11305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood/* $OpenBSD: readconf.c,v 1.193 2011/05/24 07:15:47 djm Exp $ */ 21305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood/* 31305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood * Author: Tatu Ylonen <ylo@cs.hut.fi> 41305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland 51305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood * All rights reserved 61305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood * Functions for reading the configuration files. 71305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood * 81305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood * As far as I am concerned, the code I have written for this software 91305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood * can be used freely for any purpose. Any derived versions of this 101305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood * software must be clearly marked as such, and if the derived work is 111305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood * incompatible with the protocol description in the RFC file, it must be 121305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood * called by a name other than "ssh" or "Secure Shell". 131305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood */ 141305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 151305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood#include "includes.h" 161305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 171305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood#include <sys/types.h> 181305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood#include <sys/stat.h> 191305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood#include <sys/socket.h> 201305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 211305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood#include <netinet/in.h> 221305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood#include <netinet/in_systm.h> 231305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood#include <netinet/ip.h> 241305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 251305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood#include <ctype.h> 261305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood#include <errno.h> 271305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood#include <netdb.h> 281305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood#include <signal.h> 291305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood#include <stdarg.h> 301305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood#include <stdio.h> 311305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood#include <string.h> 321305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood#include <unistd.h> 331305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 341305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood#include "xmalloc.h" 351305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood#include "ssh.h" 361305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood#include "compat.h" 371305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood#include "cipher.h" 381305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood#include "pathnames.h" 391305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood#include "log.h" 401305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood#include "key.h" 411305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood#include "readconf.h" 421305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood#include "match.h" 431305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood#include "misc.h" 441305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood#include "buffer.h" 451305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood#include "kex.h" 461305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood#include "mac.h" 471305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 481305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood/* Format of the configuration file: 491305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 501305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood # Configuration data is parsed as follows: 511305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood # 1. command line options 521305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood # 2. user-specific file 531305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood # 3. system-wide file 541305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood # Any configuration value is only changed the first time it is set. 551305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood # Thus, host-specific definitions should be at the beginning of the 561305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood # configuration file, and defaults at the end. 571305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 581305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood # Host-specific declarations. These may override anything above. A single 591305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood # host may match multiple declarations; these are processed in the order 601305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood # that they are given in. 611305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 621305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood Host *.ngs.fi ngs.fi 631305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood User foo 641305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 651305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood Host fake.com 661305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood HostName another.host.name.real.org 671305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood User blaah 681305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood Port 34289 691305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood ForwardX11 no 701305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood ForwardAgent no 711305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 721305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood Host books.com 731305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood RemoteForward 9999 shadows.cs.hut.fi:9999 741305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood Cipher 3des 751305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 761305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood Host fascist.blob.com 771305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood Port 23123 781305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood User tylonen 791305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood PasswordAuthentication no 801305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 811305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood Host puukko.hut.fi 821305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood User t35124p 831305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood ProxyCommand ssh-proxy %h %p 841305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 851305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood Host *.fr 861305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood PublicKeyAuthentication no 871305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 881305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood Host *.su 891305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood Cipher none 901305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood PasswordAuthentication no 911305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 921305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood Host vpn.fake.com 931305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood Tunnel yes 941305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood TunnelDevice 3 951305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 961305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood # Defaults for various options 971305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood Host * 981305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood ForwardAgent no 991305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood ForwardX11 no 1001305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood PasswordAuthentication yes 1011305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood RSAAuthentication yes 1021305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood RhostsRSAAuthentication yes 1031305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood StrictHostKeyChecking yes 1041305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood TcpKeepAlive no 1051305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood IdentityFile ~/.ssh/identity 1061305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood Port 22 1071305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood EscapeChar ~ 1081305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 1091305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood*/ 1101305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 1111305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood/* Keyword tokens. */ 1121305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 1131305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodtypedef enum { 1141305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood oBadOption, 1151305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood oForwardAgent, oForwardX11, oForwardX11Trusted, oForwardX11Timeout, 1161305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood oGatewayPorts, oExitOnForwardFailure, 1171305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood oPasswordAuthentication, oRSAAuthentication, 1181305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood oChallengeResponseAuthentication, oXAuthLocation, 1191305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood oIdentityFile, oHostName, oPort, oCipher, oRemoteForward, oLocalForward, 1201305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood oUser, oHost, oEscapeChar, oRhostsRSAAuthentication, oProxyCommand, 1211305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood oGlobalKnownHostsFile, oUserKnownHostsFile, oConnectionAttempts, 1221305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood oBatchMode, oCheckHostIP, oStrictHostKeyChecking, oCompression, 1231305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood oCompressionLevel, oTCPKeepAlive, oNumberOfPasswordPrompts, 1241305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood oUsePrivilegedPort, oLogLevel, oCiphers, oProtocol, oMacs, 1251305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood oGlobalKnownHostsFile2, oUserKnownHostsFile2, oPubkeyAuthentication, 1261305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood oKbdInteractiveAuthentication, oKbdInteractiveDevices, oHostKeyAlias, 1271305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood oDynamicForward, oPreferredAuthentications, oHostbasedAuthentication, 1281305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood oHostKeyAlgorithms, oBindAddress, oPKCS11Provider, 1291305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood oClearAllForwardings, oNoHostAuthenticationForLocalhost, 1301305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood oEnableSSHKeysign, oRekeyLimit, oVerifyHostKeyDNS, oConnectTimeout, 1311305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood oAddressFamily, oGssAuthentication, oGssDelegateCreds, 1321305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood oServerAliveInterval, oServerAliveCountMax, oIdentitiesOnly, 1331305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood oSendEnv, oControlPath, oControlMaster, oControlPersist, 1341305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood oHashKnownHosts, 1351305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood oTunnel, oTunnelDevice, oLocalCommand, oPermitLocalCommand, 1361305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood oVisualHostKey, oUseRoaming, oZeroKnowledgePasswordAuthentication, 1371305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood oKexAlgorithms, oIPQoS, oRequestTTY, 1381305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood oDeprecated, oUnsupported 1391305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood} OpCodes; 1401305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 1411305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood/* Textual representations of the tokens. */ 1421305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 1431305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodstatic struct { 1441305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood const char *name; 1451305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood OpCodes opcode; 1461305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood} keywords[] = { 1471305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood { "forwardagent", oForwardAgent }, 1481305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood { "forwardx11", oForwardX11 }, 1491305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood { "forwardx11trusted", oForwardX11Trusted }, 1501305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood { "forwardx11timeout", oForwardX11Timeout }, 1511305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood { "exitonforwardfailure", oExitOnForwardFailure }, 1521305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood { "xauthlocation", oXAuthLocation }, 1531305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood { "gatewayports", oGatewayPorts }, 1541305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood { "useprivilegedport", oUsePrivilegedPort }, 1551305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood { "rhostsauthentication", oDeprecated }, 1561305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood { "passwordauthentication", oPasswordAuthentication }, 1571305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood { "kbdinteractiveauthentication", oKbdInteractiveAuthentication }, 1581305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood { "kbdinteractivedevices", oKbdInteractiveDevices }, 1591305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood { "rsaauthentication", oRSAAuthentication }, 1601305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood { "pubkeyauthentication", oPubkeyAuthentication }, 1611305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood { "dsaauthentication", oPubkeyAuthentication }, /* alias */ 1621305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood { "rhostsrsaauthentication", oRhostsRSAAuthentication }, 1631305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood { "hostbasedauthentication", oHostbasedAuthentication }, 1641305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood { "challengeresponseauthentication", oChallengeResponseAuthentication }, 1651305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood { "skeyauthentication", oChallengeResponseAuthentication }, /* alias */ 1661305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood { "tisauthentication", oChallengeResponseAuthentication }, /* alias */ 1671305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood { "kerberosauthentication", oUnsupported }, 1681305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood { "kerberostgtpassing", oUnsupported }, 1691305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood { "afstokenpassing", oUnsupported }, 1701305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood#if defined(GSSAPI) 1711305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood { "gssapiauthentication", oGssAuthentication }, 1721305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood { "gssapidelegatecredentials", oGssDelegateCreds }, 1731305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood#else 1741305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood { "gssapiauthentication", oUnsupported }, 1751305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood { "gssapidelegatecredentials", oUnsupported }, 1761305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood#endif 1771305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood { "fallbacktorsh", oDeprecated }, 1781305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood { "usersh", oDeprecated }, 1791305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood { "identityfile", oIdentityFile }, 1801305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood { "identityfile2", oIdentityFile }, /* obsolete */ 