| version 1.128, 2004/03/05 10:53:58 |
version 1.128.2.2, 2005/03/10 17:15:04 |
|
|
| oEnableSSHKeysign, oRekeyLimit, oVerifyHostKeyDNS, oConnectTimeout, |
oEnableSSHKeysign, oRekeyLimit, oVerifyHostKeyDNS, oConnectTimeout, |
| oAddressFamily, oGssAuthentication, oGssDelegateCreds, |
oAddressFamily, oGssAuthentication, oGssDelegateCreds, |
| oServerAliveInterval, oServerAliveCountMax, oIdentitiesOnly, |
oServerAliveInterval, oServerAliveCountMax, oIdentitiesOnly, |
| |
oSendEnv, oControlPath, oControlMaster, oHashKnownHosts, |
| oDeprecated, oUnsupported |
oDeprecated, oUnsupported |
| } OpCodes; |
} OpCodes; |
| |
|
|
|
| { "addressfamily", oAddressFamily }, |
{ "addressfamily", oAddressFamily }, |
| { "serveraliveinterval", oServerAliveInterval }, |
{ "serveraliveinterval", oServerAliveInterval }, |
| { "serveralivecountmax", oServerAliveCountMax }, |
{ "serveralivecountmax", oServerAliveCountMax }, |
| |
{ "sendenv", oSendEnv }, |
| |
{ "controlpath", oControlPath }, |
| |
{ "controlmaster", oControlMaster }, |
| |
{ "hashknownhosts", oHashKnownHosts }, |
| { NULL, oBadOption } |
{ NULL, oBadOption } |
| }; |
}; |
| |
|
|
|
| */ |
*/ |
| |
|
| void |
void |
| add_local_forward(Options *options, u_short port, const char *host, |
add_local_forward(Options *options, const Forward *newfwd) |
| u_short host_port) |
|
| { |
{ |
| Forward *fwd; |
Forward *fwd; |
| extern uid_t original_real_uid; |
extern uid_t original_real_uid; |
| if (port < IPPORT_RESERVED && original_real_uid != 0) |
if (newfwd->listen_port < IPPORT_RESERVED && original_real_uid != 0) |
| fatal("Privileged ports can only be forwarded by root."); |
fatal("Privileged ports can only be forwarded by root."); |
| if (options->num_local_forwards >= SSH_MAX_FORWARDS_PER_DIRECTION) |
if (options->num_local_forwards >= SSH_MAX_FORWARDS_PER_DIRECTION) |
| fatal("Too many local forwards (max %d).", SSH_MAX_FORWARDS_PER_DIRECTION); |
fatal("Too many local forwards (max %d).", SSH_MAX_FORWARDS_PER_DIRECTION); |
| fwd = &options->local_forwards[options->num_local_forwards++]; |
fwd = &options->local_forwards[options->num_local_forwards++]; |
| fwd->port = port; |
|
| fwd->host = xstrdup(host); |
fwd->listen_host = (newfwd->listen_host == NULL) ? |
| fwd->host_port = host_port; |
NULL : xstrdup(newfwd->listen_host); |
| |
fwd->listen_port = newfwd->listen_port; |
| |
fwd->connect_host = xstrdup(newfwd->connect_host); |
| |
fwd->connect_port = newfwd->connect_port; |
| } |
} |
| |
|
| /* |
/* |
|
|
| */ |
*/ |
| |
|
| void |
void |
| add_remote_forward(Options *options, u_short port, const char *host, |
add_remote_forward(Options *options, const Forward *newfwd) |
| u_short host_port) |
|
| { |
{ |
| Forward *fwd; |
Forward *fwd; |
| if (options->num_remote_forwards >= SSH_MAX_FORWARDS_PER_DIRECTION) |
if (options->num_remote_forwards >= SSH_MAX_FORWARDS_PER_DIRECTION) |
| fatal("Too many remote forwards (max %d).", |
fatal("Too many remote forwards (max %d).", |
| SSH_MAX_FORWARDS_PER_DIRECTION); |
SSH_MAX_FORWARDS_PER_DIRECTION); |
| fwd = &options->remote_forwards[options->num_remote_forwards++]; |
fwd = &options->remote_forwards[options->num_remote_forwards++]; |
| fwd->port = port; |
|
| fwd->host = xstrdup(host); |
fwd->listen_host = (newfwd->listen_host == NULL) ? |
| fwd->host_port = host_port; |
