1 /* 2 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland 3 * All rights reserved 4 * 5 * As far as I am concerned, the code I have written for this software 6 * can be used freely for any purpose. Any derived versions of this 7 * software must be clearly marked as such, and if the derived work is 8 * incompatible with the protocol description in the RFC file, it must be 9 * called by a name other than "ssh" or "Secure Shell". 10 */ 11 /* 12 * Copyright 2009 Sun Microsystems, Inc. All rights reserved. 13 * Use is subject to license terms. 14 */ 15 16 #include "includes.h" 17 RCSID("$OpenBSD: servconf.c,v 1.115 2002/09/04 18:52:42 stevesk Exp $"); 18 19 #ifdef HAVE_DEFOPEN 20 #include <deflt.h> 21 #endif /* HAVE_DEFOPEN */ 22 23 #if defined(KRB4) 24 #include <krb.h> 25 #endif 26 #if defined(KRB5) 27 #ifdef HEIMDAL 28 #include <krb.h> 29 #else 30 /* Bodge - but then, so is using the kerberos IV KEYFILE to get a Kerberos V 31 * keytab */ 32 #define KEYFILE "/etc/krb5.keytab" 33 #endif 34 #endif 35 #ifdef AFS 36 #include <kafs.h> 37 #endif 38 39 #include "ssh.h" 40 #include "log.h" 41 #include "servconf.h" 42 #include "xmalloc.h" 43 #include "compat.h" 44 #include "pathnames.h" 45 #include "tildexpand.h" 46 #include "misc.h" 47 #include "cipher.h" 48 #include "kex.h" 49 #include "mac.h" 50 #include "auth.h" 51 52 static void add_listen_addr(ServerOptions *, char *, u_short); 53 static void add_one_listen_addr(ServerOptions *, char *, u_short); 54 55 /* AF_UNSPEC or AF_INET or AF_INET6 */ 56 extern int IPv4or6; 57 58 /* 59 * Initializes the server options to their initial (unset) values. Some of those 60 * that stay unset after the command line options and configuration files are 61 * read are set to their default values in fill_default_server_options(). 62 */ 63 void 64 initialize_server_options(ServerOptions *options) 65 { 66 (void) memset(options, 0, sizeof(*options)); 67 68 /* Portable-specific options */ 69 options->pam_authentication_via_kbd_int = -1; 70 71 /* Standard Options */ 72 options->num_ports = 0; 73 options->ports_from_cmdline = 0; 74 options->listen_addrs = NULL; 75 options->num_host_key_files = 0; 76 options->pid_file = NULL; 77 options->server_key_bits = -1; 78 options->login_grace_time = -1; 79 options->key_regeneration_time = -1; 80 options->permit_root_login = PERMIT_NOT_SET; 81 options->ignore_rhosts = -1; 82 options->ignore_user_known_hosts = -1; 83 options->print_motd = -1; 84 options->print_lastlog = -1; 85 options->x11_forwarding = -1; 86 options->x11_display_offset = -1; 87 options->x11_use_localhost = -1; 88 options->xauth_location = NULL; 89 options->strict_modes = -1; 90 options->keepalives = -1; 91 options->log_facility = SYSLOG_FACILITY_NOT_SET; 92 options->log_level = SYSLOG_LEVEL_NOT_SET; 93 options->rhosts_authentication = -1; 94 options->rhosts_rsa_authentication = -1; 95 options->hostbased_authentication = -1; 96 options->hostbased_uses_name_from_packet_only = -1; 97 options->rsa_authentication = -1; 98 options->pubkey_authentication = -1; 99 #ifdef GSSAPI 100 options->gss_authentication = -1; 101 options->gss_keyex = -1; 102 options->gss_store_creds = -1; 103 options->gss_use_session_ccache = -1; 104 options->gss_cleanup_creds = -1; 105 #endif 106 #if defined(KRB4) || defined(KRB5) 107 options->kerberos_authentication = -1; 108 options->kerberos_or_local_passwd = -1; 109 options->kerberos_ticket_cleanup = -1; 110 #endif 111 #if defined(AFS) || defined(KRB5) 112 options->kerberos_tgt_passing = -1; 113 #endif 114 #ifdef AFS 115 options->afs_token_passing = -1; 116 #endif 117 options->password_authentication = -1; 118 options->kbd_interactive_authentication = -1; 119 options->challenge_response_authentication = -1; 120 options->permit_empty_passwd = -1; 121 options->permit_user_env = -1; 122 options->use_login = -1; 123 options->compression = -1; 124 options->allow_tcp_forwarding = -1; 125 options->num_allow_users = 0; 126 options->num_deny_users = 0; 127 options->num_allow_groups = 0; 128 options->num_deny_groups = 0; 129 options->ciphers = NULL; 130 options->macs = NULL; 131 options->protocol = SSH_PROTO_UNKNOWN; 132 options->gateway_ports = -1; 133 options->num_subsystems = 0; 134 options->max_startups_begin = -1; 135 options->max_startups_rate = -1; 136 options->max_startups = -1; 137 options->banner = NULL; 138 options->verify_reverse_mapping = -1; 139 options->client_alive_interval = -1; 140 options->client_alive_count_max = -1; 141 options->authorized_keys_file = NULL; 142 options->authorized_keys_file2 = NULL; 143 144 options->max_auth_tries = -1; 145 options->max_auth_tries_log = -1; 146 147 options->max_init_auth_tries = -1; 