1 /* 2 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland 3 * All rights reserved 4 * 5 * As far as I am concerned, the code I have written for this software 6 * can be used freely for any purpose. Any derived versions of this 7 * software must be clearly marked as such, and if the derived work is 8 * incompatible with the protocol description in the RFC file, it must be 9 * called by a name other than "ssh" or "Secure Shell". 10 */ 11 /* 12 * Copyright 2004 Sun Microsystems, Inc. All rights reserved. 13 * Use is subject to license terms. 14 */ 15 16 #include "includes.h" 17 RCSID("$OpenBSD: servconf.c,v 1.115 2002/09/04 18:52:42 stevesk Exp $"); 18 19 #pragma ident "%Z%%M% %I% %E% SMI" 20 21 #ifdef HAVE_DEFOPEN 22 #include <deflt.h> 23 #endif /* HAVE_DEFOPEN */ 24 25 #if defined(KRB4) 26 #include <krb.h> 27 #endif 28 #if defined(KRB5) 29 #ifdef HEIMDAL 30 #include <krb.h> 31 #else 32 /* Bodge - but then, so is using the kerberos IV KEYFILE to get a Kerberos V 33 * keytab */ 34 #define KEYFILE "/etc/krb5.keytab" 35 #endif 36 #endif 37 #ifdef AFS 38 #include <kafs.h> 39 #endif 40 41 #include "ssh.h" 42 #include "log.h" 43 #include "servconf.h" 44 #include "xmalloc.h" 45 #include "compat.h" 46 #include "pathnames.h" 47 #include "tildexpand.h" 48 #include "misc.h" 49 #include "cipher.h" 50 #include "kex.h" 51 #include "mac.h" 52 #include "auth.h" 53 54 static void add_listen_addr(ServerOptions *, char *, u_short); 55 static void add_one_listen_addr(ServerOptions *, char *, u_short); 56 57 /* AF_UNSPEC or AF_INET or AF_INET6 */ 58 extern int IPv4or6; 59 /* Use of privilege separation or not */ 60 extern int use_privsep; 61 62 /* Initializes the server options to their default values. */ 63 64 void 65 initialize_server_options(ServerOptions *options) 66 { 67 (void) memset(options, 0, sizeof(*options)); 68 69 /* Portable-specific options */ 70 options->pam_authentication_via_kbd_int = -1; 71 72 /* Standard Options */ 73 options->num_ports = 0; 74 options->ports_from_cmdline = 0; 75 options->listen_addrs = NULL; 76 options->num_host_key_files = 0; 77 options->pid_file = NULL; 78 options->server_key_bits = -1; 79 options->login_grace_time = -1; 80 options->key_regeneration_time = -1; 81 options->permit_root_login = PERMIT_NOT_SET; 82 options->ignore_rhosts = -1; 83 options->ignore_user_known_hosts = -1; 84 options->print_motd = -1; 85 options->print_lastlog = -1; 86 options->x11_forwarding = -1; 87 options->x11_display_offset = -1; 88 options->x11_use_localhost = -1; 89 options->xauth_location = NULL; 90 options->strict_modes = -1; 91 options->keepalives = -1; 92 options->log_facility = SYSLOG_FACILITY_NOT_SET; 93 options->log_level = SYSLOG_LEVEL_NOT_SET; 94 options->rhosts_authentication = -1; 95 options->rhosts_rsa_authentication = -1; 96 options->hostbased_authentication = -1; 97 options->hostbased_uses_name_from_packet_only = -1; 98 options->rsa_authentication = -1; 99 options->pubkey_authentication = -1; 100 #ifdef GSSAPI 101 options->gss_authentication = -1; 102 options->gss_keyex = -1; 103 options->gss_store_creds = -1; 104 options->gss_use_session_ccache = -1; 105 options->gss_cleanup_creds = -1; 106 #endif 107 #if defined(KRB4) || defined(KRB5) 108 options->kerberos_authentication = -1; 109 options->kerberos_or_local_passwd = -1; 110 options->kerberos_ticket_cleanup = -1; 111 #endif 112 #if defined(AFS) || defined(KRB5) 113 options->kerberos_tgt_passing = -1; 114 #endif 115 #ifdef AFS 116 options->afs_token_passing = -1; 117 #endif 118 options->password_authentication = -1; 119 options->kbd_interactive_authentication = -1; 120 options->challenge_response_authentication = -1; 121 options->permit_empty_passwd = -1; 122 options->permit_user_env = -1; 123 options->use_login = -1; 124 options->compression = -1; 125 options->allow_tcp_forwarding = -1; 126 options->num_allow_users = 0; 127 options->num_deny_users = 0; 128 options->num_allow_groups = 0; 129 options->num_deny_groups = 0; 130 options->ciphers = NULL; 131 options->macs = NULL; 132 options->protocol = SSH_PROTO_UNKNOWN; 133 options->gateway_ports = -1; 134 options->num_subsystems = 0; 135 options->max_startups_begin = -1; 136 options->max_startups_rate = -1; 137 options->max_startups = -1; 138 options->banner = NULL; 139 options->verify_reverse_mapping = -1; 140 options->client_alive_interval = -1; 141 options->client_alive_count_max = -1; 142 options->authorized_keys_file = NULL; 143 options->authorized_keys_file2 = NULL; 144 145 