1 /* 2 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland 3 * All rights reserved 4 * 5 * As far as I am concerned, the code I have written for this software 6 * can be used freely for any purpose. Any derived versions of this 7 * software must be clearly marked as such, and if the derived work is 8 * incompatible with the protocol description in the RFC file, it must be 9 * called by a name other than "ssh" or "Secure Shell". 10 */ 11 /* 12 * Copyright 2009 Sun Microsystems, Inc. All rights reserved. 13 * Use is subject to license terms. 14 */ 15 16 #include "includes.h" 17 RCSID("$OpenBSD: servconf.c,v 1.115 2002/09/04 18:52:42 stevesk Exp $"); 18 19 #ifdef HAVE_DEFOPEN 20 #include <deflt.h> 21 #endif /* HAVE_DEFOPEN */ 22 23 #if defined(KRB4) 24 #include <krb.h> 25 #endif 26 #if defined(KRB5) 27 #ifdef HEIMDAL 28 #include <krb.h> 29 #else 30 /* Bodge - but then, so is using the kerberos IV KEYFILE to get a Kerberos V 31 * keytab */ 32 #define KEYFILE "/etc/krb5.keytab" 33 #endif 34 #endif 35 #ifdef AFS 36 #include <kafs.h> 37 #endif 38 39 #include "ssh.h" 40 #include "log.h" 41 #include "servconf.h" 42 #include "xmalloc.h" 43 #include "compat.h" 44 #include "pathnames.h" 45 #include "tildexpand.h" 46 #include "misc.h" 47 #include "cipher.h" 48 #include "kex.h" 49 #include "mac.h" 50 #include "auth.h" 51 52 static void add_listen_addr(ServerOptions *, char *, u_short); 53 static void add_one_listen_addr(ServerOptions *, char *, u_short); 54 55 /* AF_UNSPEC or AF_INET or AF_INET6 */ 56 extern int IPv4or6; 57 58 /* 59 * Initializes the server options to their initial (unset) values. Some of those 60 * that stay unset after the command line options and configuration files are 61 * read are set to their default values in fill_default_server_options(). 62 */ 63 void 64 initialize_server_options(ServerOptions *options) 65 { 66 (void) memset(options, 0, sizeof(*options)); 67 68 /* Portable-specific options */ 69 options->pam_authentication_via_kbd_int = -1; 70 71 /* Standard Options */ 72 options->num_ports = 0; 73 options->ports_from_cmdline = 0; 74 options->listen_addrs = NULL; 75 options->num_host_key_files = 0; 76 options->pid_file = NULL; 77 options->server_key_bits = -1; 78 options->login_grace_time = -1; 79 options->key_regeneration_time = -1; 80 options->permit_root_login = PERMIT_NOT_SET; 81 options->ignore_rhosts = -1; 82 options->ignore_user_known_hosts = -1; 83 options->print_motd = -1; 84 options->print_lastlog = -1; 85 options->x11_forwarding = -1; 86 options->x11_display_offset = -1; 87 options->x11_use_localhost = -1; 88 options->xauth_location = NULL; 89 options->strict_modes = -1; 90 options->keepalives = -1; 91 options->log_facility = SYSLOG_FACILITY_NOT_SET; 92 options->log_level = SYSLOG_LEVEL_NOT_SET; 93 options->rhosts_authentication = -1; 94 options->rhosts_rsa_authentication = -1; 95 options->hostbased_authentication = -1; 96 options->hostbased_uses_name_from_packet_only = -1; 97 options->rsa_authentication = -1; 98 options->pubkey_authentication = -1; 99 #ifdef GSSAPI 100 options->gss_authentication = -1; 101 options->gss_keyex = -1; 102 options->gss_store_creds = -1; 103 options->gss_use_session_ccache = -1; 104 options->gss_cleanup_creds = -1; 105 #endif 106 #if defined(KRB4) || defined(KRB5) 107 options->kerberos_authentication = -1; 108 options->kerberos_or_local_passwd = -1; 109 options->kerberos_ticket_cleanup = -1; 110 #endif 111 #if defined(AFS) || defined(KRB5) 112 options->kerberos_tgt_passing = -1; 113 #endif 114 #ifdef AFS 115 options->afs_token_passing = -1; 116 #endif 117 options->password_authentication = -1; 118 options->kbd_interactive_authentication = -1; 119 options->challenge_response_authentication = -1; 120 options->permit_empty_passwd = -1; 121 options->permit_user_env = -1; 122 options->compression = -1; 123 options->allow_tcp_forwarding = -1; 124 options->num_allow_users = 0; 125 options->num_deny_users = 0; 126 options->num_allow_groups = 0; 127 options->num_deny_groups = 0; 128 options->ciphers = NULL; 129 options->macs = NULL; 130 options->protocol = SSH_PROTO_UNKNOWN; 131 options->gateway_ports = -1; 132 options->num_subsystems = 0; 133 options->max_startups_begin = -1; 134 options->max_startups_rate = -1; 135 options->max_startups = -1; 136 options->banner = NULL; 137 options->verify_reverse_mapping = -1; 138 options->client_alive_interval = -1; 139 options->client_alive_count_max = -1; 140 options->authorized_keys_file = NULL; 141 options->authorized_keys_file2 = NULL; 142 143 options->max_auth_tries = -1; 144 options->max_auth_tries_log = -1; 145 146 options->max_init_auth_tries = -1; 147 options->max_init_auth_tries_log = -1; 148 149 options->lookup_client_hostnames = -1; 150 options->use_openssl_engine = -1; 151 options->chroot_directory = NULL; 152 } 153 154 #ifdef HAVE_DEFOPEN 155 /* 156 * Reads /etc/default/login and defaults several ServerOptions: 157 * 158 * PermitRootLogin 159 * PermitEmptyPasswords 160 * LoginGraceTime 161 * 162 * CONSOLE=* -> PermitRootLogin=without-password 163 * #CONSOLE=* -> PermitRootLogin=yes 164 * 165 * PASSREQ=YES -> PermitEmptyPasswords=no 166 * PASSREQ=NO -> PermitEmptyPasswords=yes 167 * #PASSREQ=* -> PermitEmptyPasswords=no 168 * 169 * TIMEOUT=<secs> -> LoginGraceTime=<secs> 170 * #TIMEOUT=<secs> -> LoginGraceTime=300 171 */ 172 static 173 void 174 deflt_fill_default_server_options(ServerOptions *options) 175 { 176 int flags; 177 char *ptr; 178 179 if (defopen(_PATH_DEFAULT_LOGIN)) 180 return; 181 182 /* Ignore case */ 183 flags = defcntl(DC_GETFLAGS, 0); 184 TURNOFF(flags, DC_CASE); 185 (void) defcntl(DC_SETFLAGS, flags); 186 187 if (options->permit_root_login == PERMIT_NOT_SET && 188 (ptr = defread("CONSOLE=")) != NULL) 189 options->permit_root_login = PERMIT_NO_PASSWD; 190 191 if (options->permit_empty_passwd == -1 && 192 (ptr = defread("PASSREQ=")) != NULL) { 193 if (strcasecmp("YES", ptr) == 0) 194 options->permit_empty_passwd = 0; 195 else if (strcasecmp("NO", ptr) == 0) 196 options->permit_empty_passwd = 1; 197 } 198 199 if (options->max_init_auth_tries == -1 && 200 (ptr = defread("RETRIES=")) != NULL) { 201 options->max_init_auth_tries = atoi(ptr); 202 } 203 204 if (options->max_init_auth_tries_log == -1 && 205 (ptr = defread("SYSLOG_FAILED_LOGINS=")) != NULL) { 206 options->max_init_auth_tries_log = atoi(ptr); 207 } 208 209 if (options->login_grace_time == -1) { 210 if ((ptr = defread("TIMEOUT=")) != NULL) 211 options->login_grace_time = (unsigned)atoi(ptr); 212 else 213 options->login_grace_time = 300; 214 } 215 216 (void) defopen((char *)NULL); 217 } 218 #endif /* HAVE_DEFOPEN */ 219 220 void 221 fill_default_server_options(ServerOptions *options) 222 { 223 224 #ifdef HAVE_DEFOPEN 225 deflt_fill_default_server_options(options); 226 #endif /* HAVE_DEFOPEN */ 227 228 /* Portable-specific options */ 229 if (options->pam_authentication_via_kbd_int == -1) 230 options->pam_authentication_via_kbd_int = 0; 231 232 /* Standard Options */ 233 if (options->protocol == SSH_PROTO_UNKNOWN) 234 options->protocol = SSH_PROTO_1|SSH_PROTO_2; 235 if (options->num_host_key_files == 0) { 236 /* fill default hostkeys for protocols */ 237 if (options->protocol & SSH_PROTO_1) 238 options->host_key_files[options->num_host_key_files++] = 239 _PATH_HOST_KEY_FILE; 240 #ifndef GSSAPI 241 /* With GSS keyex we can run v2 w/ no host keys */ 242 if (options->protocol & SSH_PROTO_2) { 243 options->host_key_files[options->num_host_key_files++] = 244 _PATH_HOST_RSA_KEY_FILE; 245 options->host_key_files[options->num_host_key_files++] = 246 _PATH_HOST_DSA_KEY_FILE; 247 } 248 #endif /* GSSAPI */ 249 } 250 if (options->num_ports == 0) 251 options->ports[options->num_ports++] = SSH_DEFAULT_PORT; 252 if (options->listen_addrs == NULL) 253 add_listen_addr(options, NULL, 0); 254 if (options->pid_file == NULL) 255 options->pid_file = _PATH_SSH_DAEMON_PID_FILE; 256 if (options->server_key_bits == -1) 257 options->server_key_bits = 768; 258 if (options->login_grace_time == -1) 259 options->login_grace_time = 120; 260 if (options->key_regeneration_time == -1) 261 options->key_regeneration_time = 3600; 262 if (options->permit_root_login == PERMIT_NOT_SET) 263 options->permit_root_login = PERMIT_YES; 264 if (options->ignore_rhosts == -1) 265 options->ignore_rhosts = 1; 266 if (options->ignore_user_known_hosts == -1) 267 options->ignore_user_known_hosts = 0; 268 if (options->print_motd == -1) 269 options->print_motd = 1; 270 if (options->print_lastlog == -1) 271 options->print_lastlog = 1; 272 if (options->x11_forwarding == -1) 273 options->x11_forwarding = 1; 274 if (options->x11_display_offset == -1) 275 options->x11_display_offset = 10; 276 if (options->x11_use_localhost == -1) 277 options->x11_use_localhost = 1; 278 if (options->xauth_location == NULL) 279 options->xauth_location = _PATH_XAUTH; 280 if (options->strict_modes == -1) 281 options->strict_modes = 1; 282 if (options->keepalives == -1) 283 options->keepalives = 1; 284 if (options->log_facility == SYSLOG_FACILITY_NOT_SET) 285 options->log_facility = SYSLOG_FACILITY_AUTH; 286 if (options->log_level == SYSLOG_LEVEL_NOT_SET) 287 options->log_level = SYSLOG_LEVEL_INFO; 288 if (options->rhosts_authentication == -1) 289 options->rhosts_authentication = 0; 290 if (options->rhosts_rsa_authentication == -1) 291 options->rhosts_rsa_authentication = 0; 292 if (options->hostbased_authentication == -1) 293 options->hostbased_authentication = 0; 294 if (options->hostbased_uses_name_from_packet_only == -1) 295 options->hostbased_uses_name_from_packet_only = 0; 296 if (options->rsa_authentication == -1) 297 options->rsa_authentication = 1; 298 if (options->pubkey_authentication == -1) 299 options->pubkey_authentication = 1; 300 #ifdef GSSAPI 301 if (options->gss_authentication == -1) 302 options->gss_authentication = 1; 303 if (options->gss_keyex == -1) 304 options->gss_keyex = 1; 305 if (options->gss_store_creds == -1) 306 options->gss_store_creds = 1; 307 if (options->gss_use_session_ccache == -1) 308 options->gss_use_session_ccache = 1; 309 if (options->gss_cleanup_creds == -1) 310 options->gss_cleanup_creds = 1; 311 #endif 312 #if defined(KRB4) || defined(KRB5) 313 if (options->kerberos_authentication == -1) 314 options->kerberos_authentication = 0; 315 if (options->kerberos_or_local_passwd == -1) 316 options->kerberos_or_local_passwd = 1; 317 if (options->kerberos_ticket_cleanup == -1) 318 options->kerberos_ticket_cleanup = 1; 319 #endif 320 #if defined(AFS) || defined(KRB5) 321 if (options->kerberos_tgt_passing == -1) 322 options->kerberos_tgt_passing = 0; 323 #endif 324 #ifdef AFS 325 if (options->afs_token_passing == -1) 326 options->afs_token_passing = 0; 327 #endif 328 if (options->password_authentication == -1) 329 options->password_authentication = 1; 330 if (options->kbd_interactive_authentication == -1) 331 options->kbd_interactive_authentication = 0; 332 if (options->challenge_response_authentication == -1) 333 options->challenge_response_authentication = 1; 334 if (options->permit_empty_passwd == -1) 335 options->permit_empty_passwd = 0; 336 if (options->permit_user_env == -1) 337 options->permit_user_env = 0; 338 if (options->compression == -1) 339 options->compression = 1; 340 if (options->allow_tcp_forwarding == -1) 341 options->allow_tcp_forwarding = 1; 342 if (options->gateway_ports == -1) 343 options->gateway_ports = 0; 344 if (options->max_startups == -1) 345 options->max_startups = 10; 346 if (options->max_startups_rate == -1) 347 options->max_startups_rate = 100; /* 100% */ 348 if (options->max_startups_begin == -1) 349 options->max_startups_begin = options->max_startups; 350 if (options->verify_reverse_mapping == -1) 351 options->verify_reverse_mapping = 0; 352 if (options->client_alive_interval == -1) 353 options->client_alive_interval = 0; 354 if (options->client_alive_count_max == -1) 355 options->client_alive_count_max = 3; 356 if (options->authorized_keys_file2 == NULL) { 357 /* authorized_keys_file2 falls back to authorized_keys_file */ 358 if (options->authorized_keys_file != NULL) 359 options->authorized_keys_file2 = options->authorized_keys_file; 360 else 361 options->authorized_keys_file2 = _PATH_SSH_USER_PERMITTED_KEYS2; 362 } 363 if (options->authorized_keys_file == NULL) 364 options->authorized_keys_file = _PATH_SSH_USER_PERMITTED_KEYS; 365 366 if (options->max_auth_tries == -1) 367 options->max_auth_tries = AUTH_FAIL_MAX; 368 if (options->max_auth_tries_log == -1) 369 options->max_auth_tries_log = options->max_auth_tries / 2; 370 371 if (options->max_init_auth_tries == -1) 372 options->max_init_auth_tries = AUTH_FAIL_MAX; 373 if (options->max_init_auth_tries_log == -1) 374 options->max_init_auth_tries_log = options->max_init_auth_tries / 2; 375 376 if (options->lookup_client_hostnames == -1) 377 options->lookup_client_hostnames = 1; 378 if (options->use_openssl_engine == -1) 379 options->use_openssl_engine = 1; 380 } 381 382 /* Keyword tokens. */ 383 typedef enum { 384 sBadOption, /* == unknown option */ 385 /* Portable-specific options */ 386 sPAMAuthenticationViaKbdInt, 387 /* Standard Options */ 388 sPort, sHostKeyFile, sServerKeyBits, sLoginGraceTime, sKeyRegenerationTime, 389 sPermitRootLogin, sLogFacility, sLogLevel, 390 sRhostsAuthentication, sRhostsRSAAuthentication, sRSAAuthentication, 391 #ifdef GSSAPI 392 sGssAuthentication, sGssKeyEx, sGssStoreDelegCreds, 393 sGssUseSessionCredCache, sGssCleanupCreds, 394 #endif /* GSSAPI */ 395 #if defined(KRB4) || defined(KRB5) 396 sKerberosAuthentication, sKerberosOrLocalPasswd, sKerberosTicketCleanup, 397 #endif 398 #if defined(AFS) || defined(KRB5) 399 sKerberosTgtPassing, 400 #endif 401 #ifdef AFS 402 sAFSTokenPassing, 403 #endif 404 sChallengeResponseAuthentication, 405 sPasswordAuthentication, sKbdInteractiveAuthentication, sListenAddress, 406 sPrintMotd, sPrintLastLog, sIgnoreRhosts, 407 sX11Forwarding, sX11DisplayOffset, sX11UseLocalhost, 408 sStrictModes, sEmptyPasswd, sKeepAlives, 409 