servconf.c revision 305476
1 2/* $OpenBSD: servconf.c,v 1.285 2016/02/17 05:29:04 djm Exp $ */ 3/* 4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland 5 * All rights reserved 6 * 7 * As far as I am concerned, the code I have written for this software 8 * can be used freely for any purpose. Any derived versions of this 9 * software must be clearly marked as such, and if the derived work is 10 * incompatible with the protocol description in the RFC file, it must be 11 * called by a name other than "ssh" or "Secure Shell". 12 */ 13 14#include "includes.h" 15__RCSID("$FreeBSD: stable/11/crypto/openssh/servconf.c 305476 2016-09-06 14:52:14Z lidl $"); 16 17#include <sys/types.h> 18#include <sys/socket.h> 19 20#include <netinet/in.h> 21#include <netinet/in_systm.h> 22#include <netinet/ip.h> 23 24#include <ctype.h> 25#include <fcntl.h> 26#include <netdb.h> 27#include <pwd.h> 28#include <stdio.h> 29#include <stdlib.h> 30#include <string.h> 31#include <signal.h> 32#include <unistd.h> 33#include <limits.h> 34#include <stdarg.h> 35#include <errno.h> 36#ifdef HAVE_UTIL_H 37#include <util.h> 38#endif 39 40#include "openbsd-compat/sys-queue.h" 41#include "xmalloc.h" 42#include "ssh.h" 43#include "log.h" 44#include "buffer.h" 45#include "misc.h" 46#include "servconf.h" 47#include "compat.h" 48#include "pathnames.h" 49#include "cipher.h" 50#include "key.h" 51#include "kex.h" 52#include "mac.h" 53#include "match.h" 54#include "channels.h" 55#include "groupaccess.h" 56#include "canohost.h" 57#include "packet.h" 58#include "hostfile.h" 59#include "auth.h" 60#include "myproposal.h" 61#include "digest.h" 62#include "version.h" 63 64static void add_listen_addr(ServerOptions *, char *, int); 65static void add_one_listen_addr(ServerOptions *, char *, int); 66 67/* Use of privilege separation or not */ 68extern int use_privsep; 69extern Buffer cfg; 70 71/* Initializes the server options to their default values. */ 72 73void 74initialize_server_options(ServerOptions *options) 75{ 76 memset(options, 0, sizeof(*options)); 77 78 /* Portable-specific options */ 79 options->use_pam = -1; 80 81 /* Standard Options */ 82 options->num_ports = 0; 83 options->ports_from_cmdline = 0; 84 options->queued_listen_addrs = NULL; 85 options->num_queued_listens = 0; 86 options->listen_addrs = NULL; 87 options->address_family = -1; 88 options->num_host_key_files = 0; 89 options->num_host_cert_files = 0; 90 options->host_key_agent = NULL; 91 options->pid_file = NULL; 92 options->server_key_bits = -1; 93 options->login_grace_time = -1; 94 options->key_regeneration_time = -1; 95 options->permit_root_login = PERMIT_NOT_SET; 96 options->ignore_rhosts = -1; 97 options->ignore_user_known_hosts = -1; 98 options->print_motd = -1; 99 options->print_lastlog = -1; 100 options->x11_forwarding = -1; 101 options->x11_display_offset = -1; 102 options->x11_use_localhost = -1; 103 options->permit_tty = -1; 104 options->permit_user_rc = -1; 105 options->xauth_location = NULL; 106 options->strict_modes = -1; 107 options->tcp_keep_alive = -1; 108 options->log_facility = SYSLOG_FACILITY_NOT_SET; 109 options->log_level = SYSLOG_LEVEL_NOT_SET; 110 options->rhosts_rsa_authentication = -1; 111 options->hostbased_authentication = -1; 112 options->hostbased_uses_name_from_packet_only = -1; 113 options->hostbased_key_types = NULL; 114 options->hostkeyalgorithms = NULL; 115 options->rsa_authentication = -1; 116 options->pubkey_authentication = -1; 117 options->pubkey_key_types = NULL; 118 options->kerberos_authentication = -1; 119 options->kerberos_or_local_passwd = -1; 120 options->kerberos_ticket_cleanup = -1; 121 options->kerberos_get_afs_token = -1; 122 options->gss_authentication=-1; 123 options->gss_cleanup_creds = -1; 124 options->gss_strict_acceptor = -1; 125 options->password_authentication = -1; 126 options->kbd_interactive_authentication = -1; 127 options->challenge_response_authentication = -1; 128 options->permit_empty_passwd = -1; 129 options->permit_user_env = -1; 130 options->use_login = -1; 131 options->compression = -1; 132 options->rekey_limit = -1; 133 options->rekey_interval = -1; 134 options->allow_tcp_forwarding = -1; 135 options->allow_streamlocal_forwarding = -1; 136 options->allow_agent_forwarding = -1; 137 options->num_allow_users = 0; 138 options->num_deny_users = 0; 139 options->num_allow_groups = 0; 140 options->num_deny_groups = 0; 141 options->ciphers = NULL; 142 options->macs = NULL; 143 options->kex_algorithms = NULL; 144 options->protocol = SSH_PROTO_UNKNOWN; 145 options->fwd_opts.gateway_ports = -1; 146 options->fwd_opts.streamlocal_bind_mask = (mode_t)-1; 147 options->fwd_opts.streamlocal_bind_unlink = -1; 148 options->num_subsystems = 0; 149 options->max_startups_begin = -1; 150 options->max_startups_rate = -1; 151 options->max_startups = -1; 152 options->max_authtries = -1; 153 options->max_sessions = -1; 154 options->banner = NULL; 155 options->use_dns = -1; 156 options->client_alive_interval = -1; 157 options->client_alive_count_max = -1; 158 options->num_authkeys_files = 0; 159 options->num_accept_env = 0; 160 options->permit_tun = -1; 161 options->num_permitted_opens = -1; 162 options->adm_forced_command = NULL; 163 options->chroot_directory = NULL; 164 options->authorized_keys_command = NULL; 165 options->authorized_keys_command_user = NULL; 166 options->revoked_keys_file = NULL; 167 options->trusted_user_ca_keys = NULL; 168 options->authorized_principals_file = NULL; 169 options->authorized_principals_command = NULL; 170 options->authorized_principals_command_user = NULL; 171 options->ip_qos_interactive = -1; 172 options->ip_qos_bulk = -1; 173 options->version_addendum = NULL; 174 options->fingerprint_hash = -1; 175 options->use_blacklist = -1; 176} 177 178/* Returns 1 if a string option is unset or set to "none" or 0 otherwise. */ 179static int 180option_clear_or_none(const char *o) 181{ 182 return o == NULL || strcasecmp(o, "none") == 0; 183} 184 185static void 186assemble_algorithms(ServerOptions *o) 187{ 188 if (kex_assemble_names(KEX_SERVER_ENCRYPT, &o->ciphers) != 0 || 189 kex_assemble_names(KEX_SERVER_MAC, &o->macs) != 0 || 190 kex_assemble_names(KEX_SERVER_KEX, &o->kex_algorithms) != 0 || 191 kex_assemble_names(KEX_DEFAULT_PK_ALG, 192 &o->hostkeyalgorithms) != 0 || 193 kex_assemble_names(KEX_DEFAULT_PK_ALG, 194 &o->hostbased_key_types) != 0 || 195 kex_assemble_names(KEX_DEFAULT_PK_ALG, &o->pubkey_key_types) != 0) 196 fatal("kex_assemble_names failed"); 197} 198 199void 200fill_default_server_options(ServerOptions *options) 201{ 202 int i; 203 204 /* Portable-specific options */ 205 if (options->use_pam == -1) 206 options->use_pam = 1; 207 208 /* Standard Options */ 209 if (options->protocol == SSH_PROTO_UNKNOWN) 210 options->protocol = SSH_PROTO_2; 211#define add_host_key_file(path) \ 212 do { \ 213 if (access((path), O_RDONLY) == 0) \ 214 options->host_key_files \ 215 [options->num_host_key_files++] = (path); \ 216 } while (0) 217 if (options->num_host_key_files == 0) { 218 /* fill default hostkeys for protocols */ 219 if (options->protocol & SSH_PROTO_1) 220 add_host_key_file(_PATH_HOST_KEY_FILE); 221 if (options->protocol & SSH_PROTO_2) { 222 add_host_key_file(_PATH_HOST_RSA_KEY_FILE); 223 add_host_key_file(_PATH_HOST_DSA_KEY_FILE); 224#ifdef OPENSSL_HAS_ECC 225 add_host_key_file(_PATH_HOST_ECDSA_KEY_FILE); 226#endif 227 add_host_key_file(_PATH_HOST_ED25519_KEY_FILE); 228 } 229 } 230#undef add_host_key_file 231 if (options->num_host_key_files == 0) 232 fatal("No host key files found"); 233 /* No certificates by default */ 234 if (options->num_ports == 0) 235 options->ports[options->num_ports++] = SSH_DEFAULT_PORT; 236 if (options->address_family == -1) 237 options->address_family = AF_UNSPEC; 238 if (options->listen_addrs == NULL) 239 add_listen_addr(options, NULL, 0); 240 if (options->pid_file == NULL) 241 options->pid_file = xstrdup(_PATH_SSH_DAEMON_PID_FILE); 242 if (options->server_key_bits == -1) 243 options->server_key_bits = 1024; 244 if (options->login_grace_time == -1) 245 options->login_grace_time = 120; 246 if (options->key_regeneration_time == -1) 247 options->key_regeneration_time = 3600; 248 if (options->permit_root_login == PERMIT_NOT_SET) 249 options->permit_root_login = PERMIT_NO; 250 if (options->ignore_rhosts == -1) 251 options->ignore_rhosts = 1; 252 if (options->ignore_user_known_hosts == -1) 253 options->ignore_user_known_hosts = 0; 254 if (options->print_motd == -1) 255 options->print_motd = 1; 256 if (options->print_lastlog == -1) 257 options->print_lastlog = 1; 258 if (options->x11_forwarding == -1) 259 options->x11_forwarding = 1; 260 if (options->x11_display_offset == -1) 261 options->x11_display_offset = 10; 262 if (options->x11_use_localhost == -1) 263 options->x11_use_localhost = 1; 264 if (options->xauth_location == NULL) 265 options->xauth_location = xstrdup(_PATH_XAUTH); 266 if (options->permit_tty == -1) 267 options->permit_tty = 1; 268 if (options->permit_user_rc == -1) 269 options->permit_user_rc = 1; 270 if (options->strict_modes == -1) 271 options->strict_modes = 1; 272 if (options->tcp_keep_alive == -1) 273 options->tcp_keep_alive = 1; 274 if (options->log_facility == SYSLOG_FACILITY_NOT_SET) 275 options->log_facility = SYSLOG_FACILITY_AUTH; 276 if (options->log_level == SYSLOG_LEVEL_NOT_SET) 277 options->log_level = SYSLOG_LEVEL_INFO; 278 if (options->rhosts_rsa_authentication == -1) 279 options->rhosts_rsa_authentication = 0; 280 if (options->hostbased_authentication == -1) 281 options->hostbased_authentication = 0; 282 if (options->hostbased_uses_name_from_packet_only == -1) 283 options->hostbased_uses_name_from_packet_only = 0; 284 if (options->rsa_authentication == -1) 285 options->rsa_authentication = 1; 286 if (options->pubkey_authentication == -1) 287 options->pubkey_authentication = 1; 288 if (options->kerberos_authentication == -1) 289 