1 /* 2 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland 3 * All rights reserved 4 * 5 * As far as I am concerned, the code I have written for this software 6 * can be used freely for any purpose. Any derived versions of this 7 * software must be clearly marked as such, and if the derived work is 8 * incompatible with the protocol description in the RFC file, it must be 9 * called by a name other than "ssh" or "Secure Shell". 10 */ 11 /* 12 * Copyright 2007 Sun Microsystems, Inc. All rights reserved. 13 * Use is subject to license terms. 14 */ 15 16 #include "includes.h" 17 RCSID("$OpenBSD: servconf.c,v 1.115 2002/09/04 18:52:42 stevesk Exp $"); 18 19 #pragma ident "%Z%%M% %I% %E% SMI" 20 21 #ifdef HAVE_DEFOPEN 22 #include <deflt.h> 23 #endif /* HAVE_DEFOPEN */ 24 25 #if defined(KRB4) 26 #include <krb.h> 27 #endif 28 #if defined(KRB5) 29 #ifdef HEIMDAL 30 #include <krb.h> 31 #else 32 /* Bodge - but then, so is using the kerberos IV KEYFILE to get a Kerberos V 33 * keytab */ 34 #define KEYFILE "/etc/krb5.keytab" 35 #endif 36 #endif 37 #ifdef AFS 38 #include <kafs.h> 39 #endif 40 41 #include "ssh.h" 42 #include "log.h" 43 #include "servconf.h" 44 #include "xmalloc.h" 45 #include "compat.h" 46 #include "pathnames.h" 47 #include "tildexpand.h" 48 #include "misc.h" 49 #include "cipher.h" 50 #include "kex.h" 51 #include "mac.h" 52 #include "auth.h" 53 54 static void add_listen_addr(ServerOptions *, char *, u_short); 55 static void add_one_listen_addr(ServerOptions *, char *, u_short); 56 57 /* AF_UNSPEC or AF_INET or AF_INET6 */ 58 extern int IPv4or6; 59 /* Use of privilege separation or not */ 60 extern int use_privsep; 61 62 /* Initializes the server options to their default values. */ 63 64 void 65 initialize_server_options(ServerOptions *options) 66 { 67 (void) memset(options, 0, sizeof(*options)); 68 69 /* Portable-specific options */ 70 options->pam_authentication_via_kbd_int = -1; 71 72 /* Standard Options */ 73 options->num_ports = 0; 74 options->ports_from_cmdline = 0; 75 options->listen_addrs = NULL; 76 options->num_host_key_files = 0; 77 options->pid_file = NULL; 78 options->server_key_bits = -1; 79 options->login_grace_time = -1; 80 options->key_regeneration_time = -1; 81 options->permit_root_login = PERMIT_NOT_SET; 82 options->ignore_rhosts = -1; 83 options->ignore_user_known_hosts = -1; 84 options->print_motd = -1; 85 options->print_lastlog = -1; 86 options->x11_forwarding = -1; 87 options->x11_display_offset = -1; 88 options->x11_use_localhost = -1; 89 options->xauth_location = NULL; 90 options->strict_modes = -1; 91 options->keepalives = -1; 92 options->log_facility = SYSLOG_FACILITY_NOT_SET; 93 options->log_level = SYSLOG_LEVEL_NOT_SET; 94 options->rhosts_authentication = -1; 95 options->rhosts_rsa_authentication = -1; 96 options->hostbased_authentication = -1; 97 options->hostbased_uses_name_from_packet_only = -1; 98 options->rsa_authentication = -1; 99 options->pubkey_authentication = -1; 100 #ifdef GSSAPI 101 options->gss_authentication = -1; 102 options->gss_keyex = -1; 103 options->gss_store_creds = -1; 104 options->gss_use_session_ccache = -1; 105 options->gss_cleanup_creds = -1; 106 #endif 107 #if defined(KRB4) || defined(KRB5) 108 options->kerberos_authentication = -1; 109 options->kerberos_or_local_passwd = -1; 110 options->kerberos_ticket_cleanup = -1; 111 #endif 112 #if defined(AFS) || defined(KRB5) 113 options->kerberos_tgt_passing = -1; 114 #endif 115 #ifdef AFS 116 options->afs_token_passing = -1; 117 #endif 118 options->password_authentication = -1; 119 options->kbd_interactive_authentication = -1; 120 options->challenge_response_authentication = -1; 121 options->permit_empty_passwd = -1; 122 options->permit_user_env = -1; 123 options->use_login = -1; 124 options->compression = -1; 125 options->allow_tcp_forwarding = -1; 126 options->num_allow_users = 0; 127 options->num_deny_users = 0; 128 options->num_allow_groups = 0; 129 options->num_deny_groups = 0; 130 options->ciphers = NULL; 131 options->macs = NULL; 132 options->protocol = SSH_PROTO_UNKNOWN; 133 options->gateway_ports = -1; 134 options->num_subsystems = 0; 135 options->max_startups_begin = -1; 136 options->max_startups_rate = -1; 137 options->max_startups = -1; 138 options->banner = NULL; 139 options->verify_reverse_mapping = -1; 140 options->client_alive_interval = -1; 141 options->client_alive_count_max = -1; 142 options->authorized_keys_file = NULL; 143 options->authorized_keys_file2 = NULL; 144 145 options->max_auth_tries = -1; 