sPermitUserEnvironment, sUseLogin, sAllowTcpForwarding, sCompression, 410 sAllowUsers, sDenyUsers, sAllowGroups, sDenyGroups, 411 sIgnoreUserKnownHosts, sCiphers, sMacs, sProtocol, sPidFile, 412 sGatewayPorts, sPubkeyAuthentication, sXAuthLocation, sSubsystem, sMaxStartups, 413 sBanner, sVerifyReverseMapping, sHostbasedAuthentication, 414 sHostbasedUsesNameFromPacketOnly, sClientAliveInterval, 415 sClientAliveCountMax, sAuthorizedKeysFile, sAuthorizedKeysFile2, 416 sMaxAuthTries, sMaxAuthTriesLog, sUsePrivilegeSeparation, 417 sLookupClientHostnames, sUseOpenSSLEngine, sChrootDirectory, 418 sDeprecated 419 } ServerOpCodes; 420 421 /* Textual representation of the tokens. */ 422 static struct { 423 const char *name; 424 ServerOpCodes opcode; 425 } keywords[] = { 426 /* Portable-specific options */ 427 { "PAMAuthenticationViaKbdInt", sPAMAuthenticationViaKbdInt }, 428 /* Standard Options */ 429 { "port", sPort }, 430 { "hostkey", sHostKeyFile }, 431 { "hostdsakey", sHostKeyFile }, /* alias */ 432 { "pidfile", sPidFile }, 433 { "serverkeybits", sServerKeyBits }, 434 { "logingracetime", sLoginGraceTime }, 435 { "keyregenerationinterval", sKeyRegenerationTime }, 436 { "permitrootlogin", sPermitRootLogin }, 437 { "syslogfacility", sLogFacility }, 438 { "loglevel", sLogLevel }, 439 { "rhostsauthentication", sRhostsAuthentication }, 440 { "rhostsrsaauthentication", sRhostsRSAAuthentication }, 441 { "hostbasedauthentication", sHostbasedAuthentication }, 442 { "hostbasedusesnamefrompacketonly", sHostbasedUsesNameFromPacketOnly }, 443 { "rsaauthentication", sRSAAuthentication }, 444 { "pubkeyauthentication", sPubkeyAuthentication }, 445 { "dsaauthentication", sPubkeyAuthentication }, /* alias */ 446 #ifdef GSSAPI 447 { "gssapiauthentication", sGssAuthentication }, 448 { "gssapikeyexchange", sGssKeyEx }, 449 { "gssapistoredelegatedcredentials", sGssStoreDelegCreds }, 450 { "gssauthentication", sGssAuthentication }, /* alias */ 451 { "gsskeyex", sGssKeyEx }, /* alias */ 452 { "gssstoredelegcreds", sGssStoreDelegCreds }, /* alias */ 453 #ifndef SUNW_GSSAPI 454 { "gssusesessionccache", sGssUseSessionCredCache }, 455 { "gssusesessioncredcache", sGssUseSessionCredCache }, 456 { "gsscleanupcreds", sGssCleanupCreds }, 457 #endif /* SUNW_GSSAPI */ 458 #endif 459 #if defined(KRB4) || defined(KRB5) 460 { "kerberosauthentication", sKerberosAuthentication }, 461 { "kerberosorlocalpasswd", sKerberosOrLocalPasswd }, 462 { "kerberosticketcleanup", sKerberosTicketCleanup }, 463 #endif 464 #if defined(AFS) || defined(KRB5) 465 { "kerberostgtpassing", sKerberosTgtPassing }, 466 #endif 467 #ifdef AFS 468 { "afstokenpassing", sAFSTokenPassing }, 469 #endif 470 { "passwordauthentication", sPasswordAuthentication }, 471 { "kbdinteractiveauthentication", sKbdInteractiveAuthentication }, 472 { "challengeresponseauthentication", sChallengeResponseAuthentication }, 473 { "skeyauthentication", sChallengeResponseAuthentication }, /* alias */ 474 { "checkmail", sDeprecated }, 475 { "listenaddress", sListenAddress }, 476 { "printmotd", sPrintMotd }, 477 { "printlastlog", sPrintLastLog }, 478 { "ignorerhosts", sIgnoreRhosts }, 479 { "ignoreuserknownhosts", sIgnoreUserKnownHosts }, 480 { "x11forwarding", sX11Forwarding }, 481 { "x11displayoffset", sX11DisplayOffset }, 482 { "x11uselocalhost", sX11UseLocalhost }, 483 { "xauthlocation", sXAuthLocation }, 484 { "strictmodes", sStrictModes }, 485 { "permitemptypasswords", sEmptyPasswd }, 486 { "permituserenvironment", sPermitUserEnvironment }, 487 { "uselogin", sUseLogin }, 488 { "compression", sCompression }, 489 { "keepalive", sKeepAlives }, 490 { "allowtcpforwarding", sAllowTcpForwarding }, 491 { "allowusers", sAllowUsers }, 492 { "denyusers", sDenyUsers }, 493 { "allowgroups", sAllowGroups }, 494 { "denygroups", sDenyGroups }, 495 { "ciphers", sCiphers }, 496 { "macs", sMacs }, 497 { "protocol", sProtocol }, 498 { "gatewayports", sGatewayPorts }, 499 { "subsystem", sSubsystem }, 500 { "maxstartups", sMaxStartups }, 501 { "banner", sBanner }, 502 { "verifyreversemapping", sVerifyReverseMapping }, 503 { "reversemappingcheck", sVerifyReverseMapping }, 504 { "clientaliveinterval", sClientAliveInterval }, 505 { "clientalivecountmax", sClientAliveCountMax }, 506 { "authorizedkeysfile", sAuthorizedKeysFile }, 507 { "authorizedkeysfile2", sAuthorizedKeysFile2 }, 508 { "maxauthtries", sMaxAuthTries }, 509 { "maxauthtrieslog", sMaxAuthTriesLog }, 510 { "useprivilegeseparation", sUsePrivilegeSeparation}, 511 { "lookupclienthostnames", sLookupClientHostnames}, 512 { "useopensslengine", sUseOpenSSLEngine}, 513 { "chrootdirectory", sChrootDirectory}, 514 { NULL, sBadOption } 515 }; 516 517 /* 518 * Returns the number of the token pointed to by cp or sBadOption. 