options->max_auth_tries = -1; 146 options->max_auth_tries_log = -1; 147 148 options->max_init_auth_tries = -1; 149 options->max_init_auth_tries_log = -1; 150 151 options->lookup_client_hostnames = -1; 152 153 /* Needs to be accessable in many places */ 154 use_privsep = -1; 155 } 156 157 #ifdef HAVE_DEFOPEN 158 /* 159 * Reads /etc/default/login and defaults several ServerOptions: 160 * 161 * PermitRootLogin 162 * PermitEmptyPasswords 163 * LoginGraceTime 164 * 165 * CONSOLE=* -> PermitRootLogin=without-password 166 * #CONSOLE=* -> PermitRootLogin=yes 167 * 168 * PASSREQ=YES -> PermitEmptyPasswords=no 169 * PASSREQ=NO -> PermitEmptyPasswords=yes 170 * #PASSREQ=* -> PermitEmptyPasswords=no 171 * 172 * TIMEOUT=<secs> -> LoginGraceTime=<secs> 173 * #TIMEOUT=<secs> -> LoginGraceTime=300 174 */ 175 static 176 void 177 deflt_fill_default_server_options(ServerOptions *options) 178 { 179 int flags; 180 char *ptr; 181 182 if (defopen(_PATH_DEFAULT_LOGIN)) 183 return; 184 185 /* Ignore case */ 186 flags = defcntl(DC_GETFLAGS, 0); 187 TURNOFF(flags, DC_CASE); 188 (void) defcntl(DC_SETFLAGS, flags); 189 190 if (options->permit_root_login == PERMIT_NOT_SET && 191 (ptr = defread("CONSOLE=")) != NULL) 192 options->permit_root_login = PERMIT_NO_PASSWD; 193 194 if (options->permit_empty_passwd == -1 && 195 (ptr = defread("PASSREQ=")) != NULL) { 196 if (strcasecmp("YES", ptr) == 0) 197 options->permit_empty_passwd = 0; 198 else if (strcasecmp("NO", ptr) == 0) 199 options->permit_empty_passwd = 1; 200 } 201 202 if (options->max_init_auth_tries == -1 && 203 (ptr = defread("RETRIES=")) != NULL) { 204 options->max_init_auth_tries = atoi(ptr); 205 } 206 207 if (options->max_init_auth_tries_log == -1 && 208 (ptr = defread("SYSLOG_FAILED_LOGINS=")) != NULL) { 209 options->max_init_auth_tries_log = atoi(ptr); 210 } 211 212 if (options->login_grace_time == -1) { 213 if ((ptr = defread("TIMEOUT=")) != NULL) 214 options->login_grace_time = (unsigned)atoi(ptr); 215 else 216 options->login_grace_time = 300; 217 } 218 219 (void) defopen((char *)NULL); 220 } 221 #endif /* HAVE_DEFOPEN */ 222 223 void 224 fill_default_server_options(ServerOptions *options) 225 { 226 227 #ifdef HAVE_DEFOPEN 228 deflt_fill_default_server_options(options); 229 #endif /* HAVE_DEFOPEN */ 230 231 /* Portable-specific options */ 232 if (options->pam_authentication_via_kbd_int == -1) 233 options->pam_authentication_via_kbd_int = 0; 234 235 /* Standard Options */ 236 if (options->protocol == SSH_PROTO_UNKNOWN) 237 options->protocol = SSH_PROTO_1|SSH_PROTO_2; 238 if (options->num_host_key_files == 0) { 239 /* fill default hostkeys for protocols */ 240 if (options->protocol & SSH_PROTO_1) 241 options->host_key_files[options->num_host_key_files++] = 242 _PATH_HOST_KEY_FILE; 243 #ifndef GSSAPI 244 /* With GSS keyex we can run v2 w/ no host keys */ 245 if (options->protocol & SSH_PROTO_2) { 246 options->host_key_files[options->num_host_key_files++] = 247 _PATH_HOST_RSA_KEY_FILE; 248 options->host_key_files[options->num_host_key_files++] = 249 _PATH_HOST_DSA_KEY_FILE; 250 } 251 #endif /* GSSAPI */ 252 } 253 if (options->num_ports == 0) 254 options->ports[options->num_ports++] = SSH_DEFAULT_PORT; 255 if (options->listen_addrs == NULL) 256 add_listen_addr(options, NULL, 0); 257 if (options->pid_file == NULL) 258 options->pid_file = _PATH_SSH_DAEMON_PID_FILE; 259 if (options->server_key_bits == -1) 260 options->server_key_bits = 768; 261 if (options->login_grace_time == -1) 262 options->login_grace_time = 120; 263 if (options->key_regeneration_time == -1) 264 options->key_regeneration_time = 3600; 265 if (options->permit_root_login == PERMIT_NOT_SET) 266 options->permit_root_login = PERMIT_YES; 267 if (options->ignore_rhosts == -1) 268 options->ignore_rhosts = 1; 269 if (options->ignore_user_known_hosts == -1) 270 options->ignore_user_known_hosts = 0; 271 if (options->print_motd == -1) 272 options->print_motd = 1; 273 if (options->print_lastlog == -1) 274 options->print_lastlog = 1; 275 if (options->x11_forwarding == -1) 276 options->x11_forwarding = 1; 277 if (options->x11_display_offset == -1) 278 options->x11_display_offset = 10; 279 if (options->x11_use_localhost == -1) 280 options->x11_use_localhost = 1; 281 if (options->xauth_location == NULL) 282 options->xauth_location = _PATH_XAUTH; 283 if (options->strict_modes == -1) 284 options->strict_modes = 1; 285 if (options->keepalives == -1) 286 options->keepalives = 1; 287 if (options->log_facility == SYSLOG_FACILITY_NOT_SET) 288 options->log_facility = SYSLOG_FACILITY_AUTH; 289 if (options->log_level == SYSLOG_LEVEL_NOT_SET) 290 options->log_level = SYSLOG_LEVEL_INFO; 291 if (options->rhosts_authentication == -1) 292 options->rhosts_authentication = 0; 293 if (options->rhosts_rsa_authentication == -1) 294 options->rhosts_rsa_authentication = 0; 295 if (options->hostbased_authentication == -1) 296 options->hostbased_authentication = 0; 297 if (options->hostbased_uses_name_from_packet_only == -1) 298 options->hostbased_uses_name_from_packet_only = 0; 299 if (options->rsa_authentication == -1) 300 options->rsa_authentication = 1; 301 if (options->pubkey_authentication == -1) 302 options->pubkey_authentication = 1; 303 #ifdef GSSAPI 304 if (options->gss_authentication == -1) 305 options->gss_authentication = 1; 306 if (options->gss_keyex == -1) 307 options->gss_keyex = 1; 308 if (options->gss_store_creds == -1) 309 options->gss_store_creds = 1; 310 if (options->gss_use_session_ccache == -1) 311 options->gss_use_session_ccache = 1; 312 if (options->gss_cleanup_creds == -1) 313 options->gss_cleanup_creds = 1; 314 #endif 315 #if defined(KRB4) || defined(KRB5) 316 if (options->kerberos_authentication == -1) 317 options->kerberos_authentication = 0; 318 if (options->kerberos_or_local_passwd == -1) 319 options->kerberos_or_local_passwd = 1; 320 if (options->kerberos_ticket_cleanup == -1) 321 options->kerberos_ticket_cleanup = 1; 322 #endif 323 #if defined(AFS) || defined(KRB5) 324 if (options->kerberos_tgt_passing == -1) 325 options->kerberos_tgt_passing = 0; 326 #endif 327 #ifdef AFS 328 if (options->afs_token_passing == -1) 329 options->afs_token_passing = 0; 330 #endif 331 if (options->password_authentication == -1) 332 options->password_authentication = 1; 333 if (options->kbd_interactive_authentication == -1) 334 options->kbd_interactive_authentication = 0; 335 if (options->challenge_response_authentication == -1) 336 options->challenge_response_authentication = 1; 337 if (options->permit_empty_passwd == -1) 338 options->permit_empty_passwd = 0; 339 if (options->permit_user_env == -1) 340 options->permit_user_env = 0; 341 if (options->use_login == -1) 342 options->use_login = 0; 343 if (options->compression == -1) 344 options->compression = 1; 345 if (options->allow_tcp_forwarding == -1) 346 options->allow_tcp_forwarding = 1; 347 if (options->gateway_ports == -1) 348 options->gateway_ports = 0; 349 if (options->max_startups == -1) 350 options->max_startups = 10; 351 if (options->max_startups_rate == -1) 352 options->max_startups_rate = 100; /* 100% */ 353 if (options->max_startups_begin == -1) 354 options->max_startups_begin = options->max_startups; 355 if (options->verify_reverse_mapping == -1) 356 options->verify_reverse_mapping = 0; 357 if (options->client_alive_interval == -1) 358 options->client_alive_interval = 0; 359 if (options->client_alive_count_max == -1) 360 options->client_alive_count_max = 3; 361 if (options->authorized_keys_file2 == NULL) { 362 /* authorized_keys_file2 falls back to authorized_keys_file */ 363 if (options->authorized_keys_file != NULL) 364 options->authorized_keys_file2 = options->authorized_keys_file; 365 else 366 options->authorized_keys_file2 = _PATH_SSH_USER_PERMITTED_KEYS2; 367 } 368 if (options->authorized_keys_file == NULL) 369 options->authorized_keys_file = _PATH_SSH_USER_PERMITTED_KEYS; 370 371 if (options->max_auth_tries == -1) 372 options->max_auth_tries = AUTH_FAIL_MAX; 373 if (options->max_auth_tries_log == -1) 374 options->max_auth_tries_log = options->max_auth_tries / 2; 375 376 if (options->max_init_auth_tries == -1) 377 options->max_init_auth_tries = AUTH_FAIL_MAX; 378 if (options->max_init_auth_tries_log == -1) 379 options->max_init_auth_tries_log = options->max_init_auth_tries / 2; 380 381 if (options->lookup_client_hostnames == -1) 382 options->lookup_client_hostnames = 1; 383 384 /* XXX SUNWssh resync */ 385 /* Turn privilege separation OFF by default */ 386 if (use_privsep == -1) 387 use_privsep = 0; 388 389 #ifndef HAVE_MMAP 390 if (use_privsep && options->compression == 1) { 391 error("This platform does not support both privilege " 392 "separation and compression"); 393 error("Compression disabled"); 394 options->compression = 0; 395 } 396 #endif 397 398 } 399 400 /* Keyword tokens. */ 401 typedef enum { 402 sBadOption, /* == unknown option */ 403 /* Portable-specific options */ 404 sPAMAuthenticationViaKbdInt, 405 /* Standard Options */ 406 