readconf.c (247485) | readconf.c (251135) |
---|---|
1/* $OpenBSD: readconf.c,v 1.194 2011/09/23 07:45:05 markus Exp $ */ 2/* $FreeBSD: stable/9/crypto/openssh/readconf.c 247485 2013-02-28 18:43:50Z des $ */ | 1/* $OpenBSD: readconf.c,v 1.196 2013/02/22 04:45:08 dtucker Exp $ */ 2/* $FreeBSD: stable/9/crypto/openssh/readconf.c 251135 2013-05-30 12:25:58Z des $ */ |
3/* 4 * Author: Tatu Ylonen <ylo@cs.hut.fi> 5 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland 6 * All rights reserved 7 * Functions for reading the configuration files. 8 * 9 * As far as I am concerned, the code I have written for this software 10 * can be used freely for any purpose. Any derived versions of this 11 * software must be clearly marked as such, and if the derived work is 12 * incompatible with the protocol description in the RFC file, it must be 13 * called by a name other than "ssh" or "Secure Shell". 14 */ 15 16#include "includes.h" | 3/* 4 * Author: Tatu Ylonen <ylo@cs.hut.fi> 5 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland 6 * All rights reserved 7 * Functions for reading the configuration files. 8 * 9 * As far as I am concerned, the code I have written for this software 10 * can be used freely for any purpose. Any derived versions of this 11 * software must be clearly marked as such, and if the derived work is 12 * incompatible with the protocol description in the RFC file, it must be 13 * called by a name other than "ssh" or "Secure Shell". 14 */ 15 16#include "includes.h" |
17__RCSID("$FreeBSD: stable/9/crypto/openssh/readconf.c 247485 2013-02-28 18:43:50Z des $"); | 17__RCSID("$FreeBSD: stable/9/crypto/openssh/readconf.c 251135 2013-05-30 12:25:58Z des $"); |
18 19#include <sys/types.h> 20#include <sys/stat.h> 21#include <sys/socket.h> 22#include <sys/sysctl.h> 23 24#include <netinet/in.h> 25#include <netinet/in_systm.h> --- 325 unchanged lines hidden (view full) --- 351 if (options->num_remote_forwards > 0) { 352 xfree(options->remote_forwards); 353 options->remote_forwards = NULL; 354 } 355 options->num_remote_forwards = 0; 356 options->tun_open = SSH_TUNMODE_NO; 357} 358 | 18 19#include <sys/types.h> 20#include <sys/stat.h> 21#include <sys/socket.h> 22#include <sys/sysctl.h> 23 24#include <netinet/in.h> 25#include <netinet/in_systm.h> --- 325 unchanged lines hidden (view full) --- 351 if (options->num_remote_forwards > 0) { 352 xfree(options->remote_forwards); 353 options->remote_forwards = NULL; 354 } 355 options->num_remote_forwards = 0; 356 options->tun_open = SSH_TUNMODE_NO; 357} 358 |
359void 360add_identity_file(Options *options, const char *dir, const char *filename, 361 int userprovided) 362{ 363 char *path; 364 365 if (options->num_identity_files >= SSH_MAX_IDENTITY_FILES) 366 fatal("Too many identity files specified (max %d)", 367 SSH_MAX_IDENTITY_FILES); 368 369 if (dir == NULL) /* no dir, filename is absolute */ 370 path = xstrdup(filename); 371 else 372 (void)xasprintf(&path, "%.100s%.100s", dir, filename); 373 374 options->identity_file_userprovided[options->num_identity_files] = 375 userprovided; 376 options->identity_files[options->num_identity_files++] = path; 377} 378 |
|
359/* 360 * Returns the number of the token pointed to by cp or oBadOption. 361 */ 362 363static OpCodes 364parse_token(const char *cp, const char *filename, int linenum) 365{ 366 u_int i; --- 11 unchanged lines hidden (view full) --- 378 * Processes a single option line as used in the configuration files. This 379 * only sets those values that have not already been set. 380 */ 381#define WHITESPACE " \t\r\n" 382 383int 384process_config_line(Options *options, const char *host, 385 char *line, const char *filename, int linenum, | 379/* 380 * Returns the number of the token pointed to by cp or oBadOption. 381 */ 382 383static OpCodes 384parse_token(const char *cp, const char *filename, int linenum) 385{ 386 u_int i; --- 11 unchanged lines hidden (view full) --- 398 * Processes a single option line as used in the configuration files. This 399 * only sets those values that have not already been set. 400 */ 401#define WHITESPACE " \t\r\n" 402 403int 404process_config_line(Options *options, const char *host, 405 char *line, const char *filename, int linenum, |