519 */ 520 521 static ServerOpCodes 522 parse_token(const char *cp, const char *filename, 523 int linenum) 524 { 525 u_int i; 526 527 for (i = 0; keywords[i].name; i++) 528 if (strcasecmp(cp, keywords[i].name) == 0) 529 return keywords[i].opcode; 530 531 error("%s: line %d: Bad configuration option: %s", 532 filename, linenum, cp); 533 return sBadOption; 534 } 535 536 static void 537 add_listen_addr(ServerOptions *options, char *addr, u_short port) 538 { 539 int i; 540 541 if (options->num_ports == 0) 542 options->ports[options->num_ports++] = SSH_DEFAULT_PORT; 543 if (port == 0) 544 for (i = 0; i < options->num_ports; i++) 545 add_one_listen_addr(options, addr, options->ports[i]); 546 else 547 add_one_listen_addr(options, addr, port); 548 } 549 550 static void 551 add_one_listen_addr(ServerOptions *options, char *addr, u_short port) 552 { 553 struct addrinfo hints, *ai, *aitop; 554 char strport[NI_MAXSERV]; 555 int gaierr; 556 557 (void) memset(&hints, 0, sizeof(hints)); 558 hints.ai_family = IPv4or6; 559 hints.ai_socktype = SOCK_STREAM; 560 hints.ai_flags = (addr == NULL) ? AI_PASSIVE : 0; 561 (void) snprintf(strport, sizeof strport, "%u", port); 562 if ((gaierr = getaddrinfo(addr, strport, &hints, &aitop)) != 0) 563 fatal("bad addr or host: %s (%s)", 564 addr ? addr : "<NULL>", 565 gai_strerror(gaierr)); 566 for (ai = aitop; ai->ai_next; ai = ai->ai_next) 567 ; 568 ai->ai_next = options->listen_addrs; 569 options->listen_addrs = aitop; 570 } 571 572 int 573 process_server_config_line(ServerOptions *options, char *line, 574 const char *filename, int linenum) 575 { 576 char *cp, **charptr, *arg, *p; 577 int *intptr, value, i, n; 578 ServerOpCodes opcode; 579 size_t len; 580 581 cp = line; 582 arg = strdelim(&cp); 583 /* Ignore leading whitespace */ 584 if (*arg == '\0') 585 arg = strdelim(&cp); 586 if (!arg || !*arg || *arg == '#') 587 return 0; 588 intptr = NULL; 589 charptr = NULL; 590 opcode = parse_token(arg, filename, linenum); 591 switch (opcode) { 592 /* Portable-specific options */ 593 case sPAMAuthenticationViaKbdInt: 594 intptr = &options->pam_authentication_via_kbd_int; 595 goto parse_flag; 596 597 /* Standard Options */ 598 case sBadOption: 599 return -1; 600 case sPort: 601 /* ignore ports from configfile if cmdline specifies ports */ 602 if (options->ports_from_cmdline) 603 return 0; 604 if (options->listen_addrs != NULL) 605 fatal("%s line %d: ports must be specified before " 606 "ListenAddress.", filename, linenum); 607 if (options->num_ports >= MAX_PORTS) 608 fatal("%s line %d: too many ports.", 609 filename, linenum); 610 arg = strdelim(&cp); 611 if (!arg || *arg == '\0') 612 fatal("%s line %d: missing port number.", 613 filename, linenum); 614 options->ports[options->num_ports++] = a2port(arg); 615 if (options->ports[options->num_ports-1] == 0) 616 fatal("%s line %d: Badly formatted port number.", 617 filename, linenum); 618 break; 619 620 case sServerKeyBits: 621 intptr = &options->server_key_bits; 622 parse_int: 623 arg = strdelim(&cp); 624 if (!arg || *arg == '\0') 625 fatal("%s line %d: missing integer value.", 626 filename, linenum); 627 value = atoi(arg); 628 if (*intptr == -1) 629 *intptr = value; 630 break; 631 632 case sLoginGraceTime: 633 intptr = &options->login_grace_time; 634 parse_time: 635 arg = strdelim(&cp); 636 if (!arg || *arg == '\0') 637 fatal("%s line %d: missing time value.", 638 filename, linenum); 639 if ((value = convtime(arg)) == -1) 640 fatal("%s line %d: invalid time value.", 641 filename, linenum); 642 if (*intptr == -1) 643 *intptr = value; 644 break; 645 646 case sKeyRegenerationTime: 647 intptr = &options->key_regeneration_time; 648 goto parse_time; 649 650 case sListenAddress: 651 arg = strdelim(&cp); 652 if (!arg || *arg == '\0' || strncmp(arg, "[]", 2) == 0) 653 fatal("%s line %d: missing inet addr.", 654 filename, linenum); 655 if (*arg == '[') { 656 if ((p = strchr(arg, ']')) == NULL) 657 fatal("%s line %d: bad ipv6 inet addr usage.", 658 filename, linenum); 659 arg++; 660 (void) memmove(p, p+1, strlen(p+1)+1); 661 } else if (((p = strchr(arg, ':')) == NULL) || 662 (strchr(p+1, ':') != NULL)) { 663 add_listen_addr(options, arg, 0); 664 break; 665 } 666 if (*p == ':') { 667 u_short port; 668 669 p++; 670 if (*p == '\0') 671 fatal("%s line %d: bad inet addr:port usage.", 672 filename, linenum); 673 else { 674 *(p-1) = '\0'; 675 if ((port = a2port(p)) == 0) 676 fatal("%s line %d: bad port number.", 677 filename, linenum); 678 add_listen_addr(options, arg, port); 679 } 680 } else if (*p == '\0') 681 add_listen_addr(options, arg, 0); 682 else 683 fatal("%s line %d: bad inet