1 2 /* $OpenBSD: servconf.c,v 1.280 2015/08/06 14:53:21 deraadt Exp $ */ 3 /* 4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland 5 * All rights reserved 6 * 7 * As far as I am concerned, the code I have written for this software 8 * can be used freely for any purpose. Any derived versions of this 9 * software must be clearly marked as such, and if the derived work is 10 * incompatible with the protocol description in the RFC file, it must be 11 * called by a name other than "ssh" or "Secure Shell". 12 */ 13 14 #include "includes.h" 15 __RCSID("$FreeBSD$"); 16 17 #include <sys/types.h> 18 #include <sys/socket.h> 19 20 #include <netinet/in.h> 21 #include <netinet/in_systm.h> 22 #include <netinet/ip.h> 23 24 #include <ctype.h> 25 #include <netdb.h> 26 #include <pwd.h> 27 #include <stdio.h> 28 #include <stdlib.h> 29 #include <string.h> 30 #include <signal.h> 31 #include <unistd.h> 32 #include <limits.h> 33 #include <stdarg.h> 34 #include <errno.h> 35 #ifdef HAVE_UTIL_H 36 #include <util.h> 37 #endif 38 39 #include "openbsd-compat/sys-queue.h" 40 #include "xmalloc.h" 41 #include "ssh.h" 42 #include "log.h" 43 #include "buffer.h" 44 #include "misc.h" 45 #include "servconf.h" 46 #include "compat.h" 47 #include "pathnames.h" 48 #include "cipher.h" 49 #include "key.h" 50 #include "kex.h" 51 #include "mac.h" 52 #include "match.h" 53 #include "channels.h" 54 #include "groupaccess.h" 55 #include "canohost.h" 56 #include "packet.h" 57 #include "hostfile.h" 58 #include "auth.h" 59 #include "myproposal.h" 60 #include "digest.h" 61 #include "version.h" 62 63 static void add_listen_addr(ServerOptions *, char *, int); 64 static void add_one_listen_addr(ServerOptions *, char *, int); 65 66 /* Use of privilege separation or not */ 67 extern int use_privsep; 68 extern Buffer cfg; 69 70 /* Initializes the server options to their default values. */ 71 72 void 73 initialize_server_options(ServerOptions *options) 74 { 75 memset(options, 0, sizeof(*options)); 76 77 /* Portable-specific options */ 78 options->use_pam = -1; 79 80 /* Standard Options */ 81 options->num_ports = 0; 82 options->ports_from_cmdline = 0; 83 options->queued_listen_addrs = NULL; 84 options->num_queued_listens = 0; 85 options->listen_addrs = NULL; 86 options->address_family = -1; 87 options->num_host_key_files = 0; 88 options->num_host_cert_files = 0; 89 options->host_key_agent = NULL; 90 options->pid_file = NULL; 91 options->server_key_bits = -1; 92 options->login_grace_time = -1; 93 options->key_regeneration_time = -1; 94 options->permit_root_login = PERMIT_NOT_SET; 95 options->ignore_rhosts = -1; 96 options->ignore_user_known_hosts = -1; 97 options->print_motd = -1; 98 options->print_lastlog = -1; 99 options->x11_forwarding = -1; 100 options->x11_display_offset = -1; 101 options->x11_use_localhost = -1; 102 options->permit_tty = -1; 103 options->permit_user_rc = -1; 104 options->xauth_location = NULL; 105 options->strict_modes = -1; 106 options->tcp_keep_alive = -1; 107 options->log_facility = SYSLOG_FACILITY_NOT_SET; 108 options->log_level = SYSLOG_LEVEL_NOT_SET; 109 options->rhosts_rsa_authentication = -1; 110 options->hostbased_authentication = -1; 111 options->hostbased_uses_name_from_packet_only = -1; 112 options->hostbased_key_types = NULL; 113 options->hostkeyalgorithms = NULL; 114 options->rsa_authentication = -1; 115 options->pubkey_authentication = -1; 116 options->pubkey_key_types = NULL; 117 options->kerberos_authentication = -1; 118 options->kerberos_or_local_passwd = -1; 119 options->kerberos_ticket_cleanup = -1; 120 options->kerberos_get_afs_token = -1; 121 options->gss_authentication=-1; 122 options->gss_cleanup_creds = -1; 123 options->gss_strict_acceptor = -1; 124 options->password_authentication = -1; 125 options->kbd_interactive_authentication = -1; 126 options->challenge_response_authentication = -1; 127 options->permit_empty_passwd = -1; 128 options->permit_user_env = -1; 129 options->use_login = -1; 130 options->compression = -1; 131 options->rekey_limit = -1; 132 options->rekey_interval = -1; 133 options->allow_tcp_forwarding = -1; 134 options->allow_streamlocal_forwarding = -1; 135 options->allow_agent_forwarding = -1; 136 options->num_allow_users = 0; 137 options->num_deny_users = 0; 138 options->num_allow_groups = 0; 139 options->num_deny_groups = 0; 140 options->ciphers = NULL; 141 options->macs = NULL; 142 options->kex_algorithms = NULL; 143 options->protocol = SSH_PROTO_UNKNOWN; 144 options->fwd_opts.gateway_ports = -1; 145 options->fwd_opts.streamlocal_bind_mask = (mode_t)-1; 146 options->fwd_opts.streamlocal_bind_unlink = -1; 147 options->num_subsystems = 0; 148 options->max_startups_begin = -1; 149 options->max_startups_rate = -1; 150 options->max_startups = -1; 151 options->max_authtries = -1; 152 options->max_sessions = -1; 153 options->banner = NULL; 154 options->use_dns = -1; 155 options->client_alive_interval = -1; 156 options->client_alive_count_max = -1; 157 options->num_authkeys_files = 0; 158 options->num_accept_env = 0; 159 options->permit_tun = -1; 160 options->num_permitted_opens = -1; 161 options->adm_forced_command = NULL; 162 options->chroot_directory = NULL; 163 options->authorized_keys_command = NULL; 164 options->authorized_keys_command_user = NULL; 165 options->revoked_keys_file = NULL; 166 options->trusted_user_ca_keys = NULL; 167 options->authorized_principals_file = NULL; 168 options->authorized_principals_command = NULL; 169 options->authorized_principals_command_user = NULL; 170 options->ip_qos_interactive = -1; 171 options->ip_qos_bulk = -1; 172 options->version_addendum = NULL; 173 options->fingerprint_hash = -1; 174 } 175 176 /* Returns 1 if a string option is unset or set to "none" or 0 otherwise. */ 177 static int 178 option_clear_or_none(const char *o) 179 { 180 return o == NULL || strcasecmp(o, "none") == 0; 181 } 182 183 void 184 fill_default_server_options(ServerOptions *options) 185 { 186 int i; 187 188 /* Portable-specific options */ 189 if (options->use_pam == -1) 190 options->use_pam = 1; 191 192 /* Standard Options */ 193 if (options->protocol == SSH_PROTO_UNKNOWN) 194 options->protocol = SSH_PROTO_2; 195 if (options->protocol & SSH_PROTO_1) 196 error("WARNING: SSH protocol version 1 enabled"); 197 if (options->num_host_key_files == 0) { 198 /* fill default hostkeys for protocols */ 199 if (options->protocol & SSH_PROTO_1) 200 options->host_key_files[options->num_host_key_files++] = 201 _PATH_HOST_KEY_FILE; 202 if (options->protocol & SSH_PROTO_2) { 203 options->host_key_files[options->num_host_key_files++] = 204 _PATH_HOST_RSA_KEY_FILE; 205 options->host_key_files[options->num_host_key_files++] = 206 _PATH_HOST_DSA_KEY_FILE; 207 #ifdef OPENSSL_HAS_ECC 208 options->host_key_files[options->num_host_key_files++] = 209 _PATH_HOST_ECDSA_KEY_FILE; 210 #endif 211 options->host_key_files[options->num_host_key_files++] = 212 _PATH_HOST_ED25519_KEY_FILE; 213 } 214 } 215 /* No certificates by default */ 216 if (options->num_ports == 0) 217 options->ports[options->num_ports++] = SSH_DEFAULT_PORT; 218 if (options->address_family == -1) 219 options->address_family = AF_UNSPEC; 220 if (options->listen_addrs == NULL) 221 add_listen_addr(options, NULL, 0); 222 if (options->pid_file == NULL) 223 options->pid_file = xstrdup(_PATH_SSH_DAEMON_PID_FILE); 224 if (options->server_key_bits == -1) 225 options->server_key_bits = 1024; 226 if (options->login_grace_time == -1) 227 options->login_grace_time = 120; 228 if (options->key_regeneration_time == -1) 229 options->key_regeneration_time = 3600; 230 if (options->permit_root_login == PERMIT_NOT_SET) 231 options->permit_root_login = PERMIT_NO; 232 if (options->ignore_rhosts == -1) 233 options->ignore_rhosts = 1; 234 if (options->ignore_user_known_hosts == -1) 235 options->ignore_user_known_hosts = 0; 236 if (options->print_motd == -1) 237 options->print_motd = 1; 238 if (options->print_lastlog == -1) 239 options->print_lastlog = 1; 240 if (options->x11_forwarding == -1) 241 options->x11_forwarding = 1; 242 if (options->x11_display_offset == -1) 243 options->x11_display_offset = 10; 244 if (options->x11_use_localhost == -1) 245 options->x11_use_localhost = 1; 246 if (options->xauth_location == NULL) 247 options->xauth_location = xstrdup(_PATH_XAUTH); 248 if (options->permit_tty == -1) 249 options->permit_tty = 1; 250 if (options->permit_user_rc == -1) 251 options->permit_user_rc = 1; 252 if (options->strict_modes == -1) 253 options->strict_modes = 1; 254 if (options->tcp_keep_alive == -1) 255 options->tcp_keep_alive = 1; 256 if (options->log_facility == SYSLOG_FACILITY_NOT_SET) 257 options->log_facility = SYSLOG_FACILITY_AUTH; 258 if (options->log_level == SYSLOG_LEVEL_NOT_SET) 259 options->log_level = SYSLOG_LEVEL_INFO; 260 if (options->rhosts_rsa_authentication == -1) 261 options->rhosts_rsa_authentication = 0; 262 if (options->hostbased_authentication == -1) 263 options->hostbased_authentication = 0; 264 if (options->hostbased_uses_name_from_packet_only == -1) 265 options->hostbased_uses_name_from_packet_only = 0; 266 if (options->hostkeyalgorithms == NULL) 267 options->hostkeyalgorithms = xstrdup(KEX_DEFAULT_PK_ALG); 268 if (options->rsa_authentication == -1) 269 options->rsa_authentication = 1; 270 if (options->pubkey_authentication == -1) 271 options->pubkey_authentication = 1; 272 if (options->kerberos_authentication == -1) 273 options->kerberos_authentication = 0; 274 if (options->kerberos_or_local_passwd == -1) 275 options->kerberos_or_local_passwd = 1; 276 if (options->kerberos_ticket_cleanup == -1) 277 options->kerberos_ticket_cleanup = 1; 278 if (options->kerberos_get_afs_token == -1) 279 options->kerberos_get_afs_token = 0; 280 if (options->gss_authentication == -1) 281 options->gss_authentication = 0; 282 