Lines Matching refs:options
75 # 1. command line options
120 # Defaults for various options
136 const char *host, const char *original_host, Options *options,
138 static int process_config_line_depth(Options *options, struct passwd *pw,
186 /* Deprecated options */
194 /* Unsupported options */
199 /* Sometimes-unsupported options */
327 * Adds a local TCP/IP port forward to options. Never returns if there is an
332 add_local_forward(Options *options, const struct Forward *newfwd)
342 for (i = 0; i < options->num_local_forwards; i++) {
343 if (forward_equals(newfwd, options->local_forwards + i))
346 options->local_forwards = xreallocarray(options->local_forwards,
347 options->num_local_forwards + 1,
348 sizeof(*options->local_forwards));
349 fwd = &options->local_forwards[options->num_local_forwards++];
360 * Adds a remote TCP/IP port forward to options. Never returns if there is
365 add_remote_forward(Options *options, const struct Forward *newfwd)
371 for (i = 0; i < options->num_remote_forwards; i++) {
372 if (forward_equals(newfwd, options->remote_forwards + i))
375 options->remote_forwards = xreallocarray(options->remote_forwards,
376 options->num_remote_forwards + 1,
377 sizeof(*options->remote_forwards));
378 fwd = &options->remote_forwards[options->num_remote_forwards++];
391 clear_forwardings(Options *options)
395 for (i = 0; i < options->num_local_forwards; i++) {
396 free(options->local_forwards[i].listen_host);
397 free(options->local_forwards[i].listen_path);
398 free(options->local_forwards[i].connect_host);
399 free(options->local_forwards[i].connect_path);
401 if (options->num_local_forwards > 0) {
402 free(options->local_forwards);
403 options->local_forwards = NULL;
405 options->num_local_forwards = 0;
406 for (i = 0; i < options->num_remote_forwards; i++) {
407 free(options->remote_forwards[i].listen_host);
408 free(options->remote_forwards[i].listen_path);
409 free(options->remote_forwards[i].connect_host);
410 free(options->remote_forwards[i].connect_path);
412 if (options->num_remote_forwards > 0) {
413 free(options->remote_forwards);
414 options->remote_forwards = NULL;
416 options->num_remote_forwards = 0;
417 options->tun_open = SSH_TUNMODE_NO;
421 add_certificate_file(Options *options, const char *path, int userprovided)
425 if (options->num_certificate_files >= SSH_MAX_CERTIFICATE_FILES)
430 for (i = 0; i < options->num_certificate_files; i++) {
431 if (options->certificate_file_userprovided[i] == userprovided &&
432 strcmp(options->certificate_files[i], path) == 0) {
438 options->certificate_file_userprovided[options->num_certificate_files] =
440 options->certificate_files[options->num_certificate_files++] =
445 add_identity_file(Options *options, const char *dir, const char *filename,
451 if (options->num_identity_files >= SSH_MAX_IDENTITY_FILES)
461 for (i = 0; i < options->num_identity_files; i++) {
462 if (options->identity_file_userprovided[i] == userprovided &&
463 strcmp(options->identity_files[i], path) == 0) {
470 options->identity_file_userprovided[options->num_identity_files] =
472 options->identity_files[options->num_identity_files++] = path;
559 match_cfg_line(Options *options, char **condition, struct passwd *pw,
572 port = options->port <= 0 ? default_ssh_port() : options->port;
573 ruser = options->user == NULL ? pw->pw_name : options->user;
575 host = xstrdup(options->hostname);
576 } else if (options->hostname != NULL) {
578 host = percent_expand(options->hostname,
