| version 1.143, 2005/07/30 02:03:47 |
version 1.143.2.2, 2006/10/06 03:19:33 |
|
|
| |
/* $OpenBSD$ */ |
| /* |
/* |
| * Author: Tatu Ylonen <ylo@cs.hut.fi> |
* Author: Tatu Ylonen <ylo@cs.hut.fi> |
| * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
|
|
| * called by a name other than "ssh" or "Secure Shell". |
* called by a name other than "ssh" or "Secure Shell". |
| */ |
*/ |
| |
|
| #include "includes.h" |
#include <sys/types.h> |
| RCSID("$OpenBSD$"); |
#include <sys/stat.h> |
| |
#include <sys/socket.h> |
| |
|
| #include "ssh.h" |
#include <netinet/in.h> |
| |
|
| |
#include <ctype.h> |
| |
#include <errno.h> |
| |
#include <netdb.h> |
| |
#include <signal.h> |
| |
#include <stdio.h> |
| |
#include <string.h> |
| |
#include <unistd.h> |
| |
|
| #include "xmalloc.h" |
#include "xmalloc.h" |
| |
#include "ssh.h" |
| #include "compat.h" |
#include "compat.h" |
| #include "cipher.h" |
#include "cipher.h" |
| #include "pathnames.h" |
#include "pathnames.h" |
| #include "log.h" |
#include "log.h" |
| |
#include "key.h" |
| #include "readconf.h" |
#include "readconf.h" |
| #include "match.h" |
#include "match.h" |
| #include "misc.h" |
#include "misc.h" |
| |
#include "buffer.h" |
| #include "kex.h" |
#include "kex.h" |
| #include "mac.h" |
#include "mac.h" |
| |
|
|
|
| Cipher none |
Cipher none |
| PasswordAuthentication no |
PasswordAuthentication no |
| |
|
| |
Host vpn.fake.com |
| |
Tunnel yes |
| |
TunnelDevice 3 |
| |
|
| # Defaults for various options |
# Defaults for various options |
| Host * |
Host * |
| ForwardAgent no |
ForwardAgent no |
|
|
| typedef enum { |
typedef enum { |
| oBadOption, |
oBadOption, |
| oForwardAgent, oForwardX11, oForwardX11Trusted, oGatewayPorts, |
oForwardAgent, oForwardX11, oForwardX11Trusted, oGatewayPorts, |
| |
oExitOnForwardFailure, |
| oPasswordAuthentication, oRSAAuthentication, |
oPasswordAuthentication, oRSAAuthentication, |
| oChallengeResponseAuthentication, oXAuthLocation, |
oChallengeResponseAuthentication, oXAuthLocation, |
| oIdentityFile, oHostName, oPort, oCipher, oRemoteForward, oLocalForward, |
oIdentityFile, oHostName, oPort, oCipher, oRemoteForward, oLocalForward, |
|
|
| oAddressFamily, oGssAuthentication, oGssDelegateCreds, |
oAddressFamily, oGssAuthentication, oGssDelegateCreds, |
| oServerAliveInterval, oServerAliveCountMax, oIdentitiesOnly, |
oServerAliveInterval, oServerAliveCountMax, oIdentitiesOnly, |
| oSendEnv, oControlPath, oControlMaster, oHashKnownHosts, |
oSendEnv, oControlPath, oControlMaster, oHashKnownHosts, |
| |
oTunnel, oTunnelDevice, oLocalCommand, oPermitLocalCommand, |
| oDeprecated, oUnsupported |
oDeprecated, oUnsupported |
| } OpCodes; |
} OpCodes; |
| |
|
|
|
| { "forwardagent", oForwardAgent }, |
{ "forwardagent", oForwardAgent }, |
| { "forwardx11", oForwardX11 }, |
{ "forwardx11", oForwardX11 }, |
| { "forwardx11trusted", oForwardX11Trusted }, |
{ "forwardx11trusted", oForwardX11Trusted }, |
| |
{ "exitonforwardfailure", oExitOnForwardFailure }, |
| { "xauthlocation", oXAuthLocation }, |
{ "xauthlocation", oXAuthLocation }, |
| { "gatewayports", oGatewayPorts }, |
{ "gatewayports", oGatewayPorts }, |
| { "useprivilegedport", oUsePrivilegedPort }, |
{ "useprivilegedport", oUsePrivilegedPort }, |
|
|
| { "controlpath", oControlPath }, |
{ "controlpath", oControlPath }, |
| { "controlmaster", oControlMaster }, |
{ "controlmaster", oControlMaster }, |
| { "hashknownhosts", oHashKnownHosts }, |
{ "hashknownhosts", oHashKnownHosts }, |
| |
{ "tunnel", oTunnel }, |
| |
{ "tunneldevice", oTunnelDevice }, |
| |
{ "localcommand", oLocalCommand }, |
| |
{ "permitlocalcommand", oPermitLocalCommand }, |
| { NULL, oBadOption } |
{ NULL, oBadOption } |
| }; |
}; |
| |
|
|
|
| xfree(options->remote_forwards[i].connect_host); |
xfree(options->remote_forwards[i].connect_host); |
| } |
} |
| options->num_remote_forwards = 0; |