148 options->max_init_auth_tries_log = -1; 149 150 options->lookup_client_hostnames = -1; 151 options->use_openssl_engine = -1; 152 options->chroot_directory = NULL; 153 } 154 155 #ifdef HAVE_DEFOPEN 156 /* 157 * Reads /etc/default/login and defaults several ServerOptions: 158 * 159 * PermitRootLogin 160 * PermitEmptyPasswords 161 * LoginGraceTime 162 * 163 * CONSOLE=* -> PermitRootLogin=without-password 164 * #CONSOLE=* -> PermitRootLogin=yes 165 * 166 * PASSREQ=YES -> PermitEmptyPasswords=no 167 * PASSREQ=NO -> PermitEmptyPasswords=yes 168 * #PASSREQ=* -> PermitEmptyPasswords=no 169 * 170 * TIMEOUT=<secs> -> LoginGraceTime=<secs> 171 * #TIMEOUT=<secs> -> LoginGraceTime=300 172 */ 173 static 174 void 175 deflt_fill_default_server_options(ServerOptions *options) 176 { 177 int flags; 178 char *ptr; 179 180 if (defopen(_PATH_DEFAULT_LOGIN)) 181 return; 182 183 /* Ignore case */ 184 flags = defcntl(DC_GETFLAGS, 0); 185 TURNOFF(flags, DC_CASE); 186 (void) defcntl(DC_SETFLAGS, flags); 187 188 if (options->permit_root_login == PERMIT_NOT_SET && 189 (ptr = defread("CONSOLE=")) != NULL) 190 options->permit_root_login = PERMIT_NO_PASSWD; 191 192 if (options->permit_empty_passwd == -1 && 193 (ptr = defread("PASSREQ=")) != NULL) { 194 if (strcasecmp("YES", ptr) == 0) 195 options->permit_empty_passwd = 0; 196 else if (strcasecmp("NO", ptr) == 0) 197 options->permit_empty_passwd = 1; 198 } 199 200 if (options->max_init_auth_tries == -1 && 201 (ptr = defread("RETRIES=")) != NULL) { 202 options->max_init_auth_tries = atoi(ptr); 203 } 204 205 if (options->max_init_auth_tries_log == -1 && 206 (ptr = defread("SYSLOG_FAILED_LOGINS=")) != NULL) { 207 options->max_init_auth_tries_log = atoi(ptr); 208 } 209 210 if (options->login_grace_time == -1) { 211 if ((ptr = defread("TIMEOUT=")) != NULL) 212 options->login_grace_time = (unsigned)atoi(ptr); 213 else 214 options->login_grace_time = 300; 215 } 216 217 (void) defopen((char *)NULL); 218 } 219 #endif /* HAVE_DEFOPEN */ 220 221 void 222 fill_default_server_options(ServerOptions *options) 223 { 224 225 #ifdef HAVE_DEFOPEN 226 deflt_fill_default_server_options(options); 227 #endif /* HAVE_DEFOPEN */ 228 229 /* Portable-specific options */ 230 if (options->pam_authentication_via_kbd_int == -1) 231 options->pam_authentication_via_kbd_int = 0; 232 233 /* Standard Options */ 234 if (options->protocol == SSH_PROTO_UNKNOWN) 235 options->protocol = SSH_PROTO_1|SSH_PROTO_2; 236 if (options->num_host_key_files == 0) { 237 /* fill default hostkeys for protocols */ 238 if (options->protocol & SSH_PROTO_1) 239 options->host_key_files[options->num_host_key_files++] = 240 _PATH_HOST_KEY_FILE; 241 #ifndef GSSAPI 242 /* With GSS keyex we can run v2 w/ no host keys */ 243 if (options->protocol & SSH_PROTO_2) { 244 options->host_key_files[options->num_host_key_files++] = 245 _PATH_HOST_RSA_KEY_FILE; 246 options->host_key_files[options->num_host_key_files++] = 247 _PATH_HOST_DSA_KEY_FILE; 248 } 249 #endif /* GSSAPI */ 250 } 251 if (options->num_ports == 0) 252 options->ports[options->num_ports++] = SSH_DEFAULT_PORT; 253 if (options->listen_addrs == NULL) 254 add_listen_addr(options, NULL, 0); 255 if (options->pid_file == NULL) 256 options->pid_file = _PATH_SSH_DAEMON_PID_FILE; 257 if (options->server_key_bits == -1) 258 options->server_key_bits = 768; 259 if (options->login_grace_time == -1) 260 options->login_grace_time = 120; 261 if (options->key_regeneration_time == -1) 262 options->key_regeneration_time = 3600; 263 if (options->permit_root_login == PERMIT_NOT_SET) 264 options->permit_root_login = PERMIT_YES; 265 if (options->ignore_rhosts == -1) 266 options->ignore_rhosts = 1; 267 if (options->ignore_user_known_hosts == -1) 268 options->ignore_user_known_hosts = 0; 269 if (options->print_motd == -1) 270 options->print_motd = 1; 271 if (options->print_lastlog == -1) 272 options->print_lastlog = 1; 273 if (options->x11_forwarding == -1) 274 options->x11_forwarding = 1; 275 if (options->x11_display_offset == -1) 276 options->x11_display_offset = 10; 277 if (options->x11_use_localhost == -1) 278 options->x11_use_localhost = 1; 279 if (options->xauth_location == NULL) 280 options->xauth_location = _PATH_XAUTH; 281 if (options->strict_modes == -1) 282 options->strict_modes = 1; 283 if (options->keepalives == -1) 284 options->keepalives = 1; 285 if (options->log_facility == SYSLOG_FACILITY_NOT_SET) 286 options->log_facility = SYSLOG_FACILITY_AUTH; 287 if (options->log_level == SYSLOG_LEVEL_NOT_SET) 288 options->log_level = SYSLOG_LEVEL_INFO; 289 if (options->rhosts_authentication == -1) 290 options->rhosts_authentication = 0; 291 if (options->rhosts_rsa_authentication == -1) 292 options->rhosts_rsa_authentication = 0; 293 if (options->hostbased_authentication == -1) 294 options->hostbased_authentication = 0; 295 if (options->hostbased_uses_name_from_packet_only == -1) 296 options->hostbased_uses_name_from_packet_only = 0; 297 if (options->rsa_authentication == -1) 298 options->rsa_authentication = 1; 299 if (options->pubkey_authentication == -1) 300 options->pubkey_authentication = 1; 301 #ifdef GSSAPI 302 if (options->gss_authentication == -1) 303 options->gss_authentication = 1; 304 if (options->gss_keyex == -1) 305 options->gss_keyex = 1; 306 if (options->gss_store_creds == -1) 307 options->gss_store_creds = 1; 308 if (options->gss_use_session_ccache == -1) 309 options->gss_use_session_ccache = 1; 310 if (options->gss_cleanup_creds == -1) 311 options->gss_cleanup_creds = 1; 312 #endif 313 #if defined(KRB4) || defined(KRB5) 314 if (options->kerberos_authentication == -1) 315 options->kerberos_authentication = 0; 316 if (options->kerberos_or_local_passwd == -1) 317 options->kerberos_or_local_passwd = 1; 318 if (options->kerberos_ticket_cleanup == -1) 319 options->kerberos_ticket_cleanup = 1; 320 #endif 321 #if defined(AFS) || defined(KRB5) 322 if (options->kerberos_tgt_passing == -1) 323 options->kerberos_tgt_passing = 0; 324 #endif 325 #ifdef AFS 326 if (options->afs_token_passing == -1) 327 options->afs_token_passing = 0; 328 #endif 329 if (options->password_authentication == -1) 330 options->password_authentication = 1; 331 if (options->kbd_interactive_authentication == -1) 332 options->kbd_interactive_authentication = 0; 333 if (options->challenge_response_authentication == -1) 334 options->challenge_response_authentication = 1; 335 if (options->permit_empty_passwd == -1) 336 options->permit_empty_passwd = 0; 337 if (options->permit_user_env == -1) 338 options->permit_user_env = 0; 339 if (options->use_login == -1) 340 options->use_login = 0; 341 if (options->compression == -1) 342 options->compression = 1; 343 if (options->allow_tcp_forwarding == -1) 344 options->allow_tcp_forwarding = 1; 345 if (options->gateway_ports == -1) 346 options->gateway_ports = 0; 347 if (options->max_startups == -1) 348 options->max_startups = 10; 349 if (options->max_startups_rate == -1) 350 options->max_startups_rate = 100; /* 100% */ 351 if (options->max_startups_begin == -1) 352 options->max_startups_begin = options->max_startups; 353 if (options->verify_reverse_mapping == -1) 354 options->verify_reverse_mapping = 0; 355 if (options->client_alive_interval == -1) 356 options->client_alive_interval = 0; 357 if (options->client_alive_count_max == -1) 358 options->client_alive_count_max = 3; 359 if (options->authorized_keys_file2 == NULL) { 360 /* authorized_keys_file2 falls back to authorized_keys_file */ 361 if (options->authorized_keys_file != NULL) 362 options->authorized_keys_file2 = options->authorized_keys_file; 363 else 364 options->authorized_keys_file2 = _PATH_SSH_USER_PERMITTED_KEYS2; 365 } 366 if (options->authorized_keys_file == NULL) 367 options->authorized_keys_file = _PATH_SSH_USER_PERMITTED_KEYS; 368 369 if (options->max_auth_tries == -1) 370 options->max_auth_tries = AUTH_FAIL_MAX; 371 if (options->max_auth_tries_log == -1) 372 options->max_auth_tries_log = options->max_auth_tries / 2; 373 374 if (options->max_init_auth_tries == -1) 375 options->max_init_auth_tries = AUTH_FAIL_MAX; 376 if (options->max_init_auth_tries_log == -1) 377 options->max_init_auth_tries_log = options->max_init_auth_tries / 2; 378 379 if (options->lookup_client_hostnames == -1) 380 options->lookup_client_hostnames = 1; 381 if (options->use_openssl_engine == -1) 382 options->use_openssl_engine = 1; 383 } 384 385 /* Keyword tokens. */ 386 typedef enum { 387 sBadOption, /* == unknown option */ 388 /* Portable-specific options */ 389 sPAMAuthenticationViaKbdInt, 390 /* Standard Options */ 391 sPort, sHostKeyFile, sServerKeyBits, sLoginGraceTime, sKeyRegenerationTime, 392 sPermitRootLogin, sLogFacility, sLogLevel, 393 sRhostsAuthentication, sRhostsRSAAuthentication, sRSAAuthentication, 394 #ifdef GSSAPI 395 sGssAuthentication, sGssKeyEx, sGssStoreDelegCreds, 396 sGssUseSessionCredCache, sGssCleanupCreds, 397 #endif /* GSSAPI */ 398 #if defined(KRB4) || defined(KRB5) 399 sKerberosAuthentication, sKerberosOrLocalPasswd, sKerberosTicketCleanup, 400 #endif 401 #if defined(AFS) || defined(KRB5) 402 sKerberosTgtPassing, 403 #endif 404 #ifdef AFS 405 sAFSTokenPassing, 406 #endif 407 sChallengeResponseAuthentication, 408 sPasswordAuthentication, sKbdInteractiveAuthentication, sListenAddress, 409 sPrintMotd, sPrintLastLog, sIgnoreRhosts, 410 sX11Forwarding, sX11DisplayOffset, sX11UseLocalhost, 