| version 1.128.2.2, 2005/03/10 17:15:04 |
version 1.129, 2004/04/18 23:10:26 |
|
|
| oEnableSSHKeysign, oRekeyLimit, oVerifyHostKeyDNS, oConnectTimeout, |
oEnableSSHKeysign, oRekeyLimit, oVerifyHostKeyDNS, oConnectTimeout, |
| oAddressFamily, oGssAuthentication, oGssDelegateCreds, |
oAddressFamily, oGssAuthentication, oGssDelegateCreds, |
| oServerAliveInterval, oServerAliveCountMax, oIdentitiesOnly, |
oServerAliveInterval, oServerAliveCountMax, oIdentitiesOnly, |
| oSendEnv, oControlPath, oControlMaster, oHashKnownHosts, |
|
| oDeprecated, oUnsupported |
oDeprecated, oUnsupported |
| } OpCodes; |
} OpCodes; |
| |
|
|
|
| { "addressfamily", oAddressFamily }, |
{ "addressfamily", oAddressFamily }, |
| { "serveraliveinterval", oServerAliveInterval }, |
{ "serveraliveinterval", oServerAliveInterval }, |
| { "serveralivecountmax", oServerAliveCountMax }, |
{ "serveralivecountmax", oServerAliveCountMax }, |
| { "sendenv", oSendEnv }, |
|
| { "controlpath", oControlPath }, |
|
| { "controlmaster", oControlMaster }, |
|
| { "hashknownhosts", oHashKnownHosts }, |
|
| { NULL, oBadOption } |
{ NULL, oBadOption } |
| }; |
}; |
| |
|
|
|
| */ |
*/ |
| |
|
| void |
void |
| add_local_forward(Options *options, const Forward *newfwd) |
add_local_forward(Options *options, u_short port, const char *host, |
| |
u_short host_port) |
| { |
{ |
| Forward *fwd; |
Forward *fwd; |
| extern uid_t original_real_uid; |
extern uid_t original_real_uid; |
| if (newfwd->listen_port < IPPORT_RESERVED && original_real_uid != 0) |
if (port < IPPORT_RESERVED && original_real_uid != 0) |
| fatal("Privileged ports can only be forwarded by root."); |
fatal("Privileged ports can only be forwarded by root."); |
| if (options->num_local_forwards >= SSH_MAX_FORWARDS_PER_DIRECTION) |
if (options->num_local_forwards >= SSH_MAX_FORWARDS_PER_DIRECTION) |
| fatal("Too many local forwards (max %d).", SSH_MAX_FORWARDS_PER_DIRECTION); |
fatal("Too many local forwards (max %d).", SSH_MAX_FORWARDS_PER_DIRECTION); |
| fwd = &options->local_forwards[options->num_local_forwards++]; |
fwd = &options->local_forwards[options->num_local_forwards++]; |
| |
fwd->port = port; |
| fwd->listen_host = (newfwd->listen_host == NULL) ? |
fwd->host = xstrdup(host); |
| NULL : xstrdup(newfwd->listen_host); |
fwd->host_port = host_port; |
| fwd->listen_port = newfwd->listen_port; |
|
| fwd->connect_host = xstrdup(newfwd->connect_host); |
|
| fwd->connect_port = newfwd->connect_port; |
|
| } |
} |
| |
|
| /* |
/* |
|
|
| */ |
*/ |
| |
|
| void |
void |
| add_remote_forward(Options *options, const Forward *newfwd) |
add_remote_forward(Options *options, u_short port, const char *host, |
| |
u_short host_port) |
| { |
{ |
| Forward *fwd; |
Forward *fwd; |
| if (options->num_remote_forwards >= SSH_MAX_FORWARDS_PER_DIRECTION) |
if (options->num_remote_forwards >= SSH_MAX_FORWARDS_PER_DIRECTION) |
| fatal("Too many remote forwards (max %d).", |
fatal("Too many remote forwards (max %d).", |
| SSH_MAX_FORWARDS_PER_DIRECTION); |
SSH_MAX_FORWARDS_PER_DIRECTION); |
| fwd = &options->remote_forwards[options->num_remote_forwards++]; |
fwd = &options->remote_forwards[options->num_remote_forwards++]; |
| |
fwd->port = port; |
| fwd->listen_host = (newfwd->listen_host == NULL) ? |
fwd->host = xstrdup(host); |
| NULL : xstrdup(newfwd->listen_host); |