1811305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood { "identitiesonly", oIdentitiesOnly }, 1821305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood { "hostname", oHostName }, 1831305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood { "hostkeyalias", oHostKeyAlias }, 1841305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood { "proxycommand", oProxyCommand }, 1851305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood { "port", oPort }, 1861305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood { "cipher", oCipher }, 1871305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood { "ciphers", oCiphers }, 1881305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood { "macs", oMacs }, 1891305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood { "protocol", oProtocol }, 1901305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood { "remoteforward", oRemoteForward }, 1911305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood { "localforward", oLocalForward }, 1921305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood { "user", oUser }, 1931305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood { "host", oHost }, 1941305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood { "escapechar", oEscapeChar }, 1951305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood { "globalknownhostsfile", oGlobalKnownHostsFile }, 1961305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood { "globalknownhostsfile2", oDeprecated }, 1971305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood { "userknownhostsfile", oUserKnownHostsFile }, 1981305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood { "userknownhostsfile2", oDeprecated }, 1991305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood { "connectionattempts", oConnectionAttempts }, 2001305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood { "batchmode", oBatchMode }, 2011305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood { "checkhostip", oCheckHostIP }, 2021305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood { "stricthostkeychecking", oStrictHostKeyChecking }, 2031305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood { "compression", oCompression }, 2041305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood { "compressionlevel", oCompressionLevel }, 2051305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood { "tcpkeepalive", oTCPKeepAlive }, 2061305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood { "keepalive", oTCPKeepAlive }, /* obsolete */ 2071305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood { "numberofpasswordprompts", oNumberOfPasswordPrompts }, 2081305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood { "loglevel", oLogLevel }, 2091305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood { "dynamicforward", oDynamicForward }, 2101305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood { "preferredauthentications", oPreferredAuthentications }, 2111305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood { "hostkeyalgorithms", oHostKeyAlgorithms }, 2121305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood { "bindaddress", oBindAddress }, 2131305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood#ifdef ENABLE_PKCS11 2141305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood { "smartcarddevice", oPKCS11Provider }, 2151305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood { "pkcs11provider", oPKCS11Provider }, 2161305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood#else 2171305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood { "smartcarddevice", oUnsupported }, 2181305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood { "pkcs11provider", oUnsupported }, 2191305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood#endif 2201305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood { "clearallforwardings", oClearAllForwardings }, 2211305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood { "enablesshkeysign", oEnableSSHKeysign }, 2221305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood { "verifyhostkeydns", oVerifyHostKeyDNS }, 2231305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood { "nohostauthenticationforlocalhost", oNoHostAuthenticationForLocalhost }, 2241305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood { "rekeylimit", oRekeyLimit }, 2251305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood { "connecttimeout", oConnectTimeout }, 2261305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood { "addressfamily", oAddressFamily }, 2271305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood { "serveraliveinterval", oServerAliveInterval }, 2281305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood { "serveralivecountmax", oServerAliveCountMax }, 2291305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood { "sendenv", oSendEnv }, 2301305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood { "controlpath", oControlPath }, 2311305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood { "controlmaster", oControlMaster }, 2321305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood { "controlpersist", oControlPersist }, 2331305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood { "hashknownhosts", oHashKnownHosts }, 2341305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood { "tunnel", oTunnel }, 2351305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood { "tunneldevice", oTunnelDevice }, 2361305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood { "localcommand", oLocalCommand }, 2371305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood { "permitlocalcommand", oPermitLocalCommand }, 2381305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood { "visualhostkey", oVisualHostKey }, 2391305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood { "useroaming", oUseRoaming }, 2401305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood#ifdef JPAKE 2411305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood { "zeroknowledgepasswordauthentication", 2421305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood oZeroKnowledgePasswordAuthentication }, 2431305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood#else 2441305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood { "zeroknowledgepasswordauthentication", oUnsupported }, 2451305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood#endif 2461305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood { "kexalgorithms", oKexAlgorithms }, 2471305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood { "ipqos", oIPQoS }, 2481305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood { "requesttty", oRequestTTY }, 2491305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 2501305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood { NULL, oBadOption } 2511305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood}; 2521305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 2531305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood/* 2541305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood * Adds a local TCP/IP port forward to options. Never returns if there is an 2551305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood * error. 2561305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood */ 2571305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 2581305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodvoid 2591305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodadd_local_forward(Options *options, const Forward *newfwd) 2601305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood{ 2611305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood Forward *fwd; 2621305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood#ifndef NO_IPPORT_RESERVED_CONCEPT 2631305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood extern uid_t original_real_uid; 2641305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (newfwd->listen_port < IPPORT_RESERVED && original_real_uid != 0) 2651305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood fatal("Privileged ports can only be forwarded by root."); 2661305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood#endif 2671305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood options->local_forwards = xrealloc(options->local_forwards, 2681305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood options->num_local_forwards + 1, 2691305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood sizeof(*options->local_forwards)); 2701305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood fwd = &options->local_forwards[options->num_local_forwards++]; 2711305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 2721305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood fwd->listen_host = newfwd->listen_host; 2731305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood fwd->listen_port = newfwd->listen_port; 2741305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood fwd->connect_host = newfwd->connect_host; 2751305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood fwd->connect_port = newfwd->connect_port; 2761305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood} 2771305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 2781305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood/* 2791305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood * Adds a remote TCP/IP port forward to options. Never returns if there is 2801305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood * an error. 2811305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood */ 2821305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 2831305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodvoid 2841305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodadd_remote_forward(Options *options, const Forward *newfwd) 2851305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood{ 2861305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood Forward *fwd; 2871305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 2881305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood options->remote_forwards = xrealloc(options->remote_forwards, 2891305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood options->num_remote_forwards + 1, 2901305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood sizeof(*options->remote_forwards)); 2911305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood fwd = &options->remote_forwards[options->num_remote_forwards++]; 2921305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 2931305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood fwd->listen_host = newfwd->listen_host; 2941305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood fwd->listen_port = newfwd->listen_port; 2951305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood fwd->connect_host = newfwd->connect_host; 2961305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood fwd->connect_port = newfwd->connect_port; 2971305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood fwd->allocated_port = 0; 2981305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood} 2991305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 3001305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodstatic void 3011305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodclear_forwardings(Options *options) 3021305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood{ 3031305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood int i; 3041305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 3051305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood for (i = 0; i < options->num_local_forwards; i++) { 3061305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (options->local_forwards[i].listen_host != NULL) 3071305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood xfree(options->local_forwards[i].listen_host); 3081305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood xfree(options->local_forwards[i].connect_host); 3091305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood } 3101305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (options->num_local_forwards > 0) { 3111305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood xfree(options->local_forwards); 3121305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood options->local_forwards = NULL; 3131305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood } 3141305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood options->num_local_forwards = 0; 3151305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood for (i = 0; i < options->num_remote_forwards; i++) { 3161305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (options->remote_forwards[i].listen_host != NULL) 3171305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood xfree(options->remote_forwards[i].listen_host); 3181305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood xfree(options->remote_forwards[i].connect_host); 3191305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood } 3201305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (options->num_remote_forwards > 0) { 3211305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood xfree(options->remote_forwards); 3221305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood options->remote_forwards = NULL; 3231305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood } 3241305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood options->num_remote_forwards = 0; 3251305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood options->tun_open = SSH_TUNMODE_NO; 3261305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood} 3271305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 3281305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood/* 3291305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood * Returns the number of the token pointed to by cp or oBadOption. 3301305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood */ 3311305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 3321305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodstatic OpCodes 3331305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodparse_token(const char *cp, const char *filename, int linenum) 3341305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood{ 3351305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood u_int i; 3361305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 3371305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood for (i = 0; keywords[i].name; i++) 3381305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (strcasecmp(cp, keywords[i].name) == 0) 3391305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood return keywords[i].opcode; 3401305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 3411305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood error("%s: line %d: Bad configuration option: %s", 3421305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood filename, linenum, cp); 3431305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood return oBadOption; 3441305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood} 3451305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 3461305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood/* 3471305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood * Processes a single option line as used in the configuration files. This 3481305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood * only sets those values that have not already been set. 3491305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood */ 3501305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood#define WHITESPACE " \t\r\n" 3511305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 3521305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodint 3531305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodprocess_config_line(Options *options, const char *host, 3541305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood char *line, const char *filename, int linenum, 3551305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood int *activep) 3561305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood{ 3571305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood char *s, **charptr, *endofnumber, *keyword, *arg, *arg2; 3581305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood char **cpptr, fwdarg[256]; 3591305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood u_int *uintptr, max_entries = 0; 3601305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood int negated, opcode, *intptr, value, value2, scale; 3611305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood LogLevel *log_level_ptr; 3621305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood long long orig, val64; 3631305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood size_t len; 3641305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood Forward fwd; 3651305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 3661305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood /* Strip trailing whitespace */ 3671305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood for (len = strlen(line) - 1; len > 0; len--) { 3681305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (strchr(WHITESPACE, line[len]) == NULL) 3691305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood break; 3701305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood line[len] = '\0'; 3711305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood } 3721305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 3731305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood s = line; 3741305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood /* Get the keyword. (Each line is supposed to begin with a keyword). */ 3751305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if ((keyword = strdelim(&s)) == NULL) 3761305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood return 0; 3771305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood /* Ignore leading whitespace. */ 3781305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (*keyword == '\0') 3791305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood keyword = strdelim(&s); 3801305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (keyword == NULL || !