146 options->max_auth_tries_log = -1; 147 148 options->max_init_auth_tries = -1; 149 options->max_init_auth_tries_log = -1; 150 151 options->lookup_client_hostnames = -1; 152 153 /* Needs to be accessable in many places */ 154 use_privsep = -1; 155 } 156 157 #ifdef HAVE_DEFOPEN 158 /* 159 * Reads /etc/default/login and defaults several ServerOptions: 160 * 161 * PermitRootLogin 162 * PermitEmptyPasswords 163 * LoginGraceTime 164 * 165 * CONSOLE=* -> PermitRootLogin=without-password 166 * #CONSOLE=* -> PermitRootLogin=yes 167 * 168 * PASSREQ=YES -> PermitEmptyPasswords=no 169 * PASSREQ=NO -> PermitEmptyPasswords=yes 170 * #PASSREQ=* -> PermitEmptyPasswords=no 171 * 172 * TIMEOUT=<secs> -> LoginGraceTime=<secs> 173 * #TIMEOUT=<secs> -> LoginGraceTime=300 174 */ 175 static 176 void 177 deflt_fill_default_server_options(ServerOptions *options) 178 { 179 int flags; 180 char *ptr; 181 182 if (defopen(_PATH_DEFAULT_LOGIN)) 183 return; 184 185 /* Ignore case */ 186 flags = defcntl(DC_GETFLAGS, 0); 187 TURNOFF(flags, DC_CASE); 188 (void) defcntl(DC_SETFLAGS, flags); 189 190 if (options->permit_root_login == PERMIT_NOT_SET && 191 (ptr = defread("CONSOLE=")) != NULL) 192 options->permit_root_login = PERMIT_NO_PASSWD; 193 194 if (options->permit_empty_passwd == -1 && 195 (ptr = defread("PASSREQ=")) != NULL) { 196 if (strcasecmp("YES", ptr) == 0) 197 options->permit_empty_passwd = 0; 198 else if (strcasecmp("NO", ptr) == 0) 199 options->permit_empty_passwd = 1; 200 } 201 202 if (options->max_init_auth_tries == -1 && 203 (ptr = defread("RETRIES=")) != NULL) { 204 options->max_init_auth_tries = atoi(ptr); 205 } 206 207 if (options->max_init_auth_tries_log == -1 && 208 (ptr = defread("SYSLOG_FAILED_LOGINS=")) != NULL) { 209 options->max_init_auth_tries_log = atoi(ptr); 210 } 211 212 if (options->login_grace_time == -1) { 213 if ((ptr = defread("TIMEOUT=")) != NULL) 214 options->login_grace_time = (unsigned)atoi(ptr); 215 else 216 options->login_grace_time = 300; 217 } 218 219 (void) defopen((char *)NULL); 220 } 221 #endif /* HAVE_DEFOPEN */ 222 223 void 224 fill_default_server_options(ServerOptions *options) 225 { 226 227 #ifdef HAVE_DEFOPEN 228 deflt_fill_default_server_options(options); 229 #endif /* HAVE_DEFOPEN */ 230 231 /* Portable-specific options */ 232 if (options->pam_authentication_via_kbd_int == -1) 233 options->pam_authentication_via_kbd_int = 0; 234 235 /* Standard Options */ 236 if (options->protocol == SSH_PROTO_UNKNOWN) 237 options->protocol = SSH_PROTO_1|SSH_PROTO_2; 238 if (options->num_host_key_files == 0) { 239 /* fill default hostkeys for protocols */ 240 if (options->protocol & SSH_PROTO_1) 241 options->host_key_files[options->num_host_key_files++] = 242 _PATH_HOST_KEY_FILE; 243 #ifndef GSSAPI 244 /* With GSS keyex we can run v2 w/ no host keys */ 245 if (options->protocol & SSH_PROTO_2) { 246 options->host_key_files[options->num_host_key_files++] = 247 _PATH_HOST_RSA_KEY_FILE; 248 options->host_key_files[options->num_host_key_files++] = 249 _PATH_HOST_DSA_KEY_FILE; 250 } 251 #endif /* GSSAPI */ 252 } 253 if (options->num_ports == 0) 254 options->ports[options->num_ports++] = SSH_DEFAULT_PORT; 255 if (options->listen_addrs == NULL) 256 add_listen_addr(options, NULL, 0); 257 if (options->pid_file == NULL) 258 options->pid_file = _PATH_SSH_DAEMON_PID_FILE; 259 if (options->server_key_bits == -1) 260 options->server_key_bits = 768; 261 if (options->login_grace_time == -1) 262 options->login_grace_time = 120; 263 if (options->key_regeneration_time == -1) 264 options->key_regeneration_time = 3600; 265 if (options->permit_root_login == PERMIT_NOT_SET) 266 options->permit_root_login = PERMIT_YES; 267 if (options->ignore_rhosts == -1) 268 options->ignore_rhosts = 1; 269 if (options->ignore_user_known_hosts == -1) 270 options->ignore_user_known_hosts = 0; 271 if (options->print_motd == -1) 272 options->print_motd = 1; 273 if (options->print_lastlog == -1) 274 options->print_lastlog = 1; 275 if (options->x11_forwarding == -1) 276 options->x11_forwarding = 1; 277 if (options->x11_display_offset == -1) 278 options->x11_display_offset = 10; 279 if (options->x11_use_localhost == -1) 280 options->x11_use_localhost = 1; 281 if (options->xauth_location == NULL) 282 options->xauth_location = _PATH_XAUTH; 283 if (options->strict_modes == -1) 284 options->strict_modes = 1; 285 if (options->keepalives == -1) 286 options->keepalives = 1; 287 if (options->log_facility == SYSLOG_FACILITY_NOT_SET) 288 options->log_facility = SYSLOG_FACILITY_AUTH; 