411 sStrictModes, sEmptyPasswd, sKeepAlives, 412 sPermitUserEnvironment, sUseLogin, sAllowTcpForwarding, sCompression, 413 sAllowUsers, sDenyUsers, sAllowGroups, sDenyGroups, 414 sIgnoreUserKnownHosts, sCiphers, sMacs, sProtocol, sPidFile, 415 sGatewayPorts, sPubkeyAuthentication, sXAuthLocation, sSubsystem, sMaxStartups, 416 sBanner, sVerifyReverseMapping, sHostbasedAuthentication, 417 sHostbasedUsesNameFromPacketOnly, sClientAliveInterval, 418 sClientAliveCountMax, sAuthorizedKeysFile, sAuthorizedKeysFile2, 419 sMaxAuthTries, sMaxAuthTriesLog, sUsePrivilegeSeparation, 420 sLookupClientHostnames, sUseOpenSSLEngine, sChrootDirectory, 421 sDeprecated 422 } ServerOpCodes; 423 424 /* Textual representation of the tokens. */ 425 static struct { 426 const char *name; 427 ServerOpCodes opcode; 428 } keywords[] = { 429 /* Portable-specific options */ 430 { "PAMAuthenticationViaKbdInt", sPAMAuthenticationViaKbdInt }, 431 /* Standard Options */ 432 { "port", sPort }, 433 { "hostkey", sHostKeyFile }, 434 { "hostdsakey", sHostKeyFile }, /* alias */ 435 { "pidfile", sPidFile }, 436 { "serverkeybits", sServerKeyBits }, 437 { "logingracetime", sLoginGraceTime }, 438 { "keyregenerationinterval", sKeyRegenerationTime }, 439 { "permitrootlogin", sPermitRootLogin }, 440 { "syslogfacility", sLogFacility }, 441 { "loglevel", sLogLevel }, 442 { "rhostsauthentication", sRhostsAuthentication }, 443 { "rhostsrsaauthentication", sRhostsRSAAuthentication }, 444 { "hostbasedauthentication", sHostbasedAuthentication }, 445 { "hostbasedusesnamefrompacketonly", sHostbasedUsesNameFromPacketOnly }, 446 { "rsaauthentication", sRSAAuthentication }, 447 { "pubkeyauthentication", sPubkeyAuthentication }, 448 { "dsaauthentication", sPubkeyAuthentication }, /* alias */ 449 #ifdef GSSAPI 450 { "gssapiauthentication", sGssAuthentication }, 451 { "gssapikeyexchange", sGssKeyEx }, 452 { "gssapistoredelegatedcredentials", sGssStoreDelegCreds }, 453 { "gssauthentication", sGssAuthentication }, /* alias */ 454 { "gsskeyex", sGssKeyEx }, /* alias */ 455 { "gssstoredelegcreds", sGssStoreDelegCreds }, /* alias */ 456 #ifndef SUNW_GSSAPI 457 { "gssusesessionccache", sGssUseSessionCredCache }, 458 { "gssusesessioncredcache", sGssUseSessionCredCache }, 459 { "gsscleanupcreds", sGssCleanupCreds }, 460 #endif /* SUNW_GSSAPI */ 461 #endif 462 #if defined(KRB4) || defined(KRB5) 463 { "kerberosauthentication", sKerberosAuthentication }, 464 { "kerberosorlocalpasswd", sKerberosOrLocalPasswd }, 465 { "kerberosticketcleanup", sKerberosTicketCleanup }, 466 #endif 467 #if defined(AFS) || defined(KRB5) 468 { "kerberostgtpassing", sKerberosTgtPassing }, 469 #endif 470 #ifdef AFS 471 { "afstokenpassing", sAFSTokenPassing }, 472 #endif 473 { "passwordauthentication", sPasswordAuthentication }, 474 { "kbdinteractiveauthentication", sKbdInteractiveAuthentication }, 475 { "challengeresponseauthentication", sChallengeResponseAuthentication }, 476 { "skeyauthentication", sChallengeResponseAuthentication }, /* alias */ 477 { "checkmail", sDeprecated }, 478 { "listenaddress", sListenAddress }, 479 { "printmotd", sPrintMotd }, 480 { "printlastlog", sPrintLastLog }, 481 { "ignorerhosts", sIgnoreRhosts }, 482 { "ignoreuserknownhosts", sIgnoreUserKnownHosts }, 483 { "x11forwarding", sX11Forwarding }, 484 { "x11displayoffset", sX11DisplayOffset }, 485 { "x11uselocalhost", sX11UseLocalhost }, 486 { "xauthlocation", sXAuthLocation }, 487 { "strictmodes", sStrictModes }, 488 { "permitemptypasswords", sEmptyPasswd }, 489 { "permituserenvironment", sPermitUserEnvironment }, 490 { "uselogin", sUseLogin }, 491 { "compression", sCompression }, 492 { "keepalive", sKeepAlives }, 493 { "allowtcpforwarding", sAllowTcpForwarding }, 494 { "allowusers", sAllowUsers }, 495 { "denyusers", sDenyUsers }, 496 { "allowgroups", sAllowGroups }, 497 { "denygroups", sDenyGroups }, 498 { "ciphers", sCiphers }, 499 { "macs", sMacs }, 500 { "protocol", sProtocol }, 501 { "gatewayports", sGatewayPorts }, 502 { "subsystem", sSubsystem }, 503 { "maxstartups", sMaxStartups }, 504 { "banner", sBanner }, 505 { "verifyreversemapping", sVerifyReverseMapping }, 506 { "reversemappingcheck", sVerifyReverseMapping }, 507 { "clientaliveinterval", sClientAliveInterval }, 508 { "clientalivecountmax", sClientAliveCountMax }, 509 { "authorizedkeysfile", sAuthorizedKeysFile }, 510 { "authorizedkeysfile2", sAuthorizedKeysFile2 }, 511 { "maxauthtries", sMaxAuthTries }, 512 { "maxauthtrieslog", sMaxAuthTriesLog }, 513 { "useprivilegeseparation", sUsePrivilegeSeparation}, 514 { "lookupclienthostnames", sLookupClientHostnames}, 515 { "useopensslengine", sUseOpenSSLEngine}, 516 { "chrootdirectory", sChrootDirectory}, 517 { NULL, sBadOption } 518 }; 519 520 /* 521 * Returns the number of the token pointed to by cp or sBadOption. 