*keyword || *keyword == '\n' || *keyword == '#') 3811305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood return 0; 3821305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 3831305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood opcode = parse_token(keyword, filename, linenum); 3841305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 3851305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood switch (opcode) { 3861305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood case oBadOption: 3871305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood /* don't panic, but count bad options */ 3881305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood return -1; 3891305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood /* NOTREACHED */ 3901305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood case oConnectTimeout: 3911305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood intptr = &options->connection_timeout; 3921305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodparse_time: 3931305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood arg = strdelim(&s); 3941305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (!arg || *arg == '\0') 3951305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood fatal("%s line %d: missing time value.", 3961305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood filename, linenum); 3971305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if ((value = convtime(arg)) == -1) 3981305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood fatal("%s line %d: invalid time value.", 3991305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood filename, linenum); 4001305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (*activep && *intptr == -1) 4011305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood *intptr = value; 4021305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood break; 4031305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 4041305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood case oForwardAgent: 4051305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood intptr = &options->forward_agent; 4061305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodparse_flag: 4071305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood arg = strdelim(&s); 4081305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (!arg || *arg == '\0') 4091305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood fatal("%.200s line %d: Missing yes/no argument.", filename, linenum); 4101305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood value = 0; /* To avoid compiler warning... */ 4111305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (strcmp(arg, "yes") == 0 || strcmp(arg, "true") == 0) 4121305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood value = 1; 4131305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood else if (strcmp(arg, "no") == 0 || strcmp(arg, "false") == 0) 4141305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood value = 0; 4151305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood else 4161305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood fatal("%.200s line %d: Bad yes/no argument.", filename, linenum); 4171305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (*activep && *intptr == -1) 4181305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood *intptr = value; 4191305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood break; 4201305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 4211305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood case oForwardX11: 4221305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood intptr = &options->forward_x11; 4231305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood goto parse_flag; 4241305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 4251305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood case oForwardX11Trusted: 4261305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood intptr = &options->forward_x11_trusted; 4271305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood goto parse_flag; 4281305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 4291305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood case oForwardX11Timeout: 4301305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood intptr = &options->forward_x11_timeout; 4311305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood goto parse_time; 4321305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 4331305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood case oGatewayPorts: 4341305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood intptr = &options->gateway_ports; 4351305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood goto parse_flag; 4361305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 4371305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood case oExitOnForwardFailure: 4381305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood intptr = &options->exit_on_forward_failure; 4391305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood goto parse_flag; 4401305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 4411305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood case oUsePrivilegedPort: 4421305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood intptr = &options->use_privileged_port; 4431305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood goto parse_flag; 4441305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 4451305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood case oPasswordAuthentication: 4461305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood intptr = &options->password_authentication; 4471305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood goto parse_flag; 4481305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 4491305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood case oZeroKnowledgePasswordAuthentication: 4501305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood intptr = &options->zero_knowledge_password_authentication; 4511305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood goto parse_flag; 4521305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 4531305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood case oKbdInteractiveAuthentication: 4541305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood intptr = &options->kbd_interactive_authentication; 4551305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood goto parse_flag; 4561305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 4571305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood case oKbdInteractiveDevices: 4581305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood charptr = &options->kbd_interactive_devices; 4591305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood goto parse_string; 4601305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 4611305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood case oPubkeyAuthentication: 4621305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood intptr = &options->pubkey_authentication; 4631305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood goto parse_flag; 4641305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 4651305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood case oRSAAuthentication: 4661305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood intptr = &options->rsa_authentication; 4671305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood goto parse_flag; 4681305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 4691305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood case oRhostsRSAAuthentication: 4701305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood intptr = &options->rhosts_rsa_authentication; 4711305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood goto parse_flag; 4721305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 4731305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood case oHostbasedAuthentication: 4741305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood intptr = &options->hostbased_authentication; 4751305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood goto parse_flag; 4761305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 4771305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood case oChallengeResponseAuthentication: 4781305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood intptr = &options->challenge_response_authentication; 4791305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood goto parse_flag; 4801305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 4811305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood case oGssAuthentication: 4821305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood intptr = &options->gss_authentication; 4831305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood goto parse_flag; 4841305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 4851305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood case oGssDelegateCreds: 4861305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood intptr = &options->gss_deleg_creds; 4871305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood goto parse_flag; 4881305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 4891305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood case oBatchMode: 4901305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood intptr = &options->batch_mode; 4911305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood goto parse_flag; 4921305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 4931305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood case oCheckHostIP: 4941305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood intptr = &options->check_host_ip; 4951305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood goto parse_flag; 4961305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 4971305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood case oVerifyHostKeyDNS: 4981305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood intptr = &options->verify_host_key_dns; 4991305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood goto parse_yesnoask; 5001305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 5011305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood case oStrictHostKeyChecking: 5021305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood intptr = &options->strict_host_key_checking; 5031305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodparse_yesnoask: 5041305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood arg = strdelim(&s); 5051305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (!arg || *arg == '\0') 5061305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood fatal("%.200s line %d: Missing yes/no/ask argument.", 5071305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood filename, linenum); 5081305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood value = 0; /* To avoid compiler warning... */ 5091305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (strcmp(arg, "yes") == 0 || strcmp(arg, "true") == 0) 5101305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood value = 1; 5111305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood else if (strcmp(arg, "no") == 0 || strcmp(arg, "false") == 0) 5121305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood value = 0; 5131305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood else if (strcmp(arg, "ask") == 0) 5141305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood value = 2; 5151305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood else 5161305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood fatal("%.200s line %d: Bad yes/no/ask argument.", filename, linenum); 5171305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (*activep && *intptr == -1) 5181305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood *intptr = value; 5191305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood break; 5201305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 5211305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood case oCompression: 5221305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood intptr = &options->compression; 5231305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood goto parse_flag; 5241305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 5251305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood case oTCPKeepAlive: 5261305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood intptr = &options->tcp_keep_alive; 5271305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood goto parse_flag; 5281305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 5291305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood case oNoHostAuthenticationForLocalhost: 5301305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood intptr = &options->no_host_authentication_for_localhost; 5311305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood goto parse_flag; 5321305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 5331305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood case oNumberOfPasswordPrompts: 5341305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood intptr = &options->number_of_password_prompts; 5351305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood goto parse_int; 5361305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 5371305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood case oCompressionLevel: 5381305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood intptr = &options->compression_level; 5391305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood goto parse_int; 5401305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 5411305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood case oRekeyLimit: 5421305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood arg = strdelim(&s); 5431305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (!arg || *arg == '\0') 5441305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood fatal("%.200s line %d: Missing argument.", filename, linenum); 5451305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (arg[0] < '0' || arg[0] > '9') 5461305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood fatal("%.200s line %d: Bad number.", filename, linenum); 5471305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood orig = val64 = strtoll(arg, &endofnumber, 10); 5481305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (arg == endofnumber) 5491305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood fatal("%.200s line %d: Bad number.", filename, linenum); 5501305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood switch (toupper(*endofnumber)) { 5511305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood case '\0': 