NULL : xstrdup(newfwd->listen_host); |
| |
fwd->listen_port = newfwd->listen_port; |
| |
fwd->connect_host = xstrdup(newfwd->connect_host); |
| |
fwd->connect_port = newfwd->connect_port; |
| } |
} |
| |
|
| static void |
static void |
|
|
| { |
{ |
| int i; |
int i; |
| |
|
| for (i = 0; i < options->num_local_forwards; i++) |
for (i = 0; i < options->num_local_forwards; i++) { |
| xfree(options->local_forwards[i].host); |
if (options->local_forwards[i].listen_host != NULL) |
| |
xfree(options->local_forwards[i].listen_host); |
| |
xfree(options->local_forwards[i].connect_host); |
| |
} |
| options->num_local_forwards = 0; |
options->num_local_forwards = 0; |
| for (i = 0; i < options->num_remote_forwards; i++) |
for (i = 0; i < options->num_remote_forwards; i++) { |
| xfree(options->remote_forwards[i].host); |
if (options->remote_forwards[i].listen_host != NULL) |
| |
xfree(options->remote_forwards[i].listen_host); |
| |
xfree(options->remote_forwards[i].connect_host); |
| |
} |
| options->num_remote_forwards = 0; |
options->num_remote_forwards = 0; |
| } |
} |
| |
|
|
|
| char *line, const char *filename, int linenum, |
char *line, const char *filename, int linenum, |
| int *activep) |
int *activep) |
| { |
{ |
| char buf[256], *s, **charptr, *endofnumber, *keyword, *arg; |
char *s, **charptr, *endofnumber, *keyword, *arg, *arg2, fwdarg[256]; |
| int opcode, *intptr, value; |
int opcode, *intptr, value; |
| size_t len; |
size_t len; |
| u_short fwd_port, fwd_host_port; |
Forward fwd; |
| char sfwd_host_port[6]; |
|
| |
|
| /* Strip trailing whitespace */ |
/* Strip trailing whitespace */ |
| for(len = strlen(line) - 1; len > 0; len--) { |
for(len = strlen(line) - 1; len > 0; len--) { |
|
|
| case oLocalForward: |
case oLocalForward: |
| case oRemoteForward: |
case oRemoteForward: |
| arg = strdelim(&s); |
arg = strdelim(&s); |
| if (!arg || *arg == '\0') |
if (arg == NULL || *arg == '\0') |
| fatal("%.200s line %d: Missing port argument.", |
fatal("%.200s line %d: Missing port argument.", |
| filename, linenum); |
filename, linenum); |
| if ((fwd_port = a2port(arg)) == 0) |
arg2 = strdelim(&s); |
| fatal("%.200s line %d: Bad listen port.", |
if (arg2 == NULL || *arg2 == '\0') |
| |
fatal("%.200s line %d: Missing target argument.", |
| filename, linenum); |
filename, linenum); |
| arg = strdelim(&s); |
|
| if (!arg || *arg == '\0') |
/* construct a string for parse_forward */ |
| fatal("%.200s line %d: Missing second argument.", |
snprintf(fwdarg, sizeof(fwdarg), "%s:%s", arg, arg2); |
| filename, linenum); |
|
| if (sscanf(arg, "%255[^:]:%5[0-9]", buf, sfwd_host_port) != 2 && |
if (parse_forward(&fwd, fwdarg) == 0) |
| sscanf(arg, "%255[^/]/%5[0-9]", buf, sfwd_host_port) != 2) |
|
| fatal("%.200s line %d: Bad forwarding specification.", |
fatal("%.200s line %d: Bad forwarding specification.", |
| filename, linenum); |
filename, linenum); |
| if ((fwd_host_port = a2port(sfwd_host_port)) == 0) |
|
| fatal("%.200s line %d: Bad forwarding port.", |
|
| filename, linenum); |
|
| if (*activep) { |
if (*activep) { |
| if (opcode == oLocalForward) |
if (opcode == oLocalForward) |
| add_local_forward(options, fwd_port, buf, |
add_local_forward(options, &fwd); |
| fwd_host_port); |
|
| else if (opcode == oRemoteForward) |
else if (opcode == oRemoteForward) |