289 if (options->log_level == SYSLOG_LEVEL_NOT_SET) 290 options->log_level = SYSLOG_LEVEL_INFO; 291 if (options->rhosts_authentication == -1) 292 options->rhosts_authentication = 0; 293 if (options->rhosts_rsa_authentication == -1) 294 options->rhosts_rsa_authentication = 0; 295 if (options->hostbased_authentication == -1) 296 options->hostbased_authentication = 0; 297 if (options->hostbased_uses_name_from_packet_only == -1) 298 options->hostbased_uses_name_from_packet_only = 0; 299 if (options->rsa_authentication == -1) 300 options->rsa_authentication = 1; 301 if (options->pubkey_authentication == -1) 302 options->pubkey_authentication = 1; 303 #ifdef GSSAPI 304 if (options->gss_authentication == -1) 305 options->gss_authentication = 1; 306 if (options->gss_keyex == -1) 307 options->gss_keyex = 1; 308 if (options->gss_store_creds == -1) 309 options->gss_store_creds = 1; 310 if (options->gss_use_session_ccache == -1) 311 options->gss_use_session_ccache = 1; 312 if (options->gss_cleanup_creds == -1) 313 options->gss_cleanup_creds = 1; 314 #endif 315 #if defined(KRB4) || defined(KRB5) 316 if (options->kerberos_authentication == -1) 317 options->kerberos_authentication = 0; 318 if (options->kerberos_or_local_passwd == -1) 319 options->kerberos_or_local_passwd = 1; 320 if (options->kerberos_ticket_cleanup == -1) 321 options->kerberos_ticket_cleanup = 1; 322 #endif 323 #if defined(AFS) || defined(KRB5) 324 if (options->kerberos_tgt_passing == -1) 325 options->kerberos_tgt_passing = 0; 326 #endif 327 #ifdef AFS 328 if (options->afs_token_passing == -1) 329 options->afs_token_passing = 0; 330 #endif 331 if (options->password_authentication == -1) 332 options->password_authentication = 1; 333 if (options->kbd_interactive_authentication == -1) 334 options->kbd_interactive_authentication = 0; 335 if (options->challenge_response_authentication == -1) 336 options->challenge_response_authentication = 1; 337 if (options->permit_empty_passwd == -1) 338 options->permit_empty_passwd = 0; 339 if (options->permit_user_env == -1) 340 options->permit_user_env = 0; 341 if (options->use_login == -1) 342 options->use_login = 0; 343 if (options->compression == -1) 344 options->compression = 1; 345 if (options->allow_tcp_forwarding == -1) 346 options->allow_tcp_forwarding = 1; 347 if (options->gateway_ports == -1) 348 options->gateway_ports = 0; 349 if (options->max_startups == -1) 350 options->max_startups = 10; 351 if (options->max_startups_rate == -1) 352 options->max_startups_rate = 100; /* 100% */ 353 if (options->max_startups_begin == -1) 354 options->max_startups_begin = options->max_startups; 355 if (options->verify_reverse_mapping == -1) 356 options->verify_reverse_mapping = 0; 357 if (options->client_alive_interval == -1) 358 options->client_alive_interval = 0; 359 if (options->client_alive_count_max == -1) 360 options->client_alive_count_max = 3; 361 if (options->authorized_keys_file2 == NULL) { 362 /* authorized_keys_file2 falls back to authorized_keys_file */ 363 if (options->authorized_keys_file != NULL) 364 options->authorized_keys_file2 = options->authorized_keys_file; 365 else 366 options->authorized_keys_file2 = _PATH_SSH_USER_PERMITTED_KEYS2; 367 } 368 if (options->authorized_keys_file == NULL) 369 options->authorized_keys_file = _PATH_SSH_USER_PERMITTED_KEYS; 370 371 if (options->max_auth_tries == -1) 372 options->max_auth_tries = AUTH_FAIL_MAX; 373 if (options->max_auth_tries_log == -1) 374 options->max_auth_tries_log = options->max_auth_tries / 2; 375 376 if (options->max_init_auth_tries == -1) 377 options->max_init_auth_tries = AUTH_FAIL_MAX; 378 if (options->max_init_auth_tries_log == -1) 379 options->max_init_auth_tries_log = options->max_init_auth_tries / 2; 380 381 if (options->lookup_client_hostnames == -1) 382 options->lookup_client_hostnames = 1; 383 384 /* XXX SUNWssh resync */ 385 /* Turn privilege separation OFF by default */ 386 if (use_privsep == -1) 387 use_privsep = 0; 388 389 #ifndef HAVE_MMAP 390 if (use_privsep && options->compression == 1) { 391 error("This platform does not support both privilege " 392 "separation and compression"); 393 error("Compression disabled"); 394 options->compression = 0; 395 } 396 #endif 397 398 } 399 400 /* Keyword tokens. */ 401 typedef enum { 402 sBadOption, /* == unknown option */ 403 /* Portable-specific options */ 404 sPAMAuthenticationViaKbdInt, 405 /* Standard Options */ 406 sPort, sHostKeyFile, sServerKeyBits, sLoginGraceTime, sKeyRegenerationTime, 407 sPermitRootLogin, sLogFacility, sLogLevel, 