readconf.c (128461) | readconf.c (137019) |
---|---|
1/* 2 * Author: Tatu Ylonen <ylo@cs.hut.fi> 3 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland 4 * All rights reserved 5 * Functions for reading the configuration files. 6 * 7 * As far as I am concerned, the code I have written for this software 8 * can be used freely for any purpose. Any derived versions of this 9 * software must be clearly marked as such, and if the derived work is 10 * incompatible with the protocol description in the RFC file, it must be 11 * called by a name other than "ssh" or "Secure Shell". 12 */ 13 14#include "includes.h" | 1/* 2 * Author: Tatu Ylonen <ylo@cs.hut.fi> 3 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland 4 * All rights reserved 5 * Functions for reading the configuration files. 6 * 7 * As far as I am concerned, the code I have written for this software 8 * can be used freely for any purpose. Any derived versions of this 9 * software must be clearly marked as such, and if the derived work is 10 * incompatible with the protocol description in the RFC file, it must be 11 * called by a name other than "ssh" or "Secure Shell". 12 */ 13 14#include "includes.h" |
15RCSID("$FreeBSD: head/crypto/openssh/readconf.c 128461 2004-04-20 09:47:13Z des $"); 16RCSID("$OpenBSD: readconf.c,v 1.127 2003/12/16 15:49:51 markus Exp $"); | 15RCSID("$OpenBSD: readconf.c,v 1.134 2004/07/11 17:48:47 deraadt Exp $"); 16RCSID("$FreeBSD: head/crypto/openssh/readconf.c 137019 2004-10-28 16:11:31Z des $"); |
17 18#include "ssh.h" 19#include "xmalloc.h" 20#include "compat.h" 21#include "cipher.h" 22#include "pathnames.h" 23#include "log.h" 24#include "readconf.h" --- 77 unchanged lines hidden (view full) --- 102 oGlobalKnownHostsFile2, oUserKnownHostsFile2, oPubkeyAuthentication, 103 oKbdInteractiveAuthentication, oKbdInteractiveDevices, oHostKeyAlias, 104 oDynamicForward, oPreferredAuthentications, oHostbasedAuthentication, 105 oHostKeyAlgorithms, oBindAddress, oSmartcardDevice, 106 oClearAllForwardings, oNoHostAuthenticationForLocalhost, 107 oEnableSSHKeysign, oRekeyLimit, oVerifyHostKeyDNS, oConnectTimeout, 108 oAddressFamily, oGssAuthentication, oGssDelegateCreds, 109 oServerAliveInterval, oServerAliveCountMax, oIdentitiesOnly, | 17 18#include "ssh.h" 19#include "xmalloc.h" 20#include "compat.h" 21#include "cipher.h" 22#include "pathnames.h" 23#include "log.h" 24#include "readconf.h" --- 77 unchanged lines hidden (view full) --- 102 oGlobalKnownHostsFile2, oUserKnownHostsFile2, oPubkeyAuthentication, 103 oKbdInteractiveAuthentication, oKbdInteractiveDevices, oHostKeyAlias, 104 oDynamicForward, oPreferredAuthentications, oHostbasedAuthentication, 105 oHostKeyAlgorithms, oBindAddress, oSmartcardDevice, 106 oClearAllForwardings, oNoHostAuthenticationForLocalhost, 107 oEnableSSHKeysign, oRekeyLimit, oVerifyHostKeyDNS, oConnectTimeout, 108 oAddressFamily, oGssAuthentication, oGssDelegateCreds, 109 oServerAliveInterval, oServerAliveCountMax, oIdentitiesOnly, |
110 oSendEnv, oControlPath, oControlMaster, |
|
110 oVersionAddendum, 111 oDeprecated, oUnsupported 112} OpCodes; 113 114/* Textual representations of the tokens. */ 115 116static struct { 117 const char *name; --- 72 unchanged lines hidden (view full) --- 190 { "enablesshkeysign", oEnableSSHKeysign }, 191 { "verifyhostkeydns", oVerifyHostKeyDNS }, 192 { "nohostauthenticationforlocalhost", oNoHostAuthenticationForLocalhost }, 193 { "rekeylimit", oRekeyLimit }, 194 { "connecttimeout", oConnectTimeout }, 195 { "addressfamily", oAddressFamily }, 196 { "serveraliveinterval", oServerAliveInterval }, 197 { "serveralivecountmax", oServerAliveCountMax }, | 111 oVersionAddendum, 112 oDeprecated, oUnsupported 113} OpCodes; 114 115/* Textual representations of the tokens. */ 116 117static struct { 118 const char *name; --- 72 unchanged lines hidden (view full) --- 191 { "enablesshkeysign", oEnableSSHKeysign }, 192 { "verifyhostkeydns", oVerifyHostKeyDNS }, 193 { "nohostauthenticationforlocalhost", oNoHostAuthenticationForLocalhost }, 194 { "rekeylimit", oRekeyLimit }, 195 { "connecttimeout", oConnectTimeout }, 196 { "addressfamily", oAddressFamily }, 197 { "serveraliveinterval", oServerAliveInterval }, 198 { "serveralivecountmax", oServerAliveCountMax }, |
199 { "sendenv", oSendEnv }, 200 { "controlpath", oControlPath }, 201 { "controlmaster", oControlMaster }, |
|
198 { "versionaddendum", oVersionAddendum }, 199 { NULL, oBadOption } 200}; 201 202/* 203 * Adds a local TCP/IP port forward to options. Never returns if there is an 204 * error. 205 */ --- 541 unchanged lines hidden (view full) --- 747 case oServerAliveInterval: 748 intptr = &options->server_alive_interval; 749 goto parse_time; 750 751 case oServerAliveCountMax: 752 intptr = &options->server_alive_count_max; 753 goto parse_int; 754 | 202 { "versionaddendum", oVersionAddendum }, 203 { NULL, oBadOption } 204}; 205 206/* 207 * Adds a local TCP/IP port forward to options. Never returns if there is an 208 * error. 209 */ --- 541 unchanged lines hidden (view full) --- 751 case oServerAliveInterval: 752 intptr = &options->server_alive_interval; 753 goto parse_time; 754 755 case oServerAliveCountMax: 756 intptr = &options->server_alive_count_max; 757 goto parse_int; 758 |
759 case oSendEnv: 760 while ((arg = strdelim(&s)) != NULL && *arg != '\0') { 761 if (strchr(arg, '=') != NULL) 762 fatal("%s line %d: Invalid environment name.", 763 filename, linenum); 764 if (options->num_send_env >= MAX_SEND_ENV) 765 fatal("%s line %d: too many send env.", 766 filename, linenum); 767 options->send_env[options->num_send_env++] = 768 xstrdup(arg); 769 } 770 break; 771 772 case oControlPath: 773 charptr = &options->control_path; 774 goto parse_string; 775 776 case oControlMaster: 777 intptr = &options->control_master; 778 goto parse_yesnoask; 779 |
|
755 case oVersionAddendum: 756 ssh_version_set_addendum(strtok(s, "\n")); 757 do { 758 arg = strdelim(&s); 759 } while (arg != NULL && *arg != '\0'); 760 break; 761 762 case oDeprecated: --- 21 unchanged lines hidden (view full) --- 784 785/* 786 * Reads the config file and modifies the options accordingly. Options 787 * should already be initialized before this call. This never returns if 788 * there is an error. If the file does not exist, this returns 0. 789 */ 790 791int | 780 case oVersionAddendum: 781 ssh_version_set_addendum(strtok(s, "\n")); 782 do { 783 arg = strdelim(&s); 784 } while (arg != NULL && *arg != '\0'); 785 break; 786 787 case oDeprecated: --- 21 unchanged lines hidden (view full) --- 809 810/* 811 * Reads the config file and modifies the options accordingly. Options 812 * should already be initialized before this call. This never returns if 813 * there is an error. If the file does not exist, this returns 0. 814 */ 815 816int |
792read_config_file(const char *filename, const char *host, Options *options) | 817read_config_file(const char *filename, const char *host, Options *options, 818 int checkperm) |
793{ 794 FILE *f; 795 char line[1024]; 796 int active, linenum; 797 int bad_options = 0; 798 799 /* Open the file. */ | 819{ 820 FILE *f; 821 char line[1024]; 822 int active, linenum; 823 int bad_options = 0; 824 825 /* Open the file. */ |