825 process_config_line(Options *options, struct passwd *pw, const char *host,
829 return process_config_line_depth(options, pw, host, original_host,
835 process_config_line_depth(Options *options, struct passwd *pw, const char *host,
878 options->ignored_unknown);
882 /* don't panic, but count bad options */
889 intptr = &options->connection_timeout;
905 intptr = &options->forward_agent;
928 intptr = &options->forward_x11;
932 intptr = &options->forward_x11_trusted;
936 intptr = &options->forward_x11_timeout;
940 intptr = &options->fwd_opts.gateway_ports;
944 intptr = &options->exit_on_forward_failure;
948 intptr = &options->use_privileged_port;
952 intptr = &options->password_authentication;
956 intptr = &options->kbd_interactive_authentication;
960 charptr = &options->kbd_interactive_devices;
964 intptr = &options->pubkey_authentication;
968 intptr = &options->rsa_authentication;
972 intptr = &options->rhosts_rsa_authentication;
976 intptr = &options->hostbased_authentication;
980 intptr = &options->challenge_response_authentication;
984 intptr = &options->gss_authentication;
988 intptr = &options->gss_deleg_creds;
992 intptr = &options->batch_mode;
996 intptr = &options->check_host_ip;
1000 intptr = &options->verify_host_key_dns;
1005 intptr = &options->strict_host_key_checking;
1010 intptr = &options->compression;
1014 intptr = &options->tcp_keep_alive;
1018 intptr = &options->no_host_authentication_for_localhost;
1022 intptr = &options->number_of_password_prompts;
1026 intptr = &options->compression_level;
1044 if (*activep && options->rekey_limit == -1)
1045 options->rekey_limit = val64;
1051 intptr = &options->rekey_interval;
1061 intptr = &options->num_identity_files;
1065 add_identity_file(options, NULL,
1076 intptr = &options->num_certificate_files;
1083 add_certificate_file(options, arg,
1089 charptr=&options->xauth_location;
1093 charptr = &options->user;
1104 cpptr = (char **)&options->system_hostfiles;
1105 uintptr = &options->num_system_hostfiles;
1120 cpptr = (char **)&options->user_hostfiles;
1121 uintptr = &options->num_user_hostfiles;
1126 charptr = &options->hostname;
1130 charptr = &options->host_key_alias;
1134 charptr = &options->preferred_authentications;
1138 charptr = &options->bind_address;
1142 charptr = &options->pkcs11_provider;
1146 charptr = &options->proxy_command;
1148 if (options->jump_host != NULL)
1149 charptr = &options->jump_host; /* Skip below */
1164 if (parse_jump(s + len, options, *activep) == -1) {
1171 intptr = &options->port;
1188 intptr = &options->connection_attempts;
1192 intptr = &options->cipher;
1211 if (*activep && options->ciphers == NULL)
1212 options->ciphers = xstrdup(arg);
1222 if (*activep && options->macs == NULL)
1223 options->macs = xstrdup(arg);
1235 if (*activep && options->kex_algorithms == NULL)
1236 options->kex_algorithms = xstrdup(arg);
1240 charptr = &options->hostkeyalgorithms;
1255 intptr = &options->protocol;
1268 log_level_ptr = &options->log_level;
1308 add_local_forward(options, &fwd);
1310 add_remote_forward(options, &fwd);
1315 intptr = &options->clear_forwardings;
1345 debug("%.200s line %d: Applying options for %.100s",
1354 value = match_cfg_line(options, &s, pw, host, original_host,
1363 intptr = &options->escape_char;
1385 intptr = &options->address_family;
1390 intptr = &options->enable_ssh_keysign;
1394 intptr = &options->identities_only;
1398 intptr = &options->server_alive_interval;