options->kerberos_authentication = 0; 290 if (options->kerberos_or_local_passwd == -1) 291 options->kerberos_or_local_passwd = 1; 292 if (options->kerberos_ticket_cleanup == -1) 293 options->kerberos_ticket_cleanup = 1; 294 if (options->kerberos_get_afs_token == -1) 295 options->kerberos_get_afs_token = 0; 296 if (options->gss_authentication == -1) 297 options->gss_authentication = 0; 298 if (options->gss_cleanup_creds == -1) 299 options->gss_cleanup_creds = 1; 300 if (options->gss_strict_acceptor == -1) 301 options->gss_strict_acceptor = 0; 302 if (options->password_authentication == -1) 303 options->password_authentication = 0; 304 if (options->kbd_interactive_authentication == -1) 305 options->kbd_interactive_authentication = 0; 306 if (options->challenge_response_authentication == -1) 307 options->challenge_response_authentication = 1; 308 if (options->permit_empty_passwd == -1) 309 options->permit_empty_passwd = 0; 310 if (options->permit_user_env == -1) 311 options->permit_user_env = 0; 312 if (options->use_login == -1) 313 options->use_login = 0; 314 if (options->compression == -1) 315 options->compression = COMP_DELAYED; 316 if (options->rekey_limit == -1) 317 options->rekey_limit = 0; 318 if (options->rekey_interval == -1) 319 options->rekey_interval = 0; 320 if (options->allow_tcp_forwarding == -1) 321 options->allow_tcp_forwarding = FORWARD_ALLOW; 322 if (options->allow_streamlocal_forwarding == -1) 323 options->allow_streamlocal_forwarding = FORWARD_ALLOW; 324 if (options->allow_agent_forwarding == -1) 325 options->allow_agent_forwarding = 1; 326 if (options->fwd_opts.gateway_ports == -1) 327 options->fwd_opts.gateway_ports = 0; 328 if (options->max_startups == -1) 329 options->max_startups = 100; 330 if (options->max_startups_rate == -1) 331 options->max_startups_rate = 30; /* 30% */ 332 if (options->max_startups_begin == -1) 333 options->max_startups_begin = 10; 334 if (options->max_authtries == -1) 335 options->max_authtries = DEFAULT_AUTH_FAIL_MAX; 336 if (options->max_sessions == -1) 337 options->max_sessions = DEFAULT_SESSIONS_MAX; 338 if (options->use_dns == -1) 339 options->use_dns = 1; 340 if (options->client_alive_interval == -1) 341 options->client_alive_interval = 0; 342 if (options->client_alive_count_max == -1) 343 options->client_alive_count_max = 3; 344 if (options->num_authkeys_files == 0) { 345 options->authorized_keys_files[options->num_authkeys_files++] = 346 xstrdup(_PATH_SSH_USER_PERMITTED_KEYS); 347 options->authorized_keys_files[options->num_authkeys_files++] = 348 xstrdup(_PATH_SSH_USER_PERMITTED_KEYS2); 349 } 350 if (options->permit_tun == -1) 351 options->permit_tun = SSH_TUNMODE_NO; 352 if (options->ip_qos_interactive == -1) 353 options->ip_qos_interactive = IPTOS_LOWDELAY; 354 if (options->ip_qos_bulk == -1) 355 options->ip_qos_bulk = IPTOS_THROUGHPUT; 356 if (options->version_addendum == NULL) 357 options->version_addendum = xstrdup(SSH_VERSION_FREEBSD); 358 if (options->fwd_opts.streamlocal_bind_mask == (mode_t)-1) 359 options->fwd_opts.streamlocal_bind_mask = 0177; 360 if (options->fwd_opts.streamlocal_bind_unlink == -1) 361 options->fwd_opts.streamlocal_bind_unlink = 0; 362 if (options->fingerprint_hash == -1) 363 options->fingerprint_hash = SSH_FP_HASH_DEFAULT; 364 if (options->use_blacklist == -1) 365 options->use_blacklist = 0; 366 367 assemble_algorithms(options); 368 369 /* Turn privilege separation and sandboxing on by default */ 370 if (use_privsep == -1) 371 use_privsep = PRIVSEP_ON; 372 373#define CLEAR_ON_NONE(v) \ 374 do { \ 375 if (option_clear_or_none(v)) { \ 376 free(v); \ 377 v = NULL; \ 378 } \ 379 } while(0) 380 CLEAR_ON_NONE(options->pid_file); 381 CLEAR_ON_NONE(options->xauth_location); 382 CLEAR_ON_NONE(options->banner); 383 CLEAR_ON_NONE(options->trusted_user_ca_keys); 384 CLEAR_ON_NONE(options->revoked_keys_file); 385 CLEAR_ON_NONE(options->authorized_principals_file); 386 CLEAR_ON_NONE(options->adm_forced_command); 387 CLEAR_ON_NONE(options->chroot_directory); 388 for (i = 0; i < options->num_host_key_files; i++) 389 CLEAR_ON_NONE(options->host_key_files[i]); 390 for (i = 0; i < options->num_host_cert_files; i++) 391 CLEAR_ON_NONE(options->host_cert_files[i]); 392#undef CLEAR_ON_NONE 393 394#ifndef HAVE_MMAP 395 if (use_privsep && options->compression == 1) { 396 error("This platform does not support both privilege " 397 "separation and compression"); 398 error("Compression disabled"); 399 options->compression = 0; 400 } 401#endif 402 403} 404 405/* Keyword tokens. */ 406typedef enum { 407 sBadOption, /* == unknown option */ 408 /* Portable-specific options */ 409 sUsePAM, 410 /* Standard Options */ 411 sPort, sHostKeyFile, sServerKeyBits, sLoginGraceTime, 412 sKeyRegenerationTime, sPermitRootLogin, sLogFacility, sLogLevel, 413 sRhostsRSAAuthentication, sRSAAuthentication, 414 sKerberosAuthentication, sKerberosOrLocalPasswd, sKerberosTicketCleanup, 415 sKerberosGetAFSToken, 416 sKerberosTgtPassing, sChallengeResponseAuthentication, 417 sPasswordAuthentication, sKbdInteractiveAuthentication, 418 sListenAddress, sAddressFamily, 419 sPrintMotd, sPrintLastLog, sIgnoreRhosts, 420 sX11Forwarding, sX11DisplayOffset, sX11UseLocalhost, 421 sPermitTTY, sStrictModes, sEmptyPasswd, sTCPKeepAlive, 422 sPermitUserEnvironment, sUseLogin, sAllowTcpForwarding, sCompression, 423 sRekeyLimit, sAllowUsers, sDenyUsers, sAllowGroups, sDenyGroups, 424 sIgnoreUserKnownHosts, sCiphers, sMacs, sProtocol, sPidFile, 425 sGatewayPorts, sPubkeyAuthentication, sPubkeyAcceptedKeyTypes, 426 sXAuthLocation, sSubsystem, sMaxStartups, sMaxAuthTries, sMaxSessions, 427 sBanner, sUseDNS, sHostbasedAuthentication, 428 sHostbasedUsesNameFromPacketOnly, sHostbasedAcceptedKeyTypes, 429 sHostKeyAlgorithms, 430 sClientAliveInterval, sClientAliveCountMax, sAuthorizedKeysFile, 431 sGssAuthentication, sGssCleanupCreds, sGssStrictAcceptor, 432 sAcceptEnv, sPermitTunnel, 433 sMatch, sPermitOpen, sForceCommand, sChrootDirectory, 434 sUsePrivilegeSeparation, sAllowAgentForwarding, 435 sHostCertificate, 436 sRevokedKeys, sTrustedUserCAKeys, sAuthorizedPrincipalsFile, 437 sAuthorizedPrincipalsCommand, sAuthorizedPrincipalsCommandUser, 438 sKexAlgorithms, sIPQoS, sVersionAddendum, 439 sAuthorizedKeysCommand, sAuthorizedKeysCommandUser, 440 sAuthenticationMethods, sHostKeyAgent, sPermitUserRC, 441 sStreamLocalBindMask, sStreamLocalBindUnlink, 442 sAllowStreamLocalForwarding, sFingerprintHash, 443 sUseBlacklist, 444 sDeprecated, sUnsupported 445} ServerOpCodes; 446 447#define SSHCFG_GLOBAL 0x01 /* allowed in main section of sshd_config */ 448#define SSHCFG_MATCH 0x02 /* allowed inside a Match section */ 449#define SSHCFG_ALL (SSHCFG_GLOBAL|SSHCFG_MATCH) 450 451/* Textual representation of the tokens. */ 452static struct { 453 const char *name; 454 ServerOpCodes opcode; 455 u_int flags; 456} keywords[] = { 457 /* Portable-specific options */ 458#ifdef USE_PAM 459 { "usepam", sUsePAM, SSHCFG_GLOBAL }, 460#else 461 { "usepam", sUnsupported, SSHCFG_GLOBAL }, 462#endif 463 { "pamauthenticationviakbdint", sDeprecated, SSHCFG_GLOBAL }, 464 /* Standard Options */ 465 { "port", sPort, SSHCFG_GLOBAL }, 466 { "hostkey", sHostKeyFile, SSHCFG_GLOBAL }, 467 { "hostdsakey", sHostKeyFile, SSHCFG_GLOBAL }, /* alias */ 468 { "hostkeyagent", sHostKeyAgent, SSHCFG_GLOBAL }, 469 { "pidfile", sPidFile, SSHCFG_GLOBAL }, 470 { "serverkeybits", sServerKeyBits, SSHCFG_GLOBAL }, 471 { "logingracetime", sLoginGraceTime, SSHCFG_GLOBAL }, 472 { "keyregenerationinterval", sKeyRegenerationTime, SSHCFG_GLOBAL }, 473 { "permitrootlogin", sPermitRootLogin, SSHCFG_ALL }, 474 { "syslogfacility", sLogFacility, SSHCFG_GLOBAL }, 475 { "loglevel", sLogLevel, SSHCFG_GLOBAL }, 476 { "rhostsauthentication", sDeprecated, SSHCFG_GLOBAL }, 477 { "rhostsrsaauthentication", sRhostsRSAAuthentication, SSHCFG_ALL }, 478 { "hostbasedauthentication", sHostbasedAuthentication, SSHCFG_ALL }, 479 { "hostbasedusesnamefrompacketonly", sHostbasedUsesNameFromPacketOnly, SSHCFG_ALL }, 480 { "hostbasedacceptedkeytypes", sHostbasedAcceptedKeyTypes, SSHCFG_ALL }, 481 { "hostkeyalgorithms", sHostKeyAlgorithms, SSHCFG_GLOBAL }, 482 { "rsaauthentication", sRSAAuthentication, SSHCFG_ALL }, 483 { "pubkeyauthentication", sPubkeyAuthentication, SSHCFG_ALL }, 484 { "pubkeyacceptedkeytypes", sPubkeyAcceptedKeyTypes, SSHCFG_ALL }, 485 { "dsaauthentication", sPubkeyAuthentication, SSHCFG_GLOBAL }, /* alias */ 486#ifdef KRB5 487 { "kerberosauthentication", sKerberosAuthentication, SSHCFG_ALL }, 488 { "kerberosorlocalpasswd", sKerberosOrLocalPasswd, SSHCFG_GLOBAL }, 489 { "kerberosticketcleanup", sKerberosTicketCleanup, SSHCFG_GLOBAL }, 490#ifdef USE_AFS 491 { "kerberosgetafstoken", sKerberosGetAFSToken, SSHCFG_GLOBAL }, 492#else 493 { "kerberosgetafstoken", sUnsupported, SSHCFG_GLOBAL }, 494#endif 495#else 496 { "kerberosauthentication", sUnsupported, SSHCFG_ALL }, 497 { "kerberosorlocalpasswd", sUnsupported, SSHCFG_GLOBAL }, 498 { "kerberosticketcleanup", sUnsupported, SSHCFG_GLOBAL }, 499 { "kerberosgetafstoken", sUnsupported, SSHCFG_GLOBAL }, 500#endif 501 { "kerberostgtpassing", sUnsupported, SSHCFG_GLOBAL }, 502 { "afstokenpassing", sUnsupported, SSHCFG_GLOBAL }, 503#ifdef GSSAPI 504 { "gssapiauthentication", sGssAuthentication, SSHCFG_ALL }, 505 { "gssapicleanupcredentials", sGssCleanupCreds, SSHCFG_GLOBAL }, 506 { "gssapistrictacceptorcheck", sGssStrictAcceptor, SSHCFG_GLOBAL }, 507#else 508 { "gssapiauthentication", sUnsupported, SSHCFG_ALL }, 509 { "gssapicleanupcredentials", sUnsupported, SSHCFG_GLOBAL }, 510 { "gssapistrictacceptorcheck", sUnsupported, SSHCFG_GLOBAL }, 511#endif 512 { "passwordauthentication", sPasswordAuthentication, SSHCFG_ALL }, 513 { "kbdinteractiveauthentication", sKbdInteractiveAuthentication, SSHCFG_ALL }, 514 { "challengeresponseauthentication", sChallengeResponseAuthentication, SSHCFG_GLOBAL }, 