sPort, sHostKeyFile, sServerKeyBits, sLoginGraceTime, sKeyRegenerationTime, 407 sPermitRootLogin, sLogFacility, sLogLevel, 408 sRhostsAuthentication, sRhostsRSAAuthentication, sRSAAuthentication, 409 #ifdef GSSAPI 410 sGssAuthentication, sGssKeyEx, sGssStoreDelegCreds, 411 sGssUseSessionCredCache, sGssCleanupCreds, 412 #endif /* GSSAPI */ 413 #if defined(KRB4) || defined(KRB5) 414 sKerberosAuthentication, sKerberosOrLocalPasswd, sKerberosTicketCleanup, 415 #endif 416 #if defined(AFS) || defined(KRB5) 417 sKerberosTgtPassing, 418 #endif 419 #ifdef AFS 420 sAFSTokenPassing, 421 #endif 422 sChallengeResponseAuthentication, 423 sPasswordAuthentication, sKbdInteractiveAuthentication, sListenAddress, 424 sPrintMotd, sPrintLastLog, sIgnoreRhosts, 425 sX11Forwarding, sX11DisplayOffset, sX11UseLocalhost, 426 sStrictModes, sEmptyPasswd, sKeepAlives, 427 sPermitUserEnvironment, sUseLogin, sAllowTcpForwarding, sCompression, 428 sAllowUsers, sDenyUsers, sAllowGroups, sDenyGroups, 429 sIgnoreUserKnownHosts, sCiphers, sMacs, sProtocol, sPidFile, 430 sGatewayPorts, sPubkeyAuthentication, sXAuthLocation, sSubsystem, sMaxStartups, 431 sBanner, sVerifyReverseMapping, sHostbasedAuthentication, 432 sHostbasedUsesNameFromPacketOnly, sClientAliveInterval, 433 sClientAliveCountMax, sAuthorizedKeysFile, sAuthorizedKeysFile2, 434 sMaxAuthTries, sMaxAuthTriesLog, sUsePrivilegeSeparation, 435 sLookupClientHostnames, 436 sDeprecated 437 } ServerOpCodes; 438 439 /* Textual representation of the tokens. */ 440 static struct { 441 const char *name; 442 ServerOpCodes opcode; 443 } keywords[] = { 444 /* Portable-specific options */ 445 { "PAMAuthenticationViaKbdInt", sPAMAuthenticationViaKbdInt }, 446 /* Standard Options */ 447 { "port", sPort }, 448 { "hostkey", sHostKeyFile }, 449 { "hostdsakey", sHostKeyFile }, /* alias */ 450 { "pidfile", sPidFile }, 451 { "serverkeybits", sServerKeyBits }, 452 { "logingracetime", sLoginGraceTime }, 453 { "keyregenerationinterval", sKeyRegenerationTime }, 454 { "permitrootlogin", sPermitRootLogin }, 455 { "syslogfacility", sLogFacility }, 456 { "loglevel", sLogLevel }, 457 { "rhostsauthentication", sRhostsAuthentication }, 458 { "rhostsrsaauthentication", sRhostsRSAAuthentication }, 459 { "hostbasedauthentication", sHostbasedAuthentication }, 460 { "hostbasedusesnamefrompacketonly", sHostbasedUsesNameFromPacketOnly }, 461 { "rsaauthentication", sRSAAuthentication }, 462 { "pubkeyauthentication", sPubkeyAuthentication }, 463 { "dsaauthentication", sPubkeyAuthentication }, /* alias */ 464 #ifdef GSSAPI 465 { "gssapiauthentication", sGssAuthentication }, 466 { "gssapikeyexchange", sGssKeyEx }, 467 { "gssapistoredelegatedcredentials", sGssStoreDelegCreds }, 468 { "gssauthentication", sGssAuthentication }, /* alias */ 469 { "gsskeyex", sGssKeyEx }, /* alias */ 470 { "gssstoredelegcreds", sGssStoreDelegCreds }, /* alias */ 471 #ifndef SUNW_GSSAPI 472 { "gssusesessionccache", sGssUseSessionCredCache }, 473 { "gssusesessioncredcache", sGssUseSessionCredCache }, 474 { "gsscleanupcreds", sGssCleanupCreds }, 475 #endif /* SUNW_GSSAPI */ 476 #endif 477 #if defined(KRB4) || defined(KRB5) 478 { "kerberosauthentication", sKerberosAuthentication }, 479 { "kerberosorlocalpasswd", sKerberosOrLocalPasswd }, 480 { "kerberosticketcleanup", sKerberosTicketCleanup }, 481 #endif 482 #if defined(AFS) || defined(KRB5) 483 { "kerberostgtpassing", sKerberosTgtPassing }, 484 #endif 485 #ifdef AFS 486 { "afstokenpassing", sAFSTokenPassing }, 487 #endif 488 { "passwordauthentication", sPasswordAuthentication }, 489 { "kbdinteractiveauthentication", sKbdInteractiveAuthentication }, 490 { "challengeresponseauthentication", sChallengeResponseAuthentication }, 491 { "skeyauthentication", sChallengeResponseAuthentication }, /* alias */ 492 { "checkmail", sDeprecated }, 493 { "listenaddress", sListenAddress }, 494 { "printmotd", sPrintMotd }, 495 { "printlastlog", sPrintLastLog }, 496 { "ignorerhosts", sIgnoreRhosts }, 497 { "ignoreuserknownhosts", sIgnoreUserKnownHosts }, 498 { "x11forwarding", sX11Forwarding }, 499 { "x11displayoffset", sX11DisplayOffset }, 500 { "x11uselocalhost", sX11UseLocalhost }, 501 { "xauthlocation", sXAuthLocation }, 502 { "strictmodes", sStrictModes }, 503 { "permitemptypasswords", sEmptyPasswd }, 504 { "permituserenvironment", sPermitUserEnvironment }, 505 { "uselogin", sUseLogin }, 506 { "compression", sCompression }, 507 { "keepalive", sKeepAlives }, 508 { "allowtcpforwarding", sAllowTcpForwarding }, 509 { "allowusers", sAllowUsers }, 510 { "denyusers", sDenyUsers }, 511 { "allowgroups", sAllowGroups }, 512 { "denygroups", sDenyGroups }, 513 { "ciphers", sCiphers }, 514 { "macs", sMacs }, 515 { "protocol", sProtocol }, 516 { "gatewayports", sGatewayPorts }, 517 { "subsystem", sSubsystem }, 518 { "maxstartups", sMaxStartups }, 519 { "banner", sBanner }, 520 { "verifyreversemapping", sVerifyReverseMapping }, 521 { "reversemappingcheck", sVerifyReverseMapping }, 522 { "clientaliveinterval", sClientAliveInterval }, 523 { "clientalivecountmax", sClientAliveCountMax }, 524 { "authorizedkeysfile", sAuthorizedKeysFile }, 525 { "authorizedkeysfile2", sAuthorizedKeysFile2 }, 526 { "maxauthtries", sMaxAuthTries }, 527 { "maxauthtrieslog", sMaxAuthTriesLog }, 528 { "useprivilegeseparation", sUsePrivilegeSeparation}, 529 { "lookupclienthostnames", sLookupClientHostnames}, 530 { NULL, sBadOption } 531 }; 532 533 /* 534 * Returns the number of the token pointed to by cp or sBadOption. 535 */ 536 537 static ServerOpCodes 538 parse_token(const char *cp, const char *filename, 539 int linenum) 540 { 541 u_int i; 542 543 for (i = 0; keywords[i].name; i++) 544 if (strcasecmp(cp, keywords[i].name) == 0) 545 return keywords[i].opcode; 546 547 error("%s: line %d: Bad configuration option: %s", 548 filename, linenum, cp); 549 return sBadOption; 550 } 551 552 static void 553 add_listen_addr(ServerOptions *options, char *addr, u_short port) 554 { 555 int i; 556 557 if (options->num_ports == 0) 558 options->ports[options->num_ports++] = SSH_DEFAULT_PORT; 559 if (port == 0) 560 for (i = 0; i < options->num_ports; i++) 561 add_one_listen_addr(options, addr, options->ports[i]); 562 else 563 add_one_listen_addr(options, addr, port); 564 } 565 566 static void 567 add_one_listen_addr(ServerOptions *options, char *addr, u_short port) 568 { 569 struct addrinfo hints, *ai, *aitop; 570 char strport[NI_MAXSERV]; 571 int gaierr; 572 573 (void) memset(&hints, 0, sizeof(hints)); 574 hints.ai_family = IPv4or6; 575 hints.ai_socktype = SOCK_STREAM; 576 hints.ai_flags = (addr == NULL) ? AI_PASSIVE : 0; 577 (void) snprintf(strport, sizeof strport, "%u", port); 578 if ((gaierr = getaddrinfo(addr, strport, &hints, &aitop)) != 0) 579 fatal("bad addr or host: %s (%s)", 580 addr ? addr : "<NULL>", 581 gai_strerror(gaierr)); 582 for (ai = aitop; ai->ai_next; ai = ai->ai_next) 583 ; 584 ai->ai_next = options->listen_addrs; 585 options->listen_addrs = aitop; 586 } 587 588 int 589 process_server_config_line(ServerOptions *options, char *line, 590 const char *filename, int linenum) 591 { 592 char *cp, **charptr, *arg, *p; 593 int *intptr, value, i, n; 594 ServerOpCodes opcode; 595 596 cp = line; 597 arg = strdelim(&cp); 598 /* Ignore leading whitespace */ 599 if (*arg == '\0') 600 arg = strdelim(&cp); 601 if (!arg || !*arg || *arg == '#') 602 return 0; 603 intptr = NULL; 604 charptr = NULL; 605 opcode = parse_token(arg, filename, linenum); 606 switch (opcode) { 607 /* Portable-specific options */ 608 case sPAMAuthenticationViaKbdInt: 609 intptr = &options->pam_authentication_via_kbd_int; 610 goto parse_flag; 611 612 /* Standard Options */ 613 case sBadOption: 614 return -1; 615 case sPort: 616 /* ignore ports from configfile if cmdline specifies ports */ 617 if (options->ports_from_cmdline) 618 return 0; 619 if (options->listen_addrs != NULL) 620 fatal("%s line %d: ports must be specified before " 621 "ListenAddress.", filename, linenum); 622 if (options->num_ports >= MAX_PORTS) 623 fatal("%s line %d: too many ports.", 624 filename, linenum); 625 arg = strdelim(&cp); 626 if (!arg || *arg == '\0') 627 fatal("%s line %d: missing port number.", 628 filename, linenum); 629 options->ports[options->num_ports++] = a2port(arg); 630 if (options->ports[options->num_ports-1] == 0) 631 fatal("%s line %d: Badly formatted port number.", 632 filename, linenum); 633 break; 634 635 case sServerKeyBits: 636 intptr = &options->server_key_bits; 637 parse_int: 638 arg = strdelim(&cp); 639 if (!arg || *arg == '\0') 640 fatal("%s line %d: missing integer value.", 641 filename, linenum); 642 value = atoi(arg); 643 if (*intptr == -1) 644 *intptr = value; 645 break; 646 647 case sLoginGraceTime: 648 intptr = &options->login_grace_time; 649 parse_time: 650 arg = strdelim(&cp); 651 if (!arg || *arg == '\0') 652 fatal("%s line %d: missing time value.", 653 filename, linenum); 654 if ((value = convtime(arg)) == -1) 655 fatal("%s line %d: invalid time value.", 656 