, 890 { NULL, -1 } 891 }; 892 static const struct multistate multistate_permitrootlogin[] = { 893 { "without-password", PERMIT_NO_PASSWD }, 894 { "prohibit-password", PERMIT_NO_PASSWD }, 895 { "forced-commands-only", PERMIT_FORCED_ONLY }, 896 { "yes", PERMIT_YES }, 897 { "no", PERMIT_NO }, 898 { NULL, -1 } 899 }; 900 static const struct multistate multistate_compression[] = { 901 { "delayed", COMP_DELAYED }, 902 { "yes", COMP_ZLIB }, 903 { "no", COMP_NONE }, 904 { NULL, -1 } 905 }; 906 static const struct multistate multistate_gatewayports[] = { 907 { "clientspecified", 2 }, 908 { "yes", 1 }, 909 { "no", 0 }, 910 { NULL, -1 } 911 }; 912 static const struct multistate multistate_privsep[] = { 913 { "yes", PRIVSEP_NOSANDBOX }, 914 { "sandbox", PRIVSEP_ON }, 915 { "nosandbox", PRIVSEP_NOSANDBOX }, 916 { "no", PRIVSEP_OFF }, 917 { NULL, -1 } 918 }; 919 static const struct multistate multistate_tcpfwd[] = { 920 { "yes", FORWARD_ALLOW }, 921 { "all", FORWARD_ALLOW }, 922 { "no", FORWARD_DENY }, 923 { "remote", FORWARD_REMOTE }, 924 { "local", FORWARD_LOCAL }, 925 { NULL, -1 } 926 }; 927 928 int 929 process_server_config_line(ServerOptions *options, char *line, 930 const char *filename, int linenum, int *activep, 931 struct connection_info *connectinfo) 932 { 933 char *cp, **charptr, *arg, *p; 934 int cmdline = 0, *intptr, value, value2, n, port; 935 SyslogFacility *log_facility_ptr; 936 LogLevel *log_level_ptr; 937 ServerOpCodes opcode; 938 u_int i, flags = 0; 939 size_t len; 940 long long val64; 941 const struct multistate *multistate_ptr; 942 943 cp = line; 944 if ((arg = strdelim(&cp)) == NULL) 945 return 0; 946 /* Ignore leading whitespace */ 947 if (*arg == '\0') 948 arg = strdelim(&cp); 949 if (!arg || !*arg || *arg == '#') 950 return 0; 951 intptr = NULL; 952 charptr = NULL; 953 opcode = parse_token(arg, filename, linenum, &flags); 954 955 if (activep == NULL) { /* We are processing a command line directive */ 956 cmdline = 1; 957 activep = &cmdline; 958 } 959 if (*activep && opcode != sMatch) 960 debug3("%s:%d setting %s %s", filename, linenum, arg, cp); 961 if (*activep == 0 && !(flags & SSHCFG_MATCH)) { 962 if (connectinfo == NULL) { 963 fatal("%s line %d: Directive '%s' is not allowed " 964 "within a Match block", filename, linenum, arg); 965 } else { /* this is a directive we have already processed */ 966 while (arg) 967 arg = strdelim(&cp); 968 return 0; 969 } 970 } 971 972 switch (opcode) { 973 case sBadOption: 974 return -1; 975 case sPort: 976 /* ignore ports from configfile if cmdline specifies ports */ 977 if (options->ports_from_cmdline) 978 return 0; 979 if (options->num_ports >= MAX_PORTS) 980 fatal("%s line %d: too many ports.", 981 filename, linenum); 982 arg = strdelim(&cp); 983 if (!arg || *arg == '\0') 984 fatal("%s line %d: missing port number.", 985 filename, linenum); 986 options->ports[options->num_ports++] = a2port(arg); 987 if (options->ports[options->num_ports-1] <= 0) 988 fatal("%s line %d: Badly formatted port number.", 989 filename, linenum); 990 break; 991 992 case sServerKeyBits: 993 intptr = &options->server_key_bits; 994 parse_int: 995 arg = strdelim(&cp); 996 if (!arg || *arg == '\0') 997 fatal("%s line %d: missing integer value.", 998 filename, linenum); 999 value = atoi(arg); 1000 if (*activep && *intptr == -1) 1001 *intptr = value; 1002 break; 1003 1004 case sLoginGraceTime: 1005 intptr = &options->login_grace_time; 1006 parse_time: 1007 arg = strdelim(&cp); 1008 if (!arg || *arg == '\0') 1009 fatal("%s line %d: missing time value.", 1010 filename, linenum); 1011 if ((value = convtime(arg)) == -1) 1012 fatal("%s line %d: invalid time value.", 1013 filename, linenum); 1014 if (*activep && *intptr == -1) 1015 *intptr = value; 1016 break; 1017 1018 case sKeyRegenerationTime: 1019 intptr = &options->key_regeneration_time; 1020 goto parse_time; 1021 1022 case sListenAddress: 1023 arg = strdelim(&cp); 1024 if (arg == NULL || *arg == '\0') 1025 fatal("%s line %d: missing address", 1026 filename, linenum); 1027 /* check for bare IPv6 address: no "[]" and 2 or more ":" */ 1028 if (strchr(arg, '[') == NULL && (p = strchr(arg, ':')) != NULL 1029 && strchr(p+1, ':') != NULL) { 1030 queue_listen_addr(options, arg, 0); 1031 break; 1032 } 1033 p = hpdelim(&arg); 1034 if (p == NULL) 1035 fatal("%s line %d: bad address:port usage", 1036 filename, linenum); 1037 p = cleanhostname(p); 1038 if (arg == NULL) 1039 port = 0; 1040 else if ((port = a2port(arg)) <= 0) 1041 fatal("%s line %d: bad port number", filename, linenum); 1042 1043 queue_listen_addr(options, p, port); 1044 1045 break; 1046 1047 case sAddressFamily: 1048 intptr = &options->address_family; 1049 multistate_ptr = multistate_addressfamily; 1050 parse_multistate: 1051 arg = strdelim(&cp); 1052 if (!arg || *arg == '\0') 1053 fatal("%s line %d: missing argument.", 1054 filename, linenum); 1055 value = -1; 1056 for (i = 0; multistate_ptr[i].key != NULL; i++) { 1057 if (strcasecmp(arg, multistate_ptr[i].key) == 0) { 1058 value = multistate_ptr[i].value; 1059 break; 1060 } 1061 } 1062 if (value == -1) 1063 fatal("%s line %d: unsupported option \"%s\".", 1064 filename, linenum, arg); 1065 if (*activep && *intptr == -1) 1066 *intptr = value; 1067 break; 1068 1069 case sHostKeyFile: 1070 intptr = &options->num_host_key_files; 1071 if (*intptr >= MAX_HOSTKEYS) 1072 fatal("%s line %d: too many host keys specified (max %d).", 1073 filename, linenum, MAX_HOSTKEYS); 1074 charptr = &options->host_key_files[*intptr]; 1075 parse_filename: 1076 arg = strdelim(&cp); 1077 if (!arg || *arg == '\0') 1078 fatal("%s line %d: missing file name.", 1079 filename, linenum); 1080 if (*activep && *charptr == NULL) { 1081 *charptr = derelativise_path(arg); 1082 /* increase optional counter */ 1083 if (intptr != NULL) 1084 *intptr = *intptr + 1; 1085 } 1086 break; 1087 1088 case sHostKeyAgent: 1089 charptr = &options->host_key_agent; 1090 arg = strdelim(&cp); 1091 if (!arg || *arg == '\0') 1092 fatal("%s line %d: missing socket name.", 1093 filename, linenum); 1094 if (*activep && *charptr == NULL) 1095 *charptr = !strcmp(arg, SSH_AUTHSOCKET_ENV_NAME) ? 