1402 intptr = &options->server_alive_count_max;
1412 if (options->num_send_env >= MAX_SEND_ENV)
1415 options->send_env[options->num_send_env++] =
1421 charptr = &options->control_path;
1425 intptr = &options->control_master;
1431 intptr = &options->control_persist;
1449 options->control_persist_timeout = value2;
1454 intptr = &options->hash_known_hosts;
1458 intptr = &options->tun_open;
1470 options->tun_local = value;
1471 options->tun_remote = value2;
1476 charptr = &options->local_command;
1480 intptr = &options->permit_local_command;
1484 intptr = &options->visual_host_key;
1527 pw, host, original_host, options,
1562 options->ip_qos_interactive = value;
1563 options->ip_qos_bulk = value2;
1568 intptr = &options->request_tty;
1577 if (*activep && options->version_addendum == NULL) {
1579 options->version_addendum = xstrdup("");
1584 options->version_addendum = xstrdup(s + len);
1589 charptr = &options->ignored_unknown;
1593 intptr = &options->proxy_use_fdpass;
1597 value = options->num_canonical_domains != 0;
1602 if (options->num_canonical_domains >= MAX_CANON_DOMAINS)
1605 options->canonical_domains[
1606 options->num_canonical_domains++] = xstrdup(arg);
1611 value = options->num_permitted_cnames != 0;
1629 if (options->num_permitted_cnames >= MAX_CANON_DOMAINS)
1632 cname = options->permitted_cnames +
1633 options->num_permitted_cnames++;
1640 intptr = &options->canonicalize_hostname;
1645 intptr = &options->canonicalize_max_dots;
1649 intptr = &options->canonicalize_fallback_local;
1660 options->fwd_opts.streamlocal_bind_mask = (mode_t)value;
1664 intptr = &options->fwd_opts.streamlocal_bind_unlink;
1668 charptr = &options->revoked_host_keys;
1672 intptr = &options->fingerprint_hash;
1685 intptr = &options->update_hostkeys;
1690 charptr = &options->hostbased_key_types;
1694 charptr = &options->pubkey_key_types;
1698 intptr = &options->add_keys_to_agent;
1703 charptr = &options->identity_agent;
1729 * Reads the config file and modifies the options accordingly. Options
1735 const char *original_host, Options *options, int flags)
1740 options, flags, &active, 0);
1746 const char *host, const char *original_host, Options *options,
1773 * Mark that we are now processing the options. This flag is turned
1782 if (process_config_line_depth(options, pw, host, original_host,
1788 fatal("%s: terminating, %d bad configuration options",
1801 * Initializes options to special values that indicate that they have not yet
1802 * been set. Read_config_file will only set options with this value. Options
1808 initialize_options(Options * options)
1810 memset(options, 'X', sizeof(*options));
1811 options->version_addendum = NULL;
1812 options->forward_agent = -1;
1813 options->forward_x11 = -1;
1814 options->forward_x11_trusted = -1;
1815 options->forward_x11_timeout = -1;
1816 options->stdio_forward_host = NULL;
1817 options->stdio_forward_port = 0;
1818 options->clear_forwardings = -1;
1819 options->exit_on_forward_failure = -1;
1820 options->xauth_location = NULL;
1821 options->fwd_opts.gateway_ports = -1;
1822 options->fwd_opts.streamlocal_bind_mask = (mode_t)-1;
1823 options->fwd_opts.streamlocal_bind_unlink = -1;
1824 options->use_privileged_port = -1;
1825 options->rsa_authentication = -1;
1826 options->pubkey_authentication = -1;
1827 options->challenge_response_authentication = -1;
1828 options->gss_authentication = -1;
1829 options->gss_deleg_creds = -1;
1830 options->password_authentication = -1;