options->num_remote_forwards = 0; |
| |
options->tun_open = SSH_TUNMODE_NO; |
| } |
} |
| |
|
| /* |
/* |
|
|
| int *activep) |
int *activep) |
| { |
{ |
| char *s, **charptr, *endofnumber, *keyword, *arg, *arg2, fwdarg[256]; |
char *s, **charptr, *endofnumber, *keyword, *arg, *arg2, fwdarg[256]; |
| int opcode, *intptr, value; |
int opcode, *intptr, value, value2, scale; |
| |
long long orig, val64; |
| size_t len; |
size_t len; |
| Forward fwd; |
Forward fwd; |
| |
|
|
|
| |
|
| s = line; |
s = line; |
| /* Get the keyword. (Each line is supposed to begin with a keyword). */ |
/* Get the keyword. (Each line is supposed to begin with a keyword). */ |
| keyword = strdelim(&s); |
if ((keyword = strdelim(&s)) == NULL) |
| |
return 0; |
| /* Ignore leading whitespace. */ |
/* Ignore leading whitespace. */ |
| if (*keyword == '\0') |
if (*keyword == '\0') |
| keyword = strdelim(&s); |
keyword = strdelim(&s); |
|
|
| intptr = &options->gateway_ports; |
intptr = &options->gateway_ports; |
| goto parse_flag; |
goto parse_flag; |
| |
|
| |
case oExitOnForwardFailure: |
| |
intptr = &options->exit_on_forward_failure; |
| |
goto parse_flag; |
| |
|
| case oUsePrivilegedPort: |
case oUsePrivilegedPort: |
| intptr = &options->use_privileged_port; |
intptr = &options->use_privileged_port; |
| goto parse_flag; |
goto parse_flag; |
|
|
| fatal("%.200s line %d: Missing argument.", filename, linenum); |
fatal("%.200s line %d: Missing argument.", filename, linenum); |
| if (arg[0] < '0' || arg[0] > '9') |
if (arg[0] < '0' || arg[0] > '9') |
| fatal("%.200s line %d: Bad number.", filename, linenum); |
fatal("%.200s line %d: Bad number.", filename, linenum); |
| value = strtol(arg, &endofnumber, 10); |
orig = val64 = strtoll(arg, &endofnumber, 10); |
| if (arg == endofnumber) |
if (arg == endofnumber) |
| fatal("%.200s line %d: Bad number.", filename, linenum); |
fatal("%.200s line %d: Bad number.", filename, linenum); |
| switch (toupper(*endofnumber)) { |
switch (toupper(*endofnumber)) { |
| |
case '\0': |
| |
scale = 1; |
| |
break; |
| case 'K': |
case 'K': |
| value *= 1<<10; |
scale = 1<<10; |
| break; |
break; |
| case 'M': |
case 'M': |
| value *= 1<<20; |
scale = 1<<20; |
| break; |
break; |
| case 'G': |
case 'G': |
| value *= 1<<30; |
scale = 1<<30; |
| break; |
break; |
| |
default: |
| |
fatal("%.200s line %d: Invalid RekeyLimit suffix", |
| |
filename, linenum); |
| } |
} |
| |
val64 *= scale; |
| |
/* detect integer wrap and too-large limits */ |
| |
if ((val64 / scale) != orig || val64 > INT_MAX) |
| |
fatal("%.200s line %d: RekeyLimit too large", |
| |
filename, linenum); |
| |
if (val64 < 16) |
| |
fatal("%.200s line %d: RekeyLimit too small", |
| |
filename, linenum); |
| if (*activep && *intptr == -1) |
if (*activep && *intptr == -1) |
| *intptr = value; |
*intptr = (int)val64; |
| break; |
break; |
| |
|
| case oIdentityFile: |
case oIdentityFile: |
|
|
| goto parse_string; |
goto parse_string; |
| |
|
| case oProxyCommand: |
case oProxyCommand: |
| |
charptr = &options->proxy_command; |
| |
parse_command: |
| if (s == NULL) |
if (s == NULL) |
| fatal("%.200s line %d: Missing argument.", filename, linenum); |
fatal("%.200s line %d: Missing argument.", filename, linenum); |
| charptr = &options->proxy_command; |
|
| len = strspn(s, WHITESPACE "="); |
len = strspn(s, WHITESPACE "="); |
| if (*activep && *charptr == NULL) |
if (*activep && *charptr == NULL) |
| *charptr = xstrdup(s + len); |
*charptr = xstrdup(s + len); |
|
|
| intptr = &options->hash_known_hosts; |
intptr = &options->hash_known_hosts; |
| goto parse_flag; |
goto parse_flag; |
| |
|
| |
case oTunnel: |
| |
intptr = &options->tun_open; |
| |
arg = strdelim(&s); |
| |
if (!arg || *arg == '\0') |
| |
fatal("%s line %d: Missing yes/point-to-point/" |
| |
"ethernet/no argument.", filename, linenum); |
| |
value = 0; /* silence compiler */ |
| |