522 */ 523 524 static ServerOpCodes 525 parse_token(const char *cp, const char *filename, 526 int linenum) 527 { 528 u_int i; 529 530 for (i = 0; keywords[i].name; i++) 531 if (strcasecmp(cp, keywords[i].name) == 0) 532 return keywords[i].opcode; 533 534 error("%s: line %d: Bad configuration option: %s", 535 filename, linenum, cp); 536 return sBadOption; 537 } 538 539 static void 540 add_listen_addr(ServerOptions *options, char *addr, u_short port) 541 { 542 int i; 543 544 if (options->num_ports == 0) 545 options->ports[options->num_ports++] = SSH_DEFAULT_PORT; 546 if (port == 0) 547 for (i = 0; i < options->num_ports; i++) 548 add_one_listen_addr(options, addr, options->ports[i]); 549 else 550 add_one_listen_addr(options, addr, port); 551 } 552 553 static void 554 add_one_listen_addr(ServerOptions *options, char *addr, u_short port) 555 { 556 struct addrinfo hints, *ai, *aitop; 557 char strport[NI_MAXSERV]; 558 int gaierr; 559 560 (void) memset(&hints, 0, sizeof(hints)); 561 hints.ai_family = IPv4or6; 562 hints.ai_socktype = SOCK_STREAM; 563 hints.ai_flags = (addr == NULL) ? AI_PASSIVE : 0; 564 (void) snprintf(strport, sizeof strport, "%u", port); 565 if ((gaierr = getaddrinfo(addr, strport, &hints, &aitop)) != 0) 566 fatal("bad addr or host: %s (%s)", 567 addr ? addr : "<NULL>", 568 gai_strerror(gaierr)); 569 for (ai = aitop; ai->ai_next; ai = ai->ai_next) 570 ; 571 ai->ai_next = options->listen_addrs; 572 options->listen_addrs = aitop; 573 } 574 575 int 576 process_server_config_line(ServerOptions *options, char *line, 577 const char *filename, int linenum) 578 { 579 char *cp, **charptr, *arg, *p; 580 int *intptr, value, i, n; 581 ServerOpCodes opcode; 582 size_t len; 583 584 cp = line; 585 arg = strdelim(&cp); 586 /* Ignore leading whitespace */ 587 if (*arg == '\0') 588 arg = strdelim(&cp); 589 if (!arg || !*arg || *arg == '#') 590 return 0; 591 intptr = NULL; 592 charptr = NULL; 593 opcode = parse_token(arg, filename, linenum); 594 switch (opcode) { 595 /* Portable-specific options */ 596 case sPAMAuthenticationViaKbdInt: 597 intptr = &options->pam_authentication_via_kbd_int; 598 goto parse_flag; 599 600 /* Standard Options */ 601 case sBadOption: 602 return -1; 603 case sPort: 604 /* ignore ports from configfile if cmdline specifies ports */ 605 if (options->ports_from_cmdline) 606 return 0; 607 if (options->listen_addrs != NULL) 608 fatal("%s line %d: ports must be specified before " 609 "ListenAddress.", filename, linenum); 610 if (options->num_ports >= MAX_PORTS) 611 fatal("%s line %d: too many ports.", 612 filename, linenum); 613 arg = strdelim(&cp); 614 if (!arg || *arg == '\0') 615 fatal("%s line %d: missing port number.", 616 filename, linenum); 617 options->ports[options->num_ports++] = a2port(arg); 618 if (options->ports[options->num_ports-1] == 0) 619 fatal("%s line %d: Badly formatted port number.", 620 filename, linenum); 621 break; 622 623 case sServerKeyBits: 624 intptr = &options->server_key_bits; 625 parse_int: 626 arg = strdelim(&cp); 627 if (!arg || *arg == '\0') 628 fatal("%s line %d: missing integer value.", 629 filename, linenum); 630 value = atoi(arg); 631 if (*intptr == -1) 632 *intptr = value; 633 break; 634 635 case sLoginGraceTime: 636 intptr = &options->login_grace_time; 637 parse_time: 638 arg = strdelim(&cp); 639 if (!arg || *arg == '\0') 640 fatal("%s line %d: missing time value.", 641 filename, linenum); 642 if ((value = convtime(arg)) == -1) 643 fatal("%s line %d: invalid time value.", 644 filename, linenum); 645 if (*intptr == -1) 646 *intptr = value; 647 break; 648 649 case sKeyRegenerationTime: 650 intptr = &options->key_regeneration_time; 651 goto parse_time; 652 653 case sListenAddress: 654 arg = strdelim(&cp); 655 if (!arg || *arg == '\0' || strncmp(arg, "[]", 2) == 0) 656 fatal("%s line %d: missing inet addr.", 657 filename, linenum); 658 if (*arg == '[') { 659 if ((p = strchr(arg, ']')) == NULL) 660 fatal("%s line %d: bad ipv6 inet addr usage.", 661 filename, linenum); 662 arg++; 663 (void) memmove(p, p+1, strlen(p+1)+1); 664 } else if (((p = strchr(arg, ':')) == NULL) || 665 (strchr(p+1, ':') != NULL)) { 666 add_listen_addr(options, arg, 0); 667 break; 668 } 669 if (*p == ':') { 670 u_short port; 671 672 p++; 673 if (*p == '\0') 674 fatal("%s line %d: bad inet addr:port usage.", 675 filename, linenum); 676 else { 677 *(p-1) = '\0'; 678 if ((port = a2port(p)) == 0) 679 fatal("%s line %d: bad port number.", 680 filename, linenum); 681 add_listen_addr(options, arg, port); 682 } 683 } else if (*p == '\0') 684 add_listen_addr(options, arg, 0); 685 else 686 fatal("%s line %d: bad inet addr usage.", 687 filename, linenum); 688 break; 689 690 case sHostKeyFile: 691 intptr = &options->num_host_key_files; 692 if (*intptr >= MAX_HOSTKEYS) 693 fatal("%s line %d: too many host keys specified (max %d).", 694 filename, linenum, MAX_HOSTKEYS); 695 charptr = &options->host_key_files[*intptr]; 696 parse_filename: 697 arg = strdelim(&cp); 698 if (!arg || *arg == '\0') 699 fatal("%s line %d: missing file name.", 700 filename, linenum); 701 if (*charptr == NULL) { 702 *charptr = tilde_expand_filename(arg, getuid()); 703 /* increase optional counter */ 704 if (intptr != NULL) 705 *intptr = *intptr + 1; 706 } 707 break; 708 709 case sPidFile: 710 charptr = &options->pid_file; 711 goto parse_filename; 712 713 case sPermitRootLogin: 714 intptr = &options->permit_root_login; 715 arg = strdelim(&cp); 716 if (!arg || *arg == '\0') 717 fatal("%s line %d: missing yes/" 718 "without-password/forced-commands-only/no " 719 "argument.", filename, linenum); 720 value = 0; /* silence compiler */ 721 if (strcmp(arg, "without-password") == 0) 722 value = PERMIT_NO_PASSWD; 723 else if (strcmp(arg, "forced-commands-only") == 0) 724 value = PERMIT_FORCED_ONLY; 725 else if (strcmp(arg, "yes") == 0) 726 value = PERMIT_YES; 727 else if (strcmp(arg, "no") == 0) 728 value = PERMIT_NO; 729 else 730 fatal("%s line %d: Bad yes/" 731 "without-password/forced-commands-only/no " 732 "argument: %s", filename, linenum, arg); 733 if (*intptr == -1) 734 *intptr = value; 735 break; 736 737 case sIgnoreRhosts: 738 intptr = &options->ignore_rhosts; 739 parse_flag: 740 arg = strdelim(&cp); 741 if (!arg || *arg == '\0') 742 fatal("%s line %d: missing yes/no argument.", 743 filename, linenum); 744 value = 0; /* silence compiler */ 745 if (strcmp(arg, "yes") == 0) 746 value = 1; 747 else if (strcmp(arg, "no") == 0) 748 value = 0; 749 else 750 fatal("%s line %d: Bad yes/no argument: %s", 751 filename, linenum, arg); 752 if (*intptr == -1) 753 *intptr = value; 754 break; 755 756 case sIgnoreUserKnownHosts: 757 intptr = &options->ignore_user_known_hosts; 758 goto parse_flag; 759 760 case sRhostsAuthentication: 761 intptr = &options->rhosts_authentication; 762 goto parse_flag; 763 764 case sRhostsRSAAuthentication: 765 intptr = &options->rhosts_rsa_authentication; 766 goto parse_flag; 767 768 case sHostbasedAuthentication: 769 intptr = &options->hostbased_authentication; 770 goto parse_flag; 771 772 case sHostbasedUsesNameFromPacketOnly: 773 intptr = &options->hostbased_uses_name_from_packet_only; 774 goto parse_flag; 775 776 case sRSAAuthentication: 777 intptr = &options->rsa_authentication; 778 goto parse_flag; 779 780 case sPubkeyAuthentication: 781 intptr = &options->pubkey_authentication; 782 goto parse_flag; 783 #ifdef GSSAPI 784 case sGssAuthentication: 785 intptr = &options->gss_authentication; 786 goto parse_flag; 787 case sGssKeyEx: 788 intptr = &options->gss_keyex; 789 goto parse_flag; 790 case sGssStoreDelegCreds: 791 intptr = &options->gss_keyex; 792 goto parse_flag; 793 #ifndef SUNW_GSSAPI 794 case sGssUseSessionCredCache: 795 intptr = &options->gss_use_session_ccache; 796 goto parse_flag; 797 case sGssCleanupCreds: 798 intptr = &options->gss_cleanup_creds; 799 goto parse_flag; 800 #endif /* SUNW_GSSAPI */ 801 #endif /* GSSAPI */ 802 #if defined(KRB4) || defined(KRB5) 803 case sKerberosAuthentication: 804 intptr = &options->kerberos_authentication; 805 goto parse_flag; 806 807 case sKerberosOrLocalPasswd: 808 intptr = &options->kerberos_or_local_passwd; 809 goto parse_flag; 810 811 case sKerberosTicketCleanup: 812 intptr = &options->kerberos_ticket_cleanup; 813 goto parse_flag; 814 #endif 815 #if defined(AFS) || defined(KRB5) 816 case sKerberosTgtPassing: 817 intptr = &options->kerberos_tgt_passing; 818 goto parse_flag; 819 #endif 820 #ifdef AFS 821 case sAFSTokenPassing: 822 intptr = &options->afs_token_passing; 823 goto parse_flag; 824 #endif 825 826 case sPasswordAuthentication: 827 intptr = &options->password_authentication; 828 goto parse_flag; 829 830 case sKbdInteractiveAuthentication: 831 intptr = &options->kbd_interactive_authentication; 832 goto parse_flag; 833 834 case sChallengeResponseAuthentication: 835 intptr = &options->challenge_response_authentication; 836 goto parse_flag; 837 838 case sPrintMotd: 839 intptr = &options->print_motd; 840 goto parse_flag; 841 842 case sPrintLastLog: 843 intptr = &options->print_lastlog; 844 goto parse_flag; 845 846 case sX11Forwarding: 847 intptr = &options->x11_forwarding; 848 goto parse_flag; 849 850 case sX11DisplayOffset: 851 intptr = &options->x11_display_offset; 