1831 options->kbd_interactive_authentication = -1;
1832 options->kbd_interactive_devices = NULL;
1833 options->rhosts_rsa_authentication = -1;
1834 options->hostbased_authentication = -1;
1835 options->batch_mode = -1;
1836 options->check_host_ip = -1;
1837 options->strict_host_key_checking = -1;
1838 options->compression = -1;
1839 options->tcp_keep_alive = -1;
1840 options->compression_level = -1;
1841 options->port = -1;
1842 options->address_family = -1;
1843 options->connection_attempts = -1;
1844 options->connection_timeout = -1;
1845 options->number_of_password_prompts = -1;
1846 options->cipher = -1;
1847 options->ciphers = NULL;
1848 options->macs = NULL;
1849 options->kex_algorithms = NULL;
1850 options->hostkeyalgorithms = NULL;
1851 options->protocol = SSH_PROTO_UNKNOWN;
1852 options->num_identity_files = 0;
1853 options->num_certificate_files = 0;
1854 options->hostname = NULL;
1855 options->host_key_alias = NULL;
1856 options->proxy_command = NULL;
1857 options->jump_user = NULL;
1858 options->jump_host = NULL;
1859 options->jump_port = -1;
1860 options->jump_extra = NULL;
1861 options->user = NULL;
1862 options->escape_char = -1;
1863 options->num_system_hostfiles = 0;
1864 options->num_user_hostfiles = 0;
1865 options->local_forwards = NULL;
1866 options->num_local_forwards = 0;
1867 options->remote_forwards = NULL;
1868 options->num_remote_forwards = 0;
1869 options->log_level = SYSLOG_LEVEL_NOT_SET;
1870 options->preferred_authentications = NULL;
1871 options->bind_address = NULL;
1872 options->pkcs11_provider = NULL;
1873 options->enable_ssh_keysign = - 1;
1874 options->no_host_authentication_for_localhost = - 1;
1875 options->identities_only = - 1;
1876 options->rekey_limit = - 1;
1877 options->rekey_interval = -1;
1878 options->verify_host_key_dns = -1;
1879 options->server_alive_interval = -1;
1880 options->server_alive_count_max = -1;
1881 options->num_send_env = 0;
1882 options->control_path = NULL;
1883 options->control_master = -1;
1884 options->control_persist = -1;
1885 options->control_persist_timeout = 0;
1886 options->hash_known_hosts = -1;
1887 options->tun_open = -1;
1888 options->tun_local = -1;
1889 options->tun_remote = -1;
1890 options->local_command = NULL;
1891 options->permit_local_command = -1;
1892 options->add_keys_to_agent = -1;
1893 options->identity_agent = NULL;
1894 options->visual_host_key = -1;
1895 options->ip_qos_interactive = -1;
1896 options->ip_qos_bulk = -1;
1897 options->request_tty = -1;
1898 options->proxy_use_fdpass = -1;
1899 options->ignored_unknown = NULL;
1900 options->num_canonical_domains = 0;
1901 options->num_permitted_cnames = 0;
1902 options->canonicalize_max_dots = -1;
1903 options->canonicalize_fallback_local = -1;
1904 options->canonicalize_hostname = -1;
1905 options->revoked_host_keys = NULL;
1906 options->fingerprint_hash = -1;
1907 options->update_hostkeys = -1;
1908 options->hostbased_key_types = NULL;
1909 options->pubkey_key_types = NULL;
1913 * A petite version of fill_default_options() that just fills the options
1917 fill_default_options_for_canonicalization(Options *options)
1919 if (options->canonicalize_max_dots == -1)
1920 options->canonicalize_max_dots = 1;
1921 if (options->canonicalize_fallback_local == -1)
1922 options->canonicalize_fallback_local = 1;
1923 if (options->canonicalize_hostname == -1)
1924 options->canonicalize_hostname = SSH_CANONICALISE_NO;
1929 * options for which no value has been specified with their default values.