5521305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood scale = 1; 5531305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood break; 5541305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood case 'K': 5551305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood scale = 1<<10; 5561305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood break; 5571305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood case 'M': 5581305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood scale = 1<<20; 5591305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood break; 5601305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood case 'G': 5611305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood scale = 1<<30; 5621305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood break; 5631305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood default: 5641305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood fatal("%.200s line %d: Invalid RekeyLimit suffix", 5651305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood filename, linenum); 5661305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood } 5671305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood val64 *= scale; 5681305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood /* detect integer wrap and too-large limits */ 5691305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if ((val64 / scale) != orig || val64 > UINT_MAX) 5701305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood fatal("%.200s line %d: RekeyLimit too large", 5711305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood filename, linenum); 5721305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (val64 < 16) 5731305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood fatal("%.200s line %d: RekeyLimit too small", 5741305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood filename, linenum); 5751305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (*activep && options->rekey_limit == -1) 5761305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood options->rekey_limit = (u_int32_t)val64; 5771305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood break; 5781305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 5791305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood case oIdentityFile: 5801305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood arg = strdelim(&s); 5811305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (!arg || *arg == '\0') 5821305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood fatal("%.200s line %d: Missing argument.", filename, linenum); 5831305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (*activep) { 5841305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood intptr = &options->num_identity_files; 5851305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (*intptr >= SSH_MAX_IDENTITY_FILES) 5861305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood fatal("%.200s line %d: Too many identity files specified (max %d).", 5871305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood filename, linenum, SSH_MAX_IDENTITY_FILES); 5881305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood charptr = &options->identity_files[*intptr]; 5891305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood *charptr = xstrdup(arg); 5901305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood *intptr = *intptr + 1; 5911305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood } 5921305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood break; 5931305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 5941305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood case oXAuthLocation: 5951305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood charptr=&options->xauth_location; 5961305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood goto parse_string; 5971305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 5981305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood case oUser: 5991305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood charptr = &options->user; 6001305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodparse_string: 6011305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood arg = strdelim(&s); 6021305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (!arg || *arg == '\0') 6031305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood fatal("%.200s line %d: Missing argument.", 6041305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood filename, linenum); 6051305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (*activep && *charptr == NULL) 6061305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood *charptr = xstrdup(arg); 6071305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood break; 6081305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 6091305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood case oGlobalKnownHostsFile: 6101305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood cpptr = (char **)&options->system_hostfiles; 6111305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood uintptr = &options->num_system_hostfiles; 6121305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood max_entries = SSH_MAX_HOSTS_FILES; 6131305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodparse_char_array: 6141305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (*activep && *uintptr == 0) { 6151305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood while ((arg = strdelim(&s)) != NULL && *arg != '\0') { 6161305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if ((*uintptr) >= max_entries) 6171305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood fatal("%s line %d: " 6181305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood "too many authorized keys files.", 6191305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood filename, linenum); 6201305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood cpptr[(*uintptr)++] = xstrdup(arg); 6211305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood } 6221305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood } 6231305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood return 0; 6241305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 6251305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood case oUserKnownHostsFile: 6261305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood cpptr = (char **)&options->user_hostfiles; 6271305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood uintptr = &options->num_user_hostfiles; 6281305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood max_entries = SSH_MAX_HOSTS_FILES; 6291305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood goto parse_char_array; 6301305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 6311305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood case oHostName: 6321305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood charptr = &options->hostname; 6331305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood goto parse_string; 6341305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 6351305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood case oHostKeyAlias: 6361305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood charptr = &options->host_key_alias; 6371305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood goto parse_string; 6381305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 6391305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood case oPreferredAuthentications: 6401305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood charptr = &options->preferred_authentications; 6411305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood goto parse_string; 6421305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 6431305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood case oBindAddress: 6441305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood charptr = &options->bind_address; 6451305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood goto parse_string; 6461305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 6471305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood case oPKCS11Provider: 6481305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood charptr = &options->pkcs11_provider; 6491305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood goto parse_string; 6501305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 6511305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood case oProxyCommand: 6521305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood charptr = &options->proxy_command; 6531305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodparse_command: 6541305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (s == NULL) 6551305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood fatal("%.200s line %d: Missing argument.", filename, linenum); 6561305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood len = strspn(s, WHITESPACE "="); 6571305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (*activep && *charptr == NULL) 6581305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood *charptr = xstrdup(s + len); 6591305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood return 0; 6601305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 6611305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood case oPort: 6621305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood intptr = &options->port; 6631305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodparse_int: 6641305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood arg = strdelim(&s); 6651305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (!arg || *arg == '\0') 6661305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood fatal("%.200s line %d: Missing argument.", filename, linenum); 6671305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (arg[0] < '0' || arg[0] > '9') 6681305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood fatal("%.200s line %d: Bad number.", filename, linenum); 6691305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 6701305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood /* Octal, decimal, or hex format? */ 6711305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood value = strtol(arg, &endofnumber, 0); 6721305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (arg == endofnumber) 6731305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood fatal("%.200s line %d: Bad number.", filename, linenum); 6741305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (*activep && *intptr == -1) 6751305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood *intptr = value; 6761305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood break; 6771305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 6781305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood case oConnectionAttempts: 6791305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood intptr = &options->connection_attempts; 6801305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood goto parse_int; 6811305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 6821305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood case oCipher: 6831305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood intptr = &options->cipher; 6841305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood arg = strdelim(&s); 6851305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (!arg || *arg == '\0') 6861305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood fatal("%.200s line %d: Missing argument.", filename, linenum); 6871305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood value = cipher_number(arg); 6881305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (value == -1) 6891305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood fatal("%.200s line %d: Bad cipher '%s'.", 6901305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood filename, linenum, arg ? arg : "<NONE>"); 6911305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (*activep && *intptr == -1) 6921305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood *intptr = value; 6931305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood break; 6941305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 6951305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood case oCiphers: 6961305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood arg = strdelim(&s); 6971305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (!arg || *arg == '\0') 6981305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood fatal("%.200s line %d: Missing argument.", filename, linenum); 6991305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (!ciphers_valid(arg)) 7001305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood fatal("%.200s line %d: Bad SSH2 cipher spec '%s'.", 7011305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood filename, linenum, arg ? arg : "<NONE>"); 7021305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (*activep && options->ciphers == NULL) 7031305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood options->ciphers = xstrdup(arg); 7041305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood break; 7051305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 7061305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood case oMacs: 7071305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood arg = strdelim(&s); 7081305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (!arg || *arg == '\0') 7091305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood fatal("%.200s line %d: Missing argument.", filename, linenum); 7101305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (!mac_valid(arg)) 7111305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood fatal("%.200s line %d: Bad SSH2 Mac spec '%s'.", 7121305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood filename, linenum, arg ? arg : "<NONE>"); 7131305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (*activep && options->macs == NULL) 7141305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood options->macs = xstrdup(arg); 7151305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood break; 7161305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 7171305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood case oKexAlgorithms: 7181305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood arg = strdelim(&s); 7191305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (!arg || *arg == '\0') 7201305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood fatal("%.200s line %d: Missing argument.", 7211305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood filename, linenum); 7221305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (!kex_names_valid(arg)) 7231305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood fatal("%.200s line %d: Bad SSH2 KexAlgorithms '%s'.", 7241305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood filename, linenum, arg ? arg : "<NONE>"); 7251305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (*activep && options->kex_algorithms == NULL) 7261305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood options->kex_algorithms = xstrdup(arg); 7271305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood break; 7281305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 7291305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood case oHostKeyAlgorithms: 7301305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood arg = strdelim(&s); 7311305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (!arg || *arg == '\0') 7321305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood fatal("%.200s line %d: Missing argument.", filename, linenum); 7331305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (!key_names_valid2(arg)) 7341305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood fatal("%.200s line %d: Bad protocol 2 host key algorithms '%s'.", 7351305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood filename, linenum, arg ? arg : "<NONE>"); 7361305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (*activep && options->hostkeyalgorithms == NULL) 7371305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood options->hostkeyalgorithms = xstrdup(arg); 7381305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood break; 7391305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 7401305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood case oProtocol: 7411305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood intptr = &options->protocol; 