800 f = fopen(filename, "r"); 801 if (!f) | 826 if ((f = fopen(filename, "r")) == NULL) |
802 return 0; 803 | 827 return 0; 828 |
829 if (checkperm) { 830 struct stat sb; 831 832 if (fstat(fileno(f), &sb) == -1) 833 fatal("fstat %s: %s", filename, strerror(errno)); 834 if (((sb.st_uid != 0 && sb.st_uid != getuid()) || 835 (sb.st_mode & 022) != 0)) 836 fatal("Bad owner or permissions on %s", filename); 837 } 838 |
|
804 debug("Reading configuration data %.200s", filename); 805 806 /* 807 * Mark that we are now processing the options. This flag is turned 808 * on/off by Host specifications. 809 */ 810 active = 1; 811 linenum = 0; --- 72 unchanged lines hidden (view full) --- 884 options->smartcard_device = NULL; 885 options->enable_ssh_keysign = - 1; 886 options->no_host_authentication_for_localhost = - 1; 887 options->identities_only = - 1; 888 options->rekey_limit = - 1; 889 options->verify_host_key_dns = -1; 890 options->server_alive_interval = -1; 891 options->server_alive_count_max = -1; | 839 debug("Reading configuration data %.200s", filename); 840 841 /* 842 * Mark that we are now processing the options. This flag is turned 843 * on/off by Host specifications. 844 */ 845 active = 1; 846 linenum = 0; --- 72 unchanged lines hidden (view full) --- 919 options->smartcard_device = NULL; 920 options->enable_ssh_keysign = - 1; 921 options->no_host_authentication_for_localhost = - 1; 922 options->identities_only = - 1; 923 options->rekey_limit = - 1; 924 options->verify_host_key_dns = -1; 925 options->server_alive_interval = -1; 926 options->server_alive_count_max = -1; |
927 options->num_send_env = 0; 928 options->control_path = NULL; 929 options->control_master = -1; |
|
892} 893 894/* 895 * Called after processing other sources of option data, this fills those 896 * options for which no value has been specified with their default values. 897 */ 898 899void --- 104 unchanged lines hidden (view full) --- 1004 if (options->rekey_limit == -1) 1005 options->rekey_limit = 0; 1006 if (options->verify_host_key_dns == -1) 1007 options->verify_host_key_dns = 0; 1008 if (options->server_alive_interval == -1) 1009 options->server_alive_interval = 0; 1010 if (options->server_alive_count_max == -1) 1011 options->server_alive_count_max = 3; | 930} 931 932/* 933 * Called after processing other sources of option data, this fills those 934 * options for which no value has been specified with their default values. 935 */ 936 937void --- 104 unchanged lines hidden (view full) --- 1042 if (options->rekey_limit == -1) 1043 options->rekey_limit = 0; 1044 if (options->verify_host_key_dns == -1) 1045 options->verify_host_key_dns = 0; 1046 if (options->server_alive_interval == -1) 1047 options->server_alive_interval = 0; 1048 if (options->server_alive_count_max == -1) 1049 options->server_alive_count_max = 3; |
1050 if (options->control_master == -1) 1051 options->control_master = 0; |
|
1012 /* options->proxy_command should not be set by default */ 1013 /* options->user will be set in the main program if appropriate */ 1014 /* options->hostname will be set in the main program if appropriate */ 1015 /* options->host_key_alias should not be set by default */ 1016 /* options->preferred_authentications will be set in ssh */ 1017} | 1052 /* options->proxy_command should not be set by default */ 1053 /* options->user will be set in the main program if appropriate */ 1054 /* options->hostname will be set in the main program if appropriate */ 1055 /* options->host_key_alias should not be set by default */ 1056 /* options->preferred_authentications will be set in ssh */ 1057} |