=================================================================== RCS file: /cvsrepo/anoncvs/cvs/src/usr.bin/ssh/readconf.c,v retrieving revision 1.49.2.7 retrieving revision 1.50 diff -u -r1.49.2.7 -r1.50 --- src/usr.bin/ssh/readconf.c 2002/03/08 17:04:42 1.49.2.7 +++ src/usr.bin/ssh/readconf.c 2000/11/12 19:50:37 1.50 @@ -12,19 +12,13 @@ */ #include "includes.h" -RCSID("$OpenBSD: readconf.c,v 1.49.2.7 2002/03/08 17:04:42 brad Exp $"); +RCSID("$OpenBSD: readconf.c,v 1.50 2000/11/12 19:50:37 markus Exp $"); #include "ssh.h" -#include "xmalloc.h" -#include "compat.h" -#include "cipher.h" -#include "pathnames.h" -#include "log.h" #include "readconf.h" #include "match.h" -#include "misc.h" -#include "kex.h" -#include "mac.h" +#include "xmalloc.h" +#include "compat.h" /* Format of the configuration file: @@ -95,27 +89,21 @@ oBadOption, oForwardAgent, oForwardX11, oGatewayPorts, oRhostsAuthentication, oPasswordAuthentication, oRSAAuthentication, oFallBackToRsh, oUseRsh, - oChallengeResponseAuthentication, oXAuthLocation, -#if defined(KRB4) || defined(KRB5) + oSkeyAuthentication, oXAuthLocation, +#ifdef KRB4 oKerberosAuthentication, -#endif -#if defined(AFS) || defined(KRB5) - oKerberosTgtPassing, -#endif +#endif /* KRB4 */ #ifdef AFS - oAFSTokenPassing, + oKerberosTgtPassing, oAFSTokenPassing, #endif oIdentityFile, oHostName, oPort, oCipher, oRemoteForward, oLocalForward, oUser, oHost, oEscapeChar, oRhostsRSAAuthentication, oProxyCommand, oGlobalKnownHostsFile, oUserKnownHostsFile, oConnectionAttempts, oBatchMode, oCheckHostIP, oStrictHostKeyChecking, oCompression, - oCompressionLevel, oKeepAlives, oNumberOfPasswordPrompts, - oUsePrivilegedPort, oLogLevel, oCiphers, oProtocol, oMacs, + oCompressionLevel, oKeepAlives, oNumberOfPasswordPrompts, oTISAuthentication, + oUsePrivilegedPort, oLogLevel, oCiphers, oProtocol, oGlobalKnownHostsFile2, oUserKnownHostsFile2, oPubkeyAuthentication, - oKbdInteractiveAuthentication, oKbdInteractiveDevices, oHostKeyAlias, - oDynamicForward, oPreferredAuthentications, oHostbasedAuthentication, - oHostKeyAlgorithms, oBindAddress, oSmartcardDevice, - oClearAllForwardings, oNoHostAuthenticationForLocalhost + oKbdInteractiveAuthentication, oKbdInteractiveDevices } OpCodes; /* Textual representations of the tokens. */ @@ -135,19 +123,13 @@ { "kbdinteractivedevices", oKbdInteractiveDevices }, { "rsaauthentication", oRSAAuthentication }, { "pubkeyauthentication", oPubkeyAuthentication }, - { "dsaauthentication", oPubkeyAuthentication }, /* alias */ - { "rhostsrsaauthentication", oRhostsRSAAuthentication }, - { "hostbasedauthentication", oHostbasedAuthentication }, - { "challengeresponseauthentication", oChallengeResponseAuthentication }, - { "skeyauthentication", oChallengeResponseAuthentication }, /* alias */ - { "tisauthentication", oChallengeResponseAuthentication }, /* alias */ -#if defined(KRB4) || defined(KRB5) + { "dsaauthentication", oPubkeyAuthentication }, /* alias */ + { "skeyauthentication", oSkeyAuthentication }, +#ifdef KRB4 { "kerberosauthentication", oKerberosAuthentication }, -#endif -#if defined(AFS) || defined(KRB5) - { "kerberostgtpassing", oKerberosTgtPassing }, -#endif +#endif /* KRB4 */ #ifdef AFS + { "kerberostgtpassing", oKerberosTgtPassing }, { "afstokenpassing", oAFSTokenPassing }, #endif { "fallbacktorsh", oFallBackToRsh }, @@ -155,22 +137,21 @@ { "identityfile", oIdentityFile }, { "identityfile2", oIdentityFile }, /* alias */ { "hostname", oHostName }, - { "hostkeyalias", oHostKeyAlias }, { "proxycommand", oProxyCommand }, { "port", oPort }, { "cipher", oCipher }, { "ciphers", oCiphers }, - { "macs", oMacs }, { "protocol", oProtocol }, { "remoteforward", oRemoteForward }, { "localforward", oLocalForward }, { "user", oUser }, { "host", oHost }, { "escapechar", oEscapeChar }, + { "rhostsrsaauthentication", oRhostsRSAAuthentication }, { "globalknownhostsfile", oGlobalKnownHostsFile }, - { "userknownhostsfile", oUserKnownHostsFile }, /* obsolete */ + { "userknownhostsfile", oUserKnownHostsFile }, { "globalknownhostsfile2", oGlobalKnownHostsFile2 }, - { "userknownhostsfile2", oUserKnownHostsFile2 }, /* obsolete */ + { "userknownhostsfile2", oUserKnownHostsFile2 }, { "connectionattempts", oConnectionAttempts }, { "batchmode", oBatchMode }, { "checkhostip", oCheckHostIP }, @@ -179,15 +160,9 @@ { "compressionlevel", oCompressionLevel }, { "keepalive", oKeepAlives }, { "numberofpasswordprompts", oNumberOfPasswordPrompts }, + { "tisauthentication", oTISAuthentication }, { "loglevel", oLogLevel }, - { "dynamicforward", oDynamicForward }, - { "preferredauthentications", oPreferredAuthentications }, - { "hostkeyalgorithms", oHostKeyAlgorithms }, - { "bindaddress", oBindAddress }, - { "smartcarddevice", oSmartcardDevice }, - { "clearallforwardings", oClearAllForwardings }, - { "nohostauthenticationforlocalhost", oNoHostAuthenticationForLocalhost }, - { NULL, oBadOption } + { NULL, 0 } }; /* @@ -202,7 +177,7 @@ Forward *fwd; extern uid_t original_real_uid; if (port < IPPORT_RESERVED && original_real_uid != 0) - fatal("Privileged ports can only be forwarded by root."); + fatal("Privileged ports can only be forwarded by root.\n"); if (options->num_local_forwards >= SSH_MAX_FORWARDS_PER_DIRECTION) fatal("Too many local forwards (max %d).", SSH_MAX_FORWARDS_PER_DIRECTION); fwd = &options->local_forwards[options->num_local_forwards++]; @@ -223,41 +198,29 @@ Forward *fwd; if (options->num_remote_forwards >= SSH_MAX_FORWARDS_PER_DIRECTION) fatal("Too many remote forwards (max %d).", - SSH_MAX_FORWARDS_PER_DIRECTION); + SSH_MAX_FORWARDS_PER_DIRECTION); fwd = &options->remote_forwards[options->num_remote_forwards++]; fwd->port = port; fwd->host = xstrdup(host); fwd->host_port = host_port; } -static void -clear_forwardings(Options *options) -{ - int i; - - for (i = 0; i < options->num_local_forwards; i++) - xfree(options->local_forwards[i].host); - options->num_local_forwards = 0; - for (i = 0; i < options->num_remote_forwards; i++) - xfree(options->remote_forwards[i].host); - options->num_remote_forwards = 0; -} - /* - * Returns the number of the token pointed to by cp or oBadOption. + * Returns the number of the token pointed to by cp of length len. Never + * returns if the token is not known. */ static OpCodes parse_token(const char *cp, const char *filename, int linenum) { - u_int i; + unsigned int i; for (i = 0; keywords[i].name; i++) if (strcasecmp(cp, keywords[i].name) == 0) return keywords[i].opcode; - error("%s: line %d: Bad configuration option: %s", - filename, linenum, cp); + fprintf(stderr, "%s: line %d: Bad configuration option: %s\n", + filename, linenum, cp); return oBadOption; } @@ -274,7 +237,6 @@ char buf[256], *s, *string, **charptr, *endofnumber, *keyword, *arg; int opcode, *intptr, value; u_short fwd_port, fwd_host_port; - char sfwd_host_port[6]; s = line; /* Get the keyword. (Each line is supposed to begin with a keyword). */ @@ -282,7 +244,7 @@ /* Ignore leading whitespace. */ if (*keyword == '\0') keyword = strdelim(&s); - if (keyword == NULL || !*keyword || *keyword == '\n' || *keyword == '#') + if (!