852 goto parse_int; 853 854 case sX11UseLocalhost: 855 intptr = &options->x11_use_localhost; 856 goto parse_flag; 857 858 case sXAuthLocation: 859 charptr = &options->xauth_location; 860 goto parse_filename; 861 862 case sStrictModes: 863 intptr = &options->strict_modes; 864 goto parse_flag; 865 866 case sKeepAlives: 867 intptr = &options->keepalives; 868 goto parse_flag; 869 870 case sEmptyPasswd: 871 intptr = &options->permit_empty_passwd; 872 goto parse_flag; 873 874 case sPermitUserEnvironment: 875 intptr = &options->permit_user_env; 876 goto parse_flag; 877 878 case sUseLogin: 879 intptr = &options->use_login; 880 goto parse_flag; 881 882 case sCompression: 883 intptr = &options->compression; 884 goto parse_flag; 885 886 case sGatewayPorts: 887 arg = strdelim(&cp); 888 if (get_yes_no_flag(&options->gateway_ports, arg, filename, 889 linenum, 1) == 1) 890 break; 891 892 if (strcmp(arg, "clientspecified") == 0) 893 options->gateway_ports = 2; 894 else 895 fatal("%.200s line %d: Bad yes/no/clientspecified " 896 "argument.", filename, linenum); 897 break; 898 899 case sVerifyReverseMapping: 900 intptr = &options->verify_reverse_mapping; 901 goto parse_flag; 902 903 case sLogFacility: 904 intptr = (int *) &options->log_facility; 905 arg = strdelim(&cp); 906 value = log_facility_number(arg); 907 if (value == SYSLOG_FACILITY_NOT_SET) 908 fatal("%.200s line %d: unsupported log facility '%s'", 909 filename, linenum, arg ? arg : "<NONE>"); 910 if (*intptr == -1) 911 *intptr = (SyslogFacility) value; 912 break; 913 914 case sLogLevel: 915 intptr = (int *) &options->log_level; 916 arg = strdelim(&cp); 917 value = log_level_number(arg); 918 if (value == SYSLOG_LEVEL_NOT_SET) 919 fatal("%.200s line %d: unsupported log level '%s'", 920 filename, linenum, arg ? arg : "<NONE>"); 921 if (*intptr == -1) 922 *intptr = (LogLevel) value; 923 break; 924 925 case sAllowTcpForwarding: 926 intptr = &options->allow_tcp_forwarding; 927 goto parse_flag; 928 929 case sUsePrivilegeSeparation: 930 log("%s line %d: ignoring UsePrivilegeSeparation option value." 931 " This option is always on.", filename, linenum); 932 while (arg) 933 arg = strdelim(&cp); 934 break; 935 936 case sAllowUsers: 937 while (((arg = strdelim(&cp)) != NULL) && *arg != '\0') { 938 if (options->num_allow_users >= MAX_ALLOW_USERS) 939 fatal("%s line %d: too many allow users.", 940 filename, linenum); 941 options->allow_users[options->num_allow_users++] = 942 xstrdup(arg); 943 } 944 break; 945 946 case sDenyUsers: 947 while (((arg = strdelim(&cp)) != NULL) && *arg != '\0') { 948 if (options->num_deny_users >= MAX_DENY_USERS) 949 fatal( "%s line %d: too many deny users.", 950 filename, linenum); 951 options->deny_users[options->num_deny_users++] = 952 xstrdup(arg); 953 } 954 break; 955 956 case sAllowGroups: 957 while (((arg = strdelim(&cp)) != NULL) && *arg != '\0') { 958 if (options->num_allow_groups >= MAX_ALLOW_GROUPS) 959 fatal("%s line %d: too many allow groups.", 960 filename, linenum); 961 options->allow_groups[options->num_allow_groups++] = 962 xstrdup(arg); 963 } 964 break; 965 966 case sDenyGroups: 967 while (((arg = strdelim(&cp)) != NULL) && *arg != '\0') { 968 if (options->num_deny_groups >= MAX_DENY_GROUPS) 969 fatal("%s line %d: too many deny groups.", 970 filename, linenum); 971 options->deny_groups[options->num_deny_groups++] = xstrdup(arg); 972 } 973 break; 974 975 case sCiphers: 976 arg = strdelim(&cp); 977 if (!arg || *arg == '\0') 978 fatal("%s line %d: Missing argument.", filename, linenum); 979 if (!ciphers_valid(arg)) 980 fatal("%s line %d: Bad SSH2 cipher spec '%s'.", 981 filename, linenum, arg ? arg : "<NONE>"); 982 if (options->ciphers == NULL) 983 options->ciphers = xstrdup(arg); 984 break; 985 986 case sMacs: 987 arg = strdelim(&cp); 988 if (!arg || *arg == '\0') 989 fatal("%s line %d: Missing argument.", filename, linenum); 990 if (!mac_valid(arg)) 991 fatal("%s line %d: Bad SSH2 mac spec '%s'.", 992 filename, linenum, arg ? arg : "<NONE>"); 993 if (options->macs == NULL) 994 options->macs = xstrdup(arg); 995 break; 996 997 case sProtocol: 998 intptr = &options->protocol; 999 arg = strdelim(&cp); 1000 if (!arg || *arg == '\0') 1001 fatal("%s line %d: Missing argument.", filename, linenum); 1002 value = proto_spec(arg); 1003 if (value == SSH_PROTO_UNKNOWN) 1004 fatal("%s line %d: Bad protocol spec '%s'.", 1005 filename, linenum, arg ? arg : "<NONE>"); 1006 if (*intptr == SSH_PROTO_UNKNOWN) 1007 *intptr = value; 1008 break; 1009 1010 case sSubsystem: 1011 if (options->num_subsystems >= MAX_SUBSYSTEMS) { 1012 fatal("%s line %d: too many subsystems defined.", 1013 filename, linenum); 1014 } 