| add_remote_forward(options, fwd_port, buf, |
add_remote_forward(options, &fwd); |
| fwd_host_port); |
|
| } |
} |
| break; |
break; |
| |
|
|
|
| if (!arg || *arg == '\0') |
if (!arg || *arg == '\0') |
| fatal("%.200s line %d: Missing port argument.", |
fatal("%.200s line %d: Missing port argument.", |
| filename, linenum); |
filename, linenum); |
| fwd_port = a2port(arg); |
memset(&fwd, '\0', sizeof(fwd)); |
| if (fwd_port == 0) |
fwd.connect_host = "socks"; |
| |
fwd.listen_host = hpdelim(&arg); |
| |
if (fwd.listen_host == NULL || |
| |
strlen(fwd.listen_host) >= NI_MAXHOST) |
| |
fatal("%.200s line %d: Bad forwarding specification.", |
| |
filename, linenum); |
| |
if (arg) { |
| |
fwd.listen_port = a2port(arg); |
| |
fwd.listen_host = cleanhostname(fwd.listen_host); |
| |
} else { |
| |
fwd.listen_port = a2port(fwd.listen_host); |
| |
fwd.listen_host = ""; |
| |
} |
| |
if (fwd.listen_port == 0) |
| fatal("%.200s line %d: Badly formatted port number.", |
fatal("%.200s line %d: Badly formatted port number.", |
| filename, linenum); |
filename, linenum); |
| if (*activep) |
if (*activep) |
| add_local_forward(options, fwd_port, "socks", 0); |
add_local_forward(options, &fwd); |
| break; |
break; |
| |
|
| case oClearAllForwardings: |
case oClearAllForwardings: |
|
|
| intptr = &options->server_alive_count_max; |
intptr = &options->server_alive_count_max; |
| goto parse_int; |
goto parse_int; |
| |
|
| |
case oSendEnv: |
| |
while ((arg = strdelim(&s)) != NULL && *arg != '\0') { |
| |
if (strchr(arg, '=') != NULL) |
| |
fatal("%s line %d: Invalid environment name.", |
| |
filename, linenum); |
| |
if (!*activep) |
| |
continue; |
| |
if (options->num_send_env >= MAX_SEND_ENV) |
| |
fatal("%s line %d: too many send env.", |
| |
filename, linenum); |
| |
options->send_env[options->num_send_env++] = |
| |
xstrdup(arg); |
| |
} |
| |
break; |
| |
|
| |
case oControlPath: |
| |
charptr = &options->control_path; |
| |
goto parse_string; |
| |
|
| |
case oControlMaster: |
| |
intptr = &options->control_master; |
| |
goto parse_yesnoask; |
| |
|
| |
case oHashKnownHosts: |
| |
intptr = &options->hash_known_hosts; |
| |
goto parse_flag; |
| |
|
| case oDeprecated: |
case oDeprecated: |
| debug("%s line %d: Deprecated option \"%s\"", |
debug("%s line %d: Deprecated option \"%s\"", |
| filename, linenum, keyword); |
filename, linenum, keyword); |
|
|
| */ |
*/ |
| |
|
| int |
int |
| read_config_file(const char *filename, const char *host, Options *options) |
read_config_file(const char *filename, const char *host, Options *options, |
| |
int checkperm) |
| { |
{ |
| FILE *f; |
FILE *f; |
| char line[1024]; |
char line[1024]; |
|
|
| int bad_options = 0; |
int bad_options = 0; |
| |
|
| /* Open the file. */ |
/* Open the file. */ |
| f = fopen(filename, "r"); |
if ((f = fopen(filename, "r")) == NULL) |
| if (!f) |
|
| return 0; |
return 0; |
| |
|
| |
if (checkperm) { |
| |
struct stat sb; |
| |
|
| |
if (fstat(fileno(f), &sb) == -1) |
| |
fatal("fstat %s: %s", filename, strerror(errno)); |
| |
if (((sb.st_uid != 0 && sb.st_uid != getuid()) || |
| |
(sb.st_mode & 022) != 0)) |
| |
fatal("Bad owner or permissions on %s", filename); |
| |
} |
| |
|
| debug("Reading configuration data %.200s", filename); |
debug("Reading configuration data %.200s", filename); |
| |
|
| /* |