if (options->gss_cleanup_creds == -1) 283 options->gss_cleanup_creds = 1; 284 if (options->gss_strict_acceptor == -1) 285 options->gss_strict_acceptor = 0; 286 if (options->password_authentication == -1) 287 options->password_authentication = 0; 288 if (options->kbd_interactive_authentication == -1) 289 options->kbd_interactive_authentication = 0; 290 if (options->challenge_response_authentication == -1) 291 options->challenge_response_authentication = 1; 292 if (options->permit_empty_passwd == -1) 293 options->permit_empty_passwd = 0; 294 if (options->permit_user_env == -1) 295 options->permit_user_env = 0; 296 if (options->use_login == -1) 297 options->use_login = 0; 298 if (options->compression == -1) 299 options->compression = COMP_DELAYED; 300 if (options->rekey_limit == -1) 301 options->rekey_limit = 0; 302 if (options->rekey_interval == -1) 303 options->rekey_interval = 0; 304 if (options->allow_tcp_forwarding == -1) 305 options->allow_tcp_forwarding = FORWARD_ALLOW; 306 if (options->allow_streamlocal_forwarding == -1) 307 options->allow_streamlocal_forwarding = FORWARD_ALLOW; 308 if (options->allow_agent_forwarding == -1) 309 options->allow_agent_forwarding = 1; 310 if (options->fwd_opts.gateway_ports == -1) 311 options->fwd_opts.gateway_ports = 0; 312 if (options->max_startups == -1) 313 options->max_startups = 100; 314 if (options->max_startups_rate == -1) 315 options->max_startups_rate = 30; /* 30% */ 316 if (options->max_startups_begin == -1) 317 options->max_startups_begin = 10; 318 if (options->max_authtries == -1) 319 options->max_authtries = DEFAULT_AUTH_FAIL_MAX; 320 if (options->max_sessions == -1) 321 options->max_sessions = DEFAULT_SESSIONS_MAX; 322 if (options->use_dns == -1) 323 options->use_dns = 0; 324 if (options->client_alive_interval == -1) 325 options->client_alive_interval = 0; 326 if (options->client_alive_count_max == -1) 327 options->client_alive_count_max = 3; 328 if (options->num_authkeys_files == 0) { 329 options->authorized_keys_files[options->num_authkeys_files++] = 330 xstrdup(_PATH_SSH_USER_PERMITTED_KEYS); 331 options->authorized_keys_files[options->num_authkeys_files++] = 332 xstrdup(_PATH_SSH_USER_PERMITTED_KEYS2); 333 } 334 if (options->permit_tun == -1) 335 options->permit_tun = SSH_TUNMODE_NO; 336 if (options->ip_qos_interactive == -1) 337 options->ip_qos_interactive = IPTOS_LOWDELAY; 338 if (options->ip_qos_bulk == -1) 339 options->ip_qos_bulk = IPTOS_THROUGHPUT; 340 if (options->version_addendum == NULL) 341 options->version_addendum = xstrdup(SSH_VERSION_FREEBSD); 342 if (options->fwd_opts.streamlocal_bind_mask == (mode_t)-1) 343 options->fwd_opts.streamlocal_bind_mask = 0177; 344 if (options->fwd_opts.streamlocal_bind_unlink == -1) 345 options->fwd_opts.streamlocal_bind_unlink = 0; 346 if (options->fingerprint_hash == -1) 347 options->fingerprint_hash = SSH_FP_HASH_DEFAULT; 348 349 if (kex_assemble_names(KEX_SERVER_ENCRYPT, &options->ciphers) != 0 || 350 kex_assemble_names(KEX_SERVER_MAC, &options->macs) != 0 || 351 kex_assemble_names(KEX_SERVER_KEX, &options->kex_algorithms) != 0 || 352 kex_assemble_names(KEX_DEFAULT_PK_ALG, 353 &options->hostbased_key_types) != 0 || 354 kex_assemble_names(KEX_DEFAULT_PK_ALG, 355 &options->pubkey_key_types) != 0) 356 fatal("%s: kex_assemble_names failed", __func__); 357 358 /* Turn privilege separation on by default */ 359 if (use_privsep == -1) 360 use_privsep = PRIVSEP_ON; 361 362 #define CLEAR_ON_NONE(v) \ 363 do { \ 364 if (option_clear_or_none(v)) { \ 365 free(v); \ 366 v = NULL; \ 367 } \ 368 } while(0) 369 CLEAR_ON_NONE(options->pid_file); 370 CLEAR_ON_NONE(options->xauth_location); 371 CLEAR_ON_NONE(options->banner); 372 CLEAR_ON_NONE(options->trusted_user_ca_keys); 373 CLEAR_ON_NONE(options->revoked_keys_file); 374 CLEAR_ON_NONE(options->authorized_principals_file); 375 for (i = 0; i < options->num_host_key_files; i++) 376 CLEAR_ON_NONE(options->host_key_files[i]); 377 for (i = 0; i < options->num_host_cert_files; i++) 378 CLEAR_ON_NONE(options->host_cert_files[i]); 379 #undef CLEAR_ON_NONE 380 381 #ifndef HAVE_MMAP 382 if (use_privsep && options->compression == 1) { 383 error("This platform does not support both privilege " 384 "separation and compression"); 385 error("Compression disabled"); 386 options->compression = 0; 387 } 388 #endif 389 390 } 391 392 /* Keyword tokens. */ 393 typedef enum { 394 sBadOption, /* == unknown option */ 395 /* Portable-specific options */ 396 sUsePAM, 397 /* Standard Options */ 398 sPort, sHostKeyFile, sServerKeyBits, sLoginGraceTime, 399 sKeyRegenerationTime, sPermitRootLogin, sLogFacility, sLogLevel, 400 sRhostsRSAAuthentication, sRSAAuthentication, 401 sKerberosAuthentication, sKerberosOrLocalPasswd, sKerberosTicketCleanup, 402 sKerberosGetAFSToken, 403 sKerberosTgtPassing, sChallengeResponseAuthentication, 404 sPasswordAuthentication, sKbdInteractiveAuthentication, 405 sListenAddress, sAddressFamily, 406 sPrintMotd, sPrintLastLog, sIgnoreRhosts, 407 sX11Forwarding, sX11DisplayOffset, sX11UseLocalhost, 408 sPermitTTY, sStrictModes, sEmptyPasswd, sTCPKeepAlive, 409 sPermitUserEnvironment, sUseLogin, sAllowTcpForwarding, sCompression, 410 sRekeyLimit, sAllowUsers, sDenyUsers, sAllowGroups, sDenyGroups, 411 sIgnoreUserKnownHosts, sCiphers, sMacs, sProtocol, sPidFile, 412 sGatewayPorts, sPubkeyAuthentication, sPubkeyAcceptedKeyTypes, 413 sXAuthLocation, sSubsystem, sMaxStartups, sMaxAuthTries, sMaxSessions, 414 sBanner, sUseDNS, sHostbasedAuthentication, 415 sHostbasedUsesNameFromPacketOnly, sHostbasedAcceptedKeyTypes, 416 sHostKeyAlgorithms, 417 sClientAliveInterval, sClientAliveCountMax, sAuthorizedKeysFile, 418 sGssAuthentication, sGssCleanupCreds, sGssStrictAcceptor, 419 sAcceptEnv, sPermitTunnel, 420 sMatch, sPermitOpen, sForceCommand, sChrootDirectory, 421 sUsePrivilegeSeparation, sAllowAgentForwarding, 422 sHostCertificate, 423 sRevokedKeys, sTrustedUserCAKeys, sAuthorizedPrincipalsFile, 424 sAuthorizedPrincipalsCommand, sAuthorizedPrincipalsCommandUser, 425 sKexAlgorithms, sIPQoS, sVersionAddendum, 426 sAuthorizedKeysCommand, sAuthorizedKeysCommandUser, 427 sAuthenticationMethods, sHostKeyAgent, sPermitUserRC, 428 sStreamLocalBindMask, sStreamLocalBindUnlink, 429 sAllowStreamLocalForwarding, sFingerprintHash, 430 sDeprecated, sUnsupported 431 } ServerOpCodes; 432 433 #define SSHCFG_GLOBAL 0x01 /* allowed in main section of sshd_config */ 434 #define SSHCFG_MATCH 0x02 /* allowed inside a Match section */ 435 #define SSHCFG_ALL (SSHCFG_GLOBAL|SSHCFG_MATCH) 436 437 /* Textual representation of the tokens. */ 438 static struct { 439 const char *name; 440 ServerOpCodes opcode; 441 u_int flags; 442 } keywords[] = { 443 /* Portable-specific options */ 444 #ifdef USE_PAM 445 { "usepam", sUsePAM, SSHCFG_GLOBAL }, 446 #else 447 { "usepam", sUnsupported, SSHCFG_GLOBAL }, 448 #endif 449 { "pamauthenticationviakbdint", sDeprecated, SSHCFG_GLOBAL }, 450 /* Standard Options */ 451 { "port", sPort, SSHCFG_GLOBAL }, 452 { "hostkey", sHostKeyFile, SSHCFG_GLOBAL }, 453 { "hostdsakey", sHostKeyFile, SSHCFG_GLOBAL }, /* alias */ 454 { "hostkeyagent", sHostKeyAgent, SSHCFG_GLOBAL }, 455 { "pidfile", sPidFile, SSHCFG_GLOBAL }, 456 { "serverkeybits", sServerKeyBits, SSHCFG_GLOBAL }, 457 { "logingracetime", sLoginGraceTime, SSHCFG_GLOBAL }, 458 { "keyregenerationinterval", sKeyRegenerationTime, SSHCFG_GLOBAL }, 459 { "permitrootlogin", sPermitRootLogin, SSHCFG_ALL }, 460 { "syslogfacility", sLogFacility, SSHCFG_GLOBAL }, 461 { "loglevel", sLogLevel, SSHCFG_GLOBAL }, 462 { "rhostsauthentication", sDeprecated, SSHCFG_GLOBAL }, 463 { "rhostsrsaauthentication", sRhostsRSAAuthentication, SSHCFG_ALL }, 464 { "hostbasedauthentication", sHostbasedAuthentication, SSHCFG_ALL }, 465 { "hostbasedusesnamefrompacketonly", sHostbasedUsesNameFromPacketOnly, SSHCFG_ALL }, 466 { "hostbasedacceptedkeytypes", sHostbasedAcceptedKeyTypes, SSHCFG_ALL }, 467 { "hostkeyalgorithms", sHostKeyAlgorithms, SSHCFG_GLOBAL }, 468 { "rsaauthentication", sRSAAuthentication, SSHCFG_ALL }, 469 { "pubkeyauthentication", sPubkeyAuthentication, SSHCFG_ALL }, 470 { "pubkeyacceptedkeytypes", sPubkeyAcceptedKeyTypes, SSHCFG_ALL }, 471 { "dsaauthentication", sPubkeyAuthentication, SSHCFG_GLOBAL }, /* alias */ 472 #ifdef KRB5 473 { "kerberosauthentication", sKerberosAuthentication, SSHCFG_ALL }, 474 { "kerberosorlocalpasswd", sKerberosOrLocalPasswd, SSHCFG_GLOBAL }, 475 { "kerberosticketcleanup", sKerberosTicketCleanup, SSHCFG_GLOBAL }, 476 #ifdef USE_AFS 477 { "kerberosgetafstoken", sKerberosGetAFSToken, SSHCFG_GLOBAL }, 478 #else 479 { "kerberosgetafstoken", sUnsupported, SSHCFG_GLOBAL }, 480 #endif 481 #else 482 { "kerberosauthentication", sUnsupported, SSHCFG_ALL }, 483 { "kerberosorlocalpasswd", sUnsupported, SSHCFG_GLOBAL }, 484 { "kerberosticketcleanup", sUnsupported, SSHCFG_GLOBAL }, 485 { "kerberosgetafstoken", sUnsupported, SSHCFG_GLOBAL }, 486 #endif 487 { "kerberostgtpassing", sUnsupported, SSHCFG_GLOBAL }, 488 { "afstokenpassing", sUnsupported, SSHCFG_GLOBAL }, 489 #ifdef GSSAPI 490 { "gssapiauthentication", sGssAuthentication, SSHCFG_ALL }, 491 { "gssapicleanupcredentials", sGssCleanupCreds, SSHCFG_GLOBAL }, 492 { "gssapistrictacceptorcheck", sGssStrictAcceptor, SSHCFG_GLOBAL }, 493 #else 494 { "gssapiauthentication", sUnsupported, SSHCFG_ALL }, 495 { "gssapicleanupcredentials", sUnsupported, SSHCFG_GLOBAL }, 496 { "gssapistrictacceptorcheck", sUnsupported, SSHCFG_GLOBAL }, 497 #endif 498 { "passwordauthentication", sPasswordAuthentication, SSHCFG_ALL }, 499 { "kbdinteractiveauthentication", sKbdInteractiveAuthentication, SSHCFG_ALL }, 500 { "challengeresponseauthentication", sChallengeResponseAuthentication, SSHCFG_GLOBAL }, 501 { "skeyauthentication", sChallengeResponseAuthentication, SSHCFG_GLOBAL }, /* alias */ 502 { "checkmail", sDeprecated, SSHCFG_GLOBAL }, 503 { "listenaddress", sListenAddress, SSHCFG_GLOBAL }, 504 { "addressfamily", sAddressFamily, SSHCFG_GLOBAL }, 505 { "printmotd", sPrintMotd, SSHCFG_GLOBAL }, 506 { "printlastlog", sPrintLastLog, SSHCFG_GLOBAL }, 507 { "ignorerhosts", sIgnoreRhosts, SSHCFG_GLOBAL }, 508 { "ignoreuserknownhosts", sIgnoreUserKnownHosts, SSHCFG_GLOBAL }, 509 { "x11forwarding", sX11Forwarding, SSHCFG_ALL }, 510 { "x11displayoffset", sX11DisplayOffset, SSHCFG_ALL }, 511 { "x11uselocalhost", sX11UseLocalhost, SSHCFG_ALL }, 512 { "xauthlocation", sXAuthLocation, SSHCFG_GLOBAL }, 513 { "strictmodes", sStrictModes, SSHCFG_GLOBAL }, 514 { "permitemptypasswords", sEmptyPasswd, SSHCFG_ALL }, 515 { "permituserenvironment", sPermitUserEnvironment, SSHCFG_GLOBAL }, 516 { "uselogin", sUseLogin, SSHCFG_GLOBAL }, 517 { "compression", sCompression, SSHCFG_GLOBAL }, 518 { "rekeylimit", sRekeyLimit, SSHCFG_ALL }, 519 { "tcpkeepalive", sTCPKeepAlive, SSHCFG_GLOBAL }, 520 { "keepalive", sTCPKeepAlive, SSHCFG_GLOBAL }, /* obsolete alias */ 521 { "allowtcpforwarding", sAllowTcpForwarding, SSHCFG_ALL }, 522 { "allowagentforwarding", sAllowAgentForwarding, SSHCFG_ALL }, 523 { "allowusers", sAllowUsers, SSHCFG_ALL }, 524 { "denyusers", sDenyUsers, SSHCFG_ALL }, 525 { "allowgroups", sAllowGroups, SSHCFG_ALL }, 526 { "denygroups", sDenyGroups, SSHCFG_ALL }, 527 { "ciphers", sCiphers, SSHCFG_GLOBAL }, 528 { "macs", sMacs, SSHCFG_GLOBAL }, 529 { "protocol", sProtocol, SSHCFG_GLOBAL }, 530 { "gatewayports", sGatewayPorts, SSHCFG_ALL }, 531 { "subsystem", sSubsystem, SSHCFG_GLOBAL }, 532 { "maxstartups", sMaxStartups, SSHCFG_GLOBAL }, 533 { "maxauthtries", sMaxAuthTries, SSHCFG_ALL }, 534 { "maxsessions", sMaxSessions, SSHCFG_ALL }, 535 { "banner", sBanner, SSHCFG_ALL }, 536 { "usedns", sUseDNS, SSHCFG_GLOBAL }, 537 { "verifyreversemapping", sDeprecated, SSHCFG_GLOBAL }, 538 { "reversemappingcheck", sDeprecated, SSHCFG_GLOBAL }, 539 { "clientaliveinterval", sClientAliveInterval, SSHCFG_GLOBAL }, 540 { "clientalivecountmax", sClientAliveCountMax, SSHCFG_GLOBAL }, 541 { "authorizedkeysfile", sAuthorizedKeysFile, SSHCFG_ALL }, 542 { "authorizedkeysfile2", sDeprecated, SSHCFG_ALL }, 543 { "useprivilegeseparation", sUsePrivilegeSeparation, SSHCFG_GLOBAL}, 544 { "acceptenv", sAcceptEnv, SSHCFG_ALL }, 545 { "permittunnel", sPermitTunnel, SSHCFG_ALL }, 546 { "permittty", sPermitTTY, SSHCFG_ALL }, 547 { "permituserrc", sPermitUserRC, SSHCFG_ALL }, 548 { "match", sMatch, SSHCFG_ALL }, 549 { "permitopen", sPermitOpen, SSHCFG_ALL }, 550 { "forcecommand", sForceCommand, SSHCFG_ALL }, 551 { "chrootdirectory", sChrootDirectory, SSHCFG_ALL }, 552 { "hostcertificate", sHostCertificate, SSHCFG_GLOBAL }, 553 { "revokedkeys", sRevokedKeys, SSHCFG_ALL }, 554 { "trustedusercakeys", sTrustedUserCAKeys, SSHCFG_ALL }, 555 { "authorizedprincipalsfile", sAuthorizedPrincipalsFile, SSHCFG_ALL }, 556 { "kexalgorithms", sKexAlgorithms, SSHCFG_GLOBAL }, 557 { "ipqos", sIPQoS, SSHCFG_ALL }, 558 { "authorizedkeyscommand", sAuthorizedKeysCommand, SSHCFG_ALL }, 559 { "authorizedkeyscommanduser", sAuthorizedKeysCommandUser, SSHCFG_ALL }, 560 { "authorizedprincipalscommand", sAuthorizedPrincipalsCommand, SSHCFG_ALL }, 561 { "authorizedprincipalscommanduser", sAuthorizedPrincipalsCommandUser, SSHCFG_ALL }, 562 { "versionaddendum", sVersionAddendum, SSHCFG_GLOBAL }, 563 { "authenticationmethods", sAuthenticationMethods, SSHCFG_ALL }, 564 { "streamlocalbindmask", sStreamLocalBindMask, SSHCFG_ALL }, 565 { "streamlocalbindunlink", sStreamLocalBindUnlink, SSHCFG_ALL }, 566 { "allowstreamlocalforwarding", sAllowStreamLocalForwarding, SSHCFG_ALL }, 567 { "fingerprinthash", sFingerprintHash, SSHCFG_GLOBAL }, 568 { "hpndisabled", sDeprecated, SSHCFG_ALL }, 569 { "hpnbuffersize", sDeprecated, SSHCFG_ALL }, 570 { "tcprcvbufpoll", sDeprecated, SSHCFG_ALL }, 571 { NULL, sBadOption, 0 } 572 }; 573 574 static struct { 575 int val; 576 char *text; 577 } tunmode_desc[] = { 578 { SSH_TUNMODE_NO, "no" }, 579 { SSH_TUNMODE_POINTOPOINT, "point-to-point" }, 580 { SSH_TUNMODE_ETHERNET, "ethernet" }, 581 { SSH_TUNMODE_YES, "yes" }, 582 { -1, NULL } 583 }; 584 585 /* 586 * Returns the number of the token pointed to by cp or sBadOption. 587 */ 588 589 static ServerOpCodes 590 parse_token(const char *cp, const char *filename, 591 int linenum, u_int *flags) 592 { 593 u_int i; 594 595 for (i = 0; keywords[i].name; i++) 596 if (strcasecmp(cp, keywords[i].name) == 0) { 597 *flags = keywords[i].flags; 598 return keywords[i].opcode; 599 } 600 601 error("%s: line %d: Bad configuration option: %s", 602 filename, linenum, cp); 603 return sBadOption; 604 } 605 606 char * 607 derelativise_path(const char *path) 608 { 609 char *expanded, *ret, cwd[PATH_MAX]; 610 611 if (strcasecmp(path, "none") == 0) 612 return xstrdup("none"); 613 expanded = tilde_expand_filename(path, getuid()); 614 if (*expanded == '/') 615 return expanded; 616 if (getcwd(cwd, sizeof(cwd)) == NULL) 617 fatal("%s: getcwd: %s", __func__, strerror(errno)); 618 xasprintf(&ret, "%s/%s", cwd, expanded); 619 free(expanded); 620 return ret; 621 } 622 623 static void 624 add_listen_addr(ServerOptions *options, char *addr, int port) 625 { 626 u_int i; 627 628 if (port == 0) 629 for (i = 0; i < options->num_ports; i++) 630 add_one_listen_addr(options, addr, options->ports[i]); 631 else 632 add_one_listen_addr(options, addr, port); 633 } 634 635 static void 636 add_one_listen_addr(ServerOptions *options, char *addr, int port) 637 { 638 struct addrinfo hints, *ai, *aitop; 639 char strport[NI_MAXSERV]; 640 int gaierr; 641 642 memset(&hints, 0, sizeof(hints)); 643 hints.ai_family = options->address_family; 644 hints.ai_socktype = SOCK_STREAM; 645 hints.ai_flags = (addr == NULL) ? AI_PASSIVE : 0; 646 snprintf(strport, sizeof strport, "%d", port); 647 if ((gaierr = getaddrinfo(addr, strport, &hints, &aitop)) != 0) 648 fatal("bad addr or host: %s (%s)", 649 addr ? addr : "<NULL>", 650 ssh_gai_strerror(gaierr)); 651 for (ai = aitop; ai->ai_next; ai = ai->ai_next) 652 ; 653 ai->ai_next = options->listen_addrs; 654 options->listen_addrs = aitop; 655 } 656 657 /* 658 * Queue a ListenAddress to be processed once we have all of the Ports 659 * and AddressFamily options. 660 */ 661 static void 662 queue_listen_addr(ServerOptions *options, char *addr, int port) 663 { 664 options->queued_listen_addrs = xreallocarray( 665 options->queued_listen_addrs, options->num_queued_listens + 1, 666 sizeof(addr)); 667 options->queued_listen_ports = xreallocarray( 668 options->queued_listen_ports, options->num_queued_listens + 1, 669 sizeof(port)); 670 options->queued_listen_addrs[options->num_queued_listens] = 671 xstrdup(addr); 672 options->queued_listen_ports[options->num_queued_listens] = port; 673 options->num_queued_listens++; 674 } 675 676 /* 677 * Process queued (text) ListenAddress entries. 678 */ 679 static void 680 process_queued_listen_addrs(ServerOptions *options) 681 { 682 u_int i; 683 684 if (options->num_ports == 0) 685 options->ports[options->num_ports++] = SSH_DEFAULT_PORT; 686 if (options->address_family == -1) 687 options->address_family = AF_UNSPEC; 688 689 for (i = 0; i < options->num_queued_listens; i++) { 690 add_listen_addr(options, options->queued_listen_addrs[i], 691 options->queued_listen_ports[i]); 692 free(options->queued_listen_addrs[i]); 693 options->queued_listen_addrs[i] = NULL; 694 } 695 free(options->queued_listen_addrs); 696 options->queued_listen_addrs = NULL; 697 free(options->queued_listen_ports); 698 options->queued_listen_ports = NULL; 699 options->num_queued_listens = 0; 700 } 701 702 struct connection_info * 703 get_connection_info(int populate, int use_dns) 704 { 705 static struct connection_info ci; 706 707 if (!populate) 708 return &ci; 709 ci.host = get_canonical_hostname(use_dns); 710 ci.address = get_remote_ipaddr(); 711 ci.laddress = get_local_ipaddr(packet_get_connection_in()); 712 ci.lport = get_local_port(); 713 return &ci; 714 } 715 716 /* 717 * The strategy for the Match blocks is that the config file is parsed twice. 718 * 719 * The first time is at startup. activep is initialized to 1 and the 720 * directives in the global context are processed and acted on. Hitting a 721 * Match directive unsets activep and the directives inside the block are 722 * checked for syntax only. 723 * 724 * The second time is after a connection has been established but before 725 * authentication. activep is initialized to 2 and global config directives 726 * are ignored since they have already been processed. If the criteria in a 727 * Match block is met, activep is set and the subsequent directives 728 * processed and actioned until EOF or another Match block unsets it. Any 729 * options set are copied into the main server config. 730 * 731 * Potential additions/improvements: 732 * - Add Match support for pre-kex directives, eg Protocol, Ciphers. 733 * 734 * - Add a Tag directive (idea from David Leonard) ala pf, eg: 735 * Match Address 192.168.0.* 736 * Tag trusted 737 * Match Group wheel 738 * Tag trusted 739 * Match Tag trusted 740 * AllowTcpForwarding yes 741 * GatewayPorts clientspecified 742 * [...] 743 * 744 * - Add a PermittedChannelRequests directive 745 * Match Group shell 746 * PermittedChannelRequests session,forwarded-tcpip 747 */ 748 749 static int 750 match_cfg_line_group(const char *grps, int line, const char *user) 751 { 752 int result = 0; 753 struct passwd *pw; 754 755 if (user == NULL) 756 goto out; 757 758 if ((pw = getpwnam(user)) == NULL) { 759 debug("Can't match group at line %d because user %.100s does " 760 "not exist", line, user); 761 } else if (ga_init(pw->pw_name, pw->pw_gid) == 0) { 762 debug("Can't Match group because user %.100s not in any group " 763 "at line %d", user, line); 764 } else if (ga_match_pattern_list(grps) != 1) { 765 debug("user %.100s does not match group list %.100s at line %d", 766 user, grps, line); 767 } else { 768 debug("user %.100s matched group list %.100s at line %d", user, 769 grps, line); 770 result = 1; 771 } 772 out: 773 ga_free(); 774 return result; 775 } 776 777 /* 778 * All of the attributes on a single Match line are ANDed together, so we need 779 * to check every attribute and set the result to zero if any attribute does 780 * not match. 