515 { "skeyauthentication", sChallengeResponseAuthentication, SSHCFG_GLOBAL }, /* alias */ 516 { "checkmail", sDeprecated, SSHCFG_GLOBAL }, 517 { "listenaddress", sListenAddress, SSHCFG_GLOBAL }, 518 { "addressfamily", sAddressFamily, SSHCFG_GLOBAL }, 519 { "printmotd", sPrintMotd, SSHCFG_GLOBAL }, 520#ifdef DISABLE_LASTLOG 521 { "printlastlog", sUnsupported, SSHCFG_GLOBAL }, 522#else 523 { "printlastlog", sPrintLastLog, SSHCFG_GLOBAL }, 524#endif 525 { "ignorerhosts", sIgnoreRhosts, SSHCFG_GLOBAL }, 526 { "ignoreuserknownhosts", sIgnoreUserKnownHosts, SSHCFG_GLOBAL }, 527 { "x11forwarding", sX11Forwarding, SSHCFG_ALL }, 528 { "x11displayoffset", sX11DisplayOffset, SSHCFG_ALL }, 529 { "x11uselocalhost", sX11UseLocalhost, SSHCFG_ALL }, 530 { "xauthlocation", sXAuthLocation, SSHCFG_GLOBAL }, 531 { "strictmodes", sStrictModes, SSHCFG_GLOBAL }, 532 { "permitemptypasswords", sEmptyPasswd, SSHCFG_ALL }, 533 { "permituserenvironment", sPermitUserEnvironment, SSHCFG_GLOBAL }, 534 { "uselogin", sUseLogin, SSHCFG_GLOBAL }, 535 { "compression", sCompression, SSHCFG_GLOBAL }, 536 { "rekeylimit", sRekeyLimit, SSHCFG_ALL }, 537 { "tcpkeepalive", sTCPKeepAlive, SSHCFG_GLOBAL }, 538 { "keepalive", sTCPKeepAlive, SSHCFG_GLOBAL }, /* obsolete alias */ 539 { "allowtcpforwarding", sAllowTcpForwarding, SSHCFG_ALL }, 540 { "allowagentforwarding", sAllowAgentForwarding, SSHCFG_ALL }, 541 { "allowusers", sAllowUsers, SSHCFG_ALL }, 542 { "denyusers", sDenyUsers, SSHCFG_ALL }, 543 { "allowgroups", sAllowGroups, SSHCFG_ALL }, 544 { "denygroups", sDenyGroups, SSHCFG_ALL }, 545 { "ciphers", sCiphers, SSHCFG_GLOBAL }, 546 { "macs", sMacs, SSHCFG_GLOBAL }, 547 { "protocol", sProtocol, SSHCFG_GLOBAL }, 548 { "gatewayports", sGatewayPorts, SSHCFG_ALL }, 549 { "subsystem", sSubsystem, SSHCFG_GLOBAL }, 550 { "maxstartups", sMaxStartups, SSHCFG_GLOBAL }, 551 { "maxauthtries", sMaxAuthTries, SSHCFG_ALL }, 552 { "maxsessions", sMaxSessions, SSHCFG_ALL }, 553 { "banner", sBanner, SSHCFG_ALL }, 554 { "usedns", sUseDNS, SSHCFG_GLOBAL }, 555 { "verifyreversemapping", sDeprecated, SSHCFG_GLOBAL }, 556 { "reversemappingcheck", sDeprecated, SSHCFG_GLOBAL }, 557 { "clientaliveinterval", sClientAliveInterval, SSHCFG_GLOBAL }, 558 { "clientalivecountmax", sClientAliveCountMax, SSHCFG_GLOBAL }, 559 { "authorizedkeysfile", sAuthorizedKeysFile, SSHCFG_ALL }, 560 { "authorizedkeysfile2", sDeprecated, SSHCFG_ALL }, 561 { "useprivilegeseparation", sUsePrivilegeSeparation, SSHCFG_GLOBAL}, 562 { "acceptenv", sAcceptEnv, SSHCFG_ALL }, 563 { "permittunnel", sPermitTunnel, SSHCFG_ALL }, 564 { "permittty", sPermitTTY, SSHCFG_ALL }, 565 { "permituserrc", sPermitUserRC, SSHCFG_ALL }, 566 { "match", sMatch, SSHCFG_ALL }, 567 { "permitopen", sPermitOpen, SSHCFG_ALL }, 568 { "forcecommand", sForceCommand, SSHCFG_ALL }, 569 { "chrootdirectory", sChrootDirectory, SSHCFG_ALL }, 570 { "hostcertificate", sHostCertificate, SSHCFG_GLOBAL }, 571 { "revokedkeys", sRevokedKeys, SSHCFG_ALL }, 572 { "trustedusercakeys", sTrustedUserCAKeys, SSHCFG_ALL }, 573 { "authorizedprincipalsfile", sAuthorizedPrincipalsFile, SSHCFG_ALL }, 574 { "kexalgorithms", sKexAlgorithms, SSHCFG_GLOBAL }, 575 { "ipqos", sIPQoS, SSHCFG_ALL }, 576 { "authorizedkeyscommand", sAuthorizedKeysCommand, SSHCFG_ALL }, 577 { "authorizedkeyscommanduser", sAuthorizedKeysCommandUser, SSHCFG_ALL }, 578 { "authorizedprincipalscommand", sAuthorizedPrincipalsCommand, SSHCFG_ALL }, 579 { "authorizedprincipalscommanduser", sAuthorizedPrincipalsCommandUser, SSHCFG_ALL }, 580 { "versionaddendum", sVersionAddendum, SSHCFG_GLOBAL }, 581 { "authenticationmethods", sAuthenticationMethods, SSHCFG_ALL }, 582 { "streamlocalbindmask", sStreamLocalBindMask, SSHCFG_ALL }, 583 { "streamlocalbindunlink", sStreamLocalBindUnlink, SSHCFG_ALL }, 584 { "allowstreamlocalforwarding", sAllowStreamLocalForwarding, SSHCFG_ALL }, 585 { "fingerprinthash", sFingerprintHash, SSHCFG_GLOBAL }, 586 { "useblacklist", sUseBlacklist, SSHCFG_GLOBAL }, 587 { "noneenabled", sUnsupported, SSHCFG_ALL }, 588 { "hpndisabled", sDeprecated, SSHCFG_ALL }, 589 { "hpnbuffersize", sDeprecated, SSHCFG_ALL }, 590 { "tcprcvbufpoll", sDeprecated, SSHCFG_ALL }, 591 { NULL, sBadOption, 0 } 592}; 593 594static struct { 595 int val; 596 char *text; 597} tunmode_desc[] = { 598 { SSH_TUNMODE_NO, "no" }, 599 { SSH_TUNMODE_POINTOPOINT, "point-to-point" }, 600 { SSH_TUNMODE_ETHERNET, "ethernet" }, 601 { SSH_TUNMODE_YES, "yes" }, 602 { -1, NULL } 603}; 604 605/* 606 * Returns the number of the token pointed to by cp or sBadOption. 607 */ 608 609static ServerOpCodes 610parse_token(const char *cp, const char *filename, 611 int linenum, u_int *flags) 612{ 613 u_int i; 614 615 for (i = 0; keywords[i].name; i++) 616 if (strcasecmp(cp, keywords[i].name) == 0) { 617 *flags = keywords[i].flags; 618 return keywords[i].opcode; 619 } 620 621 error("%s: line %d: Bad configuration option: %s", 622 filename, linenum, cp); 623 return sBadOption; 624} 625 626char * 627derelativise_path(const char *path) 628{ 629 char *expanded, *ret, cwd[PATH_MAX]; 630 631 if (strcasecmp(path, "none") == 0) 632 return xstrdup("none"); 633 expanded = tilde_expand_filename(path, getuid()); 634 if (*expanded == '/') 635 return expanded; 636 if (getcwd(cwd, sizeof(cwd)) == NULL) 637 fatal("%s: getcwd: %s", __func__, strerror(errno)); 638 xasprintf(&ret, "%s/%s", cwd, expanded); 639 free(expanded); 640 return ret; 641} 642 643static void 644add_listen_addr(ServerOptions *options, char *addr, int port) 645{ 646 u_int i; 647 648 if (port == 0) 649 for (i = 0; i < options->num_ports; i++) 650 add_one_listen_addr(options, addr, options->ports[i]); 651 else 652 add_one_listen_addr(options, addr, port); 653} 654 655static void 656add_one_listen_addr(ServerOptions *options, char *addr, int port) 657{ 658 struct addrinfo hints, *ai, *aitop; 659 char strport[NI_MAXSERV]; 660 int gaierr; 661 662 memset(&hints, 0, sizeof(hints)); 663 hints.ai_family = options->address_family; 664 hints.ai_socktype = SOCK_STREAM; 665 hints.ai_flags = (addr == NULL) ? AI_PASSIVE : 0; 666 snprintf(strport, sizeof strport, "%d", port); 667 if ((gaierr = getaddrinfo(addr, strport, &hints, &aitop)) != 0) 668 fatal("bad addr or host: %s (%s)", 669 addr ? addr : "<NULL>", 670 ssh_gai_strerror(gaierr)); 671 for (ai = aitop; ai->ai_next; ai = ai->ai_next) 672 ; 673 ai->ai_next = options->listen_addrs; 674 options->listen_addrs = aitop; 675} 676 677/* 678 * Queue a ListenAddress to be processed once we have all of the Ports 679 * and AddressFamily options. 680 */ 681static void 682queue_listen_addr(ServerOptions *options, char *addr, int port) 683{ 684 options->queued_listen_addrs = xreallocarray( 685 options->queued_listen_addrs, options->num_queued_listens + 1, 686 sizeof(addr)); 687 options->queued_listen_ports = xreallocarray( 688 options->queued_listen_ports, options->num_queued_listens + 1, 689 sizeof(port)); 690 options->queued_listen_addrs[options->num_queued_listens] = 691 xstrdup(addr); 692 options->queued_listen_ports[options->num_queued_listens] = port; 693 options->num_queued_listens++; 694} 695 696/* 697 * Process queued (text) ListenAddress entries. 698 */ 699static void 700process_queued_listen_addrs(ServerOptions *options) 701{ 702 u_int i; 703 704 if (options->num_ports == 0) 705 options->ports[options->num_ports++] = SSH_DEFAULT_PORT; 706 if (options->address_family == -1) 707 options->address_family = AF_UNSPEC; 708 709 for (i = 0; i < options->num_queued_listens; i++) { 710 add_listen_addr(options, options->queued_listen_addrs[i], 711 options->queued_listen_ports[i]); 712 free(options->queued_listen_addrs[i]); 713 options->queued_listen_addrs[i] = NULL; 714 } 715 free(options->queued_listen_addrs); 716 options->queued_listen_addrs = NULL; 717 free(options->queued_listen_ports); 718 options->queued_listen_ports = NULL; 719 options->num_queued_listens = 0; 720} 721 722struct connection_info * 723get_connection_info(int populate, int use_dns) 724{ 725 static struct connection_info ci; 726 727 if (!populate) 728 return &ci; 729 ci.host = get_canonical_hostname(use_dns); 730 ci.address = get_remote_ipaddr(); 731 ci.laddress = get_local_ipaddr(packet_get_connection_in()); 732 ci.lport = get_local_port(); 733 return &ci; 734} 735 736/* 737 * The strategy for the Match blocks is that the config file is parsed twice. 738 * 739 * The first time is at startup. activep is initialized to 1 and the 740 * directives in the global context are processed and acted on. Hitting a 741 * Match directive unsets activep and the directives inside the block are 742 * checked for syntax only. 743 * 744 * The second time is after a connection has been established but before 745 * authentication. activep is initialized to 2 and global config directives 746 * are ignored since they have already been processed. If the criteria in a 747 * Match block is met, activep is set and the subsequent directives 748 * processed and actioned until EOF or another Match block unsets it. Any 749 * options set are copied into the main server config. 750 * 751 * Potential additions/improvements: 752 * - Add Match support for pre-kex directives, eg Protocol, Ciphers. 753 * 754 * - Add a Tag directive (idea from David Leonard) ala pf, eg: 755 * Match Address 192.168.0.* 756 * Tag trusted 757 * Match Group wheel 758 * Tag trusted 759 * Match Tag trusted 760 * AllowTcpForwarding yes 761 * GatewayPorts clientspecified 762 * [...] 