1932 fill_default_options(Options * options)
1934 if (options->forward_agent == -1)
1935 options->forward_agent = 0;
1936 if (options->forward_x11 == -1)
1937 options->forward_x11 = 0;
1938 if (options->forward_x11_trusted == -1)
1939 options->forward_x11_trusted = 0;
1940 if (options->forward_x11_timeout == -1)
1941 options->forward_x11_timeout = 1200;
1946 if (options->exit_on_forward_failure == -1)
1947 options->exit_on_forward_failure =
1948 options->stdio_forward_host != NULL ? 1 : 0;
1949 if (options->clear_forwardings == -1)
1950 options->clear_forwardings =
1951 options->stdio_forward_host != NULL ? 1 : 0;
1952 if (options->clear_forwardings == 1)
1953 clear_forwardings(options);
1955 if (options->xauth_location == NULL)
1956 options->xauth_location = _PATH_XAUTH;
1957 if (options->fwd_opts.gateway_ports == -1)
1958 options->fwd_opts.gateway_ports = 0;
1959 if (options->fwd_opts.streamlocal_bind_mask == (mode_t)-1)
1960 options->fwd_opts.streamlocal_bind_mask = 0177;
1961 if (options->fwd_opts.streamlocal_bind_unlink == -1)
1962 options->fwd_opts.streamlocal_bind_unlink = 0;
1963 if (options->use_privileged_port == -1)
1964 options->use_privileged_port = 0;
1965 if (options->rsa_authentication == -1)
1966 options->rsa_authentication = 1;
1967 if (options->pubkey_authentication == -1)
1968 options->pubkey_authentication = 1;
1969 if (options->challenge_response_authentication == -1)
1970 options->challenge_response_authentication = 1;
1971 if (options->gss_authentication == -1)
1972 options->gss_authentication = 0;
1973 if (options->gss_deleg_creds == -1)
1974 options->gss_deleg_creds = 0;
1975 if (options->password_authentication == -1)
1976 options->password_authentication = 1;
1977 if (options->kbd_interactive_authentication == -1)
1978 options->kbd_interactive_authentication = 1;
1979 if (options->rhosts_rsa_authentication == -1)
1980 options->rhosts_rsa_authentication = 0;
1981 if (options->hostbased_authentication == -1)
1982 options->hostbased_authentication = 0;
1983 if (options->batch_mode == -1)
1984 options->batch_mode = 0;
1985 if (options->check_host_ip == -1)
1986 options->check_host_ip = 0;
1987 if (options->strict_host_key_checking == -1)
1988 options->strict_host_key_checking = 2; /* 2 is default */
1989 if (options->compression == -1)
1990 options->compression = 0;
1991 if (options->tcp_keep_alive == -1)
1992 options->tcp_keep_alive = 1;
1993 if (options->compression_level == -1)
1994 options->compression_level = 6;
1995 if (options->port == -1)
1996 options->port = 0; /* Filled in ssh_connect. */
1997 if (options->address_family == -1)
1998 options->address_family = AF_UNSPEC;
1999 if (options->connection_attempts == -1)
2000 options->connection_attempts = 1;
2001 if (options->number_of_password_prompts == -1)
2002 options->number_of_password_prompts = 3;
2004 if (options->cipher == -1)
2005 options->cipher = SSH_CIPHER_NOT_SET;
2006 /* options->hostkeyalgorithms, default set in myproposals.h */
2007 if (options->protocol == SSH_PROTO_UNKNOWN)
2008 options->protocol = SSH_PROTO_2;
2009 if (options->add_keys_to_agent == -1)
2010 options->add_keys_to_agent = 0;
2011 if (options->num_identity_files == 0) {
2012 if (options->protocol & SSH_PROTO_1) {
2013 add_identity_file(options, "~/",
2016 if (options->protocol & SSH_PROTO_2) {
2017 add_identity_file(options, "~/",
2019 add_identity_file(options, "~/",
2022 add_identity_file(options, "~/",
2025 add_identity_file(options, "~/",
2029 if (options->escape_char == -1)
2030 options->escape_char = '~';
2031 if (options->num_system_hostfiles == 0) {
2032 options->system_hostfiles[options->num_system_hostfiles++] =