fwd->host_port = host_port; |
| fwd->listen_port = newfwd->listen_port; |
|
| fwd->connect_host = xstrdup(newfwd->connect_host); |
|
| fwd->connect_port = newfwd->connect_port; |
|
| } |
} |
| |
|
| static void |
static void |
|
|
| { |
{ |
| int i; |
int i; |
| |
|
| for (i = 0; i < options->num_local_forwards; i++) { |
for (i = 0; i < options->num_local_forwards; i++) |
| if (options->local_forwards[i].listen_host != NULL) |
xfree(options->local_forwards[i].host); |
| xfree(options->local_forwards[i].listen_host); |
|
| xfree(options->local_forwards[i].connect_host); |
|
| } |
|
| options->num_local_forwards = 0; |
options->num_local_forwards = 0; |
| for (i = 0; i < options->num_remote_forwards; i++) { |
for (i = 0; i < options->num_remote_forwards; i++) |
| if (options->remote_forwards[i].listen_host != NULL) |
xfree(options->remote_forwards[i].host); |
| xfree(options->remote_forwards[i].listen_host); |
|
| xfree(options->remote_forwards[i].connect_host); |
|
| } |
|
| options->num_remote_forwards = 0; |
options->num_remote_forwards = 0; |
| } |
} |
| |
|
|
|
| char *line, const char *filename, int linenum, |
char *line, const char *filename, int linenum, |
| int *activep) |
int *activep) |
| { |
{ |
| char *s, **charptr, *endofnumber, *keyword, *arg, *arg2, fwdarg[256]; |
char buf[256], *s, **charptr, *endofnumber, *keyword, *arg; |
| int opcode, *intptr, value; |
int opcode, *intptr, value; |
| size_t len; |
size_t len; |
| Forward fwd; |
u_short fwd_port, fwd_host_port; |
| |
char sfwd_host_port[6]; |
| |
|
| /* Strip trailing whitespace */ |
/* Strip trailing whitespace */ |
| for(len = strlen(line) - 1; len > 0; len--) { |
for(len = strlen(line) - 1; len > 0; len--) { |
|
|
| case oLocalForward: |
case oLocalForward: |
| case oRemoteForward: |
case oRemoteForward: |
| arg = strdelim(&s); |
arg = strdelim(&s); |
| if (arg == NULL || *arg == '\0') |
if (!arg || *arg == '\0') |
| fatal("%.200s line %d: Missing port argument.", |
fatal("%.200s line %d: Missing port argument.", |
| filename, linenum); |
filename, linenum); |
| arg2 = strdelim(&s); |
if ((fwd_port = a2port(arg)) == 0) |
| if (arg2 == NULL || *arg2 == '\0') |
fatal("%.200s line %d: Bad listen port.", |
| fatal("%.200s line %d: Missing target argument.", |
|
| filename, linenum); |
filename, linenum); |
| |
arg = strdelim(&s); |
| /* construct a string for parse_forward */ |
if (!arg || *arg == '\0') |
| snprintf(fwdarg, sizeof(fwdarg), "%s:%s", arg, arg2); |
fatal("%.200s line %d: Missing second argument.", |
| |
filename, linenum); |
| if (parse_forward(&fwd, fwdarg) == 0) |
if (sscanf(arg, "%255[^:]:%5[0-9]", buf, sfwd_host_port) != 2 && |
| |
sscanf(arg, "%255[^/]/%5[0-9]", buf, sfwd_host_port) != 2) |
| fatal("%.200s line %d: Bad forwarding specification.", |
fatal("%.200s line %d: Bad forwarding specification.", |
| filename, linenum); |
filename, linenum); |
| |
if ((fwd_host_port = a2port(sfwd_host_port)) == 0) |
| |
fatal("%.200s line %d: Bad forwarding port.", |
| |
filename, linenum); |
| if (*activep) { |
if (*activep) { |
| if (opcode == oLocalForward) |
if (opcode == oLocalForward) |
| add_local_forward(options, &fwd); |
add_local_forward(options, fwd_port, buf, |
| |
fwd_host_port); |
| else if (opcode == oRemoteForward) |
else if (opcode == oRemoteForward) |
| add_remote_forward(options, &fwd); |