1096 xstrdup(arg) : derelativise_path(arg); 1097 break; 1098 1099 case sHostCertificate: 1100 intptr = &options->num_host_cert_files; 1101 if (*intptr >= MAX_HOSTKEYS) 1102 fatal("%s line %d: too many host certificates " 1103 "specified (max %d).", filename, linenum, 1104 MAX_HOSTCERTS); 1105 charptr = &options->host_cert_files[*intptr]; 1106 goto parse_filename; 1107 break; 1108 1109 case sPidFile: 1110 charptr = &options->pid_file; 1111 goto parse_filename; 1112 1113 case sPermitRootLogin: 1114 intptr = &options->permit_root_login; 1115 multistate_ptr = multistate_permitrootlogin; 1116 goto parse_multistate; 1117 1118 case sIgnoreRhosts: 1119 intptr = &options->ignore_rhosts; 1120 parse_flag: 1121 arg = strdelim(&cp); 1122 if (!arg || *arg == '\0') 1123 fatal("%s line %d: missing yes/no argument.", 1124 filename, linenum); 1125 value = 0; /* silence compiler */ 1126 if (strcmp(arg, "yes") == 0) 1127 value = 1; 1128 else if (strcmp(arg, "no") == 0) 1129 value = 0; 1130 else 1131 fatal("%s line %d: Bad yes/no argument: %s", 1132 filename, linenum, arg); 1133 if (*activep && *intptr == -1) 1134 *intptr = value; 1135 break; 1136 1137 case sIgnoreUserKnownHosts: 1138 intptr = &options->ignore_user_known_hosts; 1139 goto parse_flag; 1140 1141 case sRhostsRSAAuthentication: 1142 intptr = &options->rhosts_rsa_authentication; 1143 goto parse_flag; 1144 1145 case sHostbasedAuthentication: 1146 intptr = &options->hostbased_authentication; 1147 goto parse_flag; 1148 1149 case sHostbasedUsesNameFromPacketOnly: 1150 intptr = &options->hostbased_uses_name_from_packet_only; 1151 goto parse_flag; 1152 1153 case sHostbasedAcceptedKeyTypes: 1154 charptr = &options->hostbased_key_types; 1155 parse_keytypes: 1156 arg = strdelim(&cp); 1157 if (!arg || *arg == '\0') 1158 fatal("%s line %d: Missing argument.", 1159 filename, linenum); 1160 if (!sshkey_names_valid2(*arg == '+' ? arg + 1 : arg, 1)) 1161 fatal("%s line %d: Bad key types '%s'.", 1162 filename, linenum, arg ? arg : "<NONE>"); 1163 if (*activep && *charptr == NULL) 1164 *charptr = xstrdup(arg); 1165 break; 1166 1167 case sHostKeyAlgorithms: 1168 charptr = &options->hostkeyalgorithms; 1169 goto parse_keytypes; 1170 1171 case sRSAAuthentication: 1172 intptr = &options->rsa_authentication; 1173 goto parse_flag; 1174 1175 case sPubkeyAuthentication: 1176 intptr = &options->pubkey_authentication; 1177 goto parse_flag; 1178 1179 case sPubkeyAcceptedKeyTypes: 1180 charptr = &options->pubkey_key_types; 1181 goto parse_keytypes; 1182 1183 case sKerberosAuthentication: 1184 intptr = &options->kerberos_authentication; 1185 goto parse_flag; 1186 1187 case sKerberosOrLocalPasswd: 1188 intptr = &options->kerberos_or_local_passwd; 1189 goto parse_flag; 1190 1191 case sKerberosTicketCleanup: 1192 intptr = &options->kerberos_ticket_cleanup; 1193 goto parse_flag; 1194 1195 case sKerberosGetAFSToken: 1196 intptr = &options->kerberos_get_afs_token; 1197 goto parse_flag; 1198 1199 case sGssAuthentication: 1200 intptr = &options->gss_authentication; 1201 goto parse_flag; 1202 1203 case sGssCleanupCreds: 1204 intptr = &options->gss_cleanup_creds; 1205 goto parse_flag; 1206 1207 case sGssStrictAcceptor: 1208 intptr = &options->gss_strict_acceptor; 1209 goto parse_flag; 1210 1211 case sPasswordAuthentication: 1212 intptr = &options->password_authentication; 1213 goto parse_flag; 1214 1215 case sKbdInteractiveAuthentication: 1216 intptr = &options->kbd_interactive_authentication; 1217 goto parse_flag; 1218 1219 case sChallengeResponseAuthentication: 1220 intptr = &options->challenge_response_authentication; 1221 goto parse_flag; 1222 1223 case sPrintMotd: 1224 intptr = &options->print_motd; 1225 goto parse_flag; 1226 1227 case sPrintLastLog: 1228 intptr = &options->print_lastlog; 1229 goto parse_flag; 1230 1231 case sX11Forwarding: 1232 intptr = &options->x11_forwarding; 1233 goto parse_flag; 1234 1235 case sX11DisplayOffset: 1236 intptr = &options->x11_display_offset; 1237 goto parse_int; 1238 1239 case sX11UseLocalhost: 1240 intptr = &options->x11_use_localhost; 1241 goto parse_flag; 1242 1243 case sXAuthLocation: 1244 charptr = &options->xauth_location; 1245 goto parse_filename; 1246 1247 case sPermitTTY: 1248 intptr = &options->permit_tty; 1249 goto parse_flag; 1250 1251 case sPermitUserRC: 1252 intptr = &options->permit_user_rc; 1253 goto parse_flag; 1254 1255 case sStrictModes: 1256 intptr = &options->strict_modes; 1257 goto parse_flag; 1258 1259 case sTCPKeepAlive: 1260 intptr = &options->tcp_keep_alive; 1261 goto parse_flag; 1262 1263 case sEmptyPasswd: 1264 intptr = &options->permit_empty_passwd; 1265 goto parse_flag; 1266 1267 case sPermitUserEnvironment: 1268 intptr = &options->permit_user_env; 1269 goto parse_flag; 1270 1271 case sUseLogin: 1272 intptr = &options->use_login; 1273 goto parse_flag; 1274 1275 case sCompression: 1276 intptr = &options->compression; 1277 multistate_ptr = multistate_compression; 1278 goto parse_multistate; 1279 1280 case sRekeyLimit: 1281 arg = strdelim(&cp); 1282 if (!arg || *arg == '\0') 1283 fatal("%.200s line %d: Missing argument.", filename, 1284 linenum); 1285 if (strcmp(arg, "default") == 0) { 1286 val64 = 0; 1287 } else { 1288 if (scan_scaled(arg, &val64) == -1) 1289 fatal("%.200s line %d: Bad number '%s': %s", 1290 filename, linenum, arg, strerror(errno)); 1291 if (val64 != 0 && val64 < 16) 1292 fatal("%.200s line %d: RekeyLimit too small", 1293 filename, linenum); 1294 } 1295 if (*activep && options->rekey_limit == -1) 1296 options->rekey_limit = val64; 1297 if (cp != NULL) { /* optional rekey interval present */ 1298 if (strcmp(cp, "none") == 0) { 1299 (void)strdelim(&cp); /* discard */ 1300 break; 1301 } 1302 intptr = &options->rekey_interval; 1303 goto parse_time; 1304 } 1305 break; 1306 1307 case sGatewayPorts: 1308 intptr = &options->fwd_opts.gateway_ports; 1309 multistate_ptr = multistate_gatewayports; 1310 goto parse_multistate; 1311 1312 case sUseDNS: 1313 intptr = &options->use_dns; 1314 goto parse_flag; 1315 1316 case sLogFacility: 1317 log_facility_ptr = &options->log_facility; 1318 arg = strdelim(&cp); 1319 value = log_facility_number(arg); 1320 if (value == SYSLOG_FACILITY_NOT_SET) 1321 fatal("%.200s line %d: unsupported log facility '%s'", 1322 filename, linenum, arg ? arg : "<NONE>"); 1323 if (*log_facility_ptr == -1) 1324 *log_facility_ptr = (SyslogFacility) value; 1325 break; 1326 1327 case sLogLevel: 1328 log_level_ptr = &options->log_level; 1329 arg = strdelim(&cp); 1330 value = log_level_number(arg); 1331 if (value == SYSLOG_LEVEL_NOT_SET) 1332 fatal("%.200s line %d: unsupported log level '%s'", 1333 filename, linenum, arg ? arg : "<NONE>"); 1334 if (*log_level_ptr == -1) 1335 *log_level_ptr = (LogLevel) value; 1336 break; 1337 1338 case sAllowTcpForwarding: 1339 intptr = &options->allow_tcp_forwarding; 1340 multistate_ptr = multistate_tcpfwd; 1341 goto parse_multistate; 1342 1343 case sAllowStreamLocalForwarding: 1344 intptr = &options->allow_streamlocal_forwarding; 1345 multistate_ptr = multistate_tcpfwd; 1346 goto parse_multistate; 1347 1348 case sAllowAgentForwarding: 1349 intptr = &options->allow_agent_forwarding; 1350 goto parse_flag; 1351 1352 case sUsePrivilegeSeparation: 1353 intptr = &use_privsep; 1354 multistate_ptr = multistate_privsep; 1355 goto parse_multistate; 1356 1357 case sAllowUsers: 1358 while ((arg = strdelim(&cp)) && *arg != '\0') { 1359 if (options->num_allow_users >= MAX_ALLOW_USERS) 1360 fatal("%s line %d: too many allow users.", 1361 filename, linenum); 1362 if (!*activep) 1363 continue; 1364 options->allow_users[options->num_allow_users++] = 1365 xstrdup(arg); 1366 } 1367 break; 1368 1369 case sDenyUsers: 1370 while ((arg = strdelim(&cp)) && *arg != '\0') { 1371 if (options->num_deny_users >= MAX_DENY_USERS) 1372 fatal("%s line %d: too many deny users.", 1373 filename, linenum); 1374 if (!*activep) 1375 continue; 1376 options->deny_users[options->num_deny_users++] = 1377 xstrdup(arg); 1378 } 1379 break; 1380 1381 case sAllowGroups: 1382 while ((arg = strdelim(&cp)) && *arg != '\0') { 1383 if (options->num_allow_groups >= MAX_ALLOW_GROUPS) 1384 fatal("%s line %d: too many allow groups.", 1385 filename, linenum); 1386 if (!*activep) 1387 continue; 1388 options->allow_groups[options->num_allow_groups++] = 1389 xstrdup(arg); 1390 } 1391 break; 1392 1393 case sDenyGroups: 1394 while ((arg = strdelim(&cp)) && *arg != '\0') { 1395 if (options->num_deny_groups >= MAX_DENY_GROUPS) 1396 fatal("%s line %d: too many deny groups.", 1397 filename, linenum); 1398 if (!*activep) 1399 continue; 1400 options->deny_groups[options->num_deny_groups++] = 1401 xstrdup(arg); 1402 } 1403 break; 1404 1405 case sCiphers: 1406 arg = strdelim(&cp); 1407 if (!arg || *arg == '\0') 1408 fatal("%s line %d: Missing argument.", filename, linenum); 1409 if (!ciphers_valid(*arg == '+' ? arg + 1 : arg)) 1410 fatal("%s line %d: Bad SSH2 cipher spec '%s'.", 1411 filename, linenum, arg ? arg : "<NONE>"); 1412 if (options->ciphers == NULL) 1413 options->ciphers = xstrdup(arg); 1414 break; 1415 1416 case sMacs: 1417 arg = strdelim(&cp); 1418 if (!arg || *arg == '\0') 1419 fatal("%s line %d: Missing argument.", filename, linenum); 1420 if (!mac_valid(*arg == '+' ? arg + 1 : arg)) 1421 fatal("%s line %d: Bad SSH2 mac spec '%s'.", 1422 filename, linenum, arg ? arg : "<NONE>"); 1423 if (options->macs == NULL) 1424 options->macs = xstrdup(arg); 1425 break; 1426 1427 case sKexAlgorithms: 1428 arg = strdelim(&cp); 1429 if (!arg || *arg == '\0') 1430 fatal("%s line %d: Missing argument.", 1431 filename, linenum); 1432 if (!kex_names_valid(*arg == '+' ? arg + 1 : arg)) 1433 fatal("%s line %d: Bad SSH2 KexAlgorithms '%s'.", 1434 filename, linenum, arg ? arg : "<NONE>"); 1435 if (options->kex_algorithms == NULL) 1436 options->kex_algorithms = xstrdup(arg); 1437 break; 1438 1439 case sProtocol: 1440 intptr = &options->protocol; 1441 arg = strdelim(&cp); 1442 if (!arg || *arg == '\0') 1443 fatal("%s line %d: Missing argument.", filename, linenum); 1444 value = proto_spec(arg); 1445 if (value == SSH_PROTO_UNKNOWN) 1446 fatal("%s line %d: Bad protocol spec '%s'.", 1447 filename, linenum, arg ? arg : "<NONE>"); 1448 if (*intptr == SSH_PROTO_UNKNOWN) 1449 *intptr = value; 1450 break; 1451 1452 case sSubsystem: 1453 if (options->num_subsystems >= MAX_SUBSYSTEMS) { 1454 fatal("%s line %d: too many subsystems defined.", 1455 filename, linenum); 1456 } 1457 arg = strdelim(&cp); 1458 if (!arg || *arg == '\0') 1459 fatal("%s line %d: Missing subsystem name.", 1460 filename, linenum); 1461 if (!