763 * 764 * - Add a PermittedChannelRequests directive 765 * Match Group shell 766 * PermittedChannelRequests session,forwarded-tcpip 767 */ 768 769static int 770match_cfg_line_group(const char *grps, int line, const char *user) 771{ 772 int result = 0; 773 struct passwd *pw; 774 775 if (user == NULL) 776 goto out; 777 778 if ((pw = getpwnam(user)) == NULL) { 779 debug("Can't match group at line %d because user %.100s does " 780 "not exist", line, user); 781 } else if (ga_init(pw->pw_name, pw->pw_gid) == 0) { 782 debug("Can't Match group because user %.100s not in any group " 783 "at line %d", user, line); 784 } else if (ga_match_pattern_list(grps) != 1) { 785 debug("user %.100s does not match group list %.100s at line %d", 786 user, grps, line); 787 } else { 788 debug("user %.100s matched group list %.100s at line %d", user, 789 grps, line); 790 result = 1; 791 } 792out: 793 ga_free(); 794 return result; 795} 796 797/* 798 * All of the attributes on a single Match line are ANDed together, so we need 799 * to check every attribute and set the result to zero if any attribute does 800 * not match. 801 */ 802static int 803match_cfg_line(char **condition, int line, struct connection_info *ci) 804{ 805 int result = 1, attributes = 0, port; 806 char *arg, *attrib, *cp = *condition; 807 808 if (ci == NULL) 809 debug3("checking syntax for 'Match %s'", cp); 810 else 811 debug3("checking match for '%s' user %s host %s addr %s " 812 "laddr %s lport %d", cp, ci->user ? ci->user : "(null)", 813 ci->host ? ci->host : "(null)", 814 ci->address ? ci->address : "(null)", 815 ci->laddress ? ci->laddress : "(null)", ci->lport); 816 817 while ((attrib = strdelim(&cp)) && *attrib != '\0') { 818 attributes++; 819 if (strcasecmp(attrib, "all") == 0) { 820 if (attributes != 1 || 821 ((arg = strdelim(&cp)) != NULL && *arg != '\0')) { 822 error("'all' cannot be combined with other " 823 "Match attributes"); 824 return -1; 825 } 826 *condition = cp; 827 return 1; 828 } 829 if ((arg = strdelim(&cp)) == NULL || *arg == '\0') { 830 error("Missing Match criteria for %s", attrib); 831 return -1; 832 } 833 if (strcasecmp(attrib, "user") == 0) { 834 if (ci == NULL || ci->user == NULL) { 835 result = 0; 836 continue; 837 } 838 if (match_pattern_list(ci->user, arg, 0) != 1) 839 result = 0; 840 else 841 debug("user %.100s matched 'User %.100s' at " 842 "line %d", ci->user, arg, line); 843 } else if (strcasecmp(attrib, "group") == 0) { 844 if (ci == NULL || ci->user == NULL) { 845 result = 0; 846 continue; 847 } 848 switch (match_cfg_line_group(arg, line, ci->user)) { 849 case -1: 850 return -1; 851 case 0: 852 result = 0; 853 } 854 } else if (strcasecmp(attrib, "host") == 0) { 855 if (ci == NULL || ci->host == NULL) { 856 result = 0; 857 continue; 858 } 859 if (match_hostname(ci->host, arg) != 1) 860 result = 0; 861 else 862 debug("connection from %.100s matched 'Host " 863 "%.100s' at line %d", ci->host, arg, line); 864 } else if (strcasecmp(attrib, "address") == 0) { 865 if (ci == NULL || ci->address == NULL) { 866 result = 0; 867 continue; 868 } 869 switch (addr_match_list(ci->address, arg)) { 870 case 1: 871 debug("connection from %.100s matched 'Address " 872 "%.100s' at line %d", ci->address, arg, line); 873 break; 874 case 0: 875 case -1: 876 result = 0; 877 break; 878 case -2: 879 return -1; 880 } 881 } else if (strcasecmp(attrib, "localaddress") == 0){ 882 if (ci == NULL || ci->laddress == NULL) { 883 result = 0; 884 continue; 885 } 886 switch (addr_match_list(ci->laddress, arg)) { 887 case 1: 888 debug("connection from %.100s matched " 889 "'LocalAddress %.100s' at line %d", 890 ci->laddress, arg, line); 891 break; 892 case 0: 893 case -1: 894 result = 0; 895 break; 896 case -2: 897 return -1; 898 } 899 } else if (strcasecmp(attrib, "localport") == 0) { 900 if ((port = a2port(arg)) == -1) { 901 error("Invalid LocalPort '%s' on Match line", 902 arg); 903 return -1; 904 } 905 if (ci == NULL || ci->lport == 0) { 906 result = 0; 907 continue; 908 } 909 /* TODO support port lists */ 910 if (port == ci->lport) 911 debug("connection from %.100s matched " 912 "'LocalPort %d' at line %d", 913 ci->laddress, port, line); 914 else 915 result = 0; 916 } else { 917 error("Unsupported Match attribute %s", attrib); 918 return -1; 919 } 920 } 921 if (attributes == 0) { 922 error("One or more attributes required for Match"); 923 return -1; 924 } 925 if (ci != NULL) 926 debug3("match %sfound", result ? "" : "not "); 927 *condition = cp; 928 return result; 929} 930 931#define WHITESPACE " \t\r\n" 932 933/* Multistate option parsing */ 934struct multistate { 935 char *key; 936 int value; 937}; 938static const struct multistate multistate_addressfamily[] = { 939 { "inet", AF_INET }, 940 { "inet6", AF_INET6 }, 941 { "any", AF_UNSPEC }, 942 { NULL, -1 } 943}; 944static const struct multistate multistate_permitrootlogin[] = { 945 { "without-password", PERMIT_NO_PASSWD }, 946 { "prohibit-password", PERMIT_NO_PASSWD }, 947 { "forced-commands-only", PERMIT_FORCED_ONLY }, 948 { "yes", PERMIT_YES }, 949 { "no", PERMIT_NO }, 950 { NULL, -1 } 951}; 952static const struct multistate multistate_compression[] = { 953 { "delayed", COMP_DELAYED }, 954 { "yes", COMP_ZLIB }, 955 { "no", COMP_NONE }, 956 { NULL, -1 } 957}; 958static const struct multistate multistate_gatewayports[] = { 959 { "clientspecified", 2 }, 960 { "yes", 1 }, 961 { "no", 0 }, 962 { NULL, -1 } 963}; 964static const struct multistate multistate_privsep[] = { 965 { "yes", PRIVSEP_NOSANDBOX }, 966 { "sandbox", PRIVSEP_ON }, 967 { "nosandbox", PRIVSEP_NOSANDBOX }, 968 { "no", PRIVSEP_OFF }, 969 { NULL, -1 } 970}; 971static const struct multistate multistate_tcpfwd[] = { 972 { "yes", FORWARD_ALLOW }, 973 { "all", FORWARD_ALLOW }, 974 { "no", FORWARD_DENY }, 975 { "remote", FORWARD_REMOTE }, 976 { "local", FORWARD_LOCAL }, 977 { NULL, -1 } 978}; 979 980int 981process_server_config_line(ServerOptions *options, char *line, 982 const char *filename, int linenum, int *activep, 983 struct connection_info *connectinfo) 984{ 985 char *cp, **charptr, *arg, *p; 986 int cmdline = 0, *intptr, value, value2, n, port; 987 SyslogFacility *log_facility_ptr; 988 LogLevel *log_level_ptr; 989 ServerOpCodes opcode; 990 u_int i, flags = 0; 991 size_t len; 992 long long val64; 993 const struct multistate *multistate_ptr; 994 995 cp = line; 996 if ((arg = strdelim(&cp)) == NULL) 997 return 0; 998 /* Ignore leading whitespace */ 999 if (*arg == '\0') 1000 arg = strdelim(&cp); 1001 if (!arg || !*arg || *arg == '#') 1002 return 0; 1003 intptr = NULL; 1004 charptr = NULL; 1005 opcode = parse_token(arg, filename, linenum, &flags); 1006 1007 if (activep == NULL) { /* We are processing a command line directive */ 1008 cmdline = 1; 1009 activep = &cmdline; 1010 } 1011 if (*activep && opcode != sMatch) 1012 debug3("%s:%d setting %s %s", filename, linenum, arg, cp); 1013 if (*activep == 0 && !(flags & SSHCFG_MATCH)) { 1014 if (connectinfo == NULL) { 1015 fatal("%s line %d: Directive '%s' is not allowed " 1016 "within a Match block", filename, linenum, arg); 1017 } else { /* this is a directive we have already processed */ 1018 while (arg) 1019 arg = strdelim(&cp); 1020 return 0; 1021 } 1022 } 1023 1024 switch (opcode) { 1025 /* Portable-specific options */ 1026 case sUsePAM: 1027 intptr = &options->use_pam; 1028 goto parse_flag; 1029 1030 /* Standard Options */ 1031 case sBadOption: 1032 return -1; 1033 case sPort: 1034 /* ignore ports from configfile if cmdline specifies ports */ 1035 if (options->ports_from_cmdline) 1036 return 0; 1037 if (options->num_ports >= MAX_PORTS) 1038 fatal("%s line %d: too many ports.", 1039 filename, linenum); 1040 arg = strdelim(&cp); 1041 if (!arg || *arg == '\0') 1042 fatal("%s line %d: missing port number.", 1043 filename, linenum); 1044 options->ports[options->num_ports++] = a2port(arg); 1045 if (options->ports[options->num_ports-1] <= 0) 1046 fatal("%s line %d: Badly formatted port number.", 1047 filename, linenum); 1048 break; 1049 1050 case sServerKeyBits: 1051 intptr = &options->server_key_bits; 1052 parse_int: 1053 arg = strdelim(&cp); 1054 if (!arg || *arg == '\0') 1055 fatal("%s line %d: missing integer value.", 1056 filename, linenum); 1057 value = atoi(arg); 1058 if (*activep && *intptr == -1) 1059 *intptr = value; 1060 break; 1061 1062 case sLoginGraceTime: 1063 intptr = &options->login_grace_time; 1064 parse_time: 1065 arg = strdelim(&cp); 1066 if (!arg || *arg == '\0') 1067 fatal("%s line %d: missing time value.", 1068 filename, linenum); 1069 if ((value = convtime(arg)) == -1) 1070 fatal("%s line %d: invalid time value.", 1071 filename, linenum); 1072 if (*activep && *intptr == -1) 1073 *intptr = value; 1074 break; 1075 1076 case sKeyRegenerationTime: 1077 intptr = &options->key_regeneration_time; 1078 goto parse_time; 1079 1080 case sListenAddress: 1081 arg = strdelim(&cp); 1082 if (arg == NULL || *arg == '\0') 1083 fatal("%s line %d: missing address", 1084 filename, linenum); 1085 /* check for bare IPv6 address: no "[]" and 2 or more ":" */ 1086 if (strchr(arg, '[') == NULL && (p = strchr(arg, ':')) != NULL 1087 && strchr(p+1, ':') != NULL) { 1088 queue_listen_addr(options, arg, 0); 1089 break; 1090 } 1091 p = hpdelim(&arg); 1092 if (p == NULL) 1093 fatal("%s line %d: bad address:port usage", 1094 filename, linenum); 1095 p = cleanhostname(p); 1096 if (arg == NULL) 1097 port = 0; 1098 else if ((port = a2port(arg)) <= 0) 1099 fatal("%s line %d: bad port number", filename, linenum); 1100 1101 queue_listen_addr(options, p, port); 1102 1103 break; 1104 1105 case sAddressFamily: 1106 intptr = &options->address_family; 1107 multistate_ptr = multistate_addressfamily; 1108 parse_multistate: 1109 arg = strdelim(&cp); 1110 if (!arg || *arg == '\0') 1111 fatal("%s line %d: missing argument.", 1112 filename, linenum); 1113 value = -1; 1114 for (i = 0; multistate_ptr[i].key != NULL; i++) { 1115 if (strcasecmp(arg, multistate_ptr[i].key) == 0) { 1116 value = multistate_ptr[i].value; 1117 break; 1118 } 1119 } 1120 if (value == -1) 1121 fatal("%s line %d: unsupported option \"%s\".", 1122 filename, linenum, arg); 1123 if (*activep && *intptr == -1) 1124 *intptr = value; 1125 break; 1126 1127 case sHostKeyFile: 1128 intptr = &options->num_host_key_files; 1129 if (*intptr >= MAX_HOSTKEYS) 1130 fatal("%s line %d: too many host keys specified (max %d).", 1131 filename, linenum, MAX_HOSTKEYS); 1132 charptr = &options->host_key_files[*intptr]; 1133 parse_filename: 1134 arg = strdelim(&cp); 1135 if (!arg || *arg == '\0') 1136 fatal("%s line %d: missing file name.", 1137 filename, linenum); 1138 if (*activep && *charptr == NULL) { 1139 *charptr = derelativise_path(arg); 1140 /* increase optional counter */ 1141 if (intptr != NULL) 1142 *intptr = *intptr + 1; 1143 } 1144 break; 1145 1146 case sHostKeyAgent: 1147 charptr = &options->host_key_agent; 1148 arg = strdelim(&cp); 1149 if (!arg || *arg == '\0') 1150 fatal("%s line %d: missing socket name.", 1151 filename, linenum); 1152 if (*activep && *charptr == NULL) 1153 *charptr = !strcmp(arg, SSH_AUTHSOCKET_ENV_NAME) ? 