781 */ 782 static int 783 match_cfg_line(char **condition, int line, struct connection_info *ci) 784 { 785 int result = 1, attributes = 0, port; 786 char *arg, *attrib, *cp = *condition; 787 788 if (ci == NULL) 789 debug3("checking syntax for 'Match %s'", cp); 790 else 791 debug3("checking match for '%s' user %s host %s addr %s " 792 "laddr %s lport %d", cp, ci->user ? ci->user : "(null)", 793 ci->host ? ci->host : "(null)", 794 ci->address ? ci->address : "(null)", 795 ci->laddress ? ci->laddress : "(null)", ci->lport); 796 797 while ((attrib = strdelim(&cp)) && *attrib != '\0') { 798 attributes++; 799 if (strcasecmp(attrib, "all") == 0) { 800 if (attributes != 1 || 801 ((arg = strdelim(&cp)) != NULL && *arg != '\0')) { 802 error("'all' cannot be combined with other " 803 "Match attributes"); 804 return -1; 805 } 806 *condition = cp; 807 return 1; 808 } 809 if ((arg = strdelim(&cp)) == NULL || *arg == '\0') { 810 error("Missing Match criteria for %s", attrib); 811 return -1; 812 } 813 if (strcasecmp(attrib, "user") == 0) { 814 if (ci == NULL || ci->user == NULL) { 815 result = 0; 816 continue; 817 } 818 if (match_pattern_list(ci->user, arg, 0) != 1) 819 result = 0; 820 else 821 debug("user %.100s matched 'User %.100s' at " 822 "line %d", ci->user, arg, line); 823 } else if (strcasecmp(attrib, "group") == 0) { 824 if (ci == NULL || ci->user == NULL) { 825 result = 0; 826 continue; 827 } 828 switch (match_cfg_line_group(arg, line, ci->user)) { 829 case -1: 830 return -1; 831 case 0: 832 result = 0; 833 } 834 } else if (strcasecmp(attrib, "host") == 0) { 835 if (ci == NULL || ci->host == NULL) { 836 result = 0; 837 continue; 838 } 839 if (match_hostname(ci->host, arg) != 1) 840 result = 0; 841 else 842 debug("connection from %.100s matched 'Host " 843 "%.100s' at line %d", ci->host, arg, line); 844 } else if (strcasecmp(attrib, "address") == 0) { 845 if (ci == NULL || ci->address == NULL) { 846 result = 0; 847 continue; 848 } 849 switch (addr_match_list(ci->address, arg)) { 850 case 1: 851 debug("connection from %.100s matched 'Address " 852 "%.100s' at line %d", ci->address, arg, line); 853 break; 854 case 0: 855 case -1: 856 result = 0; 857 break; 858 case -2: 859 return -1; 860 } 861 } else if (strcasecmp(attrib, "localaddress") == 0){ 862 if (ci == NULL || ci->laddress == NULL) { 863 result = 0; 864 continue; 865 } 866 switch (addr_match_list(ci->laddress, arg)) { 867 case 1: 868 debug("connection from %.100s matched " 869 "'LocalAddress %.100s' at line %d", 870 ci->laddress, arg, line); 871 break; 872 case 0: 873 case -1: 874 result = 0; 875 break; 876 case -2: 877 return -1; 878 } 879 } else if (strcasecmp(attrib, "localport") == 0) { 880 if ((port = a2port(arg)) == -1) { 881 error("Invalid LocalPort '%s' on Match line", 882 arg); 883 return -1; 884 } 885 if (ci == NULL || ci->lport == 0) { 886 result = 0; 887 continue; 888 } 889 /* TODO support port lists */ 890 if (port == ci->lport) 891 debug("connection from %.100s matched " 892 "'LocalPort %d' at line %d", 893 ci->laddress, port, line); 894 else 895 result = 0; 896 } else { 897 error("Unsupported Match attribute %s", attrib); 898 return -1; 899 } 900 } 901 if (attributes == 0) { 902 error("One or more attributes required for Match"); 903 return -1; 904 } 905 if (ci != NULL) 906 debug3("match %sfound", result ? "" : "not "); 907 *condition = cp; 908 return result; 909 } 910 911 #define WHITESPACE " \t\r\n" 912 913 /* Multistate option parsing */ 914 struct multistate { 915 char *key; 916 int value; 917 }; 918 static const struct multistate multistate_addressfamily[] = { 919 { "inet", AF_INET }, 920 { "inet6", AF_INET6 }, 921 { "any", AF_UNSPEC }, 922 { NULL, -1 } 923 }; 924 static const struct multistate multistate_permitrootlogin[] = { 925 { "without-password", PERMIT_NO_PASSWD }, 926 { "prohibit-password", PERMIT_NO_PASSWD }, 927 { "forced-commands-only", PERMIT_FORCED_ONLY }, 928 { "yes", PERMIT_YES }, 929 { "no", PERMIT_NO }, 930 { NULL, -1 } 931 }; 932 static const struct multistate multistate_compression[] = { 933 { "delayed", COMP_DELAYED }, 934 { "yes", COMP_ZLIB }, 935 { "no", COMP_NONE }, 936 { NULL, -1 } 937 }; 938 static const struct multistate multistate_gatewayports[] = { 939 { "clientspecified", 2 }, 940 { "yes", 1 }, 941 { "no", 0 }, 942 { NULL, -1 } 943 }; 944 static const struct multistate multistate_privsep[] = { 945 { "yes", PRIVSEP_NOSANDBOX }, 946 { "sandbox", PRIVSEP_ON }, 947 { "nosandbox", PRIVSEP_NOSANDBOX }, 948 { "no", PRIVSEP_OFF }, 949 { NULL, -1 } 950 }; 951 static const struct multistate multistate_tcpfwd[] = { 952 { "yes", FORWARD_ALLOW }, 953 { "all", FORWARD_ALLOW }, 954 { "no", FORWARD_DENY }, 955 { "remote", FORWARD_REMOTE }, 956 { "local", FORWARD_LOCAL }, 957 { NULL, -1 } 958 }; 959 960 int 961 process_server_config_line(ServerOptions *options, char *line, 962 const char *filename, int linenum, int *activep, 963 struct connection_info *connectinfo) 964 { 965 char *cp, **charptr, *arg, *p; 966 int cmdline = 0, *intptr, value, value2, n, port; 967 SyslogFacility *log_facility_ptr; 968 LogLevel *log_level_ptr; 969 ServerOpCodes opcode; 970 u_int i, flags = 0; 971 size_t len; 972 long long val64; 973 const struct multistate *multistate_ptr; 974 975 cp = line; 976 if ((arg = strdelim(&cp)) == NULL) 977 return 0; 978 /* Ignore leading whitespace */ 979 if (*arg == '\0') 980 arg = strdelim(&cp); 981 if (!arg || !*arg || *arg == '#') 982 return 0; 983 intptr = NULL; 984 charptr = NULL; 985 opcode = parse_token(arg, filename, linenum, &flags); 986 987 if (activep == NULL) { /* We are processing a command line directive */ 988 cmdline = 1; 989 activep = &cmdline; 990 } 991 if (*activep && opcode != sMatch) 992 debug3("%s:%d setting %s %s", filename, linenum, arg, cp); 993 if (*activep == 0 && !(flags & SSHCFG_MATCH)) { 994 if (connectinfo == NULL) { 995 fatal("%s line %d: Directive '%s' is not allowed " 996 "within a Match block", filename, linenum, arg); 997 } else { /* this is a directive we have already processed */ 998 while (arg) 999 arg = strdelim(&cp); 1000 return 0; 1001 } 1002 } 1003 1004 switch (opcode) { 1005 /* Portable-specific options */ 1006 case sUsePAM: 1007 intptr = &options->use_pam; 1008 goto parse_flag; 1009 1010 /* Standard Options */ 1011 case sBadOption: 1012 return -1; 1013 case sPort: 1014 /* ignore ports from configfile if cmdline specifies ports */ 1015 if (options->ports_from_cmdline) 1016 return 0; 1017 if (options->num_ports >= MAX_PORTS) 1018 fatal("%s line %d: too many ports.", 1019 filename, linenum); 1020 arg = strdelim(&cp); 1021 if (!arg || *arg == '\0') 1022 fatal("%s line %d: missing port number.", 1023 filename, linenum); 1024 options->ports[options->num_ports++] = a2port(arg); 1025 if (options->ports[options->num_ports-1] <= 0) 1026 fatal("%s line %d: Badly formatted port number.", 1027 filename, linenum); 1028 break; 1029 1030 case sServerKeyBits: 1031 intptr = &options->server_key_bits; 1032 parse_int: 1033 arg = strdelim(&cp); 1034 if (!arg || *arg == '\0') 1035 fatal("%s line %d: missing integer value.", 1036 filename, linenum); 1037 value = atoi(arg); 1038 if (*activep && *intptr == -1) 1039 *intptr = value; 1040 break; 1041 1042 case sLoginGraceTime: 1043 intptr = &options->login_grace_time; 1044 parse_time: 1045 arg = strdelim(&cp); 1046 if (!arg || *arg == '\0') 1047 fatal("%s line %d: missing time value.", 1048 filename, linenum); 1049 if ((value = convtime(arg)) == -1) 1050 fatal("%s line %d: invalid time value.", 1051 filename, linenum); 1052 if (*activep && *intptr == -1) 1053 *intptr = value; 1054 break; 1055 1056 case sKeyRegenerationTime: 1057 intptr = &options->key_regeneration_time; 1058 goto parse_time; 1059 1060 case sListenAddress: 1061 arg = strdelim(&cp); 1062 if (arg == NULL || *arg == '\0') 1063 fatal("%s line %d: missing address", 1064 filename, linenum); 1065 /* check for bare IPv6 address: no "[]" and 2 or more ":" */ 1066 if (strchr(arg, '[') == NULL && (p = strchr(arg, ':')) != NULL 1067 && strchr(p+1, ':') != NULL) { 1068 queue_listen_addr(options, arg, 0); 1069 break; 1070 } 1071 p = hpdelim(&arg); 1072 if (p == NULL) 1073 fatal("%s line %d: bad address:port usage", 1074 filename, linenum); 1075 p = cleanhostname(p); 1076 if (arg == NULL) 1077 port = 0; 1078 else if ((port = a2port(arg)) <= 0) 1079 fatal("%s line %d: bad port number", filename, linenum); 1080 1081 queue_listen_addr(options, p, port); 1082 1083 break; 1084 1085 case sAddressFamily: 1086 intptr = &options->address_family; 1087 multistate_ptr = multistate_addressfamily; 1088 parse_multistate: 1089 arg = strdelim(&cp); 1090 if (!arg || *arg == '\0') 1091 fatal("%s line %d: missing argument.", 1092 filename, linenum); 1093 value = -1; 1094 for (i = 0; multistate_ptr[i].key != NULL; i++) { 1095 if (strcasecmp(arg, multistate_ptr[i].key) == 0) { 1096 value = multistate_ptr[i].value; 1097 break; 1098 } 1099 } 1100 if (value == -1) 1101 fatal("%s line %d: unsupported option \"%s\".", 1102 filename, linenum, arg); 1103 if (*activep && *intptr == -1) 1104 *intptr = value; 1105 break; 1106 1107 case sHostKeyFile: 1108 intptr = &options->num_host_key_files; 1109 if (*intptr >= MAX_HOSTKEYS) 1110 fatal("%s line %d: too many host keys specified (max %d).", 1111 filename, linenum, MAX_HOSTKEYS); 1112 charptr = &options->host_key_files[*intptr]; 1113 parse_filename: 1114 arg = strdelim(&cp); 1115 if (!arg || *arg == '\0') 1116 fatal("%s line %d: missing file name.", 1117 filename, linenum); 1118 if (*activep && *charptr == NULL) { 1119 *charptr = derelativise_path(arg); 1120 /* increase optional counter */ 1121 if (intptr != NULL) 1122 *intptr = *intptr + 1; 1123 } 1124 break; 1125 1126 case sHostKeyAgent: 1127 charptr = &options->host_key_agent; 1128 arg = strdelim(&cp); 1129 if (!arg || *arg == '\0') 1130 fatal("%s line %d: missing socket name.", 1131 filename, linenum); 1132 if (*activep && *charptr == NULL) 1133 *charptr = !strcmp(arg, SSH_AUTHSOCKET_ENV_NAME) ? 