386 int *activep) | 406 int *activep, int userconfig) |
387{ 388 char *s, **charptr, *endofnumber, *keyword, *arg, *arg2; 389 char **cpptr, fwdarg[256]; 390 u_int *uintptr, max_entries = 0; 391 int negated, opcode, *intptr, value, value2, scale; 392 LogLevel *log_level_ptr; 393 long long orig, val64; 394 size_t len; --- 216 unchanged lines hidden (view full) --- 611 arg = strdelim(&s); 612 if (!arg || *arg == '\0') 613 fatal("%.200s line %d: Missing argument.", filename, linenum); 614 if (*activep) { 615 intptr = &options->num_identity_files; 616 if (*intptr >= SSH_MAX_IDENTITY_FILES) 617 fatal("%.200s line %d: Too many identity files specified (max %d).", 618 filename, linenum, SSH_MAX_IDENTITY_FILES); | 407{ 408 char *s, **charptr, *endofnumber, *keyword, *arg, *arg2; 409 char **cpptr, fwdarg[256]; 410 u_int *uintptr, max_entries = 0; 411 int negated, opcode, *intptr, value, value2, scale; 412 LogLevel *log_level_ptr; 413 long long orig, val64; 414 size_t len; --- 216 unchanged lines hidden (view full) --- 631 arg = strdelim(&s); 632 if (!arg || *arg == '\0') 633 fatal("%.200s line %d: Missing argument.", filename, linenum); 634 if (*activep) { 635 intptr = &options->num_identity_files; 636 if (*intptr >= SSH_MAX_IDENTITY_FILES) 637 fatal("%.200s line %d: Too many identity files specified (max %d).", 638 filename, linenum, SSH_MAX_IDENTITY_FILES); |
619 charptr = &options->identity_files[*intptr]; 620 *charptr = xstrdup(arg); 621 *intptr = *intptr + 1; | 639 add_identity_file(options, NULL, arg, userconfig); |
622 } 623 break; 624 625 case oXAuthLocation: 626 charptr=&options->xauth_location; 627 goto parse_string; 628 629 case oUser: --- 527 unchanged lines hidden (view full) --- 1157/* 1158 * Reads the config file and modifies the options accordingly. Options 1159 * should already be initialized before this call. This never returns if 1160 * there is an error. If the file does not exist, this returns 0. 1161 */ 1162 1163int 1164read_config_file(const char *filename, const char *host, Options *options, | 640 } 641 break; 642 643 case oXAuthLocation: 644 charptr=&options->xauth_location; 645 goto parse_string; 646 647 case oUser: --- 527 unchanged lines hidden (view full) --- 1175/* 1176 * Reads the config file and modifies the options accordingly. Options 1177 * should already be initialized before this call. This never returns if 1178 * there is an error. If the file does not exist, this returns 0. 1179 */ 1180 1181int 1182read_config_file(const char *filename, const char *host, Options *options, |
1165 int checkperm) | 1183 int flags) |
1166{ 1167 FILE *f; 1168 char line[1024]; 1169 int active, linenum; 1170 int bad_options = 0; 1171 1172 if ((f = fopen(filename, "r")) == NULL) 1173 return 0; 1174 | 1184{ 1185 FILE *f; 1186 char line[1024]; 1187 int active, linenum; 1188 int bad_options = 0; 1189 1190 if ((f = fopen(filename, "r")) == NULL) 1191 return 0; 1192 |
1175 if (checkperm) { | 1193 if (flags & SSHCONF_CHECKPERM) { |
1176 struct stat sb; 1177 1178 if (fstat(fileno(f), &sb) == -1) 1179 fatal("fstat %s: %s", filename, strerror(errno)); 1180 if (((sb.st_uid != 0 && sb.st_uid != getuid()) || 1181 (sb.st_mode & 022) != 0)) 1182 fatal("Bad owner or permissions on %s", filename); 1183 } --- 4 unchanged lines hidden (view full) --- 1188 * Mark that we are now processing the options. This flag is turned 1189 * on/off by Host specifications. 1190 */ 1191 active = 1; 1192 linenum = 0; 1193 while (fgets(line, sizeof(line), f)) { 1194 /* Update line number counter. */ 1195 linenum++; | 1194 struct stat sb; 1195 1196 if (fstat(fileno(f), &sb) == -1) 1197 fatal("fstat %s: %s", filename, strerror(errno)); 1198 if (((sb.st_uid != 0 && sb.st_uid != getuid()) || 1199 (sb.st_mode & 022) != 0)) 1200 fatal("Bad owner or permissions on %s", filename); 1201 } --- 4 unchanged lines hidden (view full) --- 1206 * Mark that we are now processing the options. This flag is turned 1207 * on/off by Host specifications. 1208 */ 1209 active = 1; 1210 linenum = 0; 1211 while (fgets(line, sizeof(line), f)) { 1212 /* Update line number counter. */ 1213 linenum++; |