1154 xstrdup(arg) : derelativise_path(arg); 1155 break; 1156 1157 case sHostCertificate: 1158 intptr = &options->num_host_cert_files; 1159 if (*intptr >= MAX_HOSTKEYS) 1160 fatal("%s line %d: too many host certificates " 1161 "specified (max %d).", filename, linenum, 1162 MAX_HOSTCERTS); 1163 charptr = &options->host_cert_files[*intptr]; 1164 goto parse_filename; 1165 break; 1166 1167 case sPidFile: 1168 charptr = &options->pid_file; 1169 goto parse_filename; 1170 1171 case sPermitRootLogin: 1172 intptr = &options->permit_root_login; 1173 multistate_ptr = multistate_permitrootlogin; 1174 goto parse_multistate; 1175 1176 case sIgnoreRhosts: 1177 intptr = &options->ignore_rhosts; 1178 parse_flag: 1179 arg = strdelim(&cp); 1180 if (!arg || *arg == '\0') 1181 fatal("%s line %d: missing yes/no argument.", 1182 filename, linenum); 1183 value = 0; /* silence compiler */ 1184 if (strcmp(arg, "yes") == 0) 1185 value = 1; 1186 else if (strcmp(arg, "no") == 0) 1187 value = 0; 1188 else 1189 fatal("%s line %d: Bad yes/no argument: %s", 1190 filename, linenum, arg); 1191 if (*activep && *intptr == -1) 1192 *intptr = value; 1193 break; 1194 1195 case sIgnoreUserKnownHosts: 1196 intptr = &options->ignore_user_known_hosts; 1197 goto parse_flag; 1198 1199 case sRhostsRSAAuthentication: 1200 intptr = &options->rhosts_rsa_authentication; 1201 goto parse_flag; 1202 1203 case sHostbasedAuthentication: 1204 intptr = &options->hostbased_authentication; 1205 goto parse_flag; 1206 1207 case sHostbasedUsesNameFromPacketOnly: 1208 intptr = &options->hostbased_uses_name_from_packet_only; 1209 goto parse_flag; 1210 1211 case sHostbasedAcceptedKeyTypes: 1212 charptr = &options->hostbased_key_types; 1213 parse_keytypes: 1214 arg = strdelim(&cp); 1215 if (!arg || *arg == '\0') 1216 fatal("%s line %d: Missing argument.", 1217 filename, linenum); 1218 if (!sshkey_names_valid2(*arg == '+' ? arg + 1 : arg, 1)) 1219 fatal("%s line %d: Bad key types '%s'.", 1220 filename, linenum, arg ? arg : "<NONE>"); 1221 if (*activep && *charptr == NULL) 1222 *charptr = xstrdup(arg); 1223 break; 1224 1225 case sHostKeyAlgorithms: 1226 charptr = &options->hostkeyalgorithms; 1227 goto parse_keytypes; 1228 1229 case sRSAAuthentication: 1230 intptr = &options->rsa_authentication; 1231 goto parse_flag; 1232 1233 case sPubkeyAuthentication: 1234 intptr = &options->pubkey_authentication; 1235 goto parse_flag; 1236 1237 case sPubkeyAcceptedKeyTypes: 1238 charptr = &options->pubkey_key_types; 1239 goto parse_keytypes; 1240 1241 case sKerberosAuthentication: 1242 intptr = &options->kerberos_authentication; 1243 goto parse_flag; 1244 1245 case sKerberosOrLocalPasswd: 1246 intptr = &options->kerberos_or_local_passwd; 1247 goto parse_flag; 1248 1249 case sKerberosTicketCleanup: 1250 intptr = &options->kerberos_ticket_cleanup; 1251 goto parse_flag; 1252 1253 case sKerberosGetAFSToken: 1254 intptr = &options->kerberos_get_afs_token; 1255 goto parse_flag; 1256 1257 case sGssAuthentication: 1258 intptr = &options->gss_authentication; 1259 goto parse_flag; 1260 1261 case sGssCleanupCreds: 1262 intptr = &options->gss_cleanup_creds; 1263 goto parse_flag; 1264 1265 case sGssStrictAcceptor: 1266 intptr = &options->gss_strict_acceptor; 1267 goto parse_flag; 1268 1269 case sPasswordAuthentication: 1270 intptr = &options->password_authentication; 1271 goto parse_flag; 1272 1273 case sKbdInteractiveAuthentication: 1274 intptr = &options->kbd_interactive_authentication; 1275 goto parse_flag; 1276 1277 case sChallengeResponseAuthentication: 1278 intptr = &options->challenge_response_authentication; 1279 goto parse_flag; 1280 1281 case sPrintMotd: 1282 intptr = &options->print_motd; 1283 goto parse_flag; 1284 1285 case sPrintLastLog: 1286 intptr = &options->print_lastlog; 1287 goto parse_flag; 1288 1289 case sX11Forwarding: 1290 intptr = &options->x11_forwarding; 1291 goto parse_flag; 1292 1293 case sX11DisplayOffset: 1294 intptr = &options->x11_display_offset; 1295 goto parse_int; 1296 1297 case sX11UseLocalhost: 1298 intptr = &options->x11_use_localhost; 1299 goto parse_flag; 1300 1301 case sXAuthLocation: 1302 charptr = &options->xauth_location; 1303 goto parse_filename; 1304 1305 case sPermitTTY: 1306 intptr = &options->permit_tty; 1307 goto parse_flag; 1308 1309 case sPermitUserRC: 1310 intptr = &options->permit_user_rc; 1311 goto parse_flag; 1312 1313 case sStrictModes: 1314 intptr = &options->strict_modes; 1315 goto parse_flag; 1316 1317 case sTCPKeepAlive: 1318 intptr = &options->tcp_keep_alive; 1319 goto parse_flag; 1320 1321 case sEmptyPasswd: 1322 intptr = &options->permit_empty_passwd; 1323 goto parse_flag; 1324 1325 case sPermitUserEnvironment: 1326 intptr = &options->permit_user_env; 1327 goto parse_flag; 1328 1329 case sUseLogin: 1330 intptr = &options->use_login; 1331 goto parse_flag; 1332 1333 case sCompression: 1334 intptr = &options->compression; 1335 multistate_ptr = multistate_compression; 1336 goto parse_multistate; 1337 1338 case sRekeyLimit: 1339 arg = strdelim(&cp); 1340 if (!arg || *arg == '\0') 1341 fatal("%.200s line %d: Missing argument.", filename, 1342 linenum); 1343 if (strcmp(arg, "default") == 0) { 1344 val64 = 0; 1345 } else { 1346 if (scan_scaled(arg, &val64) == -1) 1347 fatal("%.200s line %d: Bad number '%s': %s", 1348 filename, linenum, arg, strerror(errno)); 1349 if (val64 != 0 && val64 < 16) 1350 fatal("%.200s line %d: RekeyLimit too small", 1351 filename, linenum); 1352 } 1353 if (*activep && options->rekey_limit == -1) 1354 options->rekey_limit = val64; 1355 if (cp != NULL) { /* optional rekey interval present */ 1356 if (strcmp(cp, "none") == 0) { 1357 (void)strdelim(&cp); /* discard */ 1358 break; 1359 } 1360 intptr = &options->rekey_interval; 1361 goto parse_time; 1362 } 1363 break; 1364 1365 case sGatewayPorts: 1366 intptr = &options->fwd_opts.gateway_ports; 1367 multistate_ptr = multistate_gatewayports; 1368 goto parse_multistate; 1369 1370 case sUseDNS: 1371 intptr = &options->use_dns; 1372 goto parse_flag; 1373 1374 case sLogFacility: 1375 log_facility_ptr = &options->log_facility; 1376 arg = strdelim(&cp); 1377 value = log_facility_number(arg); 1378 if (value == SYSLOG_FACILITY_NOT_SET) 1379 fatal("%.200s line %d: unsupported log facility '%s'", 1380 filename, linenum, arg ? arg : "<NONE>"); 1381 if (*log_facility_ptr == -1) 1382 *log_facility_ptr = (SyslogFacility) value; 1383 break; 1384 1385 case sLogLevel: 1386 log_level_ptr = &options->log_level; 1387 arg = strdelim(&cp); 1388 value = log_level_number(arg); 1389 if (value == SYSLOG_LEVEL_NOT_SET) 1390 fatal("%.200s line %d: unsupported log level '%s'", 1391 filename, linenum, arg ? arg : "<NONE>"); 1392 if (*log_level_ptr == -1) 1393 *log_level_ptr = (LogLevel) value; 1394 break; 1395 1396 case sAllowTcpForwarding: 1397 intptr = &options->allow_tcp_forwarding; 1398 multistate_ptr = multistate_tcpfwd; 1399 goto parse_multistate; 1400 1401 case sAllowStreamLocalForwarding: 1402 intptr = &options->allow_streamlocal_forwarding; 1403 multistate_ptr = multistate_tcpfwd; 1404 goto parse_multistate; 1405 1406 case sAllowAgentForwarding: 1407 intptr = &options->allow_agent_forwarding; 1408 goto parse_flag; 1409 1410 case sUsePrivilegeSeparation: 1411 intptr = &use_privsep; 1412 multistate_ptr = multistate_privsep; 1413 goto parse_multistate; 1414 1415 case sAllowUsers: 1416 while ((arg = strdelim(&cp)) && *arg != '\0') { 1417 if (options->num_allow_users >= MAX_ALLOW_USERS) 1418 fatal("%s line %d: too many allow users.", 1419 filename, linenum); 1420 if (!*activep) 1421 continue; 1422 options->allow_users[options->num_allow_users++] = 1423 xstrdup(arg); 1424 } 1425 break; 1426 1427 case sDenyUsers: 1428 while ((arg = strdelim(&cp)) && *arg != '\0') { 1429 if (options->num_deny_users >= MAX_DENY_USERS) 1430 fatal("%s line %d: too many deny users.", 1431 filename, linenum); 1432 if (!*activep) 1433 continue; 1434 options->deny_users[options->num_deny_users++] = 1435 xstrdup(arg); 1436 } 1437 break; 1438 1439 case sAllowGroups: 1440 while ((arg = strdelim(&cp)) && *arg != '\0') { 1441 if (options->num_allow_groups >= MAX_ALLOW_GROUPS) 1442 fatal("%s line %d: too many allow groups.", 1443 filename, linenum); 1444 if (!*activep) 1445 continue; 1446 options->allow_groups[options->num_allow_groups++] = 1447 xstrdup(arg); 1448 } 1449 break; 1450 1451 case sDenyGroups: 1452 while ((arg = strdelim(&cp)) && *arg != '\0') { 1453 if (options->num_deny_groups >= MAX_DENY_GROUPS) 1454 fatal("%s line %d: too many deny groups.", 1455 filename, linenum); 1456 if (!