version 1.143.2.1, 2006/02/03 03:01:56 |
version 1.143.2.2, 2006/10/06 03:19:33 |
|
|
|
/* $OpenBSD$ */ |
/* |
/* |
* Author: Tatu Ylonen <ylo@cs.hut.fi> |
* Author: Tatu Ylonen <ylo@cs.hut.fi> |
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
|
|
* called by a name other than "ssh" or "Secure Shell". |
* called by a name other than "ssh" or "Secure Shell". |
*/ |
*/ |
|
|
#include "includes.h" |
#include <sys/types.h> |
RCSID("$OpenBSD$"); |
#include <sys/stat.h> |
|
#include <sys/socket.h> |
|
|
#include "ssh.h" |
#include <netinet/in.h> |
|
|
|
#include <ctype.h> |
|
#include <errno.h> |
|
#include <netdb.h> |
|
#include <signal.h> |
|
#include <stdio.h> |
|
#include <string.h> |
|
#include <unistd.h> |
|
|
#include "xmalloc.h" |
#include "xmalloc.h" |
|
#include "ssh.h" |
#include "compat.h" |
#include "compat.h" |
#include "cipher.h" |
#include "cipher.h" |
#include "pathnames.h" |
#include "pathnames.h" |
#include "log.h" |
#include "log.h" |
|
#include "key.h" |
#include "readconf.h" |
#include "readconf.h" |
#include "match.h" |
#include "match.h" |
#include "misc.h" |
#include "misc.h" |
|
#include "buffer.h" |
#include "kex.h" |
#include "kex.h" |
#include "mac.h" |
#include "mac.h" |
|
|
|
|
typedef enum { |
typedef enum { |
oBadOption, |
oBadOption, |
oForwardAgent, oForwardX11, oForwardX11Trusted, oGatewayPorts, |
oForwardAgent, oForwardX11, oForwardX11Trusted, oGatewayPorts, |
|
oExitOnForwardFailure, |
oPasswordAuthentication, oRSAAuthentication, |
oPasswordAuthentication, oRSAAuthentication, |
oChallengeResponseAuthentication, oXAuthLocation, |
oChallengeResponseAuthentication, oXAuthLocation, |
oIdentityFile, oHostName, oPort, oCipher, oRemoteForward, oLocalForward, |
oIdentityFile, oHostName, oPort, oCipher, oRemoteForward, oLocalForward, |
|
|
{ "forwardagent", oForwardAgent }, |
{ "forwardagent", oForwardAgent }, |
{ "forwardx11", oForwardX11 }, |
{ "forwardx11", oForwardX11 }, |
{ "forwardx11trusted", oForwardX11Trusted }, |
{ "forwardx11trusted", oForwardX11Trusted }, |
|
{ "exitonforwardfailure", oExitOnForwardFailure }, |
{ "xauthlocation", oXAuthLocation }, |
{ "xauthlocation", oXAuthLocation }, |
{ "gatewayports", oGatewayPorts }, |
{ "gatewayports", oGatewayPorts }, |
{ "useprivilegedport", oUsePrivilegedPort }, |
{ "useprivilegedport", oUsePrivilegedPort }, |
|
|
int *activep) |
int *activep) |
{ |
{ |
char *s, **charptr, *endofnumber, *keyword, *arg, *arg2, fwdarg[256]; |
char *s, **charptr, *endofnumber, *keyword, *arg, *arg2, fwdarg[256]; |
int opcode, *intptr, value, value2; |
int opcode, *intptr, value, value2, scale; |
|
long long orig, val64; |
size_t len; |
size_t len; |
Forward fwd; |
Forward fwd; |
|
|
|
|
|
|
s = line; |
s = line; |
/* Get the keyword. (Each line is supposed to begin with a keyword). */ |
/* Get the keyword. (Each line is supposed to begin with a keyword). */ |
keyword = strdelim(&s); |
if ((keyword = strdelim(&s)) == NULL) |
|
return 0; |
/* Ignore leading whitespace. */ |