*activep) { 1462 arg = strdelim(&cp); 1463 break; 1464 } 1465 for (i = 0; i < options->num_subsystems; i++) 1466 if (strcmp(arg, options->subsystem_name[i]) == 0) 1467 fatal("%s line %d: Subsystem '%s' already defined.", 1468 filename, linenum, arg); 1469 options->subsystem_name[options->num_subsystems] = xstrdup(arg); 1470 arg = strdelim(&cp); 1471 if (!arg || *arg == '\0') 1472 fatal("%s line %d: Missing subsystem command.", 1473 filename, linenum); 1474 options->subsystem_command[options->num_subsystems] = xstrdup(arg); 1475 1476 /* Collect arguments (separate to executable) */ 1477 p = xstrdup(arg); 1478 len = strlen(p) + 1; 1479 while ((arg = strdelim(&cp)) != NULL && *arg != '\0') { 1480 len += 1 + strlen(arg); 1481 p = xreallocarray(p, 1, len); 1482 strlcat(p, " ", len); 1483 strlcat(p, arg, len); 1484 } 1485 options->subsystem_args[options->num_subsystems] = p; 1486 options->num_subsystems++; 1487 break; 1488 1489 case sMaxStartups: 1490 arg = strdelim(&cp); 1491 if (!arg || *arg == '\0') 1492 fatal("%s line %d: Missing MaxStartups spec.", 1493 filename, linenum); 1494 if ((n = sscanf(arg, "%d:%d:%d", 1495 &options->max_startups_begin, 1496 &options->max_startups_rate, 1497 &options->max_startups)) == 3) { 1498 if (options->max_startups_begin > 1499 options->max_startups || 1500 options->max_startups_rate > 100 || 1501 options->max_startups_rate < 1) 1502 fatal("%s line %d: Illegal MaxStartups spec.", 1503 filename, linenum); 1504 } else if (n != 1) 1505 fatal("%s line %d: Illegal MaxStartups spec.", 1506 filename, linenum); 1507 else 1508 options->max_startups = options->max_startups_begin; 1509 break; 1510 1511 case sMaxAuthTries: 1512 intptr = &options->max_authtries; 1513 goto parse_int; 1514 1515 case sMaxSessions: 1516 intptr = &options->max_sessions; 1517 goto parse_int; 1518 1519 case sBanner: 1520 charptr = &options->banner; 1521 goto parse_filename; 1522 1523 /* 1524 * These options can contain %X options expanded at 1525 * connect time, so that you can specify paths like: 1526 * 1527 * AuthorizedKeysFile /etc/ssh_keys/%u 1528 */ 1529 case sAuthorizedKeysFile: 1530 if (*activep && options->num_authkeys_files == 0) { 1531 while ((arg = strdelim(&cp)) && *arg != '\0') { 1532 if (options->num_authkeys_files >= 1533 MAX_AUTHKEYS_FILES) 1534 fatal("%s line %d: " 1535 "too many authorized keys files.", 1536 filename, linenum); 1537 options->authorized_keys_files[ 1538 options->num_authkeys_files++] = 1539 tilde_expand_filename(arg, getuid()); 1540 } 1541 } 1542 return 0; 1543 1544 case sAuthorizedPrincipalsFile: 1545 charptr = &options->authorized_principals_file; 1546 arg = strdelim(&cp); 1547 if (!arg || *arg == '\0') 1548 fatal("%s line %d: missing file name.", 1549 filename, linenum); 1550 if (*activep && *charptr == NULL) { 1551 *charptr = tilde_expand_filename(arg, getuid()); 1552 /* increase optional counter */ 1553 if (intptr != NULL) 1554 *intptr = *intptr + 1; 1555 } 1556 break; 1557 1558 case sClientAliveInterval: 1559 intptr = &options->client_alive_interval; 1560 goto parse_time; 1561 1562 case sClientAliveCountMax: 1563 intptr = &options->client_alive_count_max; 1564 goto parse_int; 1565 1566 case sAcceptEnv: 1567 while ((arg = strdelim(&cp)) && *arg != '\0') { 1568 if (strchr(arg, '=') != NULL) 1569 fatal("%s line %d: Invalid environment name.", 1570 filename, linenum); 1571 if (options->num_accept_env >= MAX_ACCEPT_ENV) 1572 fatal("%s line %d: too many allow env.", 1573 filename, linenum); 1574 if (!*activep) 1575 continue; 1576 options->accept_env[options->num_accept_env++] = 1577 xstrdup(arg); 1578 } 1579 break; 1580 1581 case sPermitTunnel: 1582 intptr = &options->permit_tun; 1583 arg = strdelim(&cp); 1584 if (!arg || *arg == '\0') 1585 fatal("%s line %d: Missing yes/point-to-point/" 1586 "ethernet/no argument.", filename, linenum); 1587 value = -1; 1588 for (i = 0; tunmode_desc[i].val != -1; i++) 1589 if (strcmp(tunmode_desc[i].text, arg) == 0) { 1590 value = tunmode_desc[i].val; 1591 break; 1592 } 1593 if (value == -1) 1594 fatal("%s line %d: Bad yes/point-to-point/ethernet/" 1595 "no argument: %s", filename, linenum, arg); 1596 if (*activep && *intptr == -1) 1597 *intptr = value; 1598 break; 1599 1600 case sMatch: 1601 if (cmdline) 1602 fatal("Match directive not supported as a command-line " 1603 "option"); 1604 value = match_cfg_line(&cp, linenum, connectinfo); 1605 if (value < 0) 1606 fatal("%s line %d: Bad Match condition", filename, 1607 linenum); 1608 *activep = value; 1609 break; 1610 1611 case sPermitOpen: 1612 arg = strdelim(&cp); 1613 if (!arg || *arg == '\0') 1614 fatal("%s line %d: missing PermitOpen specification", 1615 filename, linenum); 1616 n = options->num_permitted_opens; /* modified later */ 1617 if (strcmp(arg, "any") == 0) { 1618 if (*activep && n == -1) { 1619 channel_clear_adm_permitted_opens(); 1620 options->num_permitted_opens = 0; 1621 } 1622 break; 1623 } 1624 if (strcmp(arg, "none") == 0) { 1625 if (*activep && n == -1) { 1626 options->num_permitted_opens = 1; 1627 channel_disable_adm_local_opens(); 1628 } 1629 break; 1630 } 1631 if (*activep && n == -1) 1632 channel_clear_adm_permitted_opens(); 1633 for (; arg != NULL && *arg != '\0'; arg = strdelim(&cp)) { 1634 p = hpdelim(&arg); 1635 if (p == NULL) 1636 fatal("%s line %d: missing host in PermitOpen", 1637 filename, linenum); 1638 p = cleanhostname(p); 1639 if (arg == NULL || ((port = permitopen_port(arg)) < 0)) 1640 fatal("%s line %d: bad port number in " 1641 "PermitOpen", filename, linenum); 1642 if (*activep && n == -1) 1643 options->num_permitted_opens = 1644 channel_add_adm_permitted_opens(p, port); 1645 } 1646 break; 1647 1648 case sForceCommand: 1649 if (cp == NULL || *cp == '\0') 1650 fatal("%.200s line %d: Missing argument.", filename, 1651 linenum); 1652 len = strspn(cp, WHITESPACE); 1653 if (*activep && options->adm_forced_command == NULL) 1654 options->adm_forced_command = xstrdup(cp + len); 1655 return 0; 1656 1657 case sChrootDirectory: 1658 charptr = &options->chroot_directory; 1659 1660 arg = strdelim(&cp); 1661 if (!arg || *arg == '\0') 1662 fatal("%s line %d: missing file name.", 1663 filename, linenum); 1664 if (*activep && *charptr == NULL) 1665 *charptr = xstrdup(arg); 1666 break; 1667 1668 