=================================================================== RCS file: /cvsrepo/anoncvs/cvs/src/usr.bin/ssh/readconf.c,v retrieving revision 1.128.2.2 retrieving revision 1.129 diff -u -r1.128.2.2 -r1.129 --- src/usr.bin/ssh/readconf.c 2005/03/10 17:15:04 1.128.2.2 +++ src/usr.bin/ssh/readconf.c 2004/04/18 23:10:26 1.129 @@ -12,7 +12,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: readconf.c,v 1.128.2.2 2005/03/10 17:15:04 brad Exp $"); +RCSID("$OpenBSD: readconf.c,v 1.129 2004/04/18 23:10:26 djm Exp $"); #include "ssh.h" #include "xmalloc.h" @@ -106,7 +106,6 @@ oEnableSSHKeysign, oRekeyLimit, oVerifyHostKeyDNS, oConnectTimeout, oAddressFamily, oGssAuthentication, oGssDelegateCreds, oServerAliveInterval, oServerAliveCountMax, oIdentitiesOnly, - oSendEnv, oControlPath, oControlMaster, oHashKnownHosts, oDeprecated, oUnsupported } OpCodes; @@ -194,10 +193,6 @@ { "addressfamily", oAddressFamily }, { "serveraliveinterval", oServerAliveInterval }, { "serveralivecountmax", oServerAliveCountMax }, - { "sendenv", oSendEnv }, - { "controlpath", oControlPath }, - { "controlmaster", oControlMaster }, - { "hashknownhosts", oHashKnownHosts }, { NULL, oBadOption } }; @@ -207,21 +202,19 @@ */ void -add_local_forward(Options *options, const Forward *newfwd) +add_local_forward(Options *options, u_short port, const char *host, + u_short host_port) { Forward *fwd; extern uid_t original_real_uid; - if (newfwd->listen_port < IPPORT_RESERVED && original_real_uid != 0) + if (port < IPPORT_RESERVED && original_real_uid != 0) fatal("Privileged ports can only be forwarded by root."); if (options->num_local_forwards >= SSH_MAX_FORWARDS_PER_DIRECTION) fatal("Too many local forwards (max %d).", SSH_MAX_FORWARDS_PER_DIRECTION); fwd = &options->local_forwards[options->num_local_forwards++]; - - fwd->listen_host = (newfwd->listen_host == NULL) ? - NULL : xstrdup(newfwd->listen_host); - fwd->listen_port = newfwd->listen_port; - fwd->connect_host = xstrdup(newfwd->connect_host); - fwd->connect_port = newfwd->connect_port; + fwd->port = port; + fwd->host = xstrdup(host); + fwd->host_port = host_port; } /* @@ -230,19 +223,17 @@ */ void -add_remote_forward(Options *options, const Forward *newfwd) +add_remote_forward(Options *options, u_short port, const char *host, + u_short host_port) { Forward *fwd; if (options->num_remote_forwards >= SSH_MAX_FORWARDS_PER_DIRECTION) fatal("Too many remote forwards (max %d).", SSH_MAX_FORWARDS_PER_DIRECTION); fwd = &options->remote_forwards[options->num_remote_forwards++]; - - fwd->listen_host = (newfwd->listen_host == NULL) ? - NULL : xstrdup(newfwd->listen_host); - fwd->listen_port = newfwd->listen_port; - fwd->connect_host = xstrdup(newfwd->connect_host); - fwd->connect_port = newfwd->connect_port; + fwd->port = port; + fwd->host = xstrdup(host); + fwd->host_port = host_port; } static void @@ -250,17 +241,11 @@ { int i; - for (i = 0; i < options->num_local_forwards; i++) { - if (options->local_forwards[i].listen_host != NULL) - xfree(options->local_forwards[i].listen_host); - xfree(options->local_forwards[i].connect_host); - } + for (i = 0; i < options->num_local_forwards; i++) + xfree(options->local_forwards[i].host); options->num_local_forwards = 0; - for (i = 0; i < options->num_remote_forwards; i++) { - if (options->remote_forwards[i].listen_host != NULL) - xfree(options->remote_forwards[i].listen_host); - xfree(options->remote_forwards[i].connect_host); - } + for (i = 0; i < options->num_remote_forwards; i++) + xfree(options->remote_forwards[i].host); options->num_remote_forwards = 0; } @@ -293,10 +278,11 @@ char *line, const char *filename, int linenum, int *activep) { - char *s, **charptr, *endofnumber, *keyword, *arg, *arg2, fwdarg[256]; + char buf[256], *s, **charptr, *endofnumber, *keyword, *arg; int opcode, *intptr, value; size_t len; - Forward fwd; + u_short fwd_port, fwd_host_port; + char sfwd_host_port[6]; /* Strip trailing whitespace */ for(len = strlen(line) - 1; len > 0; len--) { @@ -653,26 +639,30 @@ case oLocalForward: case oRemoteForward: arg = strdelim(&s); - if (arg == NULL || *arg == '\0') + if (!arg || *arg == '\0') fatal("%.200s line %d: Missing port argument.", filename, linenum); - arg2 = strdelim(&s); - if (arg2 == NULL || *arg2 == '\0') - fatal("%.200s line %d: Missing target argument.", + if ((fwd_port = a2port(arg)) == 0) + fatal("%.200s line %d: Bad listen port.", filename, linenum); - - /* construct a string for parse_forward */ - snprintf(fwdarg, sizeof(fwdarg), "%s:%s", arg, arg2); - - if (parse_forward(&fwd, fwdarg) == 0) + arg = strdelim(&s); + if (!arg || *arg == '\0') + fatal("%.200s line %d: Missing second argument.", + filename, linenum); + if (sscanf(arg, "%255[^:]:%5[0-9]", buf, sfwd_host_port) != 2 && + sscanf(arg, "%255[^/]/%5[0-9]", buf, sfwd_host_port) != 2) fatal("%.200s line %d: Bad forwarding specification.", filename, linenum); - + if ((fwd_host_port = a2port(sfwd_host_port)) == 0) + fatal("%.200s line %d: Bad forwarding port.", + filename, linenum); if (*activep) { if (opcode == oLocalForward) - add_local_forward(options, &fwd); + add_local_forward(options, fwd_port, buf, + fwd_host_port); else if (opcode == oRemoteForward) - add_remote_forward(options, &fwd); + add_remote_forward(options, fwd_port, buf, + fwd_host_port); } break; @@ -681,25 +671,12 @@ if (!arg || *arg == '\0') fatal("%.200s line %d: Missing port argument.", filename, linenum); - memset(&fwd, '\0', sizeof(fwd)); - fwd.connect_host = "socks"; - fwd.listen_host = hpdelim(&arg); - if (fwd.listen_host == NULL || - strlen(fwd.listen_host) >= NI_MAXHOST) - fatal("%.200s line %d: Bad forwarding specification.", - filename, linenum); - if (arg) { - fwd.listen_port = a2port(arg); - fwd.listen_host = cleanhostname(fwd.listen_host); - } else { - fwd.listen_port = a2port(fwd.listen_host); - fwd.listen_host = ""; - } - if (fwd.listen_port == 0) + fwd_port = a2port(arg); + if (fwd_port == 0) fatal("%.200s line %d: Badly formatted port number.", filename, linenum); if (*activep) - add_local_forward(options, &fwd); + add_local_forward(options, fwd_port, "socks", 0); break; case oClearAllForwardings: @@ -770,33 +747,6 @@ intptr = &options->server_alive_count_max; goto parse_int; - case oSendEnv: - while ((arg = strdelim(&s)) != NULL && *arg != '\0') { - if (strchr(arg, '=') != NULL) - fatal("%s line %d: Invalid environment name.", - filename, linenum); - if (!