2034 options->system_hostfiles[options->num_system_hostfiles++] =
2037 if (options->num_user_hostfiles == 0) {
2038 options->user_hostfiles[options->num_user_hostfiles++] =
2040 options->user_hostfiles[options->num_user_hostfiles++] =
2043 if (options->log_level == SYSLOG_LEVEL_NOT_SET)
2044 options->log_level = SYSLOG_LEVEL_INFO;
2045 if (options->no_host_authentication_for_localhost == - 1)
2046 options->no_host_authentication_for_localhost = 0;
2047 if (options->identities_only == -1)
2048 options->identities_only = 0;
2049 if (options->enable_ssh_keysign == -1)
2050 options->enable_ssh_keysign = 0;
2051 if (options->rekey_limit == -1)
2052 options->rekey_limit = 0;
2053 if (options->rekey_interval == -1)
2054 options->rekey_interval = 0;
2056 if (options->verify_host_key_dns == -1)
2058 options->verify_host_key_dns = 1;
2060 if (options->verify_host_key_dns == -1)
2061 options->verify_host_key_dns = 0;
2063 if (options->server_alive_interval == -1)
2064 options->server_alive_interval = 0;
2065 if (options->server_alive_count_max == -1)
2066 options->server_alive_count_max = 3;
2067 if (options->control_master == -1)
2068 options->control_master = 0;
2069 if (options->control_persist == -1) {
2070 options->control_persist = 0;
2071 options->control_persist_timeout = 0;
2073 if (options->hash_known_hosts == -1)
2074 options->hash_known_hosts = 0;
2075 if (options->tun_open == -1)
2076 options->tun_open = SSH_TUNMODE_NO;
2077 if (options->tun_local == -1)
2078 options->tun_local = SSH_TUNID_ANY;
2079 if (options->tun_remote == -1)
2080 options->tun_remote = SSH_TUNID_ANY;
2081 if (options->permit_local_command == -1)
2082 options->permit_local_command = 0;
2083 if (options->visual_host_key == -1)
2084 options->visual_host_key = 0;
2085 if (options->ip_qos_interactive == -1)
2086 options->ip_qos_interactive = IPTOS_LOWDELAY;
2087 if (options->ip_qos_bulk == -1)
2088 options->ip_qos_bulk = IPTOS_THROUGHPUT;
2089 if (options->request_tty == -1)
2090 options->request_tty = REQUEST_TTY_AUTO;
2091 if (options->proxy_use_fdpass == -1)
2092 options->proxy_use_fdpass = 0;
2093 if (options->canonicalize_max_dots == -1)
2094 options->canonicalize_max_dots = 1;
2095 if (options->canonicalize_fallback_local == -1)
2096 options->canonicalize_fallback_local = 1;
2097 if (options->canonicalize_hostname == -1)
2098 options->canonicalize_hostname = SSH_CANONICALISE_NO;
2099 if (options->fingerprint_hash == -1)
2100 options->fingerprint_hash = SSH_FP_HASH_DEFAULT;
2101 if (options->update_hostkeys == -1)
2102 options->update_hostkeys = 0;
2103 if (kex_assemble_names(KEX_CLIENT_ENCRYPT, &options->ciphers) != 0 ||
2104 kex_assemble_names(KEX_CLIENT_MAC, &options->macs) != 0 ||
2105 kex_assemble_names(KEX_CLIENT_KEX, &options->kex_algorithms) != 0 ||
2107 &options->hostbased_key_types) != 0 ||
2109 &options->pubkey_key_types) != 0)
2119 CLEAR_ON_NONE(options->local_command);
2120 CLEAR_ON_NONE(options->proxy_command);
2121 CLEAR_ON_NONE(options->control_path);
2122 CLEAR_ON_NONE(options->revoked_host_keys);
2123 /* options->identity_agent distinguishes NULL from 'none' */
2124 /* options->user will be set in the main program if appropriate */
2125 /* options->hostname will be set in the main program if appropriate */
2126 /* options->host_key_alias should not be set by default */
2127 /* options->preferred_authentications will be set in ssh */
2128 if (options->version_addendum == NULL)
2129 options->version_addendum = xstrdup(SSH_VERSION_FREEBSD);
2546 /* Most interesting options first: user, host, port */
2551 /* Flag options */
2596 /* Integer options */
2607 /* String options */
2633 /* String array options */