case sTrustedUserCAKeys: 1669 charptr = &options->trusted_user_ca_keys; 1670 goto parse_filename; 1671 1672 case sRevokedKeys: 1673 charptr = &options->revoked_keys_file; 1674 goto parse_filename; 1675 1676 case sIPQoS: 1677 arg = strdelim(&cp); 1678 if ((value = parse_ipqos(arg)) == -1) 1679 fatal("%s line %d: Bad IPQoS value: %s", 1680 filename, linenum, arg); 1681 arg = strdelim(&cp); 1682 if (arg == NULL) 1683 value2 = value; 1684 else if ((value2 = parse_ipqos(arg)) == -1) 1685 fatal("%s line %d: Bad IPQoS value: %s", 1686 filename, linenum, arg); 1687 if (*activep) { 1688 options->ip_qos_interactive = value; 1689 options->ip_qos_bulk = value2; 1690 } 1691 break; 1692 1693 case sVersionAddendum: 1694 if (cp == NULL || *cp == '\0') 1695 fatal("%.200s line %d: Missing argument.", filename, 1696 linenum); 1697 len = strspn(cp, WHITESPACE); 1698 if (*activep && options->version_addendum == NULL) { 1699 if (strcasecmp(cp + len, "none") == 0) 1700 options->version_addendum = xstrdup(""); 1701 else if (strchr(cp + len, '\r') != NULL) 1702 fatal("%.200s line %d: Invalid argument", 1703 filename, linenum); 1704 else 1705 options->version_addendum = xstrdup(cp + len); 1706 } 1707 return 0; 1708 1709 case sAuthorizedKeysCommand: 1710 if (cp == NULL) 1711 fatal("%.200s line %d: Missing argument.", filename, 1712 linenum); 1713 len = strspn(cp, WHITESPACE); 1714 if (*activep && options->authorized_keys_command == NULL) { 1715 if (cp[len] != '/' && strcasecmp(cp + len, "none") != 0) 1716 fatal("%.200s line %d: AuthorizedKeysCommand " 1717 "must be an absolute path", 1718 filename, linenum); 1719 options->authorized_keys_command = xstrdup(cp + len); 1720 } 1721 return 0; 1722 1723 case sAuthorizedKeysCommandUser: 1724 charptr = &options->authorized_keys_command_user; 1725 1726 arg = strdelim(&cp); 1727 if (!arg || *arg == '\0') 1728 fatal("%s line %d: missing AuthorizedKeysCommandUser " 1729 "argument.", filename, linenum); 1730 if (*activep && *charptr == NULL) 1731 *charptr = xstrdup(arg); 1732 break; 1733 1734 case sAuthorizedPrincipalsCommand: 1735 if (cp == NULL) 1736 fatal("%.200s line %d: Missing argument.", filename, 1737 linenum); 1738 len = strspn(cp, WHITESPACE); 1739 if (*activep && 1740 options->authorized_principals_command == NULL) { 1741 if (cp[len] != '/' && strcasecmp(cp + len, "none") != 0) 1742 fatal("%.200s line %d: " 1743 "AuthorizedPrincipalsCommand must be " 1744 "an absolute path", filename, linenum); 1745 options->authorized_principals_command = 1746 xstrdup(cp + len); 1747 } 1748 return 0; 1749 1750 case sAuthorizedPrincipalsCommandUser: 1751 charptr = &options->authorized_principals_command_user; 1752 1753 arg = strdelim(&cp); 1754 if (!arg || *arg == '\0') 1755 fatal("%s line %d: missing " 1756 "AuthorizedPrincipalsCommandUser argument.", 1757 filename, linenum); 1758 if (*activep && *charptr == NULL) 1759 *charptr = xstrdup(arg); 1760 break; 1761 1762 case sAuthenticationMethods: 1763 if (options->num_auth_methods == 0) { 1764 value = 0; /* seen "any" pseudo-method */ 1765 value2 = 0; /* sucessfully parsed any method */ 1766 while ((arg = strdelim(&cp)) && *arg != '\0') { 1767 if (options->num_auth_methods >= 1768 MAX_AUTH_METHODS) 1769 fatal("%s line %d: " 1770 "too many authentication methods.", 1771 filename, linenum); 1772 if (strcmp(arg, "any") == 0) { 1773 if (options->num_auth_methods > 0) { 1774 fatal("%s line %d: \"any\" " 1775 "must appear alone in " 1776 "AuthenticationMethods", 1777 filename, linenum); 1778 } 1779 value = 1; 1780 } else if (value) { 1781 fatal("%s line %d: \"any\" must appear " 1782 "alone in AuthenticationMethods", 1783 filename, linenum); 1784 } else if (auth2_methods_valid(arg, 0) != 0) { 1785 fatal("%s line %d: invalid " 1786 "authentication method list.", 1787 filename, linenum); 1788 } 1789 value2 = 1; 1790 if (!*activep) 1791 continue; 1792 options->auth_methods[ 1793 options->num_auth_methods++] = xstrdup(arg); 1794 } 1795 if (value2 == 0) { 1796 fatal("%s line %d: no AuthenticationMethods " 1797 "specified", filename, linenum); 1798 } 1799 } 1800 return 0; 1801 1802 case sStreamLocalBindMask: 1803 arg = strdelim(&cp); 1804 if (!arg || *arg == '\0') 1805 fatal("%s line %d: missing StreamLocalBindMask " 1806 "argument.", filename, linenum); 1807 /* Parse mode in octal format */ 1808 value = strtol(arg, &p, 8); 1809 if (arg == p || value < 0 || value > 0777) 1810 fatal("%s line %d: Bad mask.", filename, linenum); 1811 if (*activep) 1812 options->fwd_opts.streamlocal_bind_mask = (mode_t)value; 1813 break; 1814 1815 case sStreamLocalBindUnlink: 1816 intptr = &options->fwd_opts.streamlocal_bind_unlink; 1817 goto parse_flag; 1818 1819 case sFingerprintHash: 1820 arg = strdelim(&cp); 1821 if (!arg || *arg == '\0') 1822 fatal("%.200s line %d: Missing argument.", 1823 filename, linenum); 1824 if ((value = ssh_digest_alg_by_name(arg)) == -1) 1825 fatal("%.200s line %d: Invalid hash algorithm \"%s\".", 1826 filename, linenum, arg); 1827 if (*activep) 1828 options->fingerprint_hash = value; 1829 break; 1830 1831 case sDeprecated: 1832 logit("%s line %d: Deprecated option %s", 1833 filename, linenum, arg); 1834 while (arg) 1835 arg = strdelim(&cp); 1836 break; 1837 1838 case sUnsupported: 1839 logit("%s line %d: Unsupported option %s", 1840 filename, linenum, arg); 1841 while (arg) 1842 arg = strdelim(&cp); 1843 break; 1844 1845 default: 1846 fatal("%s line %d: Missing handler for opcode %s (%d)", 1847 filename, linenum, arg, opcode); 1848 } 1849 if ((arg = strdelim(&cp)) != NULL && *arg != '\0') 1850 fatal("%s line %d: garbage at end of line; \"%.200s\".", 1851 filename, linenum, arg); 1852 return 0; 1853 } 1854 1855 /* Reads the server configuration file. */ 1856 1857 void 