*keyword || *keyword == '\n' || *keyword == '#') return 0; opcode = parse_token(keyword, filename, linenum); @@ -349,28 +311,28 @@ intptr = &options->rhosts_rsa_authentication; goto parse_flag; - case oHostbasedAuthentication: - intptr = &options->hostbased_authentication; + case oTISAuthentication: + /* fallthrough, there is no difference on the client side */ + case oSkeyAuthentication: + intptr = &options->skey_authentication; goto parse_flag; - case oChallengeResponseAuthentication: - intptr = &options->challenge_response_authentication; - goto parse_flag; -#if defined(KRB4) || defined(KRB5) +#ifdef KRB4 case oKerberosAuthentication: intptr = &options->kerberos_authentication; goto parse_flag; -#endif -#if defined(AFS) || defined(KRB5) +#endif /* KRB4 */ + +#ifdef AFS case oKerberosTgtPassing: intptr = &options->kerberos_tgt_passing; goto parse_flag; -#endif -#ifdef AFS + case oAFSTokenPassing: intptr = &options->afs_token_passing; goto parse_flag; #endif + case oFallBackToRsh: intptr = &options->fallback_to_rsh; goto parse_flag; @@ -391,8 +353,8 @@ intptr = &options->strict_host_key_checking; arg = strdelim(&s); if (!arg || *arg == '\0') - fatal("%.200s line %d: Missing yes/no/ask argument.", - filename, linenum); + fatal("%.200s line %d: Missing yes/no argument.", + filename, linenum); value = 0; /* To avoid compiler warning... */ if (strcmp(arg, "yes") == 0 || strcmp(arg, "true") == 0) value = 1; @@ -414,10 +376,6 @@ intptr = &options->keepalives; goto parse_flag; - case oNoHostAuthenticationForLocalhost: - intptr = &options->no_host_authentication_for_localhost; - goto parse_flag; - case oNumberOfPasswordPrompts: intptr = &options->number_of_password_prompts; goto parse_int; @@ -434,7 +392,7 @@ intptr = &options->num_identity_files; if (*intptr >= SSH_MAX_IDENTITY_FILES) fatal("%.200s line %d: Too many identity files specified (max %d).", - filename, linenum, SSH_MAX_IDENTITY_FILES); + filename, linenum, SSH_MAX_IDENTITY_FILES); charptr = &options->identity_files[*intptr]; *charptr = xstrdup(arg); *intptr = *intptr + 1; @@ -475,22 +433,6 @@ charptr = &options->hostname; goto parse_string; - case oHostKeyAlias: - charptr = &options->host_key_alias; - goto parse_string; - - case oPreferredAuthentications: - charptr = &options->preferred_authentications; - goto parse_string; - - case oBindAddress: - charptr = &options->bind_address; - goto parse_string; - - case oSmartcardDevice: - charptr = &options->smartcard_device; - goto parse_string; - case oProxyCommand: charptr = &options->proxy_command; string = xstrdup(""); @@ -534,7 +476,7 @@ value = cipher_number(arg); if (value == -1) fatal("%.200s line %d: Bad cipher '%s'.", - filename, linenum, arg ? arg : ""); + filename, linenum, arg ? arg : ""); if (*activep && *intptr == -1) *intptr = value; break; @@ -545,33 +487,11 @@ fatal("%.200s line %d: Missing argument.", filename, linenum); if (!ciphers_valid(arg)) fatal("%.200s line %d: Bad SSH2 cipher spec '%s'.", - filename, linenum, arg ? arg : ""); + filename, linenum, arg ? arg : ""); if (*activep && options->ciphers == NULL) options->ciphers = xstrdup(arg); break; - case oMacs: - arg = strdelim(&s); - if (!arg || *arg == '\0') - fatal("%.200s line %d: Missing argument.", filename, linenum); - if (!mac_valid(arg)) - fatal("%.200s line %d: Bad SSH2 Mac spec '%s'.", - filename, linenum, arg ? arg : ""); - if (*activep && options->macs == NULL) - options->macs = xstrdup(arg); - break; - - case oHostKeyAlgorithms: - arg = strdelim(&s); - if (!arg || *arg == '\0') - fatal("%.200s line %d: Missing argument.", filename, linenum); - if (!key_names_valid2(arg)) - fatal("%.200s line %d: Bad protocol 2 host key algorithms '%s'.", - filename, linenum, arg ? arg : ""); - if (*activep && options->hostkeyalgorithms == NULL) - options->hostkeyalgorithms = xstrdup(arg); - break; - case oProtocol: intptr = &options->protocol; arg = strdelim(&s); @@ -580,7 +500,7 @@ value = proto_spec(arg); if (value == SSH_PROTO_UNKNOWN) fatal("%.200s line %d: Bad protocol spec '%s'.", - filename, linenum, arg ? arg : ""); + filename, linenum, arg ? arg : ""); if (*activep && *intptr == SSH_PROTO_UNKNOWN) *intptr = value; break; @@ -589,60 +509,51 @@ intptr = (int *) &options->log_level; arg = strdelim(&s); value = log_level_number(arg); - if (value == SYSLOG_LEVEL_NOT_SET) - fatal("%.200s line %d: unsupported log level '%s'", - filename, linenum, arg ? arg : ""); - if (*activep && (LogLevel) *intptr == SYSLOG_LEVEL_NOT_SET) + if (value == (LogLevel) - 1) + fatal("%.200s line %d: unsupported log level '%s'\n", + filename, linenum, arg ? arg : ""); + if (*activep && (LogLevel) * intptr == -1) *intptr = (LogLevel) value; break; - case oLocalForward: case oRemoteForward: arg = strdelim(&s); if (!arg || *arg == '\0') - fatal("%.200s line %d: Missing port argument.", - filename, linenum); - if ((fwd_port = a2port(arg)) == 0) - fatal("%.200s line %d: Bad listen port.", - filename, linenum); + fatal("%.200s line %d: Missing argument.", filename, linenum); + if (arg[0] < '0' || arg[0] > '9') + fatal("%.200s line %d: Badly formatted port number.", + filename, linenum); + fwd_port = atoi(arg); arg = strdelim(&s); if (!arg || *arg == '\0') fatal("%.200s line %d: Missing second argument.", - filename, linenum); - if (sscanf(arg, "%255[^:]:%5[0-9]", buf, sfwd_host_port) != 2 && - sscanf(arg, "%255[^/]/%5[0-9]", buf, sfwd_host_port) != 2) - fatal("%.200s line %d: Bad forwarding specification.", - filename, linenum); - if ((fwd_host_port = a2port(sfwd_host_port)) == 0) - fatal("%.200s line %d: Bad forwarding port.", - filename, linenum); - if (*activep) { - if (opcode == oLocalForward) - add_local_forward(options, fwd_port, buf, - fwd_host_port); - else if (opcode == oRemoteForward) - add_remote_forward(options, fwd_port, buf, - fwd_host_port); - } + filename, linenum); + if (sscanf(arg, "%255[^:]:%hu", buf, &fwd_host_port) != 2) + fatal("%.200s line %d: Badly formatted host:port.", + filename, linenum); + if (*activep) + add_remote_forward(options, fwd_port, buf, fwd_host_port); break; - case oDynamicForward: + case oLocalForward: arg = strdelim(&s); if (!arg || *arg == '\0') - fatal("%.200s line %d: Missing port argument.", - filename, linenum); - fwd_port = a2port(arg); - if (fwd_port == 0) + fatal("%.200s line %d: Missing argument.", filename, linenum); + if (arg[0] < '0' || arg[0] > '9') fatal("%.200s line %d: Badly formatted port number.", - filename, linenum); + filename, linenum); + fwd_port = atoi(arg); + arg = strdelim(&s); + if (!arg || *arg == '\0') + fatal("%.200s line %d: Missing second argument.", + filename, linenum); + if (sscanf(arg, "%255[^:]:%hu", buf, &fwd_host_port) != 2) + fatal("%.200s line %d: Badly formatted host:port.", + filename, linenum); if (*activep) - add_local_forward(options, fwd_port, "socks4", 0); + add_local_forward(options, fwd_port, buf, fwd_host_port); break; - case oClearAllForwardings: - intptr = &options->clear_forwardings; - goto parse_flag; - case oHost: *activep = 0; while ((arg = strdelim(&s)) != NULL && *arg != '\0') @@ -660,15 +571,15 @@ if (!arg || *arg == '\0') fatal("%.200s line %d: Missing argument.", filename, linenum); if (arg[0] == '^' && arg[2] == 0 && - (u_char) arg[1] >= 64 && (u_char) arg[1] < 128) - value = (u_char) arg[1] & 31; + (unsigned char) arg[1] >= 64 && (unsigned char) arg[1] < 128) + value = (unsigned char) arg[1] & 31; else if (strlen(arg) == 1) - value = (u_char) arg[0]; + value = (unsigned char) arg[0]; else if (strcmp(arg, "none") == 0) - value = SSH_ESCAPECHAR_NONE; + value = -2; else { fatal("%.200s line %d: Bad escape character.", - filename, linenum); + filename, linenum); /* NOTREACHED */ value = 0; /* Avoid compiler warning. */ } @@ -681,9 +592,10 @@ } /* Check that there is no garbage at end of line. */ - if ((arg = strdelim(&s)) != NULL && *arg != '\0') { + if ((arg = strdelim(&s)) != NULL && *arg != '\0') + { fatal("%.200s line %d: garbage at end of line; \"%.200s\".", - filename, linenum, arg); + filename, linenum, arg); } return 0; } @@ -692,10 +604,10 @@ /* * Reads the config file and modifies the options accordingly. Options * should already be initialized before this call. This never returns if - * there is an error. If the file does not exist, this returns 0. + * there is an error. If the file does not exist, this returns immediately. */ -int +void read_config_file(const char *filename, const char *host, Options *options) { FILE *f; @@ -706,7 +618,7 @@ /* Open the file. */ f = fopen(filename, "r"); if (!f) - return 0; + return; debug("Reading configuration data %.200s", filename); @@ -724,9 +636,8 @@ } fclose(f); if (bad_options > 0) - fatal("%s: terminating, %d bad configuration options", - filename, bad_options); - return 1; + fatal("%s: terminating, %d bad configuration options\n", + filename, bad_options); } /* @@ -748,21 +659,18 @@ options->rhosts_authentication = -1; options->rsa_authentication = -1; options->pubkey_authentication = -1; - options->challenge_response_authentication = -1; -#if defined(KRB4) || defined(KRB5) + options->skey_authentication = -1; +#ifdef KRB4 options->kerberos_authentication = -1; #endif -#if defined(AFS) || defined(KRB5) - options->kerberos_tgt_passing = -1; -#endif #ifdef AFS + options->kerberos_tgt_passing = -1; options->afs_token_passing = -1; #endif options->password_authentication = -1; options->kbd_interactive_authentication = -1; options->kbd_interactive_devices = NULL; options->rhosts_rsa_authentication = -1; - options->hostbased_authentication = -1; options->fallback_to_rsh = -1; options->use_rsh = -1; options->batch_mode = -1; @@ -776,12 +684,9 @@ options->number_of_password_prompts = -1; options->cipher = -1; options->ciphers = NULL; - options->macs = NULL; - options->hostkeyalgorithms = NULL; options->protocol = SSH_PROTO_UNKNOWN; options->num_identity_files = 0; options->hostname = NULL; - options->host_key_alias = NULL; options->proxy_command = NULL; options->user = NULL; options->escape_char = -1; @@ -791,12 +696,7 @@ options->user_hostfile2 = NULL; options->num_local_forwards = 0; options->num_remote_forwards = 0; - options->clear_forwardings = -1; - options->log_level = SYSLOG_LEVEL_NOT_SET; - options->preferred_authentications = NULL; - options->bind_address = NULL; - options->smartcard_device = NULL; - options->no_host_authentication_for_localhost = - 1; + options->log_level = (LogLevel) - 1; } /* @@ -807,46 +707,42 @@ void fill_default_options(Options * options) { - int len; - if (options->forward_agent == -1) options->forward_agent = 0; if (options->forward_x11 == -1) options->forward_x11 = 0; +#ifdef XAUTH_PATH if (options->xauth_location == NULL) - options->xauth_location = _PATH_XAUTH; + options->xauth_location = XAUTH_PATH; +#endif /* XAUTH_PATH */ if (options->gateway_ports == -1) options->gateway_ports = 0; if (options->use_privileged_port == -1) - options->use_privileged_port = 0; + options->use_privileged_port = 1; if (options->rhosts_authentication == -1) options->rhosts_authentication = 1; if (options->rsa_authentication == -1) options->rsa_authentication = 1; if (options->pubkey_authentication == -1) options->pubkey_authentication = 1; - if (options->challenge_response_authentication == -1) - options->challenge_response_authentication = 1; -#if defined(KRB4) || defined(KRB5) + if (options->skey_authentication == -1) + options->skey_authentication = 0; +#ifdef KRB4 if (options->kerberos_authentication == -1) options->kerberos_authentication = 1; -#endif -#if defined(AFS) || defined(KRB5) +#endif /* KRB4 */ +#ifdef AFS if (options->kerberos_tgt_passing == -1) options->kerberos_tgt_passing = 1; -#endif -#ifdef AFS if (options->afs_token_passing == -1) options->afs_token_passing = 1; -#endif +#endif /* AFS */ if (options->password_authentication == -1) options->password_authentication = 1; if (options->kbd_interactive_authentication == -1) - options->kbd_interactive_authentication = 1; + options->kbd_interactive_authentication = 0; if (options->rhosts_rsa_authentication == -1) options->rhosts_rsa_authentication = 1; - if (options->hostbased_authentication == -1) - options->hostbased_authentication = 0; if (options->fallback_to_rsh == -1) options->fallback_to_rsh = 0; if (options->use_rsh == -1) @@ -866,58 +762,42 @@ if (options->port == -1) options->port = 0; /* Filled in ssh_connect. */ if (options->connection_attempts == -1) - options->connection_attempts = 1; + options->connection_attempts = 4; if (options->number_of_password_prompts == -1) options->number_of_password_prompts = 3; /* Selected in ssh_login(). */ if (options->cipher == -1) options->cipher = SSH_CIPHER_NOT_SET; /* options->ciphers, default set in myproposals.h */ - /* options->macs, default set in myproposals.h */ - /* options->hostkeyalgorithms, default set in myproposals.h */ if (options->protocol == SSH_PROTO_UNKNOWN) - options->protocol = SSH_PROTO_1|SSH_PROTO_2; + options->protocol = SSH_PROTO_1|SSH_PROTO_2|SSH_PROTO_1_PREFERRED; if (options->num_identity_files == 0) { if (options->protocol & SSH_PROTO_1) { - len = 2 + strlen(_PATH_SSH_CLIENT_IDENTITY) + 1; options->identity_files[options->num_identity_files] = - xmalloc(len); - snprintf(options->identity_files[options->num_identity_files++], - len, "~/%.100s", _PATH_SSH_CLIENT_IDENTITY); + xmalloc(2 + strlen(SSH_CLIENT_IDENTITY) + 1); + sprintf(options->identity_files[options->num_identity_files++], + "~/%.100s", SSH_CLIENT_IDENTITY); } if (options->protocol & SSH_PROTO_2) { - len = 2 + strlen(_PATH_SSH_CLIENT_ID_RSA) + 1; options->identity_files[options->num_identity_files] = - xmalloc(len); - snprintf(options->identity_files[options->num_identity_files++], - len, "~/%.100s", _PATH_SSH_CLIENT_ID_RSA); - - len = 2 + strlen(_PATH_SSH_CLIENT_ID_DSA) + 1; - options->identity_files[options->num_identity_files] = - xmalloc(len); - snprintf(options->identity_files[options->num_identity_files++], - len, "~/%.100s", _PATH_SSH_CLIENT_ID_DSA); + xmalloc(2 + strlen(SSH_CLIENT_ID_DSA) + 1); + sprintf(options->identity_files[options->num_identity_files++], + "~/%.100s", SSH_CLIENT_ID_DSA); } } if (options->escape_char == -1) options->escape_char = '~'; if (options->system_hostfile == NULL) - options->system_hostfile = _PATH_SSH_SYSTEM_HOSTFILE; + options->system_hostfile = SSH_SYSTEM_HOSTFILE; if (options->user_hostfile == NULL) - options->user_hostfile = _PATH_SSH_USER_HOSTFILE; + options->user_hostfile = SSH_USER_HOSTFILE; if (options->system_hostfile2 == NULL) - options->system_hostfile2 = _PATH_SSH_SYSTEM_HOSTFILE2; + options->system_hostfile2 = SSH_SYSTEM_HOSTFILE2; if (options->user_hostfile2 == NULL) - options->user_hostfile2 = _PATH_SSH_USER_HOSTFILE2; - if (options->log_level == SYSLOG_LEVEL_NOT_SET) + options->user_hostfile2 = SSH_USER_HOSTFILE2; + if (options->log_level == (LogLevel) - 1) options->log_level = SYSLOG_LEVEL_INFO; - if (options->clear_forwardings == 1) - clear_forwardings(options); - if (options->no_host_authentication_for_localhost == - 1) - options->no_host_authentication_for_localhost = 0; /* options->proxy_command should not be set by default */ /* options->user will be set in the main program if appropriate */ /* options->hostname will be set in the main program if appropriate */ - /* options->host_key_alias should not be set by default */ - /* options->preferred_authentications will be set in ssh */ }