| version 1.105, 2002/03/20 19:12:24 |
version 1.105