*activep) 1457 continue; 1458 options->deny_groups[options->num_deny_groups++] = 1459 xstrdup(arg); 1460 } 1461 break; 1462 1463 case sCiphers: 1464 arg = strdelim(&cp); 1465 if (!arg || *arg == '\0') 1466 fatal("%s line %d: Missing argument.", filename, linenum); 1467 if (!ciphers_valid(*arg == '+' ? arg + 1 : arg)) 1468 fatal("%s line %d: Bad SSH2 cipher spec '%s'.", 1469 filename, linenum, arg ? arg : "<NONE>"); 1470 if (options->ciphers == NULL) 1471 options->ciphers = xstrdup(arg); 1472 break; 1473 1474 case sMacs: 1475 arg = strdelim(&cp); 1476 if (!arg || *arg == '\0') 1477 fatal("%s line %d: Missing argument.", filename, linenum); 1478 if (!mac_valid(*arg == '+' ? arg + 1 : arg)) 1479 fatal("%s line %d: Bad SSH2 mac spec '%s'.", 1480 filename, linenum, arg ? arg : "<NONE>"); 1481 if (options->macs == NULL) 1482 options->macs = xstrdup(arg); 1483 break; 1484 1485 case sKexAlgorithms: 1486 arg = strdelim(&cp); 1487 if (!arg || *arg == '\0') 1488 fatal("%s line %d: Missing argument.", 1489 filename, linenum); 1490 if (!kex_names_valid(*arg == '+' ? arg + 1 : arg)) 1491 fatal("%s line %d: Bad SSH2 KexAlgorithms '%s'.", 1492 filename, linenum, arg ? arg : "<NONE>"); 1493 if (options->kex_algorithms == NULL) 1494 options->kex_algorithms = xstrdup(arg); 1495 break; 1496 1497 case sProtocol: 1498 intptr = &options->protocol; 1499 arg = strdelim(&cp); 1500 if (!arg || *arg == '\0') 1501 fatal("%s line %d: Missing argument.", filename, linenum); 1502 value = proto_spec(arg); 1503 if (value == SSH_PROTO_UNKNOWN) 1504 fatal("%s line %d: Bad protocol spec '%s'.", 1505 filename, linenum, arg ? arg : "<NONE>"); 1506 if (*intptr == SSH_PROTO_UNKNOWN) 1507 *intptr = value; 1508 break; 1509 1510 case sSubsystem: 1511 if (options->num_subsystems >= MAX_SUBSYSTEMS) { 1512 fatal("%s line %d: too many subsystems defined.", 1513 filename, linenum); 1514 } 1515 arg = strdelim(&cp); 1516 if (!arg || *arg == '\0') 1517 fatal("%s line %d: Missing subsystem name.", 1518 filename, linenum); 1519 if (!*activep) { 1520 arg = strdelim(&cp); 1521 break; 1522 } 1523 for (i = 0; i < options->num_subsystems; i++) 1524 if (strcmp(arg, options->subsystem_name[i]) == 0) 1525 fatal("%s line %d: Subsystem '%s' already defined.", 1526 filename, linenum, arg); 1527 options->subsystem_name[options->num_subsystems] = xstrdup(arg); 1528 arg = strdelim(&cp); 1529 if (!arg || *arg == '\0') 1530 fatal("%s line %d: Missing subsystem command.", 1531 filename, linenum); 1532 options->subsystem_command[options->num_subsystems] = xstrdup(arg); 1533 1534 /* Collect arguments (separate to executable) */ 1535 p = xstrdup(arg); 1536 len = strlen(p) + 1; 1537 while ((arg = strdelim(&cp)) != NULL && *arg != '\0') { 1538 len += 1 + strlen(arg); 1539 p = xreallocarray(p, 1, len); 1540 strlcat(p, " ", len); 1541 strlcat(p, arg, len); 1542 } 1543 options->subsystem_args[options->num_subsystems] = p; 1544 options->num_subsystems++; 1545 break; 1546 1547 case sMaxStartups: 1548 arg = strdelim(&cp); 1549 if (!arg || *arg == '\0') 1550 fatal("%s line %d: Missing MaxStartups spec.", 1551 filename, linenum); 1552 if ((n = sscanf(arg, "%d:%d:%d", 1553 &options->max_startups_begin, 1554 &options->max_startups_rate, 1555 &options->max_startups)) == 3) { 1556 if (options->max_startups_begin > 1557 options->max_startups || 1558 options->max_startups_rate > 100 || 1559 options->max_startups_rate < 1) 1560 fatal("%s line %d: Illegal MaxStartups spec.", 1561 filename, linenum); 1562 } else if (n != 1) 1563 fatal("%s line %d: Illegal MaxStartups spec.", 1564 filename, linenum); 1565 else 1566 options->max_startups = options->max_startups_begin; 1567 break; 1568 1569 case sMaxAuthTries: 1570 intptr = &options->max_authtries; 1571 goto parse_int; 1572 1573 case sMaxSessions: 1574 intptr = &options->max_sessions; 1575 goto parse_int; 1576 1577 case sBanner: 1578 charptr = &options->banner; 1579 goto parse_filename; 1580 1581 /* 1582 * These options can contain %X options expanded at 1583 * connect time, so that you can specify paths like: 1584 * 1585 * AuthorizedKeysFile /etc/ssh_keys/%u 1586 */ 1587 case sAuthorizedKeysFile: 1588 if (*activep && options->num_authkeys_files == 0) { 1589 while ((arg = strdelim(&cp)) && *arg != '\0') { 1590 if (options->num_authkeys_files >= 1591 MAX_AUTHKEYS_FILES) 1592 fatal("%s line %d: " 1593 "too many authorized keys files.", 1594 filename, linenum); 1595 options->authorized_keys_files[ 1596 options->num_authkeys_files++] = 1597 tilde_expand_filename(arg, getuid()); 1598 } 1599 } 1600 return 0; 1601 1602 case sAuthorizedPrincipalsFile: 1603 charptr = &options->authorized_principals_file; 1604 arg = strdelim(&cp); 1605 if (!arg || *arg == '\0') 1606 fatal("%s line %d: missing file name.", 1607 filename, linenum); 1608 if (*activep && *charptr == NULL) { 1609 *charptr = tilde_expand_filename(arg, getuid()); 1610 /* increase optional counter */ 1611 if (intptr != NULL) 1612 *intptr = *intptr + 1; 1613 } 1614 break; 1615 1616 case sClientAliveInterval: 1617 intptr = &options->client_alive_interval; 1618 goto parse_time; 1619 1620 case sClientAliveCountMax: 1621 intptr = &options->client_alive_count_max; 1622 goto parse_int; 1623 1624 case sAcceptEnv: 1625 while ((arg = strdelim(&cp)) && *arg != '\0') { 1626 if (strchr(arg, '=') != NULL) 1627 fatal("%s line %d: Invalid environment name.", 1628 filename, linenum); 1629 if (options->num_accept_env >= MAX_ACCEPT_ENV) 1630 fatal("%s line %d: too many allow env.", 1631 filename, linenum); 1632 if (!*activep) 1633 continue; 1634 options->accept_env[options->num_accept_env++] = 1635 xstrdup(arg); 1636 } 1637 break; 1638 1639 case sPermitTunnel: 1640 intptr = &options->permit_tun; 1641 arg = strdelim(&cp); 1642 if (!arg || *arg == '\0') 1643 fatal("%s line %d: Missing yes/point-to-point/" 1644 "ethernet/no argument.", filename, linenum); 1645 value = -1; 1646 for (i = 0; tunmode_desc[i].val != -1; i++) 1647 if (strcmp(tunmode_desc[i].text, arg) == 0) { 1648 value = tunmode_desc[i].val; 1649 break; 1650 } 1651 if (value == -1) 1652 fatal("%s line %d: Bad yes/point-to-point/ethernet/" 1653 "no argument: %s", filename, linenum, arg); 1654 if (*activep && *intptr == -1) 1655 *intptr = value; 1656 break; 1657 1658 case sMatch: 1659 if (cmdline) 1660 fatal("Match directive not supported as a command-line " 1661 "option"); 1662 value = match_cfg_line(&cp, linenum, connectinfo); 1663 if (value < 0) 1664 fatal("%s line %d: Bad Match condition", filename, 1665 linenum); 1666 *activep = value; 1667 break; 1668 1669 case sPermitOpen: 1670 arg = strdelim(&cp); 1671 if (!arg || *arg == '\0') 1672 fatal("%s line %d: missing PermitOpen specification", 1673 filename, linenum); 1674 n = options->num_permitted_opens; /* modified later */ 1675 if (strcmp(arg, "any") == 0) { 1676 if (*activep && n == -1) { 1677 channel_clear_adm_permitted_opens(); 1678 options->num_permitted_opens = 0; 1679 } 1680 break; 1681 } 1682 if (strcmp(arg, "none") == 0) { 1683 if (*activep && n == -1) { 1684 options->num_permitted_opens = 1; 1685 channel_disable_adm_local_opens(); 1686 } 1687 break; 1688 } 1689 if (*activep && n == -1) 1690 channel_clear_adm_permitted_opens(); 1691 for (; arg != NULL && *arg != '\0'; arg = strdelim(&cp)) { 1692 p = hpdelim(&arg); 1693 if (p == NULL) 1694 fatal("%s line %d: missing host in PermitOpen", 1695 filename, linenum); 1696 p = cleanhostname(p); 1697 if (arg == NULL || ((port = permitopen_port(arg)) < 0)) 1698 fatal("%s line %d: bad port number in " 1699 "PermitOpen", filename, linenum); 1700 if (*activep && n == -1) 1701 options->num_permitted_opens = 1702 channel_add_adm_permitted_opens(p, port); 1703 } 1704 break; 1705 1706 case sForceCommand: 1707 if (cp == NULL || *cp == '\0') 1708 fatal("%.200s line %d: Missing argument.", filename, 1709 linenum); 1710 len = strspn(cp, WHITESPACE); 1711 if (*activep && options->adm_forced_command == NULL) 1712 options->adm_forced_command = xstrdup(cp + len); 1713 return 0; 1714 1715 case sChrootDirectory: 1716 charptr = &options->chroot_directory; 1717 1718 arg = strdelim(&cp); 1719 if (!arg || *arg == '\0') 1720 fatal("%s line %d: missing file name.", 1721 filename, linenum); 1722 if (*activep && *charptr == NULL) 1723 *charptr = xstrdup(arg); 1724 break; 1725 1726 case sTrustedUserCAKeys: 1727 charptr = &options->trusted_user_ca_keys; 1728 goto parse_filename; 1729 1730 case sRevokedKeys: 1731 charptr = &options->revoked_keys_file; 1732 goto parse_filename; 1733 1734 case sIPQoS: 1735 arg = strdelim(&cp); 1736 if ((value = parse_ipqos(arg)) == -1) 1737 fatal("%s line %d: Bad IPQoS value: %s", 1738 filename, linenum, arg); 1739 arg = strdelim(&cp); 1740 if (arg == NULL) 1741 value2 = value; 1742 else if ((value2 = parse_ipqos(arg)) == -1) 1743 fatal("%s line %d: Bad IPQoS value: %s", 1744 filename, linenum, arg); 1745 if (*activep) { 1746 options->ip_qos_interactive = value; 1747 options->ip_qos_bulk = value2; 1748 } 1749 break; 1750 1751 case sVersionAddendum: 1752 if (cp == NULL || *cp == '\0') 1753 fatal("%.200s line %d: Missing argument.", filename, 1754 linenum); 1755 len = strspn(cp, WHITESPACE); 1756 if (*activep && options->version_addendum == NULL) { 1757 if (strcasecmp(cp + len, "none") == 0) 1758 options->version_addendum = xstrdup(""); 1759 else if (strchr(cp + len, '\r') != NULL) 1760 fatal("%.200s line %d: Invalid argument", 1761 filename, linenum); 1762 else 1763 options->version_addendum = xstrdup(cp + len); 1764 } 1765 return 0; 1766 1767 case sAuthorizedKeysCommand: 1768 if (cp == NULL) 1769 fatal("%.200s line %d: Missing argument.", filename, 1770 linenum); 1771 len = strspn(cp, WHITESPACE); 1772 if (*activep && options->authorized_keys_command == NULL) { 1773 if (cp[len] != '/' && strcasecmp(cp + len, "none") != 0) 1774 fatal("%.200s line %d: AuthorizedKeysCommand " 1775 "must be an absolute path", 1776 filename, linenum); 1777 options->authorized_keys_command = xstrdup(cp + len); 1778 } 1779 return 0; 1780 1781 case sAuthorizedKeysCommandUser: 1782 charptr = &options->authorized_keys_command_user; 1783 1784 arg = strdelim(&cp); 1785 if (!arg || *arg == '\0') 1786 fatal("%s line %d: missing AuthorizedKeysCommandUser " 1787 "argument.", filename, linenum); 1788 if (*activep && *charptr == NULL) 1789 *charptr = xstrdup(arg); 1790 break; 1791 1792 case sAuthorizedPrincipalsCommand: 1793 if (cp == NULL) 1794 fatal("%.200s line %d: Missing argument.", filename, 1795 linenum); 1796 len = strspn(cp, WHITESPACE); 1797 if (*activep && 1798 options->authorized_principals_command == NULL) { 1799 if (cp[len] != '/' && strcasecmp(cp + len, "none") != 0) 1800 fatal("%.200s line %d: " 1801 "AuthorizedPrincipalsCommand must be " 1802 "an absolute path", filename, linenum); 1803 options->authorized_principals_command = 1804 xstrdup(cp + len); 1805 } 1806 return 0; 1807 1808 case sAuthorizedPrincipalsCommandUser: 1809 charptr = &options->authorized_principals_command_user; 1810 1811 arg = strdelim(&cp); 1812 if (!arg || *arg == '\0') 1813 fatal("%s line %d: missing " 1814 "AuthorizedPrincipalsCommandUser argument.", 1815 filename, linenum); 1816 if (*activep && *charptr == NULL) 1817 *charptr = xstrdup(arg); 1818 break; 1819 1820 case sAuthenticationMethods: 1821 if (options->num_auth_methods == 0) { 1822 while ((arg = strdelim(&cp)) && *arg != '\0') { 1823 if (options->num_auth_methods >= 1824 MAX_AUTH_METHODS) 1825 fatal("%s line %d: " 1826 "too many authentication methods.", 1827 filename, linenum); 1828 if (auth2_methods_valid(arg, 0) != 0) 1829 fatal("%s line %d: invalid " 1830 "authentication method list.", 1831 filename, linenum); 1832 if (!