7421305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood arg = strdelim(&s); 7431305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (!arg || *arg == '\0') 7441305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood fatal("%.200s line %d: Missing argument.", filename, linenum); 7451305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood value = proto_spec(arg); 7461305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (value == SSH_PROTO_UNKNOWN) 7471305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood fatal("%.200s line %d: Bad protocol spec '%s'.", 7481305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood filename, linenum, arg ? arg : "<NONE>"); 7491305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (*activep && *intptr == SSH_PROTO_UNKNOWN) 7501305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood *intptr = value; 7511305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood break; 7521305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 7531305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood case oLogLevel: 7541305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood log_level_ptr = &options->log_level; 7551305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood arg = strdelim(&s); 7561305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood value = log_level_number(arg); 7571305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (value == SYSLOG_LEVEL_NOT_SET) 7581305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood fatal("%.200s line %d: unsupported log level '%s'", 7591305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood filename, linenum, arg ? arg : "<NONE>"); 7601305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (*activep && *log_level_ptr == SYSLOG_LEVEL_NOT_SET) 7611305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood *log_level_ptr = (LogLevel) value; 7621305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood break; 7631305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 7641305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood case oLocalForward: 7651305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood case oRemoteForward: 7661305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood case oDynamicForward: 7671305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood arg = strdelim(&s); 7681305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (arg == NULL || *arg == '\0') 7691305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood fatal("%.200s line %d: Missing port argument.", 7701305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood filename, linenum); 7711305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 7721305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (opcode == oLocalForward || 7731305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood opcode == oRemoteForward) { 7741305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood arg2 = strdelim(&s); 7751305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (arg2 == NULL || *arg2 == '\0') 7761305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood fatal("%.200s line %d: Missing target argument.", 7771305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood filename, linenum); 7781305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 7791305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood /* construct a string for parse_forward */ 7801305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood snprintf(fwdarg, sizeof(fwdarg), "%s:%s", arg, arg2); 7811305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood } else if (opcode == oDynamicForward) { 7821305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood strlcpy(fwdarg, arg, sizeof(fwdarg)); 7831305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood } 7841305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 7851305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (parse_forward(&fwd, fwdarg, 7861305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood opcode == oDynamicForward ? 1 : 0, 7871305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood opcode == oRemoteForward ? 1 : 0) == 0) 7881305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood fatal("%.200s line %d: Bad forwarding specification.", 7891305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood filename, linenum); 7901305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 7911305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (*activep) { 7921305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (opcode == oLocalForward || 7931305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood opcode == oDynamicForward) 7941305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood add_local_forward(options, &fwd); 7951305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood else if (opcode == oRemoteForward) 7961305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood add_remote_forward(options, &fwd); 7971305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood } 7981305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood break; 7991305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 8001305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood case oClearAllForwardings: 8011305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood intptr = &options->clear_forwardings; 8021305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood goto parse_flag; 8031305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 8041305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood case oHost: 8051305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood *activep = 0; 8061305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood arg2 = NULL; 8071305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood while ((arg = strdelim(&s)) != NULL && *arg != '\0') { 8081305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood negated = *arg == '!'; 8091305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (negated) 8101305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood arg++; 8111305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (match_pattern(host, arg)) { 8121305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (negated) { 8131305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood debug("%.200s line %d: Skipping Host " 8141305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood "block because of negated match " 8151305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood "for %.100s", filename, linenum, 8161305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood arg); 8171305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood *activep = 0; 8181305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood break; 8191305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood } 8201305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (!*activep) 8211305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood arg2 = arg; /* logged below */ 8221305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood *activep = 1; 8231305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood } 8241305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood } 8251305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (*activep) 8261305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood debug("%.200s line %d: Applying options for %.100s", 8271305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood filename, linenum, arg2); 8281305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood /* Avoid garbage check below, as strdelim is done. */ 8291305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood return 0; 8301305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 8311305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood case oEscapeChar: 8321305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood intptr = &options->escape_char; 8331305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood arg = strdelim(&s); 8341305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (!arg || *arg == '\0') 8351305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood fatal("%.200s line %d: Missing argument.", filename, linenum); 8361305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (arg[0] == '^' && arg[2] == 0 && 8371305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood (u_char) arg[1] >= 64 && (u_char) arg[1] < 128) 8381305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood value = (u_char) arg[1] & 31; 8391305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood else if (strlen(arg) == 1) 8401305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood value = (u_char) arg[0]; 8411305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood else if (strcmp(arg, "none") == 0) 8421305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood value = SSH_ESCAPECHAR_NONE; 8431305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood else { 8441305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood fatal("%.200s line %d: Bad escape character.", 8451305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood filename, linenum); 8461305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood /* NOTREACHED */ 8471305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood value = 0; /* Avoid compiler warning. */ 8481305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood } 8491305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (*activep && *intptr == -1) 8501305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood *intptr = value; 8511305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood break; 8521305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 8531305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood case oAddressFamily: 8541305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood arg = strdelim(&s); 8551305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (!arg || *arg == '\0') 8561305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood fatal("%s line %d: missing address family.", 8571305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood filename, linenum); 8581305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood intptr = &options->address_family; 8591305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (strcasecmp(arg, "inet") == 0) 8601305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood value = AF_INET; 8611305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood else if (strcasecmp(arg, "inet6") == 0) 8621305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood value = AF_INET6; 8631305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood else if (strcasecmp(arg, "any") == 0) 8641305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood value = AF_UNSPEC; 8651305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood else 8661305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood fatal("Unsupported AddressFamily \"%s\"", arg); 8671305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (*activep && *intptr == -1) 8681305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood *intptr = value; 8691305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood break; 8701305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 8711305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood case oEnableSSHKeysign: 8721305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood intptr = &options->enable_ssh_keysign; 8731305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood goto parse_flag; 8741305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 8751305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood case oIdentitiesOnly: 8761305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood intptr = &options->identities_only; 8771305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood goto parse_flag; 8781305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 8791305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood case oServerAliveInterval: 8801305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood intptr = &options->server_alive_interval; 8811305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood goto parse_time; 8821305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 8831305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood case oServerAliveCountMax: 8841305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood intptr = &options->server_alive_count_max; 8851305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood goto parse_int; 8861305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 8871305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood case oSendEnv: 8881305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood while ((arg = strdelim(&s)) != NULL && *arg != '\0') { 8891305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (strchr(arg, '=') != NULL) 8901305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood fatal("%s line %d: Invalid environment name.", 8911305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood filename, linenum); 8921305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (!*activep) 8931305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood continue; 8941305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (options->num_send_env >= MAX_SEND_ENV) 8951305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood fatal("%s line %d: too many send env.", 8961305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood filename, linenum); 8971305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood options->send_env[options->num_send_env++] = 8981305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood xstrdup(arg); 8991305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood } 9001305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood break; 9011305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 9021305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood case oControlPath: 9031305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood charptr = &options->control_path; 9041305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood goto parse_string; 9051305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 9061305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood case oControlMaster: 9071305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood intptr = &options->control_master; 9081305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood arg = strdelim(&s); 9091305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (!arg || *arg == '\0') 9101305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood fatal("%.200s line %d: Missing ControlMaster argument.", 9111305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood filename, linenum); 9121305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood value = 0; /* To avoid compiler warning... */ 9131305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (strcmp(arg, "yes") == 0 || strcmp(arg, "true") == 0) 9141305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood value = SSHCTL_MASTER_YES; 9151305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood else if (strcmp(arg, "no") == 0 || strcmp(arg, "false") == 0) 9161305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood value = SSHCTL_MASTER_NO; 9171305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood else if (strcmp(arg, "auto") == 0) 9181305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood value = SSHCTL_MASTER_AUTO; 9191305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood else if (strcmp(arg, "ask") == 0) 9201305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood value = SSHCTL_MASTER_ASK; 9211305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood else if (strcmp(arg, "autoask") == 0) 9221305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood value = SSHCTL_MASTER_AUTO_ASK; 9231305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood else 9241305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood fatal("%.200s line %d: Bad ControlMaster argument.", 9251305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood filename, linenum); 9261305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (*activep && *intptr == -1) 9271305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood *intptr = value; 9281305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood break; 9291305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 9301305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood case oControlPersist: 9311305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood /* no/false/yes/true, or