/* |
|
|
| options->verify_host_key_dns = -1; |
options->verify_host_key_dns = -1; |
| options->server_alive_interval = -1; |
options->server_alive_interval = -1; |
| options->server_alive_count_max = -1; |
options->server_alive_count_max = -1; |
| |
options->num_send_env = 0; |
| |
options->control_path = NULL; |
| |
options->control_master = -1; |
| |
options->hash_known_hosts = -1; |
| } |
} |
| |
|
| /* |
/* |
|
|
| options->server_alive_interval = 0; |
options->server_alive_interval = 0; |
| if (options->server_alive_count_max == -1) |
if (options->server_alive_count_max == -1) |
| options->server_alive_count_max = 3; |
options->server_alive_count_max = 3; |
| |
if (options->control_master == -1) |
| |
options->control_master = 0; |
| |
if (options->hash_known_hosts == -1) |
| |
options->hash_known_hosts = 0; |
| /* options->proxy_command should not be set by default */ |
/* options->proxy_command should not be set by default */ |
| /* options->user will be set in the main program if appropriate */ |
/* options->user will be set in the main program if appropriate */ |
| /* options->hostname will be set in the main program if appropriate */ |
/* options->hostname will be set in the main program if appropriate */ |
| /* options->host_key_alias should not be set by default */ |
/* options->host_key_alias should not be set by default */ |
| /* options->preferred_authentications will be set in ssh */ |
/* options->preferred_authentications will be set in ssh */ |
| |
} |
| |
|
| |
/* |
| |
* parse_forward |
| |
* parses a string containing a port forwarding specification of the form: |
| |
* [listenhost:]listenport:connecthost:connectport |
| |
* returns number of arguments parsed or zero on error |
| |
*/ |
| |
int |
| |
parse_forward(Forward *fwd, const char *fwdspec) |
| |
{ |
| |
int i; |
| |
char *p, *cp, *fwdarg[4]; |
| |
|
| |
memset(fwd, '\0', sizeof(*fwd)); |
| |
|
| |
cp = p = xstrdup(fwdspec); |
| |
|
| |
/* skip leading spaces */ |
| |
while (*cp && isspace(*cp)) |
| |
cp++; |
| |
|
| |
for (i = 0; i < 4; ++i) |
| |
if ((fwdarg[i] = hpdelim(&cp)) == NULL) |
| |
break; |
| |
|
| |
/* Check for trailing garbage in 4-arg case*/ |
| |
if (cp != NULL) |
| |
i = 0; /* failure */ |
| |
|
| |
switch (i) { |
| |
case 3: |
| |
fwd->listen_host = NULL; |
| |
fwd->listen_port = a2port(fwdarg[0]); |
| |
fwd->connect_host = xstrdup(cleanhostname(fwdarg[1])); |
| |
fwd->connect_port = a2port(fwdarg[2]); |
| |
break; |
| |
|
| |
case 4: |
| |
fwd->listen_host = xstrdup(cleanhostname(fwdarg[0])); |
| |
fwd->listen_port = a2port(fwdarg[1]); |
| |
fwd->connect_host = xstrdup(cleanhostname(fwdarg[2])); |
| |
fwd->connect_port = a2port(fwdarg[3]); |
| |
break; |
| |
default: |
| |
i = 0; /* failure */ |
| |
} |
| |
|
| |
xfree(p); |
| |
|
| |
if (fwd->listen_port == 0 && fwd->connect_port == 0) |
| |
goto fail_free; |
| |
|
| |
if (fwd->connect_host != NULL && |
| |
strlen(fwd->connect_host) >= NI_MAXHOST) |
| |
goto fail_free; |
| |
|
| |
return (i); |
| |
|
| |
fail_free: |
| |
if (fwd->connect_host != NULL) |
| |
xfree(fwd->connect_host); |
| |
if (fwd->listen_host != NULL) |
| |
xfree(fwd->listen_host); |
| |
return (0); |
| } |
} |
![[BACK]](/icons/back.gif){kind=icon}
Return to readconf.c CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / src / usr.bin / ssh