add_remote_forward(options, fwd_port, buf, |
| |
fwd_host_port); |
| } |
} |
| break; |
break; |
| |
|
|
|
| if (!arg || *arg == '\0') |
if (!arg || *arg == '\0') |
| fatal("%.200s line %d: Missing port argument.", |
fatal("%.200s line %d: Missing port argument.", |
| filename, linenum); |
filename, linenum); |
| memset(&fwd, '\0', sizeof(fwd)); |
fwd_port = a2port(arg); |
| fwd.connect_host = "socks"; |
if (fwd_port == 0) |
| fwd.listen_host = hpdelim(&arg); |
|
| if (fwd.listen_host == NULL || |
|
| strlen(fwd.listen_host) >= NI_MAXHOST) |
|
| fatal("%.200s line %d: Bad forwarding specification.", |
|
| filename, linenum); |
|
| if (arg) { |
|
| fwd.listen_port = a2port(arg); |
|
| fwd.listen_host = cleanhostname(fwd.listen_host); |
|
| } else { |
|
| fwd.listen_port = a2port(fwd.listen_host); |
|
| fwd.listen_host = ""; |
|
| } |
|
| if (fwd.listen_port == 0) |
|
| fatal("%.200s line %d: Badly formatted port number.", |
fatal("%.200s line %d: Badly formatted port number.", |
| filename, linenum); |
filename, linenum); |
| if (*activep) |
if (*activep) |
| add_local_forward(options, &fwd); |
add_local_forward(options, fwd_port, "socks", 0); |
| break; |
break; |
| |
|
| case oClearAllForwardings: |
case oClearAllForwardings: |
|
|
| intptr = &options->server_alive_count_max; |
intptr = &options->server_alive_count_max; |
| goto parse_int; |
goto parse_int; |
| |
|
| case oSendEnv: |
|
| while ((arg = strdelim(&s)) != NULL && *arg != '\0') { |
|
| if (strchr(arg, '=') != NULL) |
|
| fatal("%s line %d: Invalid environment name.", |
|
| filename, linenum); |
|
| if (!*activep) |
|
| continue; |
|
| if (options->num_send_env >= MAX_SEND_ENV) |
|
| fatal("%s line %d: too many send env.", |
|
| filename, linenum); |
|
| options->send_env[options->num_send_env++] = |
|
| xstrdup(arg); |
|
| } |
|
| break; |
|
| |
|
| case oControlPath: |
|
| charptr = &options->control_path; |
|
| goto parse_string; |
|
| |
|
| case oControlMaster: |
|
| intptr = &options->control_master; |
|
| goto parse_yesnoask; |
|
| |
|
| case oHashKnownHosts: |
|
| intptr = &options->hash_known_hosts; |
|
| goto parse_flag; |
|
| |
|
| case oDeprecated: |
case oDeprecated: |
| debug("%s line %d: Deprecated option \"%s\"", |
debug("%s line %d: Deprecated option \"%s\"", |
| filename, linenum, keyword); |
filename, linenum, keyword); |
|
|
| */ |
*/ |
| |
|
| int |
int |
| read_config_file(const char *filename, const char *host, Options *options, |
read_config_file(const char *filename, const char *host, Options *options, |
| int checkperm) |
int checkperm) |
| { |
{ |
| FILE *f; |
FILE *f; |
|
|
| |
|
| if (checkperm) { |
if (checkperm) { |
| struct stat sb; |
struct stat sb; |
| |
|
| if (fstat(fileno(f), &sb) == -1) |
if (fstat(fileno(f), &sb) == -1) { |
| fatal("fstat %s: %s", filename, strerror(errno)); |
fatal("fstat %s: %s", filename, strerror(errno)); |
| |
fclose(f); |
| |
return (0); |
| |
} |
| if (((sb.st_uid != 0 && sb.st_uid != getuid()) || |
if (((sb.st_uid != 0 && sb.st_uid != getuid()) || |
| (sb.st_mode & 022) != 0)) |
(sb.st_mode & 022) != 0)) { |
| fatal("Bad owner or permissions on %s", filename); |
fatal("Bad owner or permissions on %s", filename); |
| |
return 0; |
| |
} |
| } |
} |
| |
|
| debug("Reading configuration data %.200s", filename); |
debug("Reading configuration data %.200s", filename); |