filename, linenum); 657 if (*intptr == -1) 658 *intptr = value; 659 break; 660 661 case sKeyRegenerationTime: 662 intptr = &options->key_regeneration_time; 663 goto parse_time; 664 665 case sListenAddress: 666 arg = strdelim(&cp); 667 if (!arg || *arg == '\0' || strncmp(arg, "[]", 2) == 0) 668 fatal("%s line %d: missing inet addr.", 669 filename, linenum); 670 if (*arg == '[') { 671 if ((p = strchr(arg, ']')) == NULL) 672 fatal("%s line %d: bad ipv6 inet addr usage.", 673 filename, linenum); 674 arg++; 675 (void) memmove(p, p+1, strlen(p+1)+1); 676 } else if (((p = strchr(arg, ':')) == NULL) || 677 (strchr(p+1, ':') != NULL)) { 678 add_listen_addr(options, arg, 0); 679 break; 680 } 681 if (*p == ':') { 682 u_short port; 683 684 p++; 685 if (*p == '\0') 686 fatal("%s line %d: bad inet addr:port usage.", 687 filename, linenum); 688 else { 689 *(p-1) = '\0'; 690 if ((port = a2port(p)) == 0) 691 fatal("%s line %d: bad port number.", 692 filename, linenum); 693 add_listen_addr(options, arg, port); 694 } 695 } else if (*p == '\0') 696 add_listen_addr(options, arg, 0); 697 else 698 fatal("%s line %d: bad inet addr usage.", 699 filename, linenum); 700 break; 701 702 case sHostKeyFile: 703 intptr = &options->num_host_key_files; 704 if (*intptr >= MAX_HOSTKEYS) 705 fatal("%s line %d: too many host keys specified (max %d).", 706 filename, linenum, MAX_HOSTKEYS); 707 charptr = &options->host_key_files[*intptr]; 708 parse_filename: 709 arg = strdelim(&cp); 710 if (!arg || *arg == '\0') 711 fatal("%s line %d: missing file name.", 712 filename, linenum); 713 if (*charptr == NULL) { 714 *charptr = tilde_expand_filename(arg, getuid()); 715 /* increase optional counter */ 716 if (intptr != NULL) 717 *intptr = *intptr + 1; 718 } 719 break; 720 721 case sPidFile: 722 charptr = &options->pid_file; 723 goto parse_filename; 724 725 case sPermitRootLogin: 726 intptr = &options->permit_root_login; 727 arg = strdelim(&cp); 728 if (!arg || *arg == '\0') 729 fatal("%s line %d: missing yes/" 730 "without-password/forced-commands-only/no " 731 "argument.", filename, linenum); 732 value = 0; /* silence compiler */ 733 if (strcmp(arg, "without-password") == 0) 734 value = PERMIT_NO_PASSWD; 735 else if (strcmp(arg, "forced-commands-only") == 0) 736 value = PERMIT_FORCED_ONLY; 737 else if (strcmp(arg, "yes") == 0) 738 value = PERMIT_YES; 739 else if (strcmp(arg, "no") == 0) 740 value = PERMIT_NO; 741 else 742 fatal("%s line %d: Bad yes/" 743 "without-password/forced-commands-only/no " 744 "argument: %s", filename, linenum, arg); 745 if (*intptr == -1) 746 *intptr = value; 747 break; 748 749 case sIgnoreRhosts: 750 intptr = &options->ignore_rhosts; 751 parse_flag: 752 arg = strdelim(&cp); 753 if (!arg || *arg == '\0') 754 fatal("%s line %d: missing yes/no argument.", 755 filename, linenum); 756 value = 0; /* silence compiler */ 757 if (strcmp(arg, "yes") == 0) 758 value = 1; 759 else if (strcmp(arg, "no") == 0) 760 value = 0; 761 else 762 fatal("%s line %d: Bad yes/no argument: %s", 763 filename, linenum, arg); 764 if (*intptr == -1) 765 *intptr = value; 766 break; 767 768 case sIgnoreUserKnownHosts: 769 intptr = &options->ignore_user_known_hosts; 770 goto parse_flag; 771 772 case sRhostsAuthentication: 773 intptr = &options->rhosts_authentication; 774 goto parse_flag; 775 776 case sRhostsRSAAuthentication: 777 intptr = &options->rhosts_rsa_authentication; 778 goto parse_flag; 779 780 case sHostbasedAuthentication: 781 intptr = &options->hostbased_authentication; 782 goto parse_flag; 783 784 case sHostbasedUsesNameFromPacketOnly: 785 intptr = &options->hostbased_uses_name_from_packet_only; 786 goto parse_flag; 787 788 case sRSAAuthentication: 789 intptr = &options->rsa_authentication; 790 goto parse_flag; 791 792 case sPubkeyAuthentication: 793 intptr = &options->pubkey_authentication; 794 goto parse_flag; 795 #ifdef GSSAPI 796 case sGssAuthentication: 797 intptr = &options->gss_authentication; 798 goto parse_flag; 799 case sGssKeyEx: 800 intptr = &options->gss_keyex; 801 goto parse_flag; 802 case sGssStoreDelegCreds: 803 intptr = &options->gss_keyex; 804 goto parse_flag; 805 #ifndef SUNW_GSSAPI 806 case sGssUseSessionCredCache: 807 intptr = &options->gss_use_session_ccache; 808 goto parse_flag; 809 case sGssCleanupCreds: 810 intptr = &options->gss_cleanup_creds; 811 goto parse_flag; 812 #endif /* SUNW_GSSAPI */ 813 #endif /* GSSAPI */ 814 #if defined(KRB4) || defined(KRB5) 815 case sKerberosAuthentication: 816 intptr = &options->kerberos_authentication; 