*activep) 1833 continue; 1834 options->auth_methods[ 1835 options->num_auth_methods++] = xstrdup(arg); 1836 } 1837 } 1838 return 0; 1839 1840 case sStreamLocalBindMask: 1841 arg = strdelim(&cp); 1842 if (!arg || *arg == '\0') 1843 fatal("%s line %d: missing StreamLocalBindMask " 1844 "argument.", filename, linenum); 1845 /* Parse mode in octal format */ 1846 value = strtol(arg, &p, 8); 1847 if (arg == p || value < 0 || value > 0777) 1848 fatal("%s line %d: Bad mask.", filename, linenum); 1849 if (*activep) 1850 options->fwd_opts.streamlocal_bind_mask = (mode_t)value; 1851 break; 1852 1853 case sStreamLocalBindUnlink: 1854 intptr = &options->fwd_opts.streamlocal_bind_unlink; 1855 goto parse_flag; 1856 1857 case sFingerprintHash: 1858 arg = strdelim(&cp); 1859 if (!arg || *arg == '\0') 1860 fatal("%.200s line %d: Missing argument.", 1861 filename, linenum); 1862 if ((value = ssh_digest_alg_by_name(arg)) == -1) 1863 fatal("%.200s line %d: Invalid hash algorithm \"%s\".", 1864 filename, linenum, arg); 1865 if (*activep) 1866 options->fingerprint_hash = value; 1867 break; 1868 1869 case sUseBlacklist: 1870 intptr = &options->use_blacklist; 1871 goto parse_flag; 1872 1873 case sDeprecated: 1874 logit("%s line %d: Deprecated option %s", 1875 filename, linenum, arg); 1876 while (arg) 1877 arg = strdelim(&cp); 1878 break; 1879 1880 case sUnsupported: 1881 logit("%s line %d: Unsupported option %s", 1882 filename, linenum, arg); 1883 while (arg) 1884 arg = strdelim(&cp); 1885 break; 1886 1887 default: 1888 fatal("%s line %d: Missing handler for opcode %s (%d)", 1889 filename, linenum, arg, opcode); 1890 } 1891 if ((arg = strdelim(&cp)) != NULL && *arg != '\0') 1892 fatal("%s line %d: garbage at end of line; \"%.200s\".", 1893 filename, linenum, arg); 1894 return 0; 1895} 1896 1897/* Reads the server configuration file. */ 1898 1899void 1900load_server_config(const char *filename, Buffer *conf) 1901{ 1902 char line[4096], *cp; 1903 FILE *f; 1904 int lineno = 0; 1905 1906 debug2("%s: filename %s", __func__, filename); 1907 if ((f = fopen(filename, "r")) == NULL) { 1908 perror(filename); 1909 exit(1); 1910 } 1911 buffer_clear(conf); 1912 while (fgets(line, sizeof(line), f)) { 1913 lineno++; 1914 if (strlen(line) == sizeof(line) - 1) 1915 fatal("%s line %d too long", filename, lineno); 1916 /* 1917 * Trim out comments and strip whitespace 1918 * NB - preserve newlines, they are needed to reproduce 1919 * line numbers later for error messages 1920 */ 1921 if ((cp = strchr(line, '#')) != NULL) 1922 memcpy(cp, "\n", 2); 1923 cp = line + strspn(line, " \t\r"); 1924 1925 buffer_append(conf, cp, strlen(cp)); 1926 } 1927 buffer_append(conf, "\0", 1); 1928 fclose(f); 1929 debug2("%s: done config len = %d", __func__, buffer_len(conf)); 1930} 1931 1932void 1933parse_server_match_config(ServerOptions *options, 1934 struct connection_info *connectinfo) 1935{ 1936 ServerOptions mo; 1937 1938 initialize_server_options(&mo); 1939 parse_server_config(&mo, "reprocess config", &cfg, connectinfo); 1940 copy_set_server_options(options, &mo, 0); 1941} 1942 1943int parse_server_match_testspec(struct connection_info *ci, char *spec) 1944{ 1945 char *p; 1946 1947 while ((p = strsep(&spec, ",")) && *p != '\0') { 1948 if (strncmp(p, "addr=", 5) == 0) { 1949 ci->address = xstrdup(p + 5); 1950 } else if (strncmp(p, "host=", 5) == 0) { 1951 ci->host = xstrdup(p + 5); 1952 } else if (strncmp(p, "user=", 5) == 0) { 1953 ci->user = xstrdup(p + 5); 1954 } else if (strncmp(p, "laddr=", 6) == 0) { 1955 ci->laddress = xstrdup(p + 6); 1956 } else if (strncmp(p, "lport=", 6) == 0) { 1957 ci->lport = a2port(p + 6); 1958 if (ci->lport == -1) { 1959 fprintf(stderr, "Invalid port '%s' in test mode" 1960 " specification %s\n", p+6, p); 1961 return -1; 1962 } 1963 } else { 1964 fprintf(stderr, "Invalid test mode specification %s\n", 1965 p); 1966 return -1; 1967 } 1968 } 1969 return 0; 1970} 1971 1972/* 1973 * returns 1 for a complete spec, 0 for partial spec and -1 for an 1974 * empty spec. 1975 */ 1976int server_match_spec_complete(struct connection_info *ci) 1977{ 1978 if (ci->user && ci->host && ci->address) 1979 return 1; /* complete */ 1980 if (!ci->user && !ci->host && !ci->address) 1981 return -1; /* empty */ 1982 return 0; /* partial */ 1983} 1984 1985/* 1986 * Copy any supported values that are set. 1987 * 1988 * If the preauth flag is set, we do not bother copying the string or 1989 * array values that are not used pre-authentication, because any that we 1990 * do use must be explictly sent in mm_getpwnamallow(). 1991 */ 1992void 1993copy_set_server_options(ServerOptions *dst, ServerOptions *src, int preauth) 1994{ 1995#define M_CP_INTOPT(n) do {\ 1996 if (src->n != -1) \ 1997 dst->n = src->n; \ 1998} while (0) 1999 2000 M_CP_INTOPT(password_authentication); 2001 M_CP_INTOPT(gss_authentication); 2002 M_CP_INTOPT(rsa_authentication); 2003 M_CP_INTOPT(pubkey_authentication); 2004 M_CP_INTOPT(kerberos_authentication); 2005 M_CP_INTOPT(hostbased_authentication); 2006 M_CP_INTOPT(hostbased_uses_name_from_packet_only); 2007 M_CP_INTOPT(kbd_interactive_authentication); 2008 M_CP_INTOPT(permit_root_login); 2009 M_CP_INTOPT(permit_empty_passwd); 2010 2011 M_CP_INTOPT(allow_tcp_forwarding); 2012 M_CP_INTOPT(allow_streamlocal_forwarding); 2013 M_CP_INTOPT(allow_agent_forwarding); 2014 M_CP_INTOPT(permit_tun); 2015 M_CP_INTOPT(fwd_opts.gateway_ports); 2016 M_CP_INTOPT(x11_display_offset); 2017 M_CP_INTOPT(x11_forwarding); 2018 M_CP_INTOPT(x11_use_localhost); 2019 M_CP_INTOPT(permit_tty); 2020 M_CP_INTOPT(permit_user_rc); 2021 M_CP_INTOPT(max_sessions); 2022 M_CP_INTOPT(max_authtries); 2023 M_CP_INTOPT(ip_qos_interactive); 2024 M_CP_INTOPT(ip_qos_bulk); 2025 M_CP_INTOPT(rekey_limit); 2026 M_CP_INTOPT(rekey_interval); 2027 2028 /* M_CP_STROPT and M_CP_STRARRAYOPT should not appear before here */ 2029#define M_CP_STROPT(n) do {\ 2030 if (src->n != NULL && dst->n != src->n) { \ 2031 free(dst->n); \ 2032 dst->n = src->n; \ 2033 } \ 2034} while(0) 2035#define M_CP_STRARRAYOPT(n, num_n) do {\ 2036 if (src->num_n != 0) { \ 2037 for (dst->num_n = 0; dst->num_n < src->num_n; dst->num_n++) \ 2038 dst->n[dst->num_n] = xstrdup(src->n[dst->num_n]); \ 2039 } \ 2040} while(0) 2041 2042 /* See comment in servconf.h */ 2043 COPY_MATCH_STRING_OPTS(); 2044 2045 /* Arguments that accept '+...' need to be expanded */ 2046 assemble_algorithms(dst); 2047 2048 /* 2049 * The only things that should be below this point are string options 2050 * which are only used after authentication. 2051 */ 2052 if (preauth) 2053 return; 2054 2055 /* These options may be "none" to clear a global setting */ 2056 M_CP_STROPT(adm_forced_command); 2057 if (option_clear_or_none(dst->adm_forced_command)) { 2058 free(dst->adm_forced_command); 2059 dst->adm_forced_command = NULL; 2060 } 2061 M_CP_STROPT(chroot_directory); 2062 if (option_clear_or_none(dst->chroot_directory)) { 2063 free(dst->chroot_directory); 2064 dst->chroot_directory = NULL; 2065 } 2066} 2067 2068#undef M_CP_INTOPT 2069#undef M_CP_STROPT 2070#undef M_CP_STRARRAYOPT 2071 2072void 2073parse_server_config(ServerOptions *options, const char *filename, Buffer *conf, 2074 struct connection_info *connectinfo) 2075{ 2076 int active, linenum, bad_options = 0; 2077 char *cp, *obuf, *cbuf; 2078 2079 debug2("%s: config %s len %d", __func__, filename, buffer_len(conf)); 2080 2081 obuf = cbuf = xstrdup(buffer_ptr(conf)); 2082 active = connectinfo ? 