|
|
| options->verify_host_key_dns = -1; |
options->verify_host_key_dns = -1; |
| options->server_alive_interval = -1; |
options->server_alive_interval = -1; |
| options->server_alive_count_max = -1; |
options->server_alive_count_max = -1; |
| options->num_send_env = 0; |
|
| options->control_path = NULL; |
|
| options->control_master = -1; |
|
| options->hash_known_hosts = -1; |
|
| } |
} |
| |
|
| /* |
/* |
|
|
| options->server_alive_interval = 0; |
options->server_alive_interval = 0; |
| if (options->server_alive_count_max == -1) |
if (options->server_alive_count_max == -1) |
| options->server_alive_count_max = 3; |
options->server_alive_count_max = 3; |
| if (options->control_master == -1) |
|
| options->control_master = 0; |
|
| if (options->hash_known_hosts == -1) |
|
| options->hash_known_hosts = 0; |
|
| /* options->proxy_command should not be set by default */ |
/* options->proxy_command should not be set by default */ |
| /* options->user will be set in the main program if appropriate */ |
/* options->user will be set in the main program if appropriate */ |
| /* options->hostname will be set in the main program if appropriate */ |
/* options->hostname will be set in the main program if appropriate */ |
| /* options->host_key_alias should not be set by default */ |
/* options->host_key_alias should not be set by default */ |
| /* options->preferred_authentications will be set in ssh */ |
/* options->preferred_authentications will be set in ssh */ |
| } |
|
| |
|
| /* |
|
| * parse_forward |
|
| * parses a string containing a port forwarding specification of the form: |
|
| * [listenhost:]listenport:connecthost:connectport |
|
| * returns number of arguments parsed or zero on error |
|
| */ |
|
| int |
|
| parse_forward(Forward *fwd, const char *fwdspec) |
|
| { |
|
| int i; |
|
| char *p, *cp, *fwdarg[4]; |
|
| |
|
| memset(fwd, '\0', sizeof(*fwd)); |
|
| |
|
| cp = p = xstrdup(fwdspec); |
|
| |
|
| /* skip leading spaces */ |
|
| while (*cp && isspace(*cp)) |
|
| cp++; |
|
| |
|
| for (i = 0; i < 4; ++i) |
|
| if ((fwdarg[i] = hpdelim(&cp)) == NULL) |
|
| break; |
|
| |
|
| /* Check for trailing garbage in 4-arg case*/ |
|
| if (cp != NULL) |
|
| i = 0; /* failure */ |
|
| |
|
| switch (i) { |
|
| case 3: |
|
| fwd->listen_host = NULL; |
|
| fwd->listen_port = a2port(fwdarg[0]); |
|
| fwd->connect_host = xstrdup(cleanhostname(fwdarg[1])); |
|
| fwd->connect_port = a2port(fwdarg[2]); |
|
| break; |
|
| |
|
| case 4: |
|
| fwd->listen_host = xstrdup(cleanhostname(fwdarg[0])); |
|
| fwd->listen_port = a2port(fwdarg[1]); |
|
| fwd->connect_host = xstrdup(cleanhostname(fwdarg[2])); |
|
| fwd->connect_port = a2port(fwdarg[3]); |
|
| break; |
|
| default: |
|
| i = 0; /* failure */ |
|
| } |
|
| |
|
| xfree(p); |
|
| |
|
| if (fwd->listen_port == 0 && fwd->connect_port == 0) |
|
| goto fail_free; |
|
| |
|
| if (fwd->connect_host != NULL && |
|
| strlen(fwd->connect_host) >= NI_MAXHOST) |
|
| goto fail_free; |
|
| |
|
| return (i); |
|
| |
|
| fail_free: |
|
| if (fwd->connect_host != NULL) |
|
| xfree(fwd->connect_host); |
|
| if (fwd->listen_host != NULL) |
|
| xfree(fwd->listen_host); |
|
| return (0); |
|
| } |
} |
![[BACK]](/icons/back.gif){kind=icon}
Return to readconf.c CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / src / usr.bin / ssh