408 sRhostsAuthentication, sRhostsRSAAuthentication, sRSAAuthentication, 409 #ifdef GSSAPI 410 sGssAuthentication, sGssKeyEx, sGssStoreDelegCreds, 411 sGssUseSessionCredCache, sGssCleanupCreds, 412 #endif /* GSSAPI */ 413 #if defined(KRB4) || defined(KRB5) 414 sKerberosAuthentication, sKerberosOrLocalPasswd, sKerberosTicketCleanup, 415 #endif 416 #if defined(AFS) || defined(KRB5) 417 sKerberosTgtPassing, 418 #endif 419 #ifdef AFS 420 sAFSTokenPassing, 421 #endif 422 sChallengeResponseAuthentication, 423 sPasswordAuthentication, sKbdInteractiveAuthentication, sListenAddress, 424 sPrintMotd, sPrintLastLog, sIgnoreRhosts, 425 sX11Forwarding, sX11DisplayOffset, sX11UseLocalhost, 426 sStrictModes, sEmptyPasswd, sKeepAlives, 427 sPermitUserEnvironment, sUseLogin, sAllowTcpForwarding, sCompression, 428 sAllowUsers, sDenyUsers, sAllowGroups, sDenyGroups, 429 sIgnoreUserKnownHosts, sCiphers, sMacs, sProtocol, sPidFile, 430 sGatewayPorts, sPubkeyAuthentication, sXAuthLocation, sSubsystem, sMaxStartups, 431 sBanner, sVerifyReverseMapping, sHostbasedAuthentication, 432 sHostbasedUsesNameFromPacketOnly, sClientAliveInterval, 433 sClientAliveCountMax, sAuthorizedKeysFile, sAuthorizedKeysFile2, 434 sMaxAuthTries, sMaxAuthTriesLog, sUsePrivilegeSeparation, 435 sLookupClientHostnames, 436 sDeprecated 437 } ServerOpCodes; 438 439 /* Textual representation of the tokens. */ 440 static struct { 441 const char *name; 442 ServerOpCodes opcode; 443 } keywords[] = { 444 /* Portable-specific options */ 445 { "PAMAuthenticationViaKbdInt", sPAMAuthenticationViaKbdInt }, 446 /* Standard Options */ 447 { "port", sPort }, 448 { "hostkey", sHostKeyFile }, 449 { "hostdsakey", sHostKeyFile }, /* alias */ 450 { "pidfile", sPidFile }, 451 { "serverkeybits", sServerKeyBits }, 452 { "logingracetime", sLoginGraceTime }, 453 { "keyregenerationinterval", sKeyRegenerationTime }, 454 { "permitrootlogin", sPermitRootLogin }, 455 { "syslogfacility", sLogFacility }, 456 { "loglevel", sLogLevel }, 457 { "rhostsauthentication", sRhostsAuthentication }, 458 { "rhostsrsaauthentication", sRhostsRSAAuthentication }, 459 { "hostbasedauthentication", sHostbasedAuthentication }, 460 { "hostbasedusesnamefrompacketonly", sHostbasedUsesNameFromPacketOnly }, 461 { "rsaauthentication", sRSAAuthentication }, 462 { "pubkeyauthentication", sPubkeyAuthentication }, 463 { "dsaauthentication", sPubkeyAuthentication }, /* alias */ 464 #ifdef GSSAPI 465 { "gssapiauthentication", sGssAuthentication }, 466 { "gssapikeyexchange", sGssKeyEx }, 467 { "gssapistoredelegatedcredentials", sGssStoreDelegCreds }, 468 { "gssauthentication", sGssAuthentication }, /* alias */ 469 { "gsskeyex", sGssKeyEx }, /* alias */ 470 { "gssstoredelegcreds", sGssStoreDelegCreds }, /* alias */ 471 #ifndef SUNW_GSSAPI 472 { "gssusesessionccache", sGssUseSessionCredCache }, 473 { "gssusesessioncredcache", sGssUseSessionCredCache }, 474 { "gsscleanupcreds", sGssCleanupCreds }, 475 #endif /* SUNW_GSSAPI */ 476 #endif 477 #if defined(KRB4) || defined(KRB5) 478 { "kerberosauthentication", sKerberosAuthentication }, 479 { "kerberosorlocalpasswd", sKerberosOrLocalPasswd }, 480 { "kerberosticketcleanup", sKerberosTicketCleanup }, 481 #endif 482 #if defined(AFS) || defined(KRB5) 483 { "kerberostgtpassing", sKerberosTgtPassing }, 484 #endif 485 #ifdef AFS 486 { "afstokenpassing", sAFSTokenPassing }, 487 #endif 488 { "passwordauthentication", sPasswordAuthentication }, 489 { "kbdinteractiveauthentication", sKbdInteractiveAuthentication }, 490 { "challengeresponseauthentication", sChallengeResponseAuthentication }, 491 { "skeyauthentication", sChallengeResponseAuthentication }, /* alias */ 492 { "checkmail", sDeprecated }, 493 { "listenaddress", sListenAddress }, 494 { "printmotd", sPrintMotd }, 495 { "printlastlog", sPrintLastLog }, 496 { "ignorerhosts", sIgnoreRhosts }, 497 { "ignoreuserknownhosts", sIgnoreUserKnownHosts }, 498 { "x11forwarding", sX11Forwarding }, 499 { "x11displayoffset", sX11DisplayOffset }, 500 { "x11uselocalhost", sX11UseLocalhost }, 501 { "xauthlocation", sXAuthLocation }, 502 { "strictmodes", sStrictModes }, 503 { "permitemptypasswords", sEmptyPasswd }, 504 { "permituserenvironment", sPermitUserEnvironment }, 505 { "uselogin", sUseLogin }, 506 { "compression", sCompression }, 507 { "keepalive", sKeepAlives }, 508 { "allowtcpforwarding", sAllowTcpForwarding }, 509 { "allowusers", sAllowUsers }, 510 { "denyusers", sDenyUsers }, 511 { "allowgroups", sAllowGroups }, 512 { "denygroups", sDenyGroups }, 513 { "ciphers", sCiphers }, 514 { "macs", sMacs }, 515 { "protocol", sProtocol }, 516 { "gatewayports", sGatewayPorts }, 517 { "subsystem", sSubsystem }, 518 { "maxstartups", sMaxStartups }, 519 { "banner", sBanner }, 520 { "verifyreversemapping", sVerifyReverseMapping }, 521 { "reversemappingcheck", sVerifyReverseMapping }, 522 { "clientaliveinterval", sClientAliveInterval }, 523 { "clientalivecountmax", sClientAliveCountMax }, 524 { "authorizedkeysfile", sAuthorizedKeysFile }, 525 { "authorizedkeysfile2", sAuthorizedKeysFile2 }, 526 { "maxauthtries", sMaxAuthTries }, 527 { "maxauthtrieslog", sMaxAuthTriesLog }, 528 { "useprivilegeseparation", sUsePrivilegeSeparation}, 529 { "lookupclienthostnames", sLookupClientHostnames}, 530 { NULL, sBadOption } 531 }; 532 533 /* 534 * Returns the number of the token pointed to by cp or sBadOption. 535 */ 536 537 static ServerOpCodes 538 parse_token(const char *cp, const char *filename, 539 int linenum) 540 { 541 u_int i; 542 543 for (i = 0; keywords[i].name; i++) 544 if (strcasecmp(cp, keywords[i].name) == 0) 545 return keywords[i].opcode; 546 547 error("%s: line %d: Bad configuration option: %s", 548 filename, linenum, cp); 549 return sBadOption; 550 } 551 552 static void 553 add_listen_addr(ServerOptions *options, char *addr, u_short port) 554 { 555 int i; 556 557 if (options->num_ports == 0) 558 options->ports[options->num_ports++] = SSH_DEFAULT_PORT; 559 if (port == 0) 560 for (i = 0; i < options->num_ports; i++) 561 add_one_listen_addr(options, addr, options->ports[i]); 562 else 563 add_one_listen_addr(options, addr, port); 564 } 565 566 static void 567 add_one_listen_addr(ServerOptions *options, char *addr, u_short port) 568 { 569 struct addrinfo hints, *ai, *aitop; 570 char strport[NI_MAXSERV]; 571 int gaierr; 572 573 (void) memset(&hints, 0, sizeof(hints)); 574 hints.ai_family = IPv4or6; 575 hints.ai_socktype = SOCK_STREAM; 576 hints.ai_flags = (addr == NULL) ? AI_PASSIVE : 0; 577 (void) snprintf(strport, sizeof strport, "%u", port); 578 if ((gaierr = getaddrinfo(addr, strport, &hints, &aitop)) != 0) 579 fatal("bad addr or host: %s (%s)", 580 addr ? addr : "<NULL>", 581 gai_strerror(gaierr)); 582 for (ai = aitop; ai->ai_next; ai = ai->ai_next) 583 ; 584 ai->ai_next = options->listen_addrs; 585 options->listen_addrs = aitop; 586 } 587 588 int 589 process_server_config_line(ServerOptions *options, char *line, 590 const char *filename, int linenum) 591 { 592 char *cp, **charptr, *arg, *p; 593 int *intptr, value, i, n; 594 ServerOpCodes opcode; 595 596 cp = line; 597 arg = strdelim(&cp); 598 /* Ignore leading whitespace */ 599 if (*arg == '\0') 600 arg = strdelim(&cp); 601 if (!arg || !*arg || *arg == '#') 602 return 0; 603 intptr = NULL; 604 charptr = NULL; 605 opcode = parse_token(arg, filename, linenum); 606 switch (opcode) { 607 /* Portable-specific options */ 608 case sPAMAuthenticationViaKbdInt: 609 intptr = &options->pam_authentication_via_kbd_int; 610 goto parse_flag; 611 612 /* Standard Options */ 613 case sBadOption: 614 return -1; 615 case sPort: 616 /* ignore ports from configfile if cmdline specifies ports */ 617 if (options->ports_from_cmdline) 618 return 0; 619 if (options->listen_addrs != NULL) 620 fatal("%s line %d: ports must be specified before " 621 "ListenAddress.", filename, linenum); 622 if (options->num_ports >= MAX_PORTS) 623 fatal("%s line %d: too many ports.", 624 filename, linenum); 625 arg = strdelim(&cp); 626 if (!arg || *arg == '\0') 627 fatal("%s line %d: missing port number.", 628 filename, linenum); 629 options->ports[options->num_ports++] = a2port(arg); 630 if (options->ports[options->num_ports-1] == 0) 631 fatal("%s line %d: Badly formatted port number.", 632 filename, linenum); 633 break; 634 635 case sServerKeyBits: 636 intptr = &options->server_key_bits; 637 parse_int: 638 arg = strdelim(&cp); 639 if (!arg || *arg == '\0') 640 fatal("%s line %d: missing integer value.", 641 filename, linenum); 642 value = atoi(arg); 643 if (*intptr == -1) 644 *intptr = value; 645 break; 646 647 case sLoginGraceTime: 648 intptr = &options->login_grace_time; 649 parse_time: 650 arg = strdelim(&cp); 651 if (!arg || *arg == '\0') 652 fatal("%s line %d: missing time value.", 653 filename, linenum); 654 if ((value = convtime(arg)) == -1) 655 fatal("%s line %d: invalid time value.", 656 filename, linenum); 657 if (*intptr == -1) 658 *intptr = value; 659 break; 660 661 case sKeyRegenerationTime: 662 intptr = &options->key_regeneration_time; 663 goto parse_time; 