1134 xstrdup(arg) : derelativise_path(arg); 1135 break; 1136 1137 case sHostCertificate: 1138 intptr = &options->num_host_cert_files; 1139 if (*intptr >= MAX_HOSTKEYS) 1140 fatal("%s line %d: too many host certificates " 1141 "specified (max %d).", filename, linenum, 1142 MAX_HOSTCERTS); 1143 charptr = &options->host_cert_files[*intptr]; 1144 goto parse_filename; 1145 break; 1146 1147 case sPidFile: 1148 charptr = &options->pid_file; 1149 goto parse_filename; 1150 1151 case sPermitRootLogin: 1152 intptr = &options->permit_root_login; 1153 multistate_ptr = multistate_permitrootlogin; 1154 goto parse_multistate; 1155 1156 case sIgnoreRhosts: 1157 intptr = &options->ignore_rhosts; 1158 parse_flag: 1159 arg = strdelim(&cp); 1160 if (!arg || *arg == '\0') 1161 fatal("%s line %d: missing yes/no argument.", 1162 filename, linenum); 1163 value = 0; /* silence compiler */ 1164 if (strcmp(arg, "yes") == 0) 1165 value = 1; 1166 else if (strcmp(arg, "no") == 0) 1167 value = 0; 1168 else 1169 fatal("%s line %d: Bad yes/no argument: %s", 1170 filename, linenum, arg); 1171 if (*activep && *intptr == -1) 1172 *intptr = value; 1173 break; 1174 1175 case sIgnoreUserKnownHosts: 1176 intptr = &options->ignore_user_known_hosts; 1177 goto parse_flag; 1178 1179 case sRhostsRSAAuthentication: 1180 intptr = &options->rhosts_rsa_authentication; 1181 goto parse_flag; 1182 1183 case sHostbasedAuthentication: 1184 intptr = &options->hostbased_authentication; 1185 goto parse_flag; 1186 1187 case sHostbasedUsesNameFromPacketOnly: 1188 intptr = &options->hostbased_uses_name_from_packet_only; 1189 goto parse_flag; 1190 1191 case sHostbasedAcceptedKeyTypes: 1192 charptr = &options->hostbased_key_types; 1193 parse_keytypes: 1194 arg = strdelim(&cp); 1195 if (!arg || *arg == '\0') 1196 fatal("%s line %d: Missing argument.", 1197 filename, linenum); 1198 if (!sshkey_names_valid2(*arg == '+' ? arg + 1 : arg, 1)) 1199 fatal("%s line %d: Bad key types '%s'.", 1200 filename, linenum, arg ? arg : "<NONE>"); 1201 if (*activep && *charptr == NULL) 1202 *charptr = xstrdup(arg); 1203 break; 1204 1205 case sHostKeyAlgorithms: 1206 charptr = &options->hostkeyalgorithms; 1207 goto parse_keytypes; 1208 1209 case sRSAAuthentication: 1210 intptr = &options->rsa_authentication; 1211 goto parse_flag; 1212 1213 case sPubkeyAuthentication: 1214 intptr = &options->pubkey_authentication; 1215 goto parse_flag; 1216 1217 case sPubkeyAcceptedKeyTypes: 1218 charptr = &options->pubkey_key_types; 1219 goto parse_keytypes; 1220 1221 case sKerberosAuthentication: 1222 intptr = &options->kerberos_authentication; 1223 goto parse_flag; 1224 1225 case sKerberosOrLocalPasswd: 1226 intptr = &options->kerberos_or_local_passwd; 1227 goto parse_flag; 1228 1229 case sKerberosTicketCleanup: 1230 intptr = &options->kerberos_ticket_cleanup; 1231 goto parse_flag; 1232 1233 case sKerberosGetAFSToken: 1234 intptr = &options->kerberos_get_afs_token; 1235 goto parse_flag; 1236 1237 case sGssAuthentication: 1238 intptr = &options->gss_authentication; 1239 goto parse_flag; 1240 1241 case sGssCleanupCreds: 1242 intptr = &options->gss_cleanup_creds; 1243 goto parse_flag; 1244 1245 case sGssStrictAcceptor: 1246 intptr = &options->gss_strict_acceptor; 1247 goto parse_flag; 1248 1249 case sPasswordAuthentication: 1250 intptr = &options->password_authentication; 1251 goto parse_flag; 1252 1253 case sKbdInteractiveAuthentication: 1254 intptr = &options->kbd_interactive_authentication; 1255 goto parse_flag; 1256 1257 case sChallengeResponseAuthentication: 1258 intptr = &options->challenge_response_authentication; 1259 goto parse_flag; 1260 1261 case sPrintMotd: 1262 intptr = &options->print_motd; 1263 goto parse_flag; 1264 1265 case sPrintLastLog: 1266 intptr = &options->print_lastlog; 1267 goto parse_flag; 1268 1269 case sX11Forwarding: 1270 intptr = &options->x11_forwarding; 1271 goto parse_flag; 1272 1273 case sX11DisplayOffset: 1274 intptr = &options->x11_display_offset; 1275 goto parse_int; 1276 1277 case sX11UseLocalhost: 1278 intptr = &options->x11_use_localhost; 1279 goto parse_flag; 1280 1281 case sXAuthLocation: 1282 charptr = &options->xauth_location; 1283 goto parse_filename; 1284 1285 case sPermitTTY: 1286 intptr = &options->permit_tty; 1287 goto parse_flag; 1288 1289 case sPermitUserRC: 1290 intptr = &options->permit_user_rc; 1291 goto parse_flag; 1292 1293 case sStrictModes: 1294 intptr = &options->strict_modes; 1295 goto parse_flag; 1296 1297 case sTCPKeepAlive: 1298 intptr = &options->tcp_keep_alive; 1299 goto parse_flag; 1300 1301 case sEmptyPasswd: 1302 intptr = &options->permit_empty_passwd; 1303 goto parse_flag; 1304 1305 case sPermitUserEnvironment: 1306 intptr = &options->permit_user_env; 1307 goto parse_flag; 1308 1309 case sUseLogin: 1310 intptr = &options->use_login; 1311 goto parse_flag; 1312 1313 case sCompression: 1314 intptr = &options->compression; 1315 multistate_ptr = multistate_compression; 1316 goto parse_multistate; 1317 1318 case sRekeyLimit: 1319 arg = strdelim(&cp); 1320 if (!arg || *arg == '\0') 1321 fatal("%.200s line %d: Missing argument.", filename, 1322 linenum); 1323 if (strcmp(arg, "default") == 0) { 1324 val64 = 0; 1325 } else { 1326 if (scan_scaled(arg, &val64) == -1) 1327 fatal("%.200s line %d: Bad number '%s': %s", 1328 filename, linenum, arg, strerror(errno)); 1329 /* check for too-large or too-small limits */ 1330 if (val64 > UINT_MAX) 1331 fatal("%.200s line %d: RekeyLimit too large", 1332 filename, linenum); 1333 if (val64 != 0 && val64 < 16) 1334 fatal("%.200s line %d: RekeyLimit too small", 1335 filename, linenum); 1336 } 1337 if (*activep && options->rekey_limit == -1) 1338 options->rekey_limit = (u_int32_t)val64; 1339 if (cp != NULL) { /* optional rekey interval present */ 1340 if (strcmp(cp, "none") == 0) { 1341 (void)strdelim(&cp); /* discard */ 1342 break; 1343 } 1344 intptr = &options->rekey_interval; 1345 goto parse_time; 1346 } 1347 break; 1348 1349 case sGatewayPorts: 1350 intptr = &options->fwd_opts.gateway_ports; 1351 multistate_ptr = multistate_gatewayports; 1352 goto parse_multistate; 1353 1354 case sUseDNS: 1355 intptr = &options->use_dns; 1356 goto parse_flag; 1357 1358 case sLogFacility: 1359 log_facility_ptr = &options->log_facility; 1360 arg = strdelim(&cp); 1361 value = log_facility_number(arg); 1362 if (value == SYSLOG_FACILITY_NOT_SET) 1363 fatal("%.200s line %d: unsupported log facility '%s'", 1364 filename, linenum, arg ? arg : "<NONE>"); 1365 if (*log_facility_ptr == -1) 1366 *log_facility_ptr = (SyslogFacility) value; 1367 break; 1368 1369 case sLogLevel: 1370 log_level_ptr = &options->log_level; 1371 arg = strdelim(&cp); 1372 value = log_level_number(arg); 1373 if (value == SYSLOG_LEVEL_NOT_SET) 1374 fatal("%.200s line %d: unsupported log level '%s'", 1375 filename, linenum, arg ? arg : "<NONE>"); 1376 if (*log_level_ptr == -1) 1377 *log_level_ptr = (LogLevel) value; 1378 break; 1379 1380 case sAllowTcpForwarding: 1381 intptr = &options->allow_tcp_forwarding; 1382 multistate_ptr = multistate_tcpfwd; 1383 goto parse_multistate; 1384 1385 case sAllowStreamLocalForwarding: 1386 intptr = &options->allow_streamlocal_forwarding; 1387 multistate_ptr = multistate_tcpfwd; 1388 goto parse_multistate; 1389 1390 case sAllowAgentForwarding: 1391 intptr = &options->allow_agent_forwarding; 1392 goto parse_flag; 1393 1394 case sUsePrivilegeSeparation: 1395 intptr = &use_privsep; 1396 multistate_ptr = multistate_privsep; 1397 goto parse_multistate; 1398 1399 case sAllowUsers: 1400 while ((arg = strdelim(&cp)) && *arg != '\0') { 1401 if (options->num_allow_users >= MAX_ALLOW_USERS) 1402 fatal("%s line %d: too many allow users.", 1403 filename, linenum); 1404 if (!*activep) 1405 continue; 1406 options->allow_users[options->num_allow_users++] = 1407 xstrdup(arg); 1408 } 1409 break; 1410 1411 case sDenyUsers: 1412 while ((arg = strdelim(&cp)) && *arg != '\0') { 1413 if (options->num_deny_users >= MAX_DENY_USERS) 1414 fatal("%s line %d: too many deny users.", 1415 filename, linenum); 1416 if (!*activep) 1417 continue; 1418 options->deny_users[options->num_deny_users++] = 1419 xstrdup(arg); 1420 } 1421 break; 1422 1423 case sAllowGroups: 1424 while ((arg = strdelim(&cp)) && *arg != '\0') { 1425 if (options->num_allow_groups >= MAX_ALLOW_GROUPS) 1426 fatal("%s line %d: too many allow groups.", 1427 filename, linenum); 1428 if (!*activep) 1429 continue; 1430 options->allow_groups[options->num_allow_groups++] = 1431 xstrdup(arg); 1432 } 1433 break; 1434 1435 case sDenyGroups: 1436 while ((arg = strdelim(&cp)) && *arg != '\0') { 1437 if (options->num_deny_groups >= MAX_DENY_GROUPS) 1438 fatal("%s line %d: too many deny groups.", 1439 filename, linenum); 1440 if (!