*activep) - continue; - if (options->num_send_env >= MAX_SEND_ENV) - fatal("%s line %d: too many send env.", - filename, linenum); - options->send_env[options->num_send_env++] = - xstrdup(arg); - } - break; - - case oControlPath: - charptr = &options->control_path; - goto parse_string; - - case oControlMaster: - intptr = &options->control_master; - goto parse_yesnoask; - - case oHashKnownHosts: - intptr = &options->hash_known_hosts; - goto parse_flag; - case oDeprecated: debug("%s line %d: Deprecated option \"%s\"", filename, linenum, keyword); @@ -827,7 +777,7 @@ */ int -read_config_file(const char *filename, const char *host, Options *options, +read_config_file(const char *filename, const char *host, Options *options, int checkperm) { FILE *f; @@ -841,12 +791,17 @@ if (checkperm) { struct stat sb; - - if (fstat(fileno(f), &sb) == -1) + + if (fstat(fileno(f), &sb) == -1) { fatal("fstat %s: %s", filename, strerror(errno)); + fclose(f); + return (0); + } if (((sb.st_uid != 0 && sb.st_uid != getuid()) || - (sb.st_mode & 022) != 0)) + (sb.st_mode & 022) != 0)) { fatal("Bad owner or permissions on %s", filename); + return 0; + } } debug("Reading configuration data %.200s", filename); @@ -937,10 +892,6 @@ options->verify_host_key_dns = -1; options->server_alive_interval = -1; options->server_alive_count_max = -1; - options->num_send_env = 0; - options->control_path = NULL; - options->control_master = -1; - options->hash_known_hosts = -1; } /* @@ -1061,78 +1012,9 @@ options->server_alive_interval = 0; if (options->server_alive_count_max == -1) options->server_alive_count_max = 3; - if (options->control_master == -1) - options->control_master = 0; - if (options->hash_known_hosts == -1) - options->hash_known_hosts = 0; /* options->proxy_command should not be set by default */ /* options->user will be set in the main program if appropriate */ /* options->hostname will be set in the main program if appropriate */ /* options->host_key_alias should not be set by default */ /* options->preferred_authentications will be set in ssh */ -} - -/* - * parse_forward - * parses a string containing a port forwarding specification of the form: - * [listenhost:]listenport:connecthost:connectport - * returns number of arguments parsed or zero on error - */ -int -parse_forward(Forward *fwd, const char *fwdspec) -{ - int i; - char *p, *cp, *fwdarg[4]; - - memset(fwd, '\0', sizeof(*fwd)); - - cp = p = xstrdup(fwdspec); - - /* skip leading spaces */ - while (*cp && isspace(*cp)) - cp++; - - for (i = 0; i < 4; ++i) - if ((fwdarg[i] = hpdelim(&cp)) == NULL) - break; - - /* Check for trailing garbage in 4-arg case*/ - if (cp != NULL) - i = 0; /* failure */ - - switch (i) { - case 3: - fwd->listen_host = NULL; - fwd->listen_port = a2port(fwdarg[0]); - fwd->connect_host = xstrdup(cleanhostname(fwdarg[1])); - fwd->connect_port = a2port(fwdarg[2]); - break; - - case 4: - fwd->listen_host = xstrdup(cleanhostname(fwdarg[0])); - fwd->listen_port = a2port(fwdarg[1]); - fwd->connect_host = xstrdup(cleanhostname(fwdarg[2])); - fwd->connect_port = a2port(fwdarg[3]); - break; - default: - i = 0; /* failure */ - } - - xfree(p); - - if (fwd->listen_port == 0 && fwd->connect_port == 0) - goto fail_free; - - if (fwd->connect_host != NULL && - strlen(fwd->connect_host) >= NI_MAXHOST) - goto fail_free; - - return (i); - - fail_free: - if (fwd->connect_host != NULL) - xfree(fwd->connect_host); - if (fwd->listen_host != NULL) - xfree(fwd->listen_host); - return (0); }