0 : 1; 2083 linenum = 1; 2084 while ((cp = strsep(&cbuf, "\n")) != NULL) { 2085 if (process_server_config_line(options, cp, filename, 2086 linenum++, &active, connectinfo) != 0) 2087 bad_options++; 2088 } 2089 free(obuf); 2090 if (bad_options > 0) 2091 fatal("%s: terminating, %d bad configuration options", 2092 filename, bad_options); 2093 process_queued_listen_addrs(options); 2094} 2095 2096static const char * 2097fmt_multistate_int(int val, const struct multistate *m) 2098{ 2099 u_int i; 2100 2101 for (i = 0; m[i].key != NULL; i++) { 2102 if (m[i].value == val) 2103 return m[i].key; 2104 } 2105 return "UNKNOWN"; 2106} 2107 2108static const char * 2109fmt_intarg(ServerOpCodes code, int val) 2110{ 2111 if (val == -1) 2112 return "unset"; 2113 switch (code) { 2114 case sAddressFamily: 2115 return fmt_multistate_int(val, multistate_addressfamily); 2116 case sPermitRootLogin: 2117 return fmt_multistate_int(val, multistate_permitrootlogin); 2118 case sGatewayPorts: 2119 return fmt_multistate_int(val, multistate_gatewayports); 2120 case sCompression: 2121 return fmt_multistate_int(val, multistate_compression); 2122 case sUsePrivilegeSeparation: 2123 return fmt_multistate_int(val, multistate_privsep); 2124 case sAllowTcpForwarding: 2125 return fmt_multistate_int(val, multistate_tcpfwd); 2126 case sAllowStreamLocalForwarding: 2127 return fmt_multistate_int(val, multistate_tcpfwd); 2128 case sFingerprintHash: 2129 return ssh_digest_alg_name(val); 2130 case sProtocol: 2131 switch (val) { 2132 case SSH_PROTO_1: 2133 return "1"; 2134 case SSH_PROTO_2: 2135 return "2"; 2136 case (SSH_PROTO_1|SSH_PROTO_2): 2137 return "2,1"; 2138 default: 2139 return "UNKNOWN"; 2140 } 2141 default: 2142 switch (val) { 2143 case 0: 2144 return "no"; 2145 case 1: 2146 return "yes"; 2147 default: 2148 return "UNKNOWN"; 2149 } 2150 } 2151} 2152 2153static const char * 2154lookup_opcode_name(ServerOpCodes code) 2155{ 2156 u_int i; 2157 2158 for (i = 0; keywords[i].name != NULL; i++) 2159 if (keywords[i].opcode == code) 2160 return(keywords[i].name); 2161 return "UNKNOWN"; 2162} 2163 2164static void 2165dump_cfg_int(ServerOpCodes code, int val) 2166{ 2167 printf("%s %d\n", lookup_opcode_name(code), val); 2168} 2169 2170static void 2171dump_cfg_oct(ServerOpCodes code, int val) 2172{ 2173 printf("%s 0%o\n", lookup_opcode_name(code), val); 2174} 2175 2176static void 2177dump_cfg_fmtint(ServerOpCodes code, int val) 2178{ 2179 printf("%s %s\n", lookup_opcode_name(code), fmt_intarg(code, val)); 2180} 2181 2182static void 2183dump_cfg_string(ServerOpCodes code, const char *val) 2184{ 2185 if (val == NULL) 2186 return; 2187 printf("%s %s\n", lookup_opcode_name(code), 2188 val == NULL ? "none" : val); 2189} 2190 2191static void 2192dump_cfg_strarray(ServerOpCodes code, u_int count, char **vals) 2193{ 2194 u_int i; 2195 2196 for (i = 0; i < count; i++) 2197 printf("%s %s\n", lookup_opcode_name(code), vals[i]); 2198} 2199 2200static void 2201dump_cfg_strarray_oneline(ServerOpCodes code, u_int count, char **vals) 2202{ 2203 u_int i; 2204 2205 if (count <= 0) 2206 return; 2207 printf("%s", lookup_opcode_name(code)); 2208 for (i = 0; i < count; i++) 2209 printf(" %s", vals[i]); 2210 printf("\n"); 2211} 2212 2213void 2214dump_config(ServerOptions *o) 2215{ 2216 u_int i; 2217 int ret; 2218 struct addrinfo *ai; 2219 char addr[NI_MAXHOST], port[NI_MAXSERV], *s = NULL; 2220 char *laddr1 = xstrdup(""), *laddr2 = NULL; 2221 2222 /* these are usually at the top of the config */ 2223 for (i = 0; i < o->num_ports; i++) 2224 printf("port %d\n", o->ports[i]); 2225 dump_cfg_fmtint(sProtocol, o->protocol); 2226 dump_cfg_fmtint(sAddressFamily, o->address_family); 2227 2228 /* 2229 * ListenAddress must be after Port. add_one_listen_addr pushes 2230 * addresses onto a stack, so to maintain ordering we need to 2231 * print these in reverse order. 2232 */ 2233 for (ai = o->listen_addrs; ai; ai = ai->ai_next) { 2234 if ((ret = getnameinfo(ai->ai_addr, ai->ai_addrlen, addr, 2235 sizeof(addr), port, sizeof(port), 2236 NI_NUMERICHOST|NI_NUMERICSERV)) != 0) { 2237 error("getnameinfo failed: %.100s", 2238 (ret != EAI_SYSTEM) ? gai_strerror(ret) : 2239 strerror(errno)); 2240 } else { 2241 laddr2 = laddr1; 2242 if (ai->ai_family == AF_INET6) 2243 xasprintf(&laddr1, "listenaddress [%s]:%s\n%s", 2244 addr, port, laddr2); 2245 else 2246 xasprintf(&laddr1, "listenaddress %s:%s\n%s", 2247 addr, port, laddr2); 2248 free(laddr2); 2249 } 2250 } 2251 printf("%s", laddr1); 2252 free(laddr1); 2253 2254 /* integer arguments */ 2255#ifdef USE_PAM 2256 dump_cfg_fmtint(sUsePAM, o->use_pam); 2257#endif 2258 dump_cfg_int(sServerKeyBits, o->server_key_bits); 2259 dump_cfg_int(sLoginGraceTime, o->login_grace_time); 2260 dump_cfg_int(sKeyRegenerationTime, o->key_regeneration_time); 2261 dump_cfg_int(sX11DisplayOffset, o->x11_display_offset); 2262 dump_cfg_int(sMaxAuthTries, o->max_authtries); 2263 dump_cfg_int(sMaxSessions, o->max_sessions); 2264 dump_cfg_int(sClientAliveInterval, o->client_alive_interval); 2265 dump_cfg_int(sClientAliveCountMax, o->client_alive_count_max); 2266 dump_cfg_oct(sStreamLocalBindMask, o->fwd_opts.streamlocal_bind_mask); 2267 2268 /* formatted integer arguments */ 2269 dump_cfg_fmtint(sPermitRootLogin, o->permit_root_login); 2270 dump_cfg_fmtint(sIgnoreRhosts, o->ignore_rhosts); 2271 dump_cfg_fmtint(sIgnoreUserKnownHosts, o->ignore_user_known_hosts); 2272 dump_cfg_fmtint(sRhostsRSAAuthentication, o->rhosts_rsa_authentication); 2273 dump_cfg_fmtint(sHostbasedAuthentication, o->hostbased_authentication); 2274 dump_cfg_fmtint(sHostbasedUsesNameFromPacketOnly, 2275 o->hostbased_uses_name_from_packet_only); 2276 dump_cfg_fmtint(sRSAAuthentication, o->rsa_authentication); 2277 dump_cfg_fmtint(sPubkeyAuthentication, o->pubkey_authentication); 2278#ifdef KRB5 2279 dump_cfg_fmtint(sKerberosAuthentication, o->kerberos_authentication); 2280 dump_cfg_fmtint(sKerberosOrLocalPasswd, o->kerberos_or_local_passwd); 2281 dump_cfg_fmtint(sKerberosTicketCleanup, o->kerberos_ticket_cleanup); 2282# ifdef USE_AFS 2283 dump_cfg_fmtint(sKerberosGetAFSToken, o->kerberos_get_afs_token); 2284# endif 2285#endif 2286#ifdef GSSAPI 2287 dump_cfg_fmtint(sGssAuthentication, o->gss_authentication); 2288 dump_cfg_fmtint(sGssCleanupCreds, o->gss_cleanup_creds); 2289#endif 2290 dump_cfg_fmtint(sPasswordAuthentication, o->password_authentication); 2291 dump_cfg_fmtint(sKbdInteractiveAuthentication, 2292 o->kbd_interactive_authentication); 2293 dump_cfg_fmtint(sChallengeResponseAuthentication, 2294 o->challenge_response_authentication); 2295 dump_cfg_fmtint(sPrintMotd, o->print_motd); 2296#ifndef DISABLE_LASTLOG 2297 dump_cfg_fmtint(sPrintLastLog, o->print_lastlog); 2298#endif 2299 dump_cfg_fmtint(sX11Forwarding, o->x11_forwarding); 2300 dump_cfg_fmtint(sX11UseLocalhost, o->x11_use_localhost); 2301 dump_cfg_fmtint(sPermitTTY, o->permit_tty); 2302 dump_cfg_fmtint(sPermitUserRC, o->permit_user_rc); 2303 dump_cfg_fmtint(sStrictModes, o->strict_modes); 2304 dump_cfg_fmtint(sTCPKeepAlive, o->tcp_keep_alive); 2305 dump_cfg_fmtint(sEmptyPasswd, o->permit_empty_passwd); 2306 dump_cfg_fmtint(sPermitUserEnvironment, o->permit_user_env); 2307 dump_cfg_fmtint(sUseLogin, o->use_login); 2308 dump_cfg_fmtint(sCompression, o->compression); 2309 dump_cfg_fmtint(sGatewayPorts, o->fwd_opts.gateway_ports); 2310 dump_cfg_fmtint(sUseDNS, o->use_dns); 2311 dump_cfg_fmtint(sAllowTcpForwarding, o->allow_tcp_forwarding); 2312 dump_cfg_fmtint(sAllowAgentForwarding, o->allow_agent_forwarding); 2313 dump_cfg_fmtint(sAllowStreamLocalForwarding, o->allow_streamlocal_forwarding); 2314 dump_cfg_fmtint(sUsePrivilegeSeparation, use_privsep); 2315 dump_cfg_fmtint(sFingerprintHash, o->fingerprint_hash); 2316 dump_cfg_fmtint(sUseBlacklist, o->use_blacklist); 2317 2318 /* string arguments */ 2319 dump_cfg_string(sPidFile, o->pid_file); 2320 dump_cfg_string(sXAuthLocation, o->xauth_location); 2321 dump_cfg_string(sCiphers, o->ciphers ? o->ciphers : KEX_SERVER_ENCRYPT); 2322 dump_cfg_string(sMacs, o->macs ? o->macs : KEX_SERVER_MAC); 2323 dump_cfg_string(sBanner, o->banner); 2324 dump_cfg_string(sForceCommand, o->adm_forced_command); 2325 dump_cfg_string(sChrootDirectory, o->chroot_directory); 2326 dump_cfg_string(sTrustedUserCAKeys, o->trusted_user_ca_keys); 2327 dump_cfg_string(sRevokedKeys, o->revoked_keys_file); 2328 dump_cfg_string(sAuthorizedPrincipalsFile, 2329 o->authorized_principals_file); 2330 dump_cfg_string(sVersionAddendum, *o->version_addendum == '\0' 2331 ? "none" : o->version_addendum); 2332 dump_cfg_string(sAuthorizedKeysCommand, o->authorized_keys_command); 2333 dump_cfg_string(sAuthorizedKeysCommandUser, o->authorized_keys_command_user); 2334 dump_cfg_string(sAuthorizedPrincipalsCommand, o->authorized_principals_command); 2335 dump_cfg_string(sAuthorizedPrincipalsCommandUser, o->authorized_principals_command_user); 2336 dump_cfg_string(sHostKeyAgent, o->host_key_agent); 2337 dump_cfg_string(sKexAlgorithms, 2338 o->kex_algorithms ? o->kex_algorithms : KEX_SERVER_KEX); 2339 dump_cfg_string(sHostbasedAcceptedKeyTypes, o->hostbased_key_types ? 2340 o->hostbased_key_types : KEX_DEFAULT_PK_ALG); 2341 dump_cfg_string(sHostKeyAlgorithms, o->hostkeyalgorithms ? 2342 o->hostkeyalgorithms : KEX_DEFAULT_PK_ALG); 2343 dump_cfg_string(sPubkeyAcceptedKeyTypes, o->pubkey_key_types ? 2344 o->pubkey_key_types : KEX_DEFAULT_PK_ALG); 2345 2346 /* string arguments requiring a lookup */ 2347 dump_cfg_string(sLogLevel, log_level_name(o->log_level)); 2348 dump_cfg_string(sLogFacility, log_facility_name(o->log_facility)); 2349 2350 /* string array arguments */ 2351 dump_cfg_strarray_oneline(sAuthorizedKeysFile, o->num_authkeys_files, 2352 o->authorized_keys_files); 2353 dump_cfg_strarray(sHostKeyFile, o->num_host_key_files, 2354 o->host_key_files); 2355 dump_cfg_strarray(sHostCertificate, o->num_host_cert_files, 2356 o->host_cert_files); 2357 dump_cfg_strarray(sAllowUsers, o->num_allow_users, o->allow_users); 2358 dump_cfg_strarray(sDenyUsers, o->num_deny_users, o->deny_users); 2359 dump_cfg_strarray(sAllowGroups, o->num_allow_groups, o->allow_groups); 2360 dump_cfg_strarray(sDenyGroups, o->num_deny_groups, o->deny_groups); 2361 dump_cfg_strarray(sAcceptEnv, o->num_accept_env, o->accept_env); 2362 dump_cfg_strarray_oneline(sAuthenticationMethods, 2363 o->num_auth_methods, o->auth_methods); 2364 2365 /* other arguments */ 2366 for (i = 0; i < o->num_subsystems; i++) 2367 printf("subsystem %s %s\n", o->subsystem_name[i], 2368 o->subsystem_args[i]); 2369 2370 printf("maxstartups %d:%d:%d\n", o->max_startups_begin, 2371 o->max_startups_rate, o->max_startups); 2372 2373 for (i = 0; tunmode_desc[i].val != -1; i++) 2374 if (tunmode_desc[i].val == o->permit_tun) { 2375 s = tunmode_desc[i].text; 2376 break; 2377 } 2378 dump_cfg_string(sPermitTunnel, s); 2379 2380 printf("ipqos %s ", iptos2str(o->ip_qos_interactive)); 2381 printf("%s\n", iptos2str(o->ip_qos_bulk)); 2382 2383 printf("rekeylimit %llu %d\n", (unsigned long long)o->rekey_limit, 2384 o->rekey_interval); 2385 2386 channel_print_adm_permitted_opens(); 2387} 2388