1196 if (process_config_line(options, host, line, filename, linenum, &active) != 0) | 1214 if (process_config_line(options, host, line, filename, linenum, 1215 &active, flags & SSHCONF_USERCONF) != 0) |
1197 bad_options++; 1198 } 1199 fclose(f); 1200 if (bad_options > 0) 1201 fatal("%s: terminating, %d bad configuration options", 1202 filename, bad_options); 1203 return 1; 1204} --- 166 unchanged lines hidden (view full) --- 1371 /* options->ciphers, default set in myproposals.h */ 1372 /* options->macs, default set in myproposals.h */ 1373 /* options->kex_algorithms, default set in myproposals.h */ 1374 /* options->hostkeyalgorithms, default set in myproposals.h */ 1375 if (options->protocol == SSH_PROTO_UNKNOWN) 1376 options->protocol = SSH_PROTO_2; 1377 if (options->num_identity_files == 0) { 1378 if (options->protocol & SSH_PROTO_1) { | 1216 bad_options++; 1217 } 1218 fclose(f); 1219 if (bad_options > 0) 1220 fatal("%s: terminating, %d bad configuration options", 1221 filename, bad_options); 1222 return 1; 1223} --- 166 unchanged lines hidden (view full) --- 1390 /* options->ciphers, default set in myproposals.h */ 1391 /* options->macs, default set in myproposals.h */ 1392 /* options->kex_algorithms, default set in myproposals.h */ 1393 /* options->hostkeyalgorithms, default set in myproposals.h */ 1394 if (options->protocol == SSH_PROTO_UNKNOWN) 1395 options->protocol = SSH_PROTO_2; 1396 if (options->num_identity_files == 0) { 1397 if (options->protocol & SSH_PROTO_1) { |
1379 len = 2 + strlen(_PATH_SSH_CLIENT_IDENTITY) + 1; 1380 options->identity_files[options->num_identity_files] = 1381 xmalloc(len); 1382 snprintf(options->identity_files[options->num_identity_files++], 1383 len, "~/%.100s", _PATH_SSH_CLIENT_IDENTITY); | 1398 add_identity_file(options, "~/", 1399 _PATH_SSH_CLIENT_IDENTITY, 0); |
1384 } 1385 if (options->protocol & SSH_PROTO_2) { | 1400 } 1401 if (options->protocol & SSH_PROTO_2) { |
1386 len = 2 + strlen(_PATH_SSH_CLIENT_ID_RSA) + 1; 1387 options->identity_files[options->num_identity_files] = 1388 xmalloc(len); 1389 snprintf(options->identity_files[options->num_identity_files++], 1390 len, "~/%.100s", _PATH_SSH_CLIENT_ID_RSA); 1391 1392 len = 2 + strlen(_PATH_SSH_CLIENT_ID_DSA) + 1; 1393 options->identity_files[options->num_identity_files] = 1394 xmalloc(len); 1395 snprintf(options->identity_files[options->num_identity_files++], 1396 len, "~/%.100s", _PATH_SSH_CLIENT_ID_DSA); | 1402 add_identity_file(options, "~/", 1403 _PATH_SSH_CLIENT_ID_RSA, 0); 1404 add_identity_file(options, "~/", 1405 _PATH_SSH_CLIENT_ID_DSA, 0); |
1397#ifdef OPENSSL_HAS_ECC | 1406#ifdef OPENSSL_HAS_ECC |
1398 len = 2 + strlen(_PATH_SSH_CLIENT_ID_ECDSA) + 1; 1399 options->identity_files[options->num_identity_files] = 1400 xmalloc(len); 1401 snprintf(options->identity_files[options->num_identity_files++], 1402 len, "~/%.100s", _PATH_SSH_CLIENT_ID_ECDSA); | 1407 add_identity_file(options, "~/", 1408 _PATH_SSH_CLIENT_ID_ECDSA, 0); |
1403#endif 1404 } 1405 } 1406 if (options->escape_char == -1) 1407 options->escape_char = '~'; 1408 if (options->num_system_hostfiles == 0) { 1409 options->system_hostfiles[options->num_system_hostfiles++] = 1410 xstrdup(_PATH_SSH_SYSTEM_HOSTFILE); --- 192 unchanged lines hidden --- | 1409#endif 1410 } 1411 } 1412 if (options->escape_char == -1) 1413 options->escape_char = '~'; 1414 if (options->num_system_hostfiles == 0) { 1415 options->system_hostfiles[options->num_system_hostfiles++] = 1416 xstrdup(_PATH_SSH_SYSTEM_HOSTFILE); --- 192 unchanged lines hidden --- |