a time spec */ 9321305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood intptr = &options->control_persist; 9331305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood arg = strdelim(&s); 9341305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (!arg || *arg == '\0') 9351305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood fatal("%.200s line %d: Missing ControlPersist" 9361305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood " argument.", filename, linenum); 9371305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood value = 0; 9381305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood value2 = 0; /* timeout */ 9391305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (strcmp(arg, "no") == 0 || strcmp(arg, "false") == 0) 9401305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood value = 0; 9411305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood else if (strcmp(arg, "yes") == 0 || strcmp(arg, "true") == 0) 9421305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood value = 1; 9431305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood else if ((value2 = convtime(arg)) >= 0) 9441305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood value = 1; 9451305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood else 9461305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood fatal("%.200s line %d: Bad ControlPersist argument.", 9471305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood filename, linenum); 9481305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (*activep && *intptr == -1) { 9491305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood *intptr = value; 9501305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood options->control_persist_timeout = value2; 9511305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood } 9521305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood break; 9531305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 9541305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood case oHashKnownHosts: 9551305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood intptr = &options->hash_known_hosts; 9561305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood goto parse_flag; 9571305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 9581305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood case oTunnel: 9591305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood intptr = &options->tun_open; 9601305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood arg = strdelim(&s); 9611305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (!arg || *arg == '\0') 9621305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood fatal("%s line %d: Missing yes/point-to-point/" 9631305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood "ethernet/no argument.", filename, linenum); 9641305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood value = 0; /* silence compiler */ 9651305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (strcasecmp(arg, "ethernet") == 0) 9661305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood value = SSH_TUNMODE_ETHERNET; 9671305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood else if (strcasecmp(arg, "point-to-point") == 0) 9681305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood value = SSH_TUNMODE_POINTOPOINT; 9691305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood else if (strcasecmp(arg, "yes") == 0) 9701305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood value = SSH_TUNMODE_DEFAULT; 9711305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood else if (strcasecmp(arg, "no") == 0) 9721305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood value = SSH_TUNMODE_NO; 9731305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood else 9741305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood fatal("%s line %d: Bad yes/point-to-point/ethernet/" 9751305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood "no argument: %s", filename, linenum, arg); 9761305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (*activep) 9771305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood *intptr = value; 9781305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood break; 9791305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 9801305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood case oTunnelDevice: 9811305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood arg = strdelim(&s); 9821305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (!arg || *arg == '\0') 9831305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood fatal("%.200s line %d: Missing argument.", filename, linenum); 9841305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood value = a2tun(arg, &value2); 9851305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (value == SSH_TUNID_ERR) 9861305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood fatal("%.200s line %d: Bad tun device.", filename, linenum); 9871305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (*activep) { 9881305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood options->tun_local = value; 9891305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood options->tun_remote = value2; 9901305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood } 9911305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood break; 9921305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 9931305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood case oLocalCommand: 9941305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood charptr = &options->local_command; 9951305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood goto parse_command; 9961305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 9971305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood case oPermitLocalCommand: 9981305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood intptr = &options->permit_local_command; 9991305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood goto parse_flag; 10001305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 10011305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood case oVisualHostKey: 10021305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood intptr = &options->visual_host_key; 10031305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood goto parse_flag; 10041305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 10051305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood case oIPQoS: 10061305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood arg = strdelim(&s); 10071305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if ((value = parse_ipqos(arg)) == -1) 10081305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood fatal("%s line %d: Bad IPQoS value: %s", 10091305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood filename, linenum, arg); 10101305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood arg = strdelim(&s); 10111305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (arg == NULL) 10121305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood value2 = value; 10131305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood else if ((value2 = parse_ipqos(arg)) == -1) 10141305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood fatal("%s line %d: Bad IPQoS value: %s", 10151305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood filename, linenum, arg); 10161305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (*activep) { 10171305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood options->ip_qos_interactive = value; 10181305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood options->ip_qos_bulk = value2; 10191305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood } 10201305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood break; 10211305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 10221305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood case oUseRoaming: 10231305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood intptr = &options->use_roaming; 10241305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood goto parse_flag; 10251305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 10261305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood case oRequestTTY: 10271305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood arg = strdelim(&s); 10281305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (!arg || *arg == '\0') 10291305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood fatal("%s line %d: missing argument.", 10301305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood filename, linenum); 10311305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood intptr = &options->request_tty; 10321305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (strcasecmp(arg, "yes") == 0) 10331305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood value = REQUEST_TTY_YES; 10341305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood else if (strcasecmp(arg, "no") == 0) 10351305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood value = REQUEST_TTY_NO; 10361305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood else if (strcasecmp(arg, "force") == 0) 10371305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood value = REQUEST_TTY_FORCE; 10381305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood else if (strcasecmp(arg, "auto") == 0) 10391305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood value = REQUEST_TTY_AUTO; 10401305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood else 10411305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood fatal("Unsupported RequestTTY \"%s\"", arg); 10421305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (*activep && *intptr == -1) 10431305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood *intptr = value; 10441305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood break; 10451305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 10461305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood case oDeprecated: 10471305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood debug("%s line %d: Deprecated option \"%s\"", 10481305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood filename, linenum, keyword); 10491305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood return 0; 10501305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 10511305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood case oUnsupported: 10521305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood error("%s line %d: Unsupported option \"%s\"", 10531305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood filename, linenum, keyword); 10541305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood return 0; 10551305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 10561305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood default: 10571305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood fatal("process_config_line: Unimplemented opcode %d", opcode); 10581305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood } 10591305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 10601305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood /* Check that there is no garbage at end of line. */ 10611305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if ((arg = strdelim(&s)) != NULL && *arg != '\0') { 10621305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood fatal("%.200s line %d: garbage at end of line; \"%.200s\".", 10631305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood filename, linenum, arg); 10641305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood } 10651305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood return 0; 10661305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood} 10671305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 10681305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 10691305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood/* 10701305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood * Reads the config file and modifies the options accordingly. Options 10711305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood * should already be initialized before this call. This never returns if 10721305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood * there is an error. If the file does not exist, this returns 0. 10731305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood */ 10741305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 10751305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodint 10761305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodread_config_file(const char *filename, const char *host, Options *options, 10771305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood int checkperm) 10781305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood{ 10791305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood FILE *f; 10801305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood char line[1024]; 10811305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood int active, linenum; 10821305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood int bad_options = 0; 10831305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 10841305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if ((f = fopen(filename, "r")) == NULL) 10851305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood return 0; 10861305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 10871305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (checkperm) { 10881305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood struct stat sb; 10891305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 10901305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (fstat(fileno(f), &sb) == -1) 10911305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood fatal("fstat %s: %s", filename, strerror(errno)); 10921305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (((sb.st_uid != 0 && sb.st_uid != getuid()) || 10931305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood (sb.st_mode & 022) != 0)) 10941305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood fatal("Bad owner or permissions on %s", filename); 10951305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood } 10961305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 10971305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood debug("Reading configuration data %.200s", filename); 10981305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 10991305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood /* 11001305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood * Mark that we are now processing the options. This flag is turned 11011305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood * on/off by Host specifications. 11021305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood */ 11031305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood active = 1; 11041305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood linenum = 0; 11051305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood while (fgets(line, sizeof(line), f)) { 11061305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood /* Update line number counter. */ 11071305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood linenum++; 11081305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (process_config_line(options, host, line, filename, linenum, &active) != 0) 11091305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood bad_options++; 11101305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood } 11111305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood fclose(f); 11121305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (bad_options > 0) 11131305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood fatal("%s: terminating, %d bad configuration options", 11141305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood filename, bad_options); 11151305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood return 1; 11161305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood} 11171305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 11181305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood/* 11191305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood * Initializes options to special values that indicate that they have not yet 11201305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood * been set. Read_config_file will only set options with this value. Options 11211305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood * are processed in the following order: command line, user config file, 11221305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood * system config file. Last, fill_default_options is called. 