664 665 case sListenAddress: 666 arg = strdelim(&cp); 667 if (!arg || *arg == '\0' || strncmp(arg, "[]", 2) == 0) 668 fatal("%s line %d: missing inet addr.", 669 filename, linenum); 670 if (*arg == '[') { 671 if ((p = strchr(arg, ']')) == NULL) 672 fatal("%s line %d: bad ipv6 inet addr usage.", 673 filename, linenum); 674 arg++; 675 (void) memmove(p, p+1, strlen(p+1)+1); 676 } else if (((p = strchr(arg, ':')) == NULL) || 677 (strchr(p+1, ':') != NULL)) { 678 add_listen_addr(options, arg, 0); 679 break; 680 } 681 if (*p == ':') { 682 u_short port; 683 684 p++; 685 if (*p == '\0') 686 fatal("%s line %d: bad inet addr:port usage.", 687 filename, linenum); 688 else { 689 *(p-1) = '\0'; 690 if ((port = a2port(p)) == 0) 691 fatal("%s line %d: bad port number.", 692 filename, linenum); 693 add_listen_addr(options, arg, port); 694 } 695 } else if (*p == '\0') 696 add_listen_addr(options, arg, 0); 697 else 698 fatal("%s line %d: bad inet addr usage.", 699 filename, linenum); 700 break; 701 702 case sHostKeyFile: 703 intptr = &options->num_host_key_files; 704 if (*intptr >= MAX_HOSTKEYS) 705 fatal("%s line %d: too many host keys specified (max %d).", 706 filename, linenum, MAX_HOSTKEYS); 707 charptr = &options->host_key_files[*intptr]; 708 parse_filename: 709 arg = strdelim(&cp); 710 if (!arg || *arg == '\0') 711 fatal("%s line %d: missing file name.", 712 filename, linenum); 713 if (*charptr == NULL) { 714 *charptr = tilde_expand_filename(arg, getuid()); 715 /* increase optional counter */ 716 if (intptr != NULL) 717 *intptr = *intptr + 1; 718 } 719 break; 720 721 case sPidFile: 722 charptr = &options->pid_file; 723 goto parse_filename; 724 725 case sPermitRootLogin: 726 intptr = &options->permit_root_login; 727 arg = strdelim(&cp); 728 if (!arg || *arg == '\0') 729 fatal("%s line %d: missing yes/" 730 "without-password/forced-commands-only/no " 731 "argument.", filename, linenum); 732 value = 0; /* silence compiler */ 733 if (strcmp(arg, "without-password") == 0) 734 value = PERMIT_NO_PASSWD; 735 else if (strcmp(arg, "forced-commands-only") == 0) 736 value = PERMIT_FORCED_ONLY; 737 else if (strcmp(arg, "yes") == 0) 738 value = PERMIT_YES; 739 else if (strcmp(arg, "no") == 0) 740 value = PERMIT_NO; 741 else 742 fatal("%s line %d: Bad yes/" 743 "without-password/forced-commands-only/no " 744 "argument: %s", filename, linenum, arg); 745 if (*intptr == -1) 746 *intptr = value; 747 break; 748 749 case sIgnoreRhosts: 750 intptr = &options->ignore_rhosts; 751 parse_flag: 752 arg = strdelim(&cp); 753 if (!arg || *arg == '\0') 754 fatal("%s line %d: missing yes/no argument.", 755 filename, linenum); 756 value = 0; /* silence compiler */ 757 if (strcmp(arg, "yes") == 0) 758 value = 1; 759 else if (strcmp(arg, "no") == 0) 760 value = 0; 761 else 762 fatal("%s line %d: Bad yes/no argument: %s", 763 filename, linenum, arg); 764 if (*intptr == -1) 765 *intptr = value; 766 break; 767 768 case sIgnoreUserKnownHosts: 769 intptr = &options->ignore_user_known_hosts; 770 goto parse_flag; 771 772 case sRhostsAuthentication: 773 intptr = &options->rhosts_authentication; 774 goto parse_flag; 775 776 case sRhostsRSAAuthentication: 777 intptr = &options->rhosts_rsa_authentication; 778 goto parse_flag; 779 780 case sHostbasedAuthentication: 781 intptr = &options->hostbased_authentication; 782 goto parse_flag; 783 784 case sHostbasedUsesNameFromPacketOnly: 785 intptr = &options->hostbased_uses_name_from_packet_only; 786 goto parse_flag; 787 788 case sRSAAuthentication: 789 intptr = &options->rsa_authentication; 790 goto parse_flag; 791 792 case sPubkeyAuthentication: 793 intptr = &options->pubkey_authentication; 794 goto parse_flag; 795 #ifdef GSSAPI 796 case sGssAuthentication: 797 intptr = &options->gss_authentication; 798 goto parse_flag; 799 case sGssKeyEx: 800 intptr = &options->gss_keyex; 801 goto parse_flag; 802 case sGssStoreDelegCreds: 803 intptr = &options->gss_keyex; 804 goto parse_flag; 805 #ifndef SUNW_GSSAPI 806 case sGssUseSessionCredCache: 807 intptr = &options->gss_use_session_ccache; 808 goto parse_flag; 809 case sGssCleanupCreds: 810 intptr = &options->gss_cleanup_creds; 811 goto parse_flag; 812 #endif /* SUNW_GSSAPI */ 813 #endif /* GSSAPI */ 814 #if defined(KRB4) || defined(KRB5) 815 case sKerberosAuthentication: 816 intptr = &options->kerberos_authentication; 817 goto parse_flag; 818 819 case sKerberosOrLocalPasswd: 820 intptr = &options->kerberos_or_local_passwd; 821 goto parse_flag; 822 823 case sKerberosTicketCleanup: 824 intptr = &options->kerberos_ticket_cleanup; 825 goto parse_flag; 826 #endif 827 #if defined(AFS) || defined(KRB5) 828 case sKerberosTgtPassing: 829 intptr = &options->kerberos_tgt_passing; 830 goto parse_flag; 831 #endif 832 #ifdef AFS 833 case sAFSTokenPassing: 834 intptr = &options->afs_token_passing; 835 goto parse_flag; 836 #endif 837 838 case sPasswordAuthentication: 839 intptr = &options->password_authentication; 840 goto parse_flag; 841 842 case sKbdInteractiveAuthentication: 843 intptr = &options->kbd_interactive_authentication; 844 goto parse_flag; 845 846 case sChallengeResponseAuthentication: 847 intptr = &options->challenge_response_authentication; 848 goto parse_flag; 849 850 case sPrintMotd: 851 intptr = &options->print_motd; 852 goto parse_flag; 853 854 case sPrintLastLog: 855 intptr = &options->print_lastlog; 856 goto parse_flag; 857 858 case sX11Forwarding: 859 intptr = &options->x11_forwarding; 860 goto parse_flag; 861 862 case sX11DisplayOffset: 863 intptr = &options->x11_display_offset; 864 goto parse_int; 865 866 case sX11UseLocalhost: 867 intptr = &options->x11_use_localhost; 868 goto parse_flag; 869 870 case sXAuthLocation: 871 charptr = &options->xauth_location; 872 goto parse_filename; 873 874 case sStrictModes: 875 intptr = &options->strict_modes; 876 goto parse_flag; 877 878 case sKeepAlives: 879 intptr = &options->keepalives; 880 goto parse_flag; 881 882 case sEmptyPasswd: 883 intptr = &options->permit_empty_passwd; 884 goto parse_flag; 885 886 case sPermitUserEnvironment: 887 intptr = &options->permit_user_env; 888 goto parse_flag; 889 890 case sUseLogin: 891 intptr = &options->use_login; 892 goto parse_flag; 893 894 case sCompression: 895 intptr = &options->compression; 896 goto parse_flag; 897 898 case sGatewayPorts: 899 arg = strdelim(&cp); 900 if (get_yes_no_flag(&options->gateway_ports, arg, filename, 901 linenum, 1) == 1) 902 break; 903 904 if (strcmp(arg, "clientspecified") == 0) 905 options->gateway_ports = 2; 906 else 907 fatal("%.200s line %d: Bad yes/no/clientspecified " 908 "argument.", filename, linenum); 909 break; 910 911 case sVerifyReverseMapping: 912 intptr = &options->verify_reverse_mapping; 913 goto parse_flag; 914 915 case sLogFacility: 916 intptr = (int *) &options->log_facility; 917 arg = strdelim(&cp); 918 value = log_facility_number(arg); 919 if (value == SYSLOG_FACILITY_NOT_SET) 920 fatal("%.200s line %d: unsupported log facility '%s'", 921 filename, linenum, arg ? arg : "<NONE>"); 922 if (*intptr == -1) 923 *intptr = (SyslogFacility) value; 924 break; 925 926 case sLogLevel: 927 intptr = (int *) &options->log_level; 928 arg = strdelim(&cp); 929 value = log_level_number(arg); 930 if (value == SYSLOG_LEVEL_NOT_SET) 931 fatal("%.200s line %d: unsupported log level '%s'", 932 filename, linenum, arg ? arg : "<NONE>"); 933 if (*intptr == -1) 934 *intptr = (LogLevel) value; 935 break; 936 937 case sAllowTcpForwarding: 938 intptr = &options->allow_tcp_forwarding; 939 goto parse_flag; 940 941 case sUsePrivilegeSeparation: 942 intptr = &use_privsep; 943 goto parse_flag; 944 945 case sAllowUsers: 946 while (((arg = strdelim(&cp)) != NULL) && *arg != '\0') { 947 if (options->num_allow_users >= MAX_ALLOW_USERS) 948 fatal("%s line %d: too many allow users.", 949 filename, linenum); 950 options->allow_users[options->num_allow_users++] = 951 xstrdup(arg); 952 } 953 break; 954 955 case sDenyUsers: 956 while (((arg = strdelim(&cp)) != NULL) && *arg != '\0') { 957 if (options->num_deny_users >= MAX_DENY_USERS) 958 fatal( "%s line %d: too many deny users.", 959 filename, linenum); 960 options->deny_users[options->num_deny_users++] = 961 xstrdup(arg); 962 } 963 break; 964 965 case sAllowGroups: 966 while (((arg = strdelim(&cp)) != NULL) && *arg != '\0') { 967 if (options->num_allow_groups >= MAX_ALLOW_GROUPS) 968 fatal("%s line %d: too many allow groups.", 969 filename, linenum); 970 options->allow_groups[options->num_allow_groups++] = 971 xstrdup(arg); 972 } 973 break; 974 975 case sDenyGroups: 976 while (((arg = strdelim(&cp)) != NULL) && *arg != '\0') { 977 if (options->num_deny_groups >= MAX_DENY_GROUPS) 978 fatal("%s line %d: too many deny groups.", 979 filename, linenum); 980 options->deny_groups[options->num_deny_groups++] = xstrdup(arg); 981 } 982 break; 983 984 case sCiphers: 985 arg = strdelim(&cp); 986 if (!arg || *arg == '\0') 987 fatal("%s line %d: Missing argument.", filename, linenum); 988 if (!ciphers_valid(arg)) 989 fatal("%s line %d: Bad SSH2 cipher spec '%s'.", 990 filename, linenum, arg ? arg : "<NONE>"); 991 if (options->ciphers == NULL) 992 options->ciphers = xstrdup(arg); 993 break; 994 995 case sMacs: 996 arg = strdelim(&cp); 997 if (!arg || *arg == '\0') 998 fatal("%s line %d: Missing argument.", filename, linenum); 999 if (!mac_valid(arg)) 1000 fatal("%s line %d: Bad SSH2 mac spec '%s'.", 1001 filename, linenum, arg ? arg : "<NONE>"); 1002 if (options->macs == NULL) 1003 options->macs = xstrdup(arg); 1004 break; 1005 1006 case sProtocol: 1007 intptr = &options->protocol; 1008 arg = strdelim(&cp); 1009 if (!arg || *arg == '\0') 1010 fatal("%s line %d: Missing argument.", filename, linenum); 1011 value = proto_spec(arg); 1012 if (value == SSH_PROTO_UNKNOWN) 1013 fatal("%s line %d: Bad protocol spec '%s'.", 1014 filename, linenum, arg ? arg : "<NONE>"); 1015 if (*intptr == SSH_PROTO_UNKNOWN) 1016 *intptr = value; 1017 break; 1018 1019 case sSubsystem: 1020 if (options->num_subsystems >= MAX_SUBSYSTEMS) { 1021 fatal("%s line %d: too many subsystems defined.", 1022 filename, linenum); 1023 } 1024 arg = strdelim(&cp); 1025 if (!arg || *arg == '\0') 1026 fatal("%s line %d: Missing subsystem name.", 1027 filename, linenum); 1028 for (i = 0; i < options->num_subsystems; i++) 1029 if (strcmp(arg, options->subsystem_name[i]) == 0) 1030 fatal("%s line %d: Subsystem '%s' already defined.", 1031 filename, linenum, arg); 1032 options->subsystem_name[options->num_subsystems] = xstrdup(arg); 1033 arg = strdelim(&cp); 1034 if (!arg || *arg == '\0') 1035 fatal("%s line %d: Missing subsystem command.", 1036 filename, linenum); 1037 options->subsystem_command[options->num_subsystems] = xstrdup(arg); 1038 options->num_subsystems++; 1039 break; 1040 1041 case sMaxStartups: 1042 arg = strdelim(&cp); 1043 if (!arg || *arg == '\0') 1044 fatal("%s line %d: Missing MaxStartups spec.", 1045 filename, linenum); 1046 if ((n = sscanf(arg, "%d:%d:%d", 1047 &options->max_startups_begin, 1048 &options->max_startups_rate, 1049 &options->max_startups)) == 3) { 1050 if (options->max_startups_begin > 1051 options->max_startups || 1052 options->max_startups_rate > 100 || 1053 options->max_startups_rate < 1) 1054 fatal("%s line %d: Illegal MaxStartups spec.", 1055 filename, linenum); 1056 } else if (n != 1) 1057 fatal("%s line %d: Illegal MaxStartups spec.", 1058 filename, linenum); 1059 else 1060 options->max_startups = options->max_startups_begin; 1061 break; 1062 1063 case sBanner: 1064 charptr = &options->banner; 1065 goto parse_filename; 1066 /* 1067 * These options can contain %X options expanded at 1068 * connect time, so that you can specify paths like: 1069 * 1070 * AuthorizedKeysFile /etc/ssh_keys/%u 1071 */ 1072 case sAuthorizedKeysFile: 1073 case sAuthorizedKeysFile2: 1074 charptr = (opcode == sAuthorizedKeysFile ) ? 1075 &options->authorized_keys_file : 1076 &options->authorized_keys_file2; 1077 goto parse_filename; 1078 1079 case sClientAliveInterval: 1080 intptr = &options->client_alive_interval; 1081 goto parse_time; 1082 1083 case sClientAliveCountMax: 1084 intptr = &options->client_alive_count_max; 1085 goto parse_int; 1086 1087 case sMaxAuthTries: 1088 intptr = &options->max_auth_tries; 1089 goto parse_int; 1090 1091 case sMaxAuthTriesLog: 1092 intptr = &options->max_auth_tries_log; 1093 goto parse_int; 1094 1095 case sLookupClientHostnames: 1096 intptr = &options->lookup_client_hostnames; 1097 goto parse_flag; 1098 1099 case sDeprecated: 1100 log("%s line %d: Deprecated option %s", 1101 filename, linenum, arg); 1102 while (arg) 1103 arg = strdelim(&cp); 1104 break; 1105 1106 default: 1107 fatal("%s line %d: Missing handler for opcode %s (%d)", 1108 filename, linenum, arg, opcode); 1109 } 1110 if ((arg = strdelim(&cp)) != NULL && *arg != '\0') 1111 fatal("%s line %d: garbage at end of line; \"%.200s\".", 1112 filename, linenum, arg); 1113 return 0; 1114 } 1115 1116 /* Reads the server configuration file. */ 1117 1118 void 1119 read_server_config(ServerOptions *options, const char *filename) 1120 { 1121 int linenum, bad_options = 0; 1122 char line[1024]; 1123 FILE *f; 1124 1125 f = fopen(filename, "r"); 1126 if (!f) { 1127 perror(filename); 1128 exit(1); 1129 } 1130 linenum = 0; 1131 while (fgets(line, sizeof(line), f)) { 1132 /* Update line number counter. */ 1133 linenum++; 1134 if (process_server_config_line(options, line, filename, linenum) != 0) 1135 bad_options++; 1136 } 1137 (void) fclose(f); 1138 if (bad_options > 0) 1139 fatal("%s: terminating, %d bad configuration options", 1140 filename, bad_options); 1141 } 1142