addr usage.", 684 filename, linenum); 685 break; 686 687 case sHostKeyFile: 688 intptr = &options->num_host_key_files; 689 if (*intptr >= MAX_HOSTKEYS) 690 fatal("%s line %d: too many host keys specified (max %d).", 691 filename, linenum, MAX_HOSTKEYS); 692 charptr = &options->host_key_files[*intptr]; 693 parse_filename: 694 arg = strdelim(&cp); 695 if (!arg || *arg == '\0') 696 fatal("%s line %d: missing file name.", 697 filename, linenum); 698 if (*charptr == NULL) { 699 *charptr = tilde_expand_filename(arg, getuid()); 700 /* increase optional counter */ 701 if (intptr != NULL) 702 *intptr = *intptr + 1; 703 } 704 break; 705 706 case sPidFile: 707 charptr = &options->pid_file; 708 goto parse_filename; 709 710 case sPermitRootLogin: 711 intptr = &options->permit_root_login; 712 arg = strdelim(&cp); 713 if (!arg || *arg == '\0') 714 fatal("%s line %d: missing yes/" 715 "without-password/forced-commands-only/no " 716 "argument.", filename, linenum); 717 value = 0; /* silence compiler */ 718 if (strcmp(arg, "without-password") == 0) 719 value = PERMIT_NO_PASSWD; 720 else if (strcmp(arg, "forced-commands-only") == 0) 721 value = PERMIT_FORCED_ONLY; 722 else if (strcmp(arg, "yes") == 0) 723 value = PERMIT_YES; 724 else if (strcmp(arg, "no") == 0) 725 value = PERMIT_NO; 726 else 727 fatal("%s line %d: Bad yes/" 728 "without-password/forced-commands-only/no " 729 "argument: %s", filename, linenum, arg); 730 if (*intptr == -1) 731 *intptr = value; 732 break; 733 734 case sIgnoreRhosts: 735 intptr = &options->ignore_rhosts; 736 parse_flag: 737 arg = strdelim(&cp); 738 if (!arg || *arg == '\0') 739 fatal("%s line %d: missing yes/no argument.", 740 filename, linenum); 741 value = 0; /* silence compiler */ 742 if (strcmp(arg, "yes") == 0) 743 value = 1; 744 else if (strcmp(arg, "no") == 0) 745 value = 0; 746 else 747 fatal("%s line %d: Bad yes/no argument: %s", 748 filename, linenum, arg); 749 if (*intptr == -1) 750 *intptr = value; 751 break; 752 753 case sIgnoreUserKnownHosts: 754 intptr = &options->ignore_user_known_hosts; 755 goto parse_flag; 756 757 case sRhostsAuthentication: 758 intptr = &options->rhosts_authentication; 759 goto parse_flag; 760 761 case sRhostsRSAAuthentication: 762 intptr = &options->rhosts_rsa_authentication; 763 goto parse_flag; 764 765 case sHostbasedAuthentication: 766 intptr = &options->hostbased_authentication; 767 goto parse_flag; 768 769 case sHostbasedUsesNameFromPacketOnly: 770 intptr = &options->hostbased_uses_name_from_packet_only; 771 goto parse_flag; 772 773 case sRSAAuthentication: 774 intptr = &options->rsa_authentication; 775 goto parse_flag; 776 777 case sPubkeyAuthentication: 778 intptr = &options->pubkey_authentication; 779 goto parse_flag; 780 #ifdef GSSAPI 781 case sGssAuthentication: 782 intptr = &options->gss_authentication; 783 goto parse_flag; 784 case sGssKeyEx: 785 intptr = &options->gss_keyex; 786 goto parse_flag; 787 case sGssStoreDelegCreds: 788 intptr = &options->gss_keyex; 789 goto parse_flag; 790 #ifndef SUNW_GSSAPI 791 case sGssUseSessionCredCache: 792 intptr = &options->gss_use_session_ccache; 793 goto parse_flag; 794 case sGssCleanupCreds: 795 intptr = &options->gss_cleanup_creds; 796 goto parse_flag; 797 #endif /* SUNW_GSSAPI */ 798 #endif /* GSSAPI */ 799 #if defined(KRB4) || defined(KRB5) 800 case sKerberosAuthentication: 801 intptr = &options->kerberos_authentication; 802 goto parse_flag; 803 804 case sKerberosOrLocalPasswd: 805 intptr = &options->kerberos_or_local_passwd; 806 goto parse_flag; 807 808 case sKerberosTicketCleanup: 809 intptr = &options->kerberos_ticket_cleanup; 810 goto parse_flag; 811 #endif 812 #if defined(AFS) || defined(KRB5) 813 case sKerberosTgtPassing: 814 intptr = &options->kerberos_tgt_passing; 815 goto parse_flag; 816 #endif 817 #ifdef AFS 818 case sAFSTokenPassing: 819 intptr = &options->afs_token_passing; 820 goto parse_flag; 821 #endif 822 823 case sPasswordAuthentication: 824 intptr = &options->password_authentication; 825 goto parse_flag; 826 827 case sKbdInteractiveAuthentication: 828 intptr = &options->kbd_interactive_authentication; 829 goto parse_flag; 830 831 case sChallengeResponseAuthentication: 832 intptr = &options->challenge_response_authentication; 833 goto parse_flag; 834 835 case sPrintMotd: 836 intptr = &options->print_motd; 837 goto parse_flag; 838 839 case sPrintLastLog: 840 intptr = &options->print_lastlog; 841 goto parse_flag; 842 843 case sX11Forwarding: 844 intptr = &options->x11_forwarding; 845 goto parse_flag; 846 847 case sX11DisplayOffset: 848 intptr = &options->x11_display_offset; 849 goto parse_int; 850 851 case sX11UseLocalhost: 852 intptr = &options->x11_use_localhost; 853 goto parse_flag; 854 855 case sXAuthLocation: 856 charptr = &options->xauth_location; 857 goto parse_filename; 858 859 case sStrictModes: 860 intptr = &options->strict_modes; 861 goto parse_flag; 862 863 case sKeepAlives: 864 intptr = &options->keepalives; 865 goto parse_flag; 866 867 case sEmptyPasswd: 868 intptr = &options->permit_empty_passwd; 869 goto parse_flag; 870 871 case sPermitUserEnvironment: 872 intptr = &options->permit_user_env; 873 goto parse_flag; 874 875 case sUseLogin: 876 log("%s line %d: ignoring UseLogin option value." 