1858 load_server_config(const char *filename, Buffer *conf) 1859 { 1860 char line[4096], *cp; 1861 FILE *f; 1862 int lineno = 0; 1863 1864 debug2("%s: filename %s", __func__, filename); 1865 if ((f = fopen(filename, "r")) == NULL) { 1866 perror(filename); 1867 exit(1); 1868 } 1869 buffer_clear(conf); 1870 while (fgets(line, sizeof(line), f)) { 1871 lineno++; 1872 if (strlen(line) == sizeof(line) - 1) 1873 fatal("%s line %d too long", filename, lineno); 1874 /* 1875 * Trim out comments and strip whitespace 1876 * NB - preserve newlines, they are needed to reproduce 1877 * line numbers later for error messages 1878 */ 1879 if ((cp = strchr(line, '#')) != NULL) 1880 memcpy(cp, "\n", 2); 1881 cp = line + strspn(line, " \t\r"); 1882 1883 buffer_append(conf, cp, strlen(cp)); 1884 } 1885 buffer_append(conf, "\0", 1); 1886 fclose(f); 1887 debug2("%s: done config len = %d", __func__, buffer_len(conf)); 1888 } 1889 1890 void 1891 parse_server_match_config(ServerOptions *options, 1892 struct connection_info *connectinfo) 1893 { 1894 ServerOptions mo; 1895 1896 initialize_server_options(&mo); 1897 parse_server_config(&mo, "reprocess config", &cfg, connectinfo); 1898 copy_set_server_options(options, &mo, 0); 1899 } 1900 1901 int parse_server_match_testspec(struct connection_info *ci, char *spec) 1902 { 1903 char *p; 1904 1905 while ((p = strsep(&spec, ",")) && *p != '\0') { 1906 if (strncmp(p, "addr=", 5) == 0) { 1907 ci->address = xstrdup(p + 5); 1908 } else if (strncmp(p, "host=", 5) == 0) { 1909 ci->host = xstrdup(p + 5); 1910 } else if (strncmp(p, "user=", 5) == 0) { 1911 ci->user = xstrdup(p + 5); 1912 } else if (strncmp(p, "laddr=", 6) == 0) { 1913 ci->laddress = xstrdup(p + 6); 1914 } else if (strncmp(p, "lport=", 6) == 0) { 1915 ci->lport = a2port(p + 6); 1916 if (ci->lport == -1) { 1917 fprintf(stderr, "Invalid port '%s' in test mode" 1918 " specification %s\n", p+6, p); 1919 return -1; 1920 } 1921 } else { 1922 fprintf(stderr, "Invalid test mode specification %s\n", 1923 p); 1924 return -1; 1925 } 1926 } 1927 return 0; 1928 } 1929 1930 /* 1931 * returns 1 for a complete spec, 0 for partial spec and -1 for an 1932 * empty spec. 1933 */ 1934 int server_match_spec_complete(struct connection_info *ci) 1935 { 1936 if (ci->user && ci->host && ci->address) 1937 return 1; /* complete */ 1938 if (!ci->user && !ci->host && !ci->address) 1939 return -1; /* empty */ 1940 return 0; /* partial */ 1941 } 1942 1943 /* 1944 * Copy any supported values that are set. 1945 * 1946 * If the preauth flag is set, we do not bother copying the string or 1947 * array values that are not used pre-authentication, because any that we 1948 * do use must be explictly sent in mm_getpwnamallow(). 1949 */ 1950 void 1951 copy_set_server_options(ServerOptions *dst, ServerOptions *src, int preauth) 1952 { 1953 #define M_CP_INTOPT(n) do {\ 1954 if (src->n != -1) \ 1955 dst->n = src->n; \ 1956 } while (0) 1957 1958 M_CP_INTOPT(password_authentication); 1959 M_CP_INTOPT(gss_authentication); 1960 M_CP_INTOPT(rsa_authentication); 1961 M_CP_INTOPT(pubkey_authentication); 1962 M_CP_INTOPT(kerberos_authentication); 1963 M_CP_INTOPT(hostbased_authentication); 1964 M_CP_INTOPT(hostbased_uses_name_from_packet_only); 1965 M_CP_INTOPT(kbd_interactive_authentication); 1966 M_CP_INTOPT(permit_root_login); 1967 M_CP_INTOPT(permit_empty_passwd); 1968 1969 M_CP_INTOPT(allow_tcp_forwarding); 1970 M_CP_INTOPT(allow_streamlocal_forwarding); 1971 M_CP_INTOPT(allow_agent_forwarding); 1972 M_CP_INTOPT(permit_tun); 1973 M_CP_INTOPT(fwd_opts.gateway_ports); 1974 M_CP_INTOPT(fwd_opts.streamlocal_bind_unlink); 1975 M_CP_INTOPT(x11_display_offset); 1976 M_CP_INTOPT(x11_forwarding); 1977 M_CP_INTOPT(x11_use_localhost); 1978 M_CP_INTOPT(permit_tty); 1979 M_CP_INTOPT(permit_user_rc); 1980 M_CP_INTOPT(max_sessions); 1981 M_CP_INTOPT(max_authtries); 1982 M_CP_INTOPT(ip_qos_interactive); 1983 M_CP_INTOPT(ip_qos_bulk); 1984 M_CP_INTOPT(rekey_limit); 1985 M_CP_INTOPT(rekey_interval); 1986 1987 /* 1988 * The bind_mask is a mode_t that may be unsigned, so we can't use 1989 * M_CP_INTOPT - it does a signed comparison that causes compiler 1990 * warnings. 1991 */ 1992 if (src->fwd_opts.streamlocal_bind_mask != (mode_t)-1) { 1993 dst->fwd_opts.streamlocal_bind_mask = 1994 src->fwd_opts.streamlocal_bind_mask; 1995 } 1996 1997 /* M_CP_STROPT and M_CP_STRARRAYOPT should not appear before here */ 1998 #define M_CP_STROPT(n) do {\ 1999 if (src->n != NULL && dst->n != src->n) { \ 2000 free(dst->n); \ 2001 dst->n = src->n; \ 2002 } \ 2003 } while(0) 2004 #define M_CP_STRARRAYOPT(n, num_n) do {\ 2005 if (src->num_n != 0) { \ 2006 for (dst->num_n = 0; dst->num_n < src->num_n; dst->num_n++) \ 2007 dst->n[dst->num_n] = xstrdup(src->n[dst->num_n]); \ 2008 } \ 2009 } while(0) 2010 2011 /* See comment in servconf.h */ 2012 COPY_MATCH_STRING_OPTS(); 2013 2014 /* Arguments that accept '+...' need to be expanded */ 2015 assemble_algorithms(dst); 2016 2017 /* 2018 * The only things that should be below this point are string options 2019 * which are only used after authentication. 2020 */ 2021 if (preauth) 2022 return; 2023 2024 /* These options may be "none" to clear a global setting */ 2025 M_CP_STROPT(adm_forced_command); 2026 if (option_clear_or_none(dst->adm_forced_command)) { 2027 free(dst->adm_forced_command); 2028 dst->adm_forced_command = NULL; 2029 } 2030 M_CP_STROPT(chroot_directory); 2031 if (option_clear_or_none(dst->chroot_directory)) { 2032 free(dst->chroot_directory); 2033 dst->chroot_directory = NULL; 2034 } 2035 } 2036 2037 #undef M_CP_INTOPT 2038 #undef M_CP_STROPT 2039 #undef M_CP_STRARRAYOPT 2040 2041 void 2042 parse_server_config(ServerOptions *options, const char *filename, Buffer *conf, 2043 struct connection_info *connectinfo) 2044 { 2045 int active, linenum, bad_options = 0; 2046 char *cp, *obuf, *cbuf; 2047 2048 debug2("%s: config %s len %d", __func__, filename, buffer_len(conf)); 2049 2050 if ((obuf = cbuf = sshbuf_dup_string(conf)) == NULL) 2051 fatal("%s: sshbuf_dup_string failed", __func__); 2052 active = connectinfo ? 