*activep) 1441 continue; 1442 options->deny_groups[options->num_deny_groups++] = 1443 xstrdup(arg); 1444 } 1445 break; 1446 1447 case sCiphers: 1448 arg = strdelim(&cp); 1449 if (!arg || *arg == '\0') 1450 fatal("%s line %d: Missing argument.", filename, linenum); 1451 if (!ciphers_valid(*arg == '+' ? arg + 1 : arg)) 1452 fatal("%s line %d: Bad SSH2 cipher spec '%s'.", 1453 filename, linenum, arg ? arg : "<NONE>"); 1454 if (options->ciphers == NULL) 1455 options->ciphers = xstrdup(arg); 1456 break; 1457 1458 case sMacs: 1459 arg = strdelim(&cp); 1460 if (!arg || *arg == '\0') 1461 fatal("%s line %d: Missing argument.", filename, linenum); 1462 if (!mac_valid(*arg == '+' ? arg + 1 : arg)) 1463 fatal("%s line %d: Bad SSH2 mac spec '%s'.", 1464 filename, linenum, arg ? arg : "<NONE>"); 1465 if (options->macs == NULL) 1466 options->macs = xstrdup(arg); 1467 break; 1468 1469 case sKexAlgorithms: 1470 arg = strdelim(&cp); 1471 if (!arg || *arg == '\0') 1472 fatal("%s line %d: Missing argument.", 1473 filename, linenum); 1474 if (!kex_names_valid(*arg == '+' ? arg + 1 : arg)) 1475 fatal("%s line %d: Bad SSH2 KexAlgorithms '%s'.", 1476 filename, linenum, arg ? arg : "<NONE>"); 1477 if (options->kex_algorithms == NULL) 1478 options->kex_algorithms = xstrdup(arg); 1479 break; 1480 1481 case sProtocol: 1482 intptr = &options->protocol; 1483 arg = strdelim(&cp); 1484 if (!arg || *arg == '\0') 1485 fatal("%s line %d: Missing argument.", filename, linenum); 1486 value = proto_spec(arg); 1487 if (value == SSH_PROTO_UNKNOWN) 1488 fatal("%s line %d: Bad protocol spec '%s'.", 1489 filename, linenum, arg ? arg : "<NONE>"); 1490 if (*intptr == SSH_PROTO_UNKNOWN) 1491 *intptr = value; 1492 break; 1493 1494 case sSubsystem: 1495 if (options->num_subsystems >= MAX_SUBSYSTEMS) { 1496 fatal("%s line %d: too many subsystems defined.", 1497 filename, linenum); 1498 } 1499 arg = strdelim(&cp); 1500 if (!arg || *arg == '\0') 1501 fatal("%s line %d: Missing subsystem name.", 1502 filename, linenum); 1503 if (!*activep) { 1504 arg = strdelim(&cp); 1505 break; 1506 } 1507 for (i = 0; i < options->num_subsystems; i++) 1508 if (strcmp(arg, options->subsystem_name[i]) == 0) 1509 fatal("%s line %d: Subsystem '%s' already defined.", 1510 filename, linenum, arg); 1511 options->subsystem_name[options->num_subsystems] = xstrdup(arg); 1512 arg = strdelim(&cp); 1513 if (!arg || *arg == '\0') 1514 fatal("%s line %d: Missing subsystem command.", 1515 filename, linenum); 1516 options->subsystem_command[options->num_subsystems] = xstrdup(arg); 1517 1518 /* Collect arguments (separate to executable) */ 1519 p = xstrdup(arg); 1520 len = strlen(p) + 1; 1521 while ((arg = strdelim(&cp)) != NULL && *arg != '\0') { 1522 len += 1 + strlen(arg); 1523 p = xreallocarray(p, 1, len); 1524 strlcat(p, " ", len); 1525 strlcat(p, arg, len); 1526 } 1527 options->subsystem_args[options->num_subsystems] = p; 1528 options->num_subsystems++; 1529 break; 1530 1531 case sMaxStartups: 1532 arg = strdelim(&cp); 1533 if (!arg || *arg == '\0') 1534 fatal("%s line %d: Missing MaxStartups spec.", 1535 filename, linenum); 1536 if ((n = sscanf(arg, "%d:%d:%d", 1537 &options->max_startups_begin, 1538 &options->max_startups_rate, 1539 &options->max_startups)) == 3) { 1540 if (options->max_startups_begin > 1541 options->max_startups || 1542 options->max_startups_rate > 100 || 1543 options->max_startups_rate < 1) 1544 fatal("%s line %d: Illegal MaxStartups spec.", 1545 filename, linenum); 1546 } else if (n != 1) 1547 fatal("%s line %d: Illegal MaxStartups spec.", 1548 filename, linenum); 1549 else 1550 options->max_startups = options->max_startups_begin; 1551 break; 1552 1553 case sMaxAuthTries: 1554 intptr = &options->max_authtries; 1555 goto parse_int; 1556 1557 case sMaxSessions: 1558 intptr = &options->max_sessions; 1559 goto parse_int; 1560 1561 case sBanner: 1562 charptr = &options->banner; 1563 goto parse_filename; 1564 1565 /* 1566 * These options can contain %X options expanded at 1567 * connect time, so that you can specify paths like: 1568 * 1569 * AuthorizedKeysFile /etc/ssh_keys/%u 1570 */ 1571 case sAuthorizedKeysFile: 1572 if (*activep && options->num_authkeys_files == 0) { 1573 while ((arg = strdelim(&cp)) && *arg != '\0') { 1574 if (options->num_authkeys_files >= 1575 MAX_AUTHKEYS_FILES) 1576 fatal("%s line %d: " 1577 "too many authorized keys files.", 1578 filename, linenum); 1579 options->authorized_keys_files[ 1580 options->num_authkeys_files++] = 1581 tilde_expand_filename(arg, getuid()); 1582 } 1583 } 1584 return 0; 1585 1586 case sAuthorizedPrincipalsFile: 1587 charptr = &options->authorized_principals_file; 1588 arg = strdelim(&cp); 1589 if (!arg || *arg == '\0') 1590 fatal("%s line %d: missing file name.", 1591 filename, linenum); 1592 if (*activep && *charptr == NULL) { 1593 *charptr = tilde_expand_filename(arg, getuid()); 1594 /* increase optional counter */ 1595 if (intptr != NULL) 1596 *intptr = *intptr + 1; 1597 } 1598 break; 1599 1600 case sClientAliveInterval: 1601 intptr = &options->client_alive_interval; 1602 goto parse_time; 1603 1604 case sClientAliveCountMax: 1605 intptr = &options->client_alive_count_max; 1606 goto parse_int; 1607 1608 case sAcceptEnv: 1609 while ((arg = strdelim(&cp)) && *arg != '\0') { 1610 if (strchr(arg, '=') != NULL) 1611 fatal("%s line %d: Invalid environment name.", 1612 filename, linenum); 1613 if (options->num_accept_env >= MAX_ACCEPT_ENV) 1614 fatal("%s line %d: too many allow env.", 1615 filename, linenum); 1616 if (!*activep) 1617 continue; 1618 options->accept_env[options->num_accept_env++] = 1619 xstrdup(arg); 1620 } 1621 break; 1622 1623 case sPermitTunnel: 1624 intptr = &options->permit_tun; 1625 arg = strdelim(&cp); 1626 if (!arg || *arg == '\0') 1627 fatal("%s line %d: Missing yes/point-to-point/" 1628 "ethernet/no argument.", filename, linenum); 1629 value = -1; 1630 for (i = 0; tunmode_desc[i].val != -1; i++) 1631 if (strcmp(tunmode_desc[i].text, arg) == 0) { 1632 value = tunmode_desc[i].val; 1633 break; 1634 } 1635 if (value == -1) 1636 fatal("%s line %d: Bad yes/point-to-point/ethernet/" 1637 "no argument: %s", filename, linenum, arg); 1638 if (*activep && *intptr == -1) 1639 *intptr = value; 1640 break; 1641 1642 case sMatch: 1643 if (cmdline) 1644 fatal("Match directive not supported as a command-line " 1645 "option"); 1646 value = match_cfg_line(&cp, linenum, connectinfo); 1647 if (value < 0) 1648 fatal("%s line %d: Bad Match condition", filename, 1649 linenum); 1650 *activep = value; 1651 break; 1652 1653 case sPermitOpen: 1654 arg = strdelim(&cp); 1655 if (!arg || *arg == '\0') 1656 fatal("%s line %d: missing PermitOpen specification", 1657 filename, linenum); 1658 n = options->num_permitted_opens; /* modified later */ 1659 if (strcmp(arg, "any") == 0) { 1660 if (*activep && n == -1) { 1661 channel_clear_adm_permitted_opens(); 1662 options->num_permitted_opens = 0; 1663 } 1664 break; 1665 } 1666 if (strcmp(arg, "none") == 0) { 1667 if (*activep && n == -1) { 1668 options->num_permitted_opens = 1; 1669 channel_disable_adm_local_opens(); 1670 } 1671 break; 1672 } 1673 if (*activep && n == -1) 1674 channel_clear_adm_permitted_opens(); 1675 for (; arg != NULL && *arg != '\0'; arg = strdelim(&cp)) { 1676 p = hpdelim(&arg); 1677 if (p == NULL) 1678 fatal("%s line %d: missing host in PermitOpen", 1679 filename, linenum); 1680 p = cleanhostname(p); 1681 if (arg == NULL || ((port = permitopen_port(arg)) < 0)) 1682 fatal("%s line %d: bad port number in " 1683 "PermitOpen", filename, linenum); 1684 if (*activep && n == -1) 1685 options->num_permitted_opens = 1686 channel_add_adm_permitted_opens(p, port); 1687 } 1688 break; 1689 1690 case sForceCommand: 1691 if (cp == NULL || *cp == '\0') 1692 fatal("%.200s line %d: Missing argument.", filename, 1693 linenum); 1694 len = strspn(cp, WHITESPACE); 1695 if (*activep && options->adm_forced_command == NULL) 1696 options->adm_forced_command = xstrdup(cp + len); 1697 return 0; 1698 1699 case sChrootDirectory: 1700 charptr = &options->chroot_directory; 1701 1702 arg = strdelim(&cp); 1703 if (!arg || *arg == '\0') 1704 fatal("%s line %d: missing file name.", 1705 filename, linenum); 1706 if (*activep && *charptr == NULL) 1707 *charptr = xstrdup(arg); 1708 break; 1709 1710 case sTrustedUserCAKeys: 1711 charptr = &options->trusted_user_ca_keys; 1712 goto parse_filename; 1713 1714 case sRevokedKeys: 1715 charptr = &options->revoked_keys_file; 1716 goto parse_filename; 1717 1718 case sIPQoS: 1719 arg = strdelim(&cp); 1720 if ((value = parse_ipqos(arg)) == -1) 1721 fatal("%s line %d: Bad IPQoS value: %s", 1722 filename, linenum, arg); 1723 arg = strdelim(&cp); 1724 if (arg == NULL) 1725 value2 = value; 1726 else if ((value2 = parse_ipqos(arg)) == -1) 1727 fatal("%s line %d: Bad IPQoS value: %s", 1728 filename, linenum, arg); 1729 if (*activep) { 1730 options->ip_qos_interactive = value; 1731 options->ip_qos_bulk = value2; 1732 } 1733 break; 1734 1735 case sVersionAddendum: 1736 if (cp == NULL || *cp == '\0') 1737 fatal("%.200s line %d: Missing argument.", filename, 1738 linenum); 1739 len = strspn(cp, WHITESPACE); 1740 if (*activep && options->version_addendum == NULL) { 1741 if (strcasecmp(cp + len, "none") == 0) 1742 options->version_addendum = xstrdup(""); 1743 else if (strchr(cp + len, '\r') != NULL) 1744 fatal("%.200s line %d: Invalid argument", 1745 filename, linenum); 1746 else 1747 options->version_addendum = xstrdup(cp + len); 1748 } 1749 return 0; 1750 1751 case sAuthorizedKeysCommand: 1752 if (cp == NULL) 1753 fatal("%.200s line %d: Missing argument.", filename, 1754 linenum); 1755 len = strspn(cp, WHITESPACE); 1756 if (*activep && options->authorized_keys_command == NULL) { 1757 if (cp[len] != '/' && strcasecmp(cp + len, "none") != 0) 1758 fatal("%.200s line %d: AuthorizedKeysCommand " 1759 "must be an absolute path", 1760 filename, linenum); 1761 options->authorized_keys_command = xstrdup(cp + len); 1762 } 1763 return 0; 1764 1765 case sAuthorizedKeysCommandUser: 1766 charptr = &options->authorized_keys_command_user; 1767 1768 arg = strdelim(&cp); 1769 if (!arg || *arg == '\0') 1770 fatal("%s line %d: missing AuthorizedKeysCommandUser " 1771 "argument.", filename, linenum); 1772 if (*activep && *charptr == NULL) 1773 *charptr = xstrdup(arg); 1774 break; 1775 1776 case sAuthorizedPrincipalsCommand: 1777 if (cp == NULL) 1778 fatal("%.200s line %d: Missing argument.", filename, 1779 linenum); 1780 len = strspn(cp, WHITESPACE); 1781 if (*activep && 1782 options->authorized_principals_command == NULL) { 1783 if (cp[len] != '/' && strcasecmp(cp + len, "none") != 0) 1784 fatal("%.200s line %d: " 1785 "AuthorizedPrincipalsCommand must be " 1786 "an absolute path", filename, linenum); 1787 options->authorized_principals_command = 1788 xstrdup(cp + len); 1789 } 1790 return 0; 1791 1792 case sAuthorizedPrincipalsCommandUser: 1793 charptr = &options->authorized_principals_command_user; 1794 1795 arg = strdelim(&cp); 1796 if (!arg || *arg == '\0') 1797 fatal("%s line %d: missing " 1798 "AuthorizedPrincipalsCommandUser argument.", 1799 filename, linenum); 1800 if (*activep && *charptr == NULL) 1801 *charptr = xstrdup(arg); 1802 break; 1803 1804 case sAuthenticationMethods: 1805 if (options->num_auth_methods == 0) { 1806 while ((arg = strdelim(&cp)) && *arg != '\0') { 1807 if (options->num_auth_methods >= 1808 MAX_AUTH_METHODS) 1809 fatal("%s line %d: " 1810 "too many authentication methods.", 1811 filename, linenum); 1812 if (auth2_methods_valid(arg, 0) != 0) 1813 fatal("%s line %d: invalid " 1814 "authentication method list.", 1815 filename, linenum); 1816 if (!*activep) 1817 continue; 1818 options->auth_methods[ 1819 options->num_auth_methods++] = xstrdup(arg); 1820 } 1821 } 1822 return 0; 1823 1824 case sStreamLocalBindMask: 1825 arg = strdelim(&cp); 1826 if (!arg || *arg == '\0') 1827 fatal("%s line %d: missing StreamLocalBindMask " 1828 "argument.", filename, linenum); 1829 /* Parse mode in octal format */ 1830 value = strtol(arg, &p, 8); 1831 if (arg == p || value < 0 || value > 0777) 1832 fatal("%s line %d: Bad mask.", filename, linenum); 1833 if (*activep) 1834 options->fwd_opts.streamlocal_bind_mask = (mode_t)value; 1835 break; 1836 1837 case sStreamLocalBindUnlink: 1838 intptr = &options->fwd_opts.streamlocal_bind_unlink; 1839 goto parse_flag; 1840 1841 case sFingerprintHash: 1842 arg = strdelim(&cp); 1843 if (!arg || *arg == '\0') 1844 fatal("%.200s line %d: Missing argument.", 1845 filename, linenum); 1846 if ((value = ssh_digest_alg_by_name(arg)) == -1) 1847 fatal("%.200s line %d: Invalid hash algorithm \"%s\".", 1848 filename, linenum, arg); 1849 if (*activep) 1850 options->fingerprint_hash = value; 1851 break; 1852 1853 case sDeprecated: 1854 logit("%s line %d: Deprecated option %s", 1855 filename, linenum, arg); 1856 while (arg) 1857 arg = strdelim(&cp); 1858 break; 1859 1860 case sUnsupported: 1861 logit("%s line %d: Unsupported option %s", 1862 filename, linenum, arg); 1863 while (arg) 1864 arg = strdelim(&cp); 1865 break; 1866 1867 default: 1868 fatal("%s line %d: Missing handler for opcode %s (%d)", 1869 filename, linenum, arg, opcode); 1870 } 1871 if ((arg = strdelim(&cp)) != NULL && *arg != '\0') 1872 fatal("%s line %d: garbage at end of line; \"%.200s\".", 1873 filename, linenum, arg); 1874 return 0; 1875 } 1876 1877 /* Reads the server configuration file. */ 1878 1879 void 1880 load_server_config(const char *filename, Buffer *conf) 1881 { 1882 char line[4096], *cp; 1883 FILE *f; 1884 int lineno = 0; 1885 1886 debug2("%s: filename %s", __func__, filename); 1887 if ((f = fopen(filename, "r")) == NULL) { 1888 perror(filename); 1889 exit(1); 1890 } 1891 buffer_clear(conf); 1892 while (fgets(line, sizeof(line), f)) { 1893 lineno++; 1894 if (strlen(line) == sizeof(line) - 1) 1895 fatal("%s line %d too long", filename, lineno); 1896 /* 1897 * Trim out comments and strip whitespace 1898 * NB - preserve newlines, they are needed to reproduce 1899 * line numbers later for error messages 1900 */ 1901 if ((cp = strchr(line, '#')) != NULL) 1902 memcpy(cp, "\n", 2); 1903 cp = line + strspn(line, " \t\r"); 1904 1905 buffer_append(conf, cp, strlen(cp)); 1906 } 1907 buffer_append(conf, "\0", 1); 1908 fclose(f); 1909 debug2("%s: done config len = %d", __func__, buffer_len(conf)); 1910 } 1911 1912 void 1913 parse_server_match_config(ServerOptions *options, 1914 struct connection_info *connectinfo) 1915 { 1916 ServerOptions mo; 1917 1918 initialize_server_options(&mo); 1919 parse_server_config(&mo, "reprocess config", &cfg, connectinfo); 1920 copy_set_server_options(options, &mo, 0); 1921 } 1922 1923 int parse_server_match_testspec(struct connection_info *ci, char *spec) 1924 { 1925 char *p; 1926 1927 while ((p = strsep(&spec, ",")) && *p != '\0') { 1928 if (strncmp(p, "addr=", 5) == 0) { 1929 ci->address = xstrdup(p + 5); 1930 } else if (strncmp(p, "host=", 5) == 0) { 1931 ci->host = xstrdup(p + 5); 1932 } else if (strncmp(p, "user=", 5) == 0) { 1933 ci->user = xstrdup(p + 5); 1934 } else if (strncmp(p, "laddr=", 6) == 0) { 1935 ci->laddress = xstrdup(p + 6); 1936 } else if (strncmp(p, "lport=", 6) == 0) { 1937 ci->lport = a2port(p + 6); 1938 if (ci->lport == -1) { 1939 fprintf(stderr, "Invalid port '%s' in test mode" 1940 " specification %s\n", p+6, p); 1941 return -1; 1942 } 1943 } else { 1944 fprintf(stderr, "Invalid test mode specification %s\n", 1945 p); 1946 return -1; 1947 } 1948 } 1949 return 0; 1950 } 1951 1952 /* 1953 * returns 1 for a complete spec, 0 for partial spec and -1 for an 1954 * empty spec. 1955 */ 1956 int server_match_spec_complete(struct connection_info *ci) 1957 { 1958 if (ci->user && ci->host && ci->address) 1959 return 1; /* complete */ 1960 if (!ci->user && !ci->host && !ci->address) 1961 return -1; /* empty */ 1962 return 0; /* partial */ 1963 } 1964 1965 /* 1966 * Copy any supported values that are set. 1967 * 1968 * If the preauth flag is set, we do not bother copying the string or 1969 * array values that are not used pre-authentication, because any that we 1970 * do use must be explictly sent in mm_getpwnamallow(). 1971 */ 1972 void 1973 copy_set_server_options(ServerOptions *dst, ServerOptions *src, int preauth) 1974 { 1975 #define M_CP_INTOPT(n) do {\ 1976 if (src->n != -1) \ 1977 dst->n = src->n; \ 1978 } while (0) 1979 1980 M_CP_INTOPT(password_authentication); 1981 M_CP_INTOPT(gss_authentication); 1982 M_CP_INTOPT(rsa_authentication); 1983 M_CP_INTOPT(pubkey_authentication); 1984 M_CP_INTOPT(kerberos_authentication); 1985 M_CP_INTOPT(hostbased_authentication); 1986 M_CP_INTOPT(hostbased_uses_name_from_packet_only); 1987 M_CP_INTOPT(kbd_interactive_authentication); 1988 M_CP_INTOPT(permit_root_login); 1989 M_CP_INTOPT(permit_empty_passwd); 1990 1991 M_CP_INTOPT(allow_tcp_forwarding); 1992 M_CP_INTOPT(allow_streamlocal_forwarding); 1993 M_CP_INTOPT(allow_agent_forwarding); 1994 M_CP_INTOPT(permit_tun); 1995 M_CP_INTOPT(fwd_opts.gateway_ports); 1996 M_CP_INTOPT(x11_display_offset); 1997 M_CP_INTOPT(x11_forwarding); 1998 M_CP_INTOPT(x11_use_localhost); 1999 M_CP_INTOPT(permit_tty); 2000 M_CP_INTOPT(permit_user_rc); 2001 M_CP_INTOPT(max_sessions); 2002 M_CP_INTOPT(max_authtries); 2003 M_CP_INTOPT(ip_qos_interactive); 2004 M_CP_INTOPT(ip_qos_bulk); 2005 M_CP_INTOPT(rekey_limit); 2006 M_CP_INTOPT(rekey_interval); 2007 2008 /* M_CP_STROPT and M_CP_STRARRAYOPT should not appear before here */ 2009 #define M_CP_STROPT(n) do {\ 2010 if (src->n != NULL && dst->n != src->n) { \ 2011 free(dst->n); \ 2012 dst->n = src->n; \ 2013 } \ 2014 } while(0) 2015 #define M_CP_STRARRAYOPT(n, num_n) do {\ 2016 if (src->num_n != 0) { \ 2017 for (dst->num_n = 0; dst->num_n < src->num_n; dst->num_n++) \ 2018 dst->n[dst->num_n] = xstrdup(src->n[dst->num_n]); \ 2019 } \ 2020 } while(0) 2021 2022 /* See comment in servconf.h */ 2023 COPY_MATCH_STRING_OPTS(); 2024 2025 /* 2026 * The only things that should be below this point are string options 2027 * which are only used after authentication. 2028 */ 2029 if (preauth) 2030 return; 2031 2032 M_CP_STROPT(adm_forced_command); 2033 M_CP_STROPT(chroot_directory); 2034 } 2035 2036 #undef M_CP_INTOPT 2037 #undef M_CP_STROPT 2038 #undef M_CP_STRARRAYOPT 2039 2040 void 2041 parse_server_config(ServerOptions *options, const char *filename, Buffer *conf, 2042 struct connection_info *connectinfo) 2043 { 2044 int active, linenum, bad_options = 0; 2045 char *cp, *obuf, *cbuf; 2046 2047 debug2("%s: config %s len %d", __func__, filename, buffer_len(conf)); 2048 2049 obuf = cbuf = xstrdup(buffer_ptr(conf)); 2050 active = connectinfo ? 