877 " This option is always off.", filename, linenum); 878 while (arg) 879 arg = strdelim(&cp); 880 break; 881 882 case sCompression: 883 intptr = &options->compression; 884 goto parse_flag; 885 886 case sGatewayPorts: 887 arg = strdelim(&cp); 888 if (get_yes_no_flag(&options->gateway_ports, arg, filename, 889 linenum, 1) == 1) 890 break; 891 892 if (strcmp(arg, "clientspecified") == 0) 893 options->gateway_ports = 2; 894 else 895 fatal("%.200s line %d: Bad yes/no/clientspecified " 896 "argument.", filename, linenum); 897 break; 898 899 case sVerifyReverseMapping: 900 intptr = &options->verify_reverse_mapping; 901 goto parse_flag; 902 903 case sLogFacility: 904 intptr = (int *) &options->log_facility; 905 arg = strdelim(&cp); 906 value = log_facility_number(arg); 907 if (value == SYSLOG_FACILITY_NOT_SET) 908 fatal("%.200s line %d: unsupported log facility '%s'", 909 filename, linenum, arg ? arg : "<NONE>"); 910 if (*intptr == -1) 911 *intptr = (SyslogFacility) value; 912 break; 913 914 case sLogLevel: 915 intptr = (int *) &options->log_level; 916 arg = strdelim(&cp); 917 value = log_level_number(arg); 918 if (value == SYSLOG_LEVEL_NOT_SET) 919 fatal("%.200s line %d: unsupported log level '%s'", 920 filename, linenum, arg ? arg : "<NONE>"); 921 if (*intptr == -1) 922 *intptr = (LogLevel) value; 923 break; 924 925 case sAllowTcpForwarding: 926 intptr = &options->allow_tcp_forwarding; 927 goto parse_flag; 928 929 case sUsePrivilegeSeparation: 930 log("%s line %d: ignoring UsePrivilegeSeparation option value." 931 " This option is always on.", filename, linenum); 932 while (arg) 933 arg = strdelim(&cp); 934 break; 935 936 case sAllowUsers: 937 while (((arg = strdelim(&cp)) != NULL) && *arg != '\0') { 938 if (options->num_allow_users >= MAX_ALLOW_USERS) 939 fatal("%s line %d: too many allow users.", 940 filename, linenum); 941 options->allow_users[options->num_allow_users++] = 942 xstrdup(arg); 943 } 944 break; 945 946 case sDenyUsers: 947 while (((arg = strdelim(&cp)) != NULL) && *arg != '\0') { 948 if (options->num_deny_users >= MAX_DENY_USERS) 949 fatal( "%s line %d: too many deny users.", 950 filename, linenum); 951 options->deny_users[options->num_deny_users++] = 952 xstrdup(arg); 953 } 954 break; 955 956 case sAllowGroups: 957 while (((arg = strdelim(&cp)) != NULL) && *arg != '\0') { 958 if (options->num_allow_groups >= MAX_ALLOW_GROUPS) 959 fatal("%s line %d: too many allow groups.", 960 filename, linenum); 961 options->allow_groups[options->num_allow_groups++] = 962 xstrdup(arg); 963 } 964 break; 965 966 case sDenyGroups: 967 while (((arg = strdelim(&cp)) != NULL) && *arg != '\0') { 968 if (options->num_deny_groups >= MAX_DENY_GROUPS) 969 fatal("%s line %d: too many deny groups.", 970 filename, linenum); 971 options->deny_groups[options->num_deny_groups++] = xstrdup(arg); 972 } 973 break; 974 975 case sCiphers: 976 arg = strdelim(&cp); 977 if (!arg || *arg == '\0') 978 fatal("%s line %d: Missing argument.", filename, linenum); 979 if (!ciphers_valid(arg)) 980 fatal("%s line %d: Bad SSH2 cipher spec '%s'.", 981 filename, linenum, arg ? arg : "<NONE>"); 982 if (options->ciphers == NULL) 983 options->ciphers = xstrdup(arg); 984 break; 985 986 case sMacs: 987 arg = strdelim(&cp); 988 if (!arg || *arg == '\0') 989 fatal("%s line %d: Missing argument.", filename, linenum); 990 if (!mac_valid(arg)) 991 fatal("%s line %d: Bad SSH2 mac spec '%s'.", 992 filename, linenum, arg ? arg : "<NONE>"); 993 if (options->macs == NULL) 994 options->macs = xstrdup(arg); 995 break; 996 997 case sProtocol: 998 intptr = &options->protocol; 999 arg = strdelim(&cp); 1000 if (!arg || *arg == '\0') 1001 fatal("%s line %d: Missing argument.", filename, linenum); 1002 value = proto_spec(arg); 1003 if (value == SSH_PROTO_UNKNOWN) 1004 fatal("%s line %d: Bad protocol spec '%s'.", 1005 filename, linenum, arg ? arg : "<NONE>"); 1006 if (*intptr == SSH_PROTO_UNKNOWN) 1007 *intptr = value; 1008 break; 1009 1010 case sSubsystem: 1011 if (options->num_subsystems >= MAX_SUBSYSTEMS) { 1012 fatal("%s line %d: too many subsystems defined.", 1013 filename, linenum); 1014 } 1015 arg = strdelim(&cp); 1016 if (!arg || *arg == '\0') 1017 fatal("%s line %d: Missing subsystem name.", 1018 filename, linenum); 1019 for (i = 0; i < options->num_subsystems; i++) 1020 if (strcmp(arg, options->subsystem_name[i]) == 0) 1021 fatal("%s line %d: Subsystem '%s' already defined.", 1022 filename, linenum, arg); 1023 options->subsystem_name[options->num_subsystems] = xstrdup(arg); 1024 arg = strdelim(&cp); 1025 if (!arg || *arg == '\0') 1026 fatal("%s line %d: Missing subsystem command.", 1027 filename, linenum); 1028 options->subsystem_command[options->num_subsystems] = xstrdup(arg); 1029 1030 /* 1031 * Collect arguments (separate to executable), including the 1032 * name of the executable, in a way that is easier to parse 1033 * later. 1034 */ 1035 p = xstrdup(arg); 1036 len = strlen(p) + 1; 1037 while ((arg = strdelim(&cp)) != NULL && *arg != '\0') { 1038 len += 1 + strlen(arg); 1039 p = xrealloc(p, len); 1040 strlcat(p, " ", len); 1041 strlcat(p, arg, len); 1042 } 1043 options->subsystem_args[options->num_subsystems] = p; 1044 options->num_subsystems++; 1045 break; 1046 1047 case sMaxStartups: 1048 arg = strdelim(&cp); 1049 if (!arg || *arg == '\0') 1050 fatal("%s line %d: Missing MaxStartups spec.", 1051 filename, linenum); 1052 if ((n = sscanf(arg, "%d:%d:%d", 1053 &options->max_startups_begin, 1054 &options->max_startups_rate, 1055 &options->max_startups)) == 3) { 1056 if (options->max_startups_begin > 1057 options->max_startups || 1058 options->max_startups_rate > 100 || 1059 options->max_startups_rate < 1) 1060 fatal("%s line %d: Illegal MaxStartups spec.", 1061 filename, linenum); 1062 } else if (n != 1) 1063 fatal("%s line %d: Illegal MaxStartups spec.", 1064 filename, linenum); 1065 else 1066 options->max_startups = options->max_startups_begin; 1067 break; 1068 1069 case sBanner: 1070 charptr = &options->banner; 1071 goto parse_filename; 1072 /* 1073 * These options can contain %X options expanded at 1074 * connect time, so that you can specify paths like: 1075 * 1076 * AuthorizedKeysFile /etc/ssh_keys/%u 1077 */ 1078 case sAuthorizedKeysFile: 1079 case sAuthorizedKeysFile2: 1080 charptr = (opcode == sAuthorizedKeysFile) ? 1081 &options->authorized_keys_file : 1082 &options->authorized_keys_file2; 1083 goto parse_filename; 1084 1085 case sClientAliveInterval: 1086 intptr = &options->client_alive_interval; 1087 goto parse_time; 1088 1089 case sClientAliveCountMax: 1090 intptr = &options->client_alive_count_max; 1091 goto parse_int; 1092 1093 case sMaxAuthTries: 1094 intptr = &options->max_auth_tries; 1095 goto parse_int; 1096 1097 case sMaxAuthTriesLog: 1098 intptr = &options->max_auth_tries_log; 1099 goto parse_int; 1100 1101 case sLookupClientHostnames: 1102 intptr = &options->lookup_client_hostnames; 1103 goto parse_flag; 1104 1105 case sUseOpenSSLEngine: 1106 intptr = &options->use_openssl_engine; 1107 goto parse_flag; 1108 1109 case sChrootDirectory: 1110 charptr = &options->chroot_directory; 1111 1112 arg = strdelim(&cp); 1113 if (arg == NULL || *arg == '\0') 1114 fatal("%s line %d: missing directory name for " 1115 "ChrootDirectory.", filename, linenum); 1116 if (*charptr == NULL) 1117 *charptr = xstrdup(arg); 1118 break; 1119 1120 case sDeprecated: 1121 log("%s line %d: Deprecated option %s", 1122 filename, linenum, arg); 1123 while (arg) 1124 arg = strdelim(&cp); 1125 break; 1126 1127 default: 1128 fatal("%s line %d: Missing handler for opcode %s (%d)", 1129 filename, linenum, arg, opcode); 1130 } 1131 if ((arg = strdelim(&cp)) != NULL && *arg != '\0') 1132 fatal("%s line %d: garbage at end of line; \"%.200s\".", 1133 filename, linenum, arg); 1134 return 0; 1135 } 1136 1137 /* Reads the server configuration file. */ 1138 1139 void 1140 read_server_config(ServerOptions *options, const char *filename) 1141 { 1142 int linenum, bad_options = 0; 1143 char line[1024]; 1144 FILE *f; 1145 1146 f = fopen(filename, "r"); 1147 if (!f) { 1148 perror(filename); 1149 exit(1); 1150 } 1151 linenum = 0; 1152 while (fgets(line, sizeof(line), f)) { 1153 /* Update line number counter. */ 1154 linenum++; 1155 if (process_server_config_line(options, line, filename, linenum) != 0) 1156 bad_options++; 1157 } 1158 (void) fclose(f); 1159 if (bad_options > 0) 1160 fatal("%s: terminating, %d bad configuration options", 1161 filename, bad_options); 1162 } 1163 1164 /* 1165 * Note that "none" is a special path having the same affect on sshd 1166 * configuration as not specifying ChrootDirectory at all. 1167 */ 1168 int 1169 chroot_requested(char *chroot_directory) 1170 { 1171 return (chroot_directory != NULL && 1172 strcasecmp(chroot_directory, "none") != 0); 1173 } 1174