11231305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood */ 11241305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 11251305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodvoid 11261305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodinitialize_options(Options * options) 11271305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood{ 11281305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood memset(options, 'X', sizeof(*options)); 11291305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood options->forward_agent = -1; 11301305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood options->forward_x11 = -1; 11311305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood options->forward_x11_trusted = -1; 11321305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood options->forward_x11_timeout = -1; 11331305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood options->exit_on_forward_failure = -1; 11341305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood options->xauth_location = NULL; 11351305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood options->gateway_ports = -1; 11361305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood options->use_privileged_port = -1; 11371305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood options->rsa_authentication = -1; 11381305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood options->pubkey_authentication = -1; 11391305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood options->challenge_response_authentication = -1; 11401305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood options->gss_authentication = -1; 11411305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood options->gss_deleg_creds = -1; 11421305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood options->password_authentication = -1; 11431305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood options->kbd_interactive_authentication = -1; 11441305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood options->kbd_interactive_devices = NULL; 11451305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood options->rhosts_rsa_authentication = -1; 11461305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood options->hostbased_authentication = -1; 11471305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood options->batch_mode = -1; 11481305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood options->check_host_ip = -1; 11491305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood options->strict_host_key_checking = -1; 11501305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood options->compression = -1; 11511305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood options->tcp_keep_alive = -1; 11521305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood options->compression_level = -1; 11531305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood options->port = -1; 11541305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood options->address_family = -1; 11551305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood options->connection_attempts = -1; 11561305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood options->connection_timeout = -1; 11571305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood options->number_of_password_prompts = -1; 11581305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood options->cipher = -1; 11591305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood options->ciphers = NULL; 11601305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood options->macs = NULL; 11611305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood options->kex_algorithms = NULL; 11621305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood options->hostkeyalgorithms = NULL; 11631305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood options->protocol = SSH_PROTO_UNKNOWN; 11641305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood options->num_identity_files = 0; 11651305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood options->hostname = NULL; 11661305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood options->host_key_alias = NULL; 11671305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood options->proxy_command = NULL; 11681305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood options->user = NULL; 11691305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood options->escape_char = -1; 11701305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood options->num_system_hostfiles = 0; 11711305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood options->num_user_hostfiles = 0; 11721305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood options->local_forwards = NULL; 11731305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood options->num_local_forwards = 0; 11741305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood options->remote_forwards = NULL; 11751305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood options->num_remote_forwards = 0; 11761305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood options->clear_forwardings = -1; 11771305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood options->log_level = SYSLOG_LEVEL_NOT_SET; 11781305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood options->preferred_authentications = NULL; 11791305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood options->bind_address = NULL; 11801305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood options->pkcs11_provider = NULL; 11811305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood options->enable_ssh_keysign = - 1; 11821305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood options->no_host_authentication_for_localhost = - 1; 11831305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood options->identities_only = - 1; 11841305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood options->rekey_limit = - 1; 11851305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood options->verify_host_key_dns = -1; 11861305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood options->server_alive_interval = -1; 11871305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood options->server_alive_count_max = -1; 11881305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood options->num_send_env = 0; 11891305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood options->control_path = NULL; 11901305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood options->control_master = -1; 11911305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood options->control_persist = -1; 11921305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood options->control_persist_timeout = 0; 11931305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood options->hash_known_hosts = -1; 11941305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood options->tun_open = -1; 11951305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood options->tun_local = -1; 11961305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood options->tun_remote = -1; 11971305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood options->local_command = NULL; 11981305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood options->permit_local_command = -1; 11991305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood options->use_roaming = -1; 12001305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood options->visual_host_key = -1; 12011305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood options->zero_knowledge_password_authentication = -1; 12021305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood options->ip_qos_interactive = -1; 12031305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood options->ip_qos_bulk = -1; 12041305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood options->request_tty = -1; 12051305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood} 12061305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 12071305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood/* 12081305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood * Called after processing other sources of option data, this fills those 12091305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood * options for which no value has been specified with their default values. 12101305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood */ 12111305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 12121305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodvoid 12131305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodfill_default_options(Options * options) 12141305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood{ 12151305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood int len; 12161305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 12171305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (options->forward_agent == -1) 12181305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood options->forward_agent = 0; 12191305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (options->forward_x11 == -1) 12201305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood options->forward_x11 = 0; 12211305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (options->forward_x11_trusted == -1) 12221305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood options->forward_x11_trusted = 0; 12231305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (options->forward_x11_timeout == -1) 12241305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood options->forward_x11_timeout = 1200; 12251305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (options->exit_on_forward_failure == -1) 12261305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood options->exit_on_forward_failure = 0; 12271305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (options->xauth_location == NULL) 12281305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood options->xauth_location = _PATH_XAUTH; 12291305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (options->gateway_ports == -1) 12301305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood options->gateway_ports = 0; 12311305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (options->use_privileged_port == -1) 12321305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood options->use_privileged_port = 0; 12331305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (options->rsa_authentication == -1) 12341305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood options->rsa_authentication = 1; 12351305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (options->pubkey_authentication == -1) 12361305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood options->pubkey_authentication = 1; 12371305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (options->challenge_response_authentication == -1) 12381305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood options->challenge_response_authentication = 1; 12391305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (options->gss_authentication == -1) 12401305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood options->gss_authentication = 0; 12411305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (options->gss_deleg_creds == -1) 12421305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood options->gss_deleg_creds = 0; 12431305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (options->password_authentication == -1) 12441305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood options->password_authentication = 1; 12451305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (options->kbd_interactive_authentication == -1) 12461305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood options->kbd_interactive_authentication = 1; 12471305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (options->rhosts_rsa_authentication == -1) 12481305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood options->rhosts_rsa_authentication = 0; 12491305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (options->hostbased_authentication == -1) 12501305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood options->hostbased_authentication = 0; 12511305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (options->batch_mode == -1) 12521305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood options->batch_mode = 0; 12531305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (options->check_host_ip == -1) 12541305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood options->check_host_ip = 1; 12551305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (options->strict_host_key_checking == -1) 12561305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood options->strict_host_key_checking = 2; /* 2 is default */ 12571305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (options->compression == -1) 12581305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood options->compression = 0; 12591305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (options->tcp_keep_alive == -1) 12601305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood options->tcp_keep_alive = 1; 12611305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (options->compression_level == -1) 12621305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood options->compression_level = 6; 12631305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (options->port == -1) 12641305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood options->port = 0; /* Filled in ssh_connect. */ 12651305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (options->address_family == -1) 12661305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood options->address_family = AF_UNSPEC; 12671305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (options->connection_attempts == -1) 12681305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood options->connection_attempts = 1; 12691305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (options->number_of_password_prompts == -1) 12701305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood options->number_of_password_prompts = 3; 12711305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood /* Selected in ssh_login(). */ 12721305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (options->cipher == -1) 12731305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood options->cipher = SSH_CIPHER_NOT_SET; 12741305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood /* options->ciphers, default set in myproposals.h */ 12751305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood /* options->macs, default set in myproposals.h */ 12761305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood /* options->kex_algorithms, default set in myproposals.h */ 12771305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood /* options->hostkeyalgorithms, default set in myproposals.h */ 12781305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (options->protocol == SSH_PROTO_UNKNOWN) 12791305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood options->protocol = SSH_PROTO_2; 12801305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (options->num_identity_files == 0) { 12811305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (options->protocol & SSH_PROTO_1) { 12821305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood len = 2 + strlen(_PATH_SSH_CLIENT_IDENTITY) + 1; 12831305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood options->identity_files[options->num_identity_files] = 12841305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood xmalloc(len); 12851305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood snprintf(options->identity_files[options->num_identity_files++], 12861305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood len, "~/%.100s", _PATH_SSH_CLIENT_IDENTITY); 12871305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood } 12881305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (options->protocol & SSH_PROTO_2) { 12891305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood len = 2 + strlen(_PATH_SSH_CLIENT_ID_RSA) + 1; 12901305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood options->identity_files[options->num_identity_files] = 12911305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood xmalloc(len); 12921305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood snprintf(options->identity_files[options->num_identity_files++], 12931305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood len, "~/%.100s", _PATH_SSH_CLIENT_ID_RSA); 12941305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 12951305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood len = 2 + strlen(_PATH_SSH_CLIENT_ID_DSA) + 1; 12961305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood options->identity_files[options->num_identity_files] = 12971305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood xmalloc(len); 12981305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood snprintf(options->identity_files[options->num_identity_files++], 12991305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood len, "~/%.100s", _PATH_SSH_CLIENT_ID_DSA); 13001305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood#ifdef OPENSSL_HAS_ECC 13011305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood len = 2 + strlen(_PATH_SSH_CLIENT_ID_ECDSA) + 1; 13021305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood options->identity_files[options->num_identity_files] = 13031305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood xmalloc(len); 13041305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood snprintf(options->identity_files[options->num_identity_files++], 13051305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood len, "~/%.100s", _PATH_SSH_CLIENT_ID_ECDSA); 13061305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood#endif 13071305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood } 13081305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood } 13091305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (options->escape_char == -1) 13101305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood options->escape_char = '~'; 13111305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (options->num_system_hostfiles == 0) { 13121305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood options->system_hostfiles[options->num_system_hostfiles++] = 13131305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood xstrdup(_PATH_SSH_SYSTEM_HOSTFILE); 13141305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood options->system_hostfiles[options->num_system_hostfiles++] = 13151305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood xstrdup(_PATH_SSH_SYSTEM_HOSTFILE2); 13161305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood } 13171305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (options->num_user_hostfiles == 0) { 13181305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood options->user_hostfiles[options->num_user_hostfiles++] = 13191305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood xstrdup(_PATH_SSH_USER_HOSTFILE); 13201305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood options->user_hostfiles[options->num_user_hostfiles++] = 13211305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood xstrdup(_PATH_SSH_USER_HOSTFILE2); 13221305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood } 13231305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (options->log_level == SYSLOG_LEVEL_NOT_SET) 13241305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood options->log_level = SYSLOG_LEVEL_INFO; 13251305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (options->clear_forwardings == 1) 13261305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood clear_forwardings(options); 13271305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (options->no_host_authentication_for_localhost == - 1) 13281305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood options->no_host_authentication_for_localhost = 0; 13291305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (options->identities_only == -1) 13301305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood options->identities_only = 0; 13311305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (options->enable_ssh_keysign == -1) 13321305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood options->enable_ssh_keysign = 0; 13331305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (options->rekey_limit == -1) 13341305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood options->rekey_limit = 0; 13351305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (options->verify_host_key_dns == -1) 13361305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood options->verify_host_key_dns = 0; 13371305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (options->server_alive_interval == -1) 13381305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood options->server_alive_interval = 0; 13391305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (options->server_alive_count_max == -1) 13401305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood options->server_alive_count_max = 3; 13411305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (options->control_master == -1) 13421305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood options->control_master = 0; 13431305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (options->control_persist == -1) { 13441305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood options->control_persist = 0; 13451305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood options->control_persist_timeout = 0; 13461305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood } 13471305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (options->hash_known_hosts == -1) 13481305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood options->hash_known_hosts = 0; 13491305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (options->tun_open == -1) 13501305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood options->tun_open = SSH_TUNMODE_NO; 13511305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (options->tun_local == -1) 13521305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood options->tun_local = SSH_TUNID_ANY; 13531305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (options->tun_remote == -1) 13541305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood options->tun_remote = SSH_TUNID_ANY; 13551305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (options->permit_local_command == -1) 13561305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood options->permit_local_command = 0; 13571305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (options->use_roaming == -1) 13581305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood options->use_roaming = 1; 13591305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (options->visual_host_key == -1) 13601305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood options->visual_host_key = 0; 13611305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (options->zero_knowledge_password_authentication == -1) 13621305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood options->zero_knowledge_password_authentication = 0; 13631305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (options->ip_qos_interactive == -1) 13641305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood options->ip_qos_interactive = IPTOS_LOWDELAY; 13651305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (options->ip_qos_bulk == -1) 13661305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood options->ip_qos_bulk = IPTOS_THROUGHPUT; 13671305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (options->request_tty == -1) 13681305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood options->request_tty = REQUEST_TTY_AUTO; 13691305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood /* options->local_command should not be set by default */ 13701305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood /* options->proxy_command should not be set by default */ 13711305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood /* options->user will be set in the main program if appropriate */ 13721305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood /* options->hostname will be set in the main program if appropriate */ 13731305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood /* options->host_key_alias should not be set by default */ 13741305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood /* options->preferred_authentications will be set in ssh */ 13751305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood} 13761305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 13771305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood/* 13781305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood * parse_forward 13791305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood * parses a string containing a port forwarding specification of the form: 13801305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood * dynamicfwd == 0 13811305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood * [listenhost:]listenport:connecthost:connectport 13821305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood * dynamicfwd == 1 13831305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood * [listenhost:]listenport 13841305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood * returns number of arguments parsed or zero on error 13851305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood */ 13861305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodint 13871305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodparse_forward(Forward *fwd, const char *fwdspec, int dynamicfwd, int remotefwd) 13881305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood{ 13891305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood int i; 13901305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood char *p, *cp, *fwdarg[4]; 13911305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 13921305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood memset(fwd, '\0', sizeof(*fwd)); 13931305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 13941305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood cp = p = xstrdup(fwdspec); 13951305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 13961305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood /* skip leading spaces */ 13971305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood while (isspace(*cp)) 13981305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood cp++; 13991305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 14001305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood for (i = 0; i < 4; ++i) 14011305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if ((fwdarg[i] = hpdelim(&cp)) == NULL) 14021305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood break; 14031305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 14041305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood /* Check for trailing garbage */ 14051305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (cp != NULL) 14061305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood i = 0; /* failure */ 14071305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 14081305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood switch (i) { 14091305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood case 1: 14101305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood fwd->listen_host = NULL; 14111305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood fwd->listen_port = a2port(fwdarg[0]); 14121305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood fwd->connect_host = xstrdup("socks"); 14131305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood break; 14141305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 14151305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood case 2: 14161305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood fwd->listen_host = xstrdup(cleanhostname(fwdarg[0])); 14171305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood fwd->listen_port = a2port(fwdarg[1]); 14181305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood fwd->connect_host = xstrdup("socks"); 14191305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood break; 14201305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 14211305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood case 3: 14221305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood fwd->listen_host = NULL; 14231305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood fwd->listen_port = a2port(fwdarg[0]); 14241305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood fwd->connect_host = xstrdup(cleanhostname(fwdarg[1])); 14251305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood fwd->connect_port = a2port(fwdarg[2]); 14261305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood break; 14271305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 14281305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood case 4: 14291305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood fwd->listen_host = xstrdup(cleanhostname(fwdarg[0])); 14301305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood fwd->listen_port = a2port(fwdarg[1]); 14311305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood fwd->connect_host = xstrdup(cleanhostname(fwdarg[2])); 14321305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood fwd->connect_port = a2port(fwdarg[3]); 14331305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood break; 14341305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood default: 14351305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood i = 0; /* failure */ 14361305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood } 14371305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 14381305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood xfree(p); 14391305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 14401305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (dynamicfwd) { 14411305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (!(i == 1 || i == 2)) 14421305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood goto fail_free; 14431305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood } else { 14441305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (!(i == 3 || i == 4)) 14451305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood goto fail_free; 14461305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (fwd->connect_port <= 0) 14471305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood goto fail_free; 14481305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood } 14491305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 14501305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (fwd->listen_port < 0 || (!remotefwd && fwd->listen_port == 0)) 14511305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood goto fail_free; 14521305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 14531305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (fwd->connect_host != NULL && 14541305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood strlen(fwd->connect_host) >= NI_MAXHOST) 14551305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood goto fail_free; 14561305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (fwd->listen_host != NULL && 14571305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood strlen(fwd->listen_host) >= NI_MAXHOST) 14581305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood goto fail_free; 14591305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 14601305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 14611305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood return (i); 14621305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 14631305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood fail_free: 14641305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (fwd->connect_host != NULL) { 14651305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood xfree(fwd->connect_host); 14661305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood fwd->connect_host = NULL; 14671305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood } 14681305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (fwd->listen_host != NULL) { 14691305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood xfree(fwd->listen_host); 14701305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood fwd->listen_host = NULL; 14711305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood } 14721305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood return (0); 14731305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood} 1474