0 : 1; 2051 linenum = 1; 2052 while ((cp = strsep(&cbuf, "\n")) != NULL) { 2053 if (process_server_config_line(options, cp, filename, 2054 linenum++, &active, connectinfo) != 0) 2055 bad_options++; 2056 } 2057 free(obuf); 2058 if (bad_options > 0) 2059 fatal("%s: terminating, %d bad configuration options", 2060 filename, bad_options); 2061 process_queued_listen_addrs(options); 2062 } 2063 2064 static const char * 2065 fmt_multistate_int(int val, const struct multistate *m) 2066 { 2067 u_int i; 2068 2069 for (i = 0; m[i].key != NULL; i++) { 2070 if (m[i].value == val) 2071 return m[i].key; 2072 } 2073 return "UNKNOWN"; 2074 } 2075 2076 static const char * 2077 fmt_intarg(ServerOpCodes code, int val) 2078 { 2079 if (val == -1) 2080 return "unset"; 2081 switch (code) { 2082 case sAddressFamily: 2083 return fmt_multistate_int(val, multistate_addressfamily); 2084 case sPermitRootLogin: 2085 return fmt_multistate_int(val, multistate_permitrootlogin); 2086 case sGatewayPorts: 2087 return fmt_multistate_int(val, multistate_gatewayports); 2088 case sCompression: 2089 return fmt_multistate_int(val, multistate_compression); 2090 case sUsePrivilegeSeparation: 2091 return fmt_multistate_int(val, multistate_privsep); 2092 case sAllowTcpForwarding: 2093 return fmt_multistate_int(val, multistate_tcpfwd); 2094 case sAllowStreamLocalForwarding: 2095 return fmt_multistate_int(val, multistate_tcpfwd); 2096 case sFingerprintHash: 2097 return ssh_digest_alg_name(val); 2098 case sProtocol: 2099 switch (val) { 2100 case SSH_PROTO_1: 2101 return "1"; 2102 case SSH_PROTO_2: 2103 return "2"; 2104 case (SSH_PROTO_1|SSH_PROTO_2): 2105 return "2,1"; 2106 default: 2107 return "UNKNOWN"; 2108 } 2109 default: 2110 switch (val) { 2111 case 0: 2112 return "no"; 2113 case 1: 2114 return "yes"; 2115 default: 2116 return "UNKNOWN"; 2117 } 2118 } 2119 } 2120 2121 static const char * 2122 lookup_opcode_name(ServerOpCodes code) 2123 { 2124 u_int i; 2125 2126 for (i = 0; keywords[i].name != NULL; i++) 2127 if (keywords[i].opcode == code) 2128 return(keywords[i].name); 2129 return "UNKNOWN"; 2130 } 2131 2132 static void 2133 dump_cfg_int(ServerOpCodes code, int val) 2134 { 2135 printf("%s %d\n", lookup_opcode_name(code), val); 2136 } 2137 2138 static void 2139 dump_cfg_oct(ServerOpCodes code, int val) 2140 { 2141 printf("%s 0%o\n", lookup_opcode_name(code), val); 2142 } 2143 2144 static void 2145 dump_cfg_fmtint(ServerOpCodes code, int val) 2146 { 2147 printf("%s %s\n", lookup_opcode_name(code), fmt_intarg(code, val)); 2148 } 2149 2150 static void 2151 dump_cfg_string(ServerOpCodes code, const char *val) 2152 { 2153 if (val == NULL) 2154 return; 2155 printf("%s %s\n", lookup_opcode_name(code), 2156 val == NULL ? "none" : val); 2157 } 2158 2159 static void 2160 dump_cfg_strarray(ServerOpCodes code, u_int count, char **vals) 2161 { 2162 u_int i; 2163 2164 for (i = 0; i < count; i++) 2165 printf("%s %s\n", lookup_opcode_name(code), vals[i]); 2166 } 2167 2168 static void 2169 dump_cfg_strarray_oneline(ServerOpCodes code, u_int count, char **vals) 2170 { 2171 u_int i; 2172 2173 if (count <= 0) 2174 return; 2175 printf("%s", lookup_opcode_name(code)); 2176 for (i = 0; i < count; i++) 2177 printf(" %s", vals[i]); 2178 printf("\n"); 2179 } 2180 2181 void 2182 dump_config(ServerOptions *o) 2183 { 2184 u_int i; 2185 int ret; 2186 struct addrinfo *ai; 2187 char addr[NI_MAXHOST], port[NI_MAXSERV], *s = NULL; 2188 char *laddr1 = xstrdup(""), *laddr2 = NULL; 2189 2190 /* these are usually at the top of the config */ 2191 for (i = 0; i < o->num_ports; i++) 2192 printf("port %d\n", o->ports[i]); 2193 dump_cfg_fmtint(sProtocol, o->protocol); 2194 dump_cfg_fmtint(sAddressFamily, o->address_family); 2195 2196 /* 2197 * ListenAddress must be after Port. add_one_listen_addr pushes 2198 * addresses onto a stack, so to maintain ordering we need to 2199 * print these in reverse order. 2200 */ 2201 for (ai = o->listen_addrs; ai; ai = ai->ai_next) { 2202 if ((ret = getnameinfo(ai->ai_addr, ai->ai_addrlen, addr, 2203 sizeof(addr), port, sizeof(port), 2204 NI_NUMERICHOST|NI_NUMERICSERV)) != 0) { 2205 error("getnameinfo failed: %.100s", 2206 (ret != EAI_SYSTEM) ? gai_strerror(ret) : 2207 strerror(errno)); 2208 } else { 2209 laddr2 = laddr1; 2210 if (ai->ai_family == AF_INET6) 2211 xasprintf(&laddr1, "listenaddress [%s]:%s\n%s", 2212 addr, port, laddr2); 2213 else 2214 xasprintf(&laddr1, "listenaddress %s:%s\n%s", 2215 addr, port, laddr2); 2216 free(laddr2); 2217 } 2218 } 2219 printf("%s", laddr1); 2220 free(laddr1); 2221 2222 /* integer arguments */ 2223 #ifdef USE_PAM 2224 dump_cfg_fmtint(sUsePAM, o->use_pam); 2225 #endif 2226 dump_cfg_int(sServerKeyBits, o->server_key_bits); 2227 dump_cfg_int(sLoginGraceTime, o->login_grace_time); 2228 dump_cfg_int(sKeyRegenerationTime, o->key_regeneration_time); 2229 dump_cfg_int(sX11DisplayOffset, o->x11_display_offset); 2230 dump_cfg_int(sMaxAuthTries, o->max_authtries); 2231 dump_cfg_int(sMaxSessions, o->max_sessions); 2232 dump_cfg_int(sClientAliveInterval, o->client_alive_interval); 2233 dump_cfg_int(sClientAliveCountMax, o->client_alive_count_max); 2234 dump_cfg_oct(sStreamLocalBindMask, o->fwd_opts.streamlocal_bind_mask); 2235 2236 /* formatted integer arguments */ 2237 dump_cfg_fmtint(sPermitRootLogin, o->permit_root_login); 2238 dump_cfg_fmtint(sIgnoreRhosts, o->ignore_rhosts); 2239 dump_cfg_fmtint(sIgnoreUserKnownHosts, o->ignore_user_known_hosts); 2240 dump_cfg_fmtint(sRhostsRSAAuthentication, o->rhosts_rsa_authentication); 2241 dump_cfg_fmtint(sHostbasedAuthentication, o->hostbased_authentication); 2242 dump_cfg_fmtint(sHostbasedUsesNameFromPacketOnly, 2243 o->hostbased_uses_name_from_packet_only); 2244 dump_cfg_fmtint(sRSAAuthentication, o->rsa_authentication); 2245 dump_cfg_fmtint(sPubkeyAuthentication, o->pubkey_authentication); 2246 #ifdef KRB5 2247 dump_cfg_fmtint(sKerberosAuthentication, o->kerberos_authentication); 2248 dump_cfg_fmtint(sKerberosOrLocalPasswd, o->kerberos_or_local_passwd); 2249 dump_cfg_fmtint(sKerberosTicketCleanup, o->kerberos_ticket_cleanup); 2250 # ifdef USE_AFS 2251 dump_cfg_fmtint(sKerberosGetAFSToken, o->kerberos_get_afs_token); 2252 # endif 2253 #endif 2254 #ifdef GSSAPI 2255 dump_cfg_fmtint(sGssAuthentication, o->gss_authentication); 2256 dump_cfg_fmtint(sGssCleanupCreds, o->gss_cleanup_creds); 2257 #endif 2258 dump_cfg_fmtint(sPasswordAuthentication, o->password_authentication); 2259 dump_cfg_fmtint(sKbdInteractiveAuthentication, 2260 o->kbd_interactive_authentication); 2261 dump_cfg_fmtint(sChallengeResponseAuthentication, 2262 o->challenge_response_authentication); 2263 dump_cfg_fmtint(sPrintMotd, o->print_motd); 2264 dump_cfg_fmtint(sPrintLastLog, o->print_lastlog); 2265 dump_cfg_fmtint(sX11Forwarding, o->x11_forwarding); 2266 dump_cfg_fmtint(sX11UseLocalhost, o->x11_use_localhost); 2267 dump_cfg_fmtint(sPermitTTY, o->permit_tty); 2268 dump_cfg_fmtint(sPermitUserRC, o->permit_user_rc); 2269 dump_cfg_fmtint(sStrictModes, o->strict_modes); 2270 dump_cfg_fmtint(sTCPKeepAlive, o->tcp_keep_alive); 2271 dump_cfg_fmtint(sEmptyPasswd, o->permit_empty_passwd); 2272 dump_cfg_fmtint(sPermitUserEnvironment, o->permit_user_env); 2273 dump_cfg_fmtint(sUseLogin, o->use_login); 2274 dump_cfg_fmtint(sCompression, o->compression); 2275 dump_cfg_fmtint(sGatewayPorts, o->fwd_opts.gateway_ports); 2276 dump_cfg_fmtint(sUseDNS, o->use_dns); 2277 dump_cfg_fmtint(sAllowTcpForwarding, o->allow_tcp_forwarding); 2278 dump_cfg_fmtint(sAllowAgentForwarding, o->allow_agent_forwarding); 2279 dump_cfg_fmtint(sAllowStreamLocalForwarding, o->allow_streamlocal_forwarding); 2280 dump_cfg_fmtint(sUsePrivilegeSeparation, use_privsep); 2281 dump_cfg_fmtint(sFingerprintHash, o->fingerprint_hash); 2282 2283 /* string arguments */ 2284 dump_cfg_string(sPidFile, o->pid_file); 2285 dump_cfg_string(sXAuthLocation, o->xauth_location); 2286 dump_cfg_string(sCiphers, o->ciphers ? o->ciphers : KEX_SERVER_ENCRYPT); 2287 dump_cfg_string(sMacs, o->macs ? o->macs : KEX_SERVER_MAC); 2288 dump_cfg_string(sBanner, o->banner); 2289 dump_cfg_string(sForceCommand, o->adm_forced_command); 2290 dump_cfg_string(sChrootDirectory, o->chroot_directory); 2291 dump_cfg_string(sTrustedUserCAKeys, o->trusted_user_ca_keys); 2292 dump_cfg_string(sRevokedKeys, o->revoked_keys_file); 2293 dump_cfg_string(sAuthorizedPrincipalsFile, 2294 o->authorized_principals_file); 2295 dump_cfg_string(sVersionAddendum, *o->version_addendum == '\0' 2296 ? "none" : o->version_addendum); 2297 dump_cfg_string(sAuthorizedKeysCommand, o->authorized_keys_command); 2298 dump_cfg_string(sAuthorizedKeysCommandUser, o->authorized_keys_command_user); 2299 dump_cfg_string(sAuthorizedPrincipalsCommand, o->authorized_principals_command); 2300 dump_cfg_string(sAuthorizedPrincipalsCommandUser, o->authorized_principals_command_user); 2301 dump_cfg_string(sHostKeyAgent, o->host_key_agent); 2302 dump_cfg_string(sKexAlgorithms, 2303 o->kex_algorithms ? o->kex_algorithms : KEX_SERVER_KEX); 2304 dump_cfg_string(sHostbasedAcceptedKeyTypes, o->hostbased_key_types ? 2305 o->hostbased_key_types : KEX_DEFAULT_PK_ALG); 2306 dump_cfg_string(sHostKeyAlgorithms, o->hostkeyalgorithms ? 2307 o->hostkeyalgorithms : KEX_DEFAULT_PK_ALG); 2308 dump_cfg_string(sPubkeyAcceptedKeyTypes, o->pubkey_key_types ? 2309 o->pubkey_key_types : KEX_DEFAULT_PK_ALG); 2310 2311 /* string arguments requiring a lookup */ 2312 dump_cfg_string(sLogLevel, log_level_name(o->log_level)); 2313 dump_cfg_string(sLogFacility, log_facility_name(o->log_facility)); 2314 2315 /* string array arguments */ 2316 dump_cfg_strarray_oneline(sAuthorizedKeysFile, o->num_authkeys_files, 2317 o->authorized_keys_files); 2318 dump_cfg_strarray(sHostKeyFile, o->num_host_key_files, 2319 o->host_key_files); 2320 dump_cfg_strarray(sHostCertificate, o->num_host_cert_files, 2321 o->host_cert_files); 2322 dump_cfg_strarray(sAllowUsers, o->num_allow_users, o->allow_users); 2323 dump_cfg_strarray(sDenyUsers, o->num_deny_users, o->deny_users); 2324 dump_cfg_strarray(sAllowGroups, o->num_allow_groups, o->allow_groups); 2325 dump_cfg_strarray(sDenyGroups, o->num_deny_groups, o->deny_groups); 2326 dump_cfg_strarray(sAcceptEnv, o->num_accept_env, o->accept_env); 2327 dump_cfg_strarray_oneline(sAuthenticationMethods, 2328 o->num_auth_methods, o->auth_methods); 2329 2330 /* other arguments */ 2331 for (i = 0; i < o->num_subsystems; i++) 2332 printf("subsystem %s %s\n", o->subsystem_name[i], 2333 o->subsystem_args[i]); 2334 2335 printf("maxstartups %d:%d:%d\n", o->max_startups_begin, 2336 o->max_startups_rate, o->max_startups); 2337 2338 for (i = 0; tunmode_desc[i].val != -1; i++) 2339 if (tunmode_desc[i].val == o->permit_tun) { 2340 s = tunmode_desc[i].text; 2341 break; 2342 } 2343 dump_cfg_string(sPermitTunnel, s); 2344 2345 printf("ipqos %s ", iptos2str(o->ip_qos_interactive)); 2346 printf("%s\n", iptos2str(o->ip_qos_bulk)); 2347 2348 printf("rekeylimit %lld %d\n", (long long)o->rekey_limit, 2349 o->rekey_interval); 2350 2351 channel_print_adm_permitted_opens(); 2352 } 2353