0 : 1; 2053 linenum = 1; 2054 while ((cp = strsep(&cbuf, "\n")) != NULL) { 2055 if (process_server_config_line(options, cp, filename, 2056 linenum++, &active, connectinfo) != 0) 2057 bad_options++; 2058 } 2059 free(obuf); 2060 if (bad_options > 0) 2061 fatal("%s: terminating, %d bad configuration options", 2062 filename, bad_options); 2063 process_queued_listen_addrs(options); 2064 } 2065 2066 static const char * 2067 fmt_multistate_int(int val, const struct multistate *m) 2068 { 2069 u_int i; 2070 2071 for (i = 0; m[i].key != NULL; i++) { 2072 if (m[i].value == val) 2073 return m[i].key; 2074 } 2075 return "UNKNOWN"; 2076 } 2077 2078 static const char * 2079 fmt_intarg(ServerOpCodes code, int val) 2080 { 2081 if (val == -1) 2082 return "unset"; 2083 switch (code) { 2084 case sAddressFamily: 2085 return fmt_multistate_int(val, multistate_addressfamily); 2086 case sPermitRootLogin: 2087 return fmt_multistate_int(val, multistate_permitrootlogin); 2088 case sGatewayPorts: 2089 return fmt_multistate_int(val, multistate_gatewayports); 2090 case sCompression: 2091 return fmt_multistate_int(val, multistate_compression); 2092 case sUsePrivilegeSeparation: 2093 return fmt_multistate_int(val, multistate_privsep); 2094 case sAllowTcpForwarding: 2095 return fmt_multistate_int(val, multistate_tcpfwd); 2096 case sAllowStreamLocalForwarding: 2097 return fmt_multistate_int(val, multistate_tcpfwd); 2098 case sFingerprintHash: 2099 return ssh_digest_alg_name(val); 2100 case sProtocol: 2101 switch (val) { 2102 case SSH_PROTO_1: 2103 return "1"; 2104 case SSH_PROTO_2: 2105 return "2"; 2106 case (SSH_PROTO_1|SSH_PROTO_2): 2107 return "2,1"; 2108 default: 2109 return "UNKNOWN"; 2110 } 2111 default: 2112 switch (val) { 2113 case 0: 2114 return "no"; 2115 case 1: 2116 return "yes"; 2117 default: 2118 return "UNKNOWN"; 2119 } 2120 } 2121 } 2122 2123 static const char * 2124 lookup_opcode_name(ServerOpCodes code) 2125 { 2126 u_int i; 2127 2128 for (i = 0; keywords[i].name != NULL; i++) 2129 if (keywords[i].opcode == code) 2130 return(keywords[i].name); 2131 return "UNKNOWN"; 2132 } 2133 2134 static void 2135 dump_cfg_int(ServerOpCodes code, int val) 2136 { 2137 printf("%s %d\n", lookup_opcode_name(code), val); 2138 } 2139 2140 static void 2141 dump_cfg_oct(ServerOpCodes code, int val) 2142 { 2143 printf("%s 0%o\n", lookup_opcode_name(code), val); 2144 } 2145 2146 static void 2147 dump_cfg_fmtint(ServerOpCodes code, int val) 2148 { 2149 printf("%s %s\n", lookup_opcode_name(code), fmt_intarg(code, val)); 2150 } 2151 2152 static void 2153 dump_cfg_string(ServerOpCodes code, const char *val) 2154 { 2155 if (val == NULL) 2156 return; 2157 printf("%s %s\n", lookup_opcode_name(code), 2158 val == NULL ? "none" : val); 2159 } 2160 2161 static void 2162 dump_cfg_strarray(ServerOpCodes code, u_int count, char **vals) 2163 { 2164 u_int i; 2165 2166 for (i = 0; i < count; i++) 2167 printf("%s %s\n", lookup_opcode_name(code), vals[i]); 2168 } 2169 2170 static void 2171 dump_cfg_strarray_oneline(ServerOpCodes code, u_int count, char **vals) 2172 { 2173 u_int i; 2174 2175 if (count <= 0 && code != sAuthenticationMethods) 2176 return; 2177 printf("%s", lookup_opcode_name(code)); 2178 for (i = 0; i < count; i++) 2179 printf(" %s", vals[i]); 2180 if (code == sAuthenticationMethods && count == 0) 2181 printf(" any"); 2182 printf("\n"); 2183 } 2184 2185 void 2186 dump_config(ServerOptions *o) 2187 { 2188 u_int i; 2189 int ret; 2190 struct addrinfo *ai; 2191 char addr[NI_MAXHOST], port[NI_MAXSERV], *s = NULL; 2192 char *laddr1 = xstrdup(""), *laddr2 = NULL; 2193 2194 /* these are usually at the top of the config */ 2195 for (i = 0; i < o->num_ports; i++) 2196 printf("port %d\n", o->ports[i]); 2197 dump_cfg_fmtint(sProtocol, o->protocol); 2198 dump_cfg_fmtint(sAddressFamily, o->address_family); 2199 2200 /* 2201 * ListenAddress must be after Port. add_one_listen_addr pushes 2202 * addresses onto a stack, so to maintain ordering we need to 2203 * print these in reverse order. 2204 */ 2205 for (ai = o->listen_addrs; ai; ai = ai->ai_next) { 2206 if ((ret = getnameinfo(ai->ai_addr, ai->ai_addrlen, addr, 2207 sizeof(addr), port, sizeof(port), 2208 NI_NUMERICHOST|NI_NUMERICSERV)) != 0) { 2209 error("getnameinfo failed: %.100s", 2210 (ret != EAI_SYSTEM) ? gai_strerror(ret) : 2211 strerror(errno)); 2212 } else { 2213 laddr2 = laddr1; 2214 if (ai->ai_family == AF_INET6) 2215 xasprintf(&laddr1, "listenaddress [%s]:%s\n%s", 2216 addr, port, laddr2); 2217 else 2218 xasprintf(&laddr1, "listenaddress %s:%s\n%s", 2219 addr, port, laddr2); 2220 free(laddr2); 2221 } 2222 } 2223 printf("%s", laddr1); 2224 free(laddr1); 2225 2226 /* integer arguments */ 2227 dump_cfg_int(sServerKeyBits, o->server_key_bits); 2228 dump_cfg_int(sLoginGraceTime, o->login_grace_time); 2229 dump_cfg_int(sKeyRegenerationTime, o->key_regeneration_time); 2230 dump_cfg_int(sX11DisplayOffset, o->x11_display_offset); 2231 dump_cfg_int(sMaxAuthTries, o->max_authtries); 2232 dump_cfg_int(sMaxSessions, o->max_sessions); 2233 dump_cfg_int(sClientAliveInterval, o->client_alive_interval); 2234 dump_cfg_int(sClientAliveCountMax, o->client_alive_count_max); 2235 dump_cfg_oct(sStreamLocalBindMask, o->fwd_opts.streamlocal_bind_mask); 2236 2237 /* formatted integer arguments */ 2238 dump_cfg_fmtint(sPermitRootLogin, o->permit_root_login); 2239 dump_cfg_fmtint(sIgnoreRhosts, o->ignore_rhosts); 