1015 arg = strdelim(&cp); 1016 if (!arg || *arg == '\0') 1017 fatal("%s line %d: Missing subsystem name.", 1018 filename, linenum); 1019 for (i = 0; i < options->num_subsystems; i++) 1020 if (strcmp(arg, options->subsystem_name[i]) == 0) 1021 fatal("%s line %d: Subsystem '%s' already defined.", 1022 filename, linenum, arg); 1023 options->subsystem_name[options->num_subsystems] = xstrdup(arg); 1024 arg = strdelim(&cp); 1025 if (!arg || *arg == '\0') 1026 fatal("%s line %d: Missing subsystem command.", 1027 filename, linenum); 1028 options->subsystem_command[options->num_subsystems] = xstrdup(arg); 1029 1030 /* 1031 * Collect arguments (separate to executable), including the 1032 * name of the executable, in a way that is easier to parse 1033 * later. 1034 */ 1035 p = xstrdup(arg); 1036 len = strlen(p) + 1; 1037 while ((arg = strdelim(&cp)) != NULL && *arg != '\0') { 1038 len += 1 + strlen(arg); 1039 p = xrealloc(p, len); 1040 strlcat(p, " ", len); 1041 strlcat(p, arg, len); 1042 } 1043 options->subsystem_args[options->num_subsystems] = p; 1044 options->num_subsystems++; 1045 break; 1046 1047 case sMaxStartups: 1048 arg = strdelim(&cp); 1049 if (!arg || *arg == '\0') 1050 fatal("%s line %d: Missing MaxStartups spec.", 1051 filename, linenum); 1052 if ((n = sscanf(arg, "%d:%d:%d", 1053 &options->max_startups_begin, 1054 &options->max_startups_rate, 1055 &options->max_startups)) == 3) { 1056 if (options->max_startups_begin > 1057 options->max_startups || 1058 options->max_startups_rate > 100 || 1059 options->max_startups_rate < 1) 1060 fatal("%s line %d: Illegal MaxStartups spec.", 1061 filename, linenum); 1062 } else if (n != 1) 1063 fatal("%s line %d: Illegal MaxStartups spec.", 1064 filename, linenum); 1065 else 1066 options->max_startups = options->max_startups_begin; 1067 break; 1068 1069 case sBanner: 1070 charptr = &options->banner; 1071 goto parse_filename; 1072 /* 1073 * These options can contain %X options expanded at 1074 * connect time, so that you can specify paths like: 1075 * 1076 * AuthorizedKeysFile /etc/ssh_keys/%u 1077 */ 1078 case sAuthorizedKeysFile: 1079 case sAuthorizedKeysFile2: 1080 charptr = (opcode == sAuthorizedKeysFile) ? 1081 &options->authorized_keys_file : 1082 &options->authorized_keys_file2; 1083 goto parse_filename; 1084 1085 case sClientAliveInterval: 1086 intptr = &options->client_alive_interval; 1087 goto parse_time; 1088 1089 case sClientAliveCountMax: 1090 intptr = &options->client_alive_count_max; 1091 goto parse_int; 1092 1093 case sMaxAuthTries: 1094 intptr = &options->max_auth_tries; 1095 goto parse_int; 1096 1097 case sMaxAuthTriesLog: 1098 intptr = &options->max_auth_tries_log; 1099 goto parse_int; 1100 1101 case sLookupClientHostnames: 1102 intptr = &options->lookup_client_hostnames; 1103 goto parse_flag; 1104 1105 case sUseOpenSSLEngine: 1106 intptr = &options->use_openssl_engine; 1107 goto parse_flag; 1108 1109 case sChrootDirectory: 1110 charptr = &options->chroot_directory; 1111 1112 arg = strdelim(&cp); 1113 if (arg == NULL || *arg == '\0') 1114 fatal("%s line %d: missing directory name for " 1115 "ChrootDirectory.", filename, linenum); 1116 if (*charptr == NULL) 1117 *charptr = xstrdup(arg); 1118 break; 1119 1120 case sDeprecated: 1121 log("%s line %d: Deprecated option %s", 1122 filename, linenum, arg); 1123 while (arg) 1124 arg = strdelim(&cp); 1125 break; 1126 1127 default: 1128 fatal("%s line %d: Missing handler for opcode %s (%d)", 1129 filename, linenum, arg, opcode); 1130 } 1131 if ((arg = strdelim(&cp)) != NULL && *arg != '\0') 1132 fatal("%s line %d: garbage at end of line; \"%.200s\".", 1133 filename, linenum, arg); 1134 return 0; 1135 } 1136 1137 /* Reads the server configuration file. */ 1138 1139 void 1140 read_server_config(ServerOptions *options, const char *filename) 1141 { 1142 int linenum, bad_options = 0; 1143 char line[1024]; 1144 FILE *f; 1145 1146 f = fopen(filename, "r"); 1147 if (!f) { 1148 perror(filename); 1149 exit(1); 1150 } 1151 linenum = 0; 1152 while (fgets(line, sizeof(line), f)) { 1153 /* Update line number counter. */ 1154 linenum++; 1155 if (process_server_config_line(options, line, filename, linenum) != 0) 1156 bad_options++; 1157 } 1158 (void) fclose(f); 1159 if (bad_options > 0) 1160 fatal("%s: terminating, %d bad configuration options", 1161 filename, bad_options); 1162 } 1163 1164 /* 1165 * Note that "none" is a special path having the same affect on sshd 1166 * configuration as not specifying ChrootDirectory at all. 1167 */ 1168 int 1169 chroot_requested(char *chroot_directory) 1170 { 1171 return (chroot_directory != NULL && 1172 strcasecmp(chroot_directory, "none") != 0); 1173 } 1174