817 goto parse_flag; 818 819 case sKerberosOrLocalPasswd: 820 intptr = &options->kerberos_or_local_passwd; 821 goto parse_flag; 822 823 case sKerberosTicketCleanup: 824 intptr = &options->kerberos_ticket_cleanup; 825 goto parse_flag; 826 #endif 827 #if defined(AFS) || defined(KRB5) 828 case sKerberosTgtPassing: 829 intptr = &options->kerberos_tgt_passing; 830 goto parse_flag; 831 #endif 832 #ifdef AFS 833 case sAFSTokenPassing: 834 intptr = &options->afs_token_passing; 835 goto parse_flag; 836 #endif 837 838 case sPasswordAuthentication: 839 intptr = &options->password_authentication; 840 goto parse_flag; 841 842 case sKbdInteractiveAuthentication: 843 intptr = &options->kbd_interactive_authentication; 844 goto parse_flag; 845 846 case sChallengeResponseAuthentication: 847 intptr = &options->challenge_response_authentication; 848 goto parse_flag; 849 850 case sPrintMotd: 851 intptr = &options->print_motd; 852 goto parse_flag; 853 854 case sPrintLastLog: 855 intptr = &options->print_lastlog; 856 goto parse_flag; 857 858 case sX11Forwarding: 859 intptr = &options->x11_forwarding; 860 goto parse_flag; 861 862 case sX11DisplayOffset: 863 intptr = &options->x11_display_offset; 864 goto parse_int; 865 866 case sX11UseLocalhost: 867 intptr = &options->x11_use_localhost; 868 goto parse_flag; 869 870 case sXAuthLocation: 871 charptr = &options->xauth_location; 872 goto parse_filename; 873 874 case sStrictModes: 875 intptr = &options->strict_modes; 876 goto parse_flag; 877 878 case sKeepAlives: 879 intptr = &options->keepalives; 880 goto parse_flag; 881 882 case sEmptyPasswd: 883 intptr = &options->permit_empty_passwd; 884 goto parse_flag; 885 886 case sPermitUserEnvironment: 887 intptr = &options->permit_user_env; 888 goto parse_flag; 889 890 case sUseLogin: 891 intptr = &options->use_login; 892 goto parse_flag; 893 894 case sCompression: 895 intptr = &options->compression; 896 goto parse_flag; 897 898 case sGatewayPorts: 899 intptr = &options->gateway_ports; 900 goto parse_flag; 901 902 case sVerifyReverseMapping: 903 intptr = &options->verify_reverse_mapping; 904 goto parse_flag; 905 906 case sLogFacility: 907 intptr = (int *) &options->log_facility; 908 arg = strdelim(&cp); 909 value = log_facility_number(arg); 910 if (value == SYSLOG_FACILITY_NOT_SET) 911 fatal("%.200s line %d: unsupported log facility '%s'", 912 filename, linenum, arg ? arg : "<NONE>"); 913 if (*intptr == -1) 914 *intptr = (SyslogFacility) value; 915 break; 916 917 case sLogLevel: 918 intptr = (int *) &options->log_level; 919 arg = strdelim(&cp); 920 value = log_level_number(arg); 921 if (value == SYSLOG_LEVEL_NOT_SET) 922 fatal("%.200s line %d: unsupported log level '%s'", 923 filename, linenum, arg ? arg : "<NONE>"); 924 if (*intptr == -1) 925 *intptr = (LogLevel) value; 926 break; 927 928 case sAllowTcpForwarding: 929 intptr = &options->allow_tcp_forwarding; 930 goto parse_flag; 931 932 case sUsePrivilegeSeparation: 933 intptr = &use_privsep; 934 goto parse_flag; 935 936 case sAllowUsers: 937 while (((arg = strdelim(&cp)) != NULL) && *arg != '\0') { 938 if (options->num_allow_users >= MAX_ALLOW_USERS) 939 fatal("%s line %d: too many allow users.", 940 filename, linenum); 941 options->allow_users[options->num_allow_users++] = 942 xstrdup(arg); 943 } 944 break; 945 946 case sDenyUsers: 947 while (((arg = strdelim(&cp)) != NULL) && *arg != '\0') { 948 if (options->num_deny_users >= MAX_DENY_USERS) 949 fatal( "%s line %d: too many deny users.", 950 filename, linenum); 951 options->deny_users[options->num_deny_users++] = 952 xstrdup(arg); 953 } 954 break; 955 956 case sAllowGroups: 957 while (((arg = strdelim(&cp)) != NULL) && *arg != '\0') { 958 if (options->num_allow_groups >= MAX_ALLOW_GROUPS) 959 fatal("%s line %d: too many allow groups.", 960 filename, linenum); 961 options->allow_groups[options->num_allow_groups++] = 962 xstrdup(arg); 963 } 964 break; 965 966 case sDenyGroups: 967 while (((arg = strdelim(&cp)) != NULL) && *arg != '\0') { 968 if (options->num_deny_groups >= MAX_DENY_GROUPS) 969 fatal("%s line %d: too many deny groups.", 970 filename, linenum); 971 options->deny_groups[options->num_deny_groups++] = xstrdup(arg); 972 } 973 break; 974 975 case sCiphers: 976 arg = strdelim(&cp); 977 if (!arg || *arg == '\0') 978 fatal("%s line %d: Missing argument.", filename, linenum); 979 if (!ciphers_valid(arg)) 980 fatal("%s line %d: Bad SSH2 cipher spec '%s'.", 981 filename, linenum, arg ? arg : "<NONE>"); 982 