2240 dump_cfg_fmtint(sIgnoreUserKnownHosts, o->ignore_user_known_hosts); 2241 dump_cfg_fmtint(sRhostsRSAAuthentication, o->rhosts_rsa_authentication); 2242 dump_cfg_fmtint(sHostbasedAuthentication, o->hostbased_authentication); 2243 dump_cfg_fmtint(sHostbasedUsesNameFromPacketOnly, 2244 o->hostbased_uses_name_from_packet_only); 2245 dump_cfg_fmtint(sRSAAuthentication, o->rsa_authentication); 2246 dump_cfg_fmtint(sPubkeyAuthentication, o->pubkey_authentication); 2247 #ifdef KRB5 2248 dump_cfg_fmtint(sKerberosAuthentication, o->kerberos_authentication); 2249 dump_cfg_fmtint(sKerberosOrLocalPasswd, o->kerberos_or_local_passwd); 2250 dump_cfg_fmtint(sKerberosTicketCleanup, o->kerberos_ticket_cleanup); 2251 dump_cfg_fmtint(sKerberosGetAFSToken, o->kerberos_get_afs_token); 2252 #endif 2253 #ifdef GSSAPI 2254 dump_cfg_fmtint(sGssAuthentication, o->gss_authentication); 2255 dump_cfg_fmtint(sGssCleanupCreds, o->gss_cleanup_creds); 2256 #endif 2257 dump_cfg_fmtint(sPasswordAuthentication, o->password_authentication); 2258 dump_cfg_fmtint(sKbdInteractiveAuthentication, 2259 o->kbd_interactive_authentication); 2260 dump_cfg_fmtint(sChallengeResponseAuthentication, 2261 o->challenge_response_authentication); 2262 dump_cfg_fmtint(sPrintMotd, o->print_motd); 2263 dump_cfg_fmtint(sPrintLastLog, o->print_lastlog); 2264 dump_cfg_fmtint(sX11Forwarding, o->x11_forwarding); 2265 dump_cfg_fmtint(sX11UseLocalhost, o->x11_use_localhost); 2266 dump_cfg_fmtint(sPermitTTY, o->permit_tty); 2267 dump_cfg_fmtint(sPermitUserRC, o->permit_user_rc); 2268 dump_cfg_fmtint(sStrictModes, o->strict_modes); 2269 dump_cfg_fmtint(sTCPKeepAlive, o->tcp_keep_alive); 2270 dump_cfg_fmtint(sEmptyPasswd, o->permit_empty_passwd); 2271 dump_cfg_fmtint(sPermitUserEnvironment, o->permit_user_env); 2272 dump_cfg_fmtint(sUseLogin, o->use_login); 2273 dump_cfg_fmtint(sCompression, o->compression); 2274 dump_cfg_fmtint(sGatewayPorts, o->fwd_opts.gateway_ports); 2275 dump_cfg_fmtint(sUseDNS, o->use_dns); 2276 dump_cfg_fmtint(sAllowTcpForwarding, o->allow_tcp_forwarding); 2277 dump_cfg_fmtint(sAllowAgentForwarding, o->allow_agent_forwarding); 2278 dump_cfg_fmtint(sAllowStreamLocalForwarding, o->allow_streamlocal_forwarding); 2279 dump_cfg_fmtint(sStreamLocalBindUnlink, o->fwd_opts.streamlocal_bind_unlink); 2280 dump_cfg_fmtint(sUsePrivilegeSeparation, use_privsep); 2281 dump_cfg_fmtint(sFingerprintHash, o->fingerprint_hash); 2282 2283 /* string arguments */ 2284 dump_cfg_string(sPidFile, o->pid_file); 2285 dump_cfg_string(sXAuthLocation, o->xauth_location); 2286 dump_cfg_string(sCiphers, o->ciphers ? o->ciphers : KEX_SERVER_ENCRYPT); 2287 dump_cfg_string(sMacs, o->macs ? o->macs : KEX_SERVER_MAC); 2288 dump_cfg_string(sBanner, o->banner); 2289 dump_cfg_string(sForceCommand, o->adm_forced_command); 2290 dump_cfg_string(sChrootDirectory, o->chroot_directory); 2291 dump_cfg_string(sTrustedUserCAKeys, o->trusted_user_ca_keys); 2292 dump_cfg_string(sRevokedKeys, o->revoked_keys_file); 2293 dump_cfg_string(sAuthorizedPrincipalsFile, 2294 o->authorized_principals_file); 2295 dump_cfg_string(sVersionAddendum, *o->version_addendum == '\0' 2296 ? "none" : o->version_addendum); 2297 dump_cfg_string(sAuthorizedKeysCommand, o->authorized_keys_command); 2298 dump_cfg_string(sAuthorizedKeysCommandUser, o->authorized_keys_command_user); 2299 dump_cfg_string(sAuthorizedPrincipalsCommand, o->authorized_principals_command); 2300 dump_cfg_string(sAuthorizedPrincipalsCommandUser, o->authorized_principals_command_user); 2301 dump_cfg_string(sHostKeyAgent, o->host_key_agent); 2302 dump_cfg_string(sKexAlgorithms, 2303 o->kex_algorithms ? o->kex_algorithms : KEX_SERVER_KEX); 2304 dump_cfg_string(sHostbasedAcceptedKeyTypes, o->hostbased_key_types ? 2305 o->hostbased_key_types : KEX_DEFAULT_PK_ALG); 2306 dump_cfg_string(sHostKeyAlgorithms, o->hostkeyalgorithms ? 2307 o->hostkeyalgorithms : KEX_DEFAULT_PK_ALG); 2308 dump_cfg_string(sPubkeyAcceptedKeyTypes, o->pubkey_key_types ? 2309 o->pubkey_key_types : KEX_DEFAULT_PK_ALG); 2310 2311 /* string arguments requiring a lookup */ 2312 dump_cfg_string(sLogLevel, log_level_name(o->log_level)); 2313 dump_cfg_string(sLogFacility, log_facility_name(o->log_facility)); 2314 2315 /* string array arguments */ 2316 dump_cfg_strarray_oneline(sAuthorizedKeysFile, o->num_authkeys_files, 2317 o->authorized_keys_files); 2318 dump_cfg_strarray(sHostKeyFile, o->num_host_key_files, 2319 o->host_key_files); 2320 dump_cfg_strarray(sHostCertificate, o->num_host_cert_files, 2321 o->host_cert_files); 2322 dump_cfg_strarray(sAllowUsers, o->num_allow_users, o->allow_users); 2323 dump_cfg_strarray(sDenyUsers, o->num_deny_users, o->deny_users); 2324 dump_cfg_strarray(sAllowGroups, o->num_allow_groups, o->allow_groups); 2325 dump_cfg_strarray(sDenyGroups, o->num_deny_groups, o->deny_groups); 2326 dump_cfg_strarray(sAcceptEnv, o->num_accept_env, o->accept_env); 2327 dump_cfg_strarray_oneline(sAuthenticationMethods, 2328 o->num_auth_methods, o->auth_methods); 2329 2330 /* other arguments */ 2331 for (i = 0; i < o->num_subsystems; i++) 2332 printf("subsystem %s %s\n", o->subsystem_name[i], 2333 o->subsystem_args[i]); 2334 2335 printf("maxstartups %d:%d:%d\n", o->max_startups_begin, 2336 o->max_startups_rate, o->max_startups); 2337 2338 for (i = 0; tunmode_desc[i].val != -1; i++) 2339 if (tunmode_desc[i].val == o->permit_tun) { 2340 s = tunmode_desc[i].text; 2341 break; 2342 } 2343 dump_cfg_string(sPermitTunnel, s); 2344 2345 printf("ipqos %s ", iptos2str(o->ip_qos_interactive)); 2346 printf("%s\n", iptos2str(o->ip_qos_bulk)); 2347 2348 printf("rekeylimit %llu %d\n", (unsigned long long)o->rekey_limit, 2349 o->rekey_interval); 2350 2351 channel_print_adm_permitted_opens(); 2352 } 2353