if (strcasecmp(arg, "ethernet") == 0) |
| |
value = SSH_TUNMODE_ETHERNET; |
| |
else if (strcasecmp(arg, "point-to-point") == 0) |
| |
value = SSH_TUNMODE_POINTOPOINT; |
| |
else if (strcasecmp(arg, "yes") == 0) |
| |
value = SSH_TUNMODE_DEFAULT; |
| |
else if (strcasecmp(arg, "no") == 0) |
| |
value = SSH_TUNMODE_NO; |
| |
else |
| |
fatal("%s line %d: Bad yes/point-to-point/ethernet/" |
| |
"no argument: %s", filename, linenum, arg); |
| |
if (*activep) |
| |
*intptr = value; |
| |
break; |
| |
|
| |
case oTunnelDevice: |
| |
arg = strdelim(&s); |
| |
if (!arg || *arg == '\0') |
| |
fatal("%.200s line %d: Missing argument.", filename, linenum); |
| |
value = a2tun(arg, &value2); |
| |
if (value == SSH_TUNID_ERR) |
| |
fatal("%.200s line %d: Bad tun device.", filename, linenum); |
| |
if (*activep) { |
| |
options->tun_local = value; |
| |
options->tun_remote = value2; |
| |
} |
| |
break; |
| |
|
| |
case oLocalCommand: |
| |
charptr = &options->local_command; |
| |
goto parse_command; |
| |
|
| |
case oPermitLocalCommand: |
| |
intptr = &options->permit_local_command; |
| |
goto parse_flag; |
| |
|
| case oDeprecated: |
case oDeprecated: |
| debug("%s line %d: Deprecated option \"%s\"", |
debug("%s line %d: Deprecated option \"%s\"", |
| filename, linenum, keyword); |
filename, linenum, keyword); |
|
|
| options->forward_agent = -1; |
options->forward_agent = -1; |
| options->forward_x11 = -1; |
options->forward_x11 = -1; |
| options->forward_x11_trusted = -1; |
options->forward_x11_trusted = -1; |
| |
options->exit_on_forward_failure = -1; |
| options->xauth_location = NULL; |
options->xauth_location = NULL; |
| options->gateway_ports = -1; |
options->gateway_ports = -1; |
| options->use_privileged_port = -1; |
options->use_privileged_port = -1; |
|
|
| options->control_path = NULL; |
options->control_path = NULL; |
| options->control_master = -1; |
options->control_master = -1; |
| options->hash_known_hosts = -1; |
options->hash_known_hosts = -1; |
| |
options->tun_open = -1; |
| |
options->tun_local = -1; |
| |
options->tun_remote = -1; |
| |
options->local_command = NULL; |
| |
options->permit_local_command = -1; |
| } |
} |
| |
|
| /* |
/* |
|
|
| options->forward_x11 = 0; |
options->forward_x11 = 0; |
| if (options->forward_x11_trusted == -1) |
if (options->forward_x11_trusted == -1) |
| options->forward_x11_trusted = 0; |
options->forward_x11_trusted = 0; |
| |
if (options->exit_on_forward_failure == -1) |
| |
options->exit_on_forward_failure = 0; |
| if (options->xauth_location == NULL) |
if (options->xauth_location == NULL) |
| options->xauth_location = _PATH_XAUTH; |
options->xauth_location = _PATH_XAUTH; |
| if (options->gateway_ports == -1) |
if (options->gateway_ports == -1) |
|
|
| options->control_master = 0; |
options->control_master = 0; |
| if (options->hash_known_hosts == -1) |
if (options->hash_known_hosts == -1) |
| options->hash_known_hosts = 0; |
options->hash_known_hosts = 0; |
| |
if (options->tun_open == -1) |
| |
options->tun_open = SSH_TUNMODE_NO; |
| |
if (options->tun_local == -1) |
| |
options->tun_local = SSH_TUNID_ANY; |
| |
if (options->tun_remote == -1) |
| |
options->tun_remote = SSH_TUNID_ANY; |
| |
if (options->permit_local_command == -1) |
| |
options->permit_local_command = 0; |
| |
/* options->local_command should not be set by default */ |
| /* options->proxy_command should not be set by default */ |
/* options->proxy_command should not be set by default */ |
| /* options->user will be set in the main program if appropriate */ |
/* options->user will be set in the main program if appropriate */ |
| /* options->hostname will be set in the main program if appropriate */ |
/* options->hostname will be set in the main program if appropriate */ |
![[BACK]](/icons/back.gif){kind=icon}
Return to readconf.c CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / src / usr.bin / ssh