if (options->ciphers == NULL) 983 options->ciphers = xstrdup(arg); 984 break; 985 986 case sMacs: 987 arg = strdelim(&cp); 988 if (!arg || *arg == '\0') 989 fatal("%s line %d: Missing argument.", filename, linenum); 990 if (!mac_valid(arg)) 991 fatal("%s line %d: Bad SSH2 mac spec '%s'.", 992 filename, linenum, arg ? arg : "<NONE>"); 993 if (options->macs == NULL) 994 options->macs = xstrdup(arg); 995 break; 996 997 case sProtocol: 998 intptr = &options->protocol; 999 arg = strdelim(&cp); 1000 if (!arg || *arg == '\0') 1001 fatal("%s line %d: Missing argument.", filename, linenum); 1002 value = proto_spec(arg); 1003 if (value == SSH_PROTO_UNKNOWN) 1004 fatal("%s line %d: Bad protocol spec '%s'.", 1005 filename, linenum, arg ? arg : "<NONE>"); 1006 if (*intptr == SSH_PROTO_UNKNOWN) 1007 *intptr = value; 1008 break; 1009 1010 case sSubsystem: 1011 if (options->num_subsystems >= MAX_SUBSYSTEMS) { 1012 fatal("%s line %d: too many subsystems defined.", 1013 filename, linenum); 1014 } 1015 arg = strdelim(&cp); 1016 if (!arg || *arg == '\0') 1017 fatal("%s line %d: Missing subsystem name.", 1018 filename, linenum); 1019 for (i = 0; i < options->num_subsystems; i++) 1020 if (strcmp(arg, options->subsystem_name[i]) == 0) 1021 fatal("%s line %d: Subsystem '%s' already defined.", 1022 filename, linenum, arg); 1023 options->subsystem_name[options->num_subsystems] = xstrdup(arg); 1024 arg = strdelim(&cp); 1025 if (!arg || *arg == '\0') 1026 fatal("%s line %d: Missing subsystem command.", 1027 filename, linenum); 1028 options->subsystem_command[options->num_subsystems] = xstrdup(arg); 1029 options->num_subsystems++; 1030 break; 1031 1032 case sMaxStartups: 1033 arg = strdelim(&cp); 1034 if (!arg || *arg == '\0') 1035 fatal("%s line %d: Missing MaxStartups spec.", 1036 filename, linenum); 1037 if ((n = sscanf(arg, "%d:%d:%d", 1038 &options->max_startups_begin, 1039 &options->max_startups_rate, 1040 &options->max_startups)) == 3) { 1041 if (options->max_startups_begin > 1042 options->max_startups || 1043 options->max_startups_rate > 100 || 1044 options->max_startups_rate < 1) 1045 fatal("%s line %d: Illegal MaxStartups spec.", 1046 filename, linenum); 1047 } else if (n != 1) 1048 fatal("%s line %d: Illegal MaxStartups spec.", 1049 filename, linenum); 1050 else 1051 options->max_startups = options->max_startups_begin; 1052 break; 1053 1054 case sBanner: 1055 charptr = &options->banner; 1056 goto parse_filename; 1057 /* 1058 * These options can contain %X options expanded at 1059 * connect time, so that you can specify paths like: 1060 * 1061 * AuthorizedKeysFile /etc/ssh_keys/%u 1062 */ 1063 case sAuthorizedKeysFile: 1064 case sAuthorizedKeysFile2: 1065 charptr = (opcode == sAuthorizedKeysFile ) ? 1066 &options->authorized_keys_file : 1067 &options->authorized_keys_file2; 1068 goto parse_filename; 1069 1070 case sClientAliveInterval: 1071 intptr = &options->client_alive_interval; 1072 goto parse_time; 1073 1074 case sClientAliveCountMax: 1075 intptr = &options->client_alive_count_max; 1076 goto parse_int; 1077 1078 case sMaxAuthTries: 1079 intptr = &options->max_auth_tries; 1080 goto parse_int; 1081 1082 case sMaxAuthTriesLog: 1083 intptr = &options->max_auth_tries_log; 1084 goto parse_int; 1085 1086 case sLookupClientHostnames: 1087 intptr = &options->lookup_client_hostnames; 1088 goto parse_flag; 1089 1090 case sDeprecated: 1091 log("%s line %d: Deprecated option %s", 1092 filename, linenum, arg); 1093 while (arg) 1094 arg = strdelim(&cp); 1095 break; 1096 1097 default: 1098 fatal("%s line %d: Missing handler for opcode %s (%d)", 1099 filename, linenum, arg, opcode); 1100 } 1101 if ((arg = strdelim(&cp)) != NULL && *arg != '\0') 1102 fatal("%s line %d: garbage at end of line; \"%.200s\".", 1103 filename, linenum, arg); 1104 return 0; 1105 } 1106 1107 /* Reads the server configuration file. */ 1108 1109 void 1110 read_server_config(ServerOptions *options, const char *filename) 1111 { 1112 int linenum, bad_options = 0; 1113 char line[1024]; 1114 FILE *f; 1115 1116 f = fopen(filename, "r"); 1117 if (!f) { 1118 perror(filename); 1119 exit(1); 1120 } 1121 linenum = 0; 1122 while (fgets(line, sizeof(line), f)) { 1123 /* Update line number counter. */ 1124 linenum++; 1125 if (process_server_config_line(options, line, filename, linenum) != 0) 1126 bad_options++; 1127 } 1128 (void) fclose(f); 1129 if (bad_options > 0) 1130 fatal("%s: terminating, %d bad configuration options", 1131 filename, bad_options); 1132 } 1133