/* Ignore leading whitespace. */ |
if (*keyword == '\0') |
if (*keyword == '\0') |
keyword = strdelim(&s); |
keyword = strdelim(&s); |
|
|
intptr = &options->gateway_ports; |
intptr = &options->gateway_ports; |
goto parse_flag; |
goto parse_flag; |
|
|
|
case oExitOnForwardFailure: |
|
intptr = &options->exit_on_forward_failure; |
|
goto parse_flag; |
|
|
case oUsePrivilegedPort: |
case oUsePrivilegedPort: |
intptr = &options->use_privileged_port; |
intptr = &options->use_privileged_port; |
goto parse_flag; |
goto parse_flag; |
|
|
fatal("%.200s line %d: Missing argument.", filename, linenum); |
fatal("%.200s line %d: Missing argument.", filename, linenum); |
if (arg[0] < '0' || arg[0] > '9') |
if (arg[0] < '0' || arg[0] > '9') |
fatal("%.200s line %d: Bad number.", filename, linenum); |
fatal("%.200s line %d: Bad number.", filename, linenum); |
value = strtol(arg, &endofnumber, 10); |
orig = val64 = strtoll(arg, &endofnumber, 10); |
if (arg == endofnumber) |
if (arg == endofnumber) |
fatal("%.200s line %d: Bad number.", filename, linenum); |
fatal("%.200s line %d: Bad number.", filename, linenum); |
switch (toupper(*endofnumber)) { |
switch (toupper(*endofnumber)) { |
|
case '\0': |
|
scale = 1; |
|
break; |
case 'K': |
case 'K': |
value *= 1<<10; |
scale = 1<<10; |
break; |
break; |
case 'M': |
case 'M': |
value *= 1<<20; |
scale = 1<<20; |
break; |
break; |
case 'G': |
case 'G': |
value *= 1<<30; |
scale = 1<<30; |
break; |
break; |
|
default: |
|
fatal("%.200s line %d: Invalid RekeyLimit suffix", |
|
filename, linenum); |
} |
} |
|
val64 *= scale; |
|
/* detect integer wrap and too-large limits */ |
|
if ((val64 / scale) != orig || val64 > INT_MAX) |
|
fatal("%.200s line %d: RekeyLimit too large", |
|
filename, linenum); |
|
if (val64 < 16) |
|
fatal("%.200s line %d: RekeyLimit too small", |
|
filename, linenum); |
if (*activep && *intptr == -1) |
if (*activep && *intptr == -1) |
*intptr = value; |
*intptr = (int)val64; |
break; |
break; |
|
|
case oIdentityFile: |
case oIdentityFile: |
|
|
options->forward_agent = -1; |
options->forward_agent = -1; |
options->forward_x11 = -1; |
options->forward_x11 = -1; |
options->forward_x11_trusted = -1; |
options->forward_x11_trusted = -1; |
|
options->exit_on_forward_failure = -1; |
options->xauth_location = NULL; |
options->xauth_location = NULL; |
options->gateway_ports = -1; |
options->gateway_ports = -1; |
options->use_privileged_port = -1; |
options->use_privileged_port = -1; |
|
|
options->forward_x11 = 0; |
options->forward_x11 = 0; |
if (options->forward_x11_trusted == -1) |
if (options->forward_x11_trusted == -1) |
options->forward_x11_trusted = 0; |
options->forward_x11_trusted = 0; |
|
if (options->exit_on_forward_failure == -1) |
|
options->exit_on_forward_failure = 0; |
if (options->xauth_location == NULL) |
if (options->xauth_location == NULL) |
options->xauth_location = _PATH_XAUTH; |
options->xauth_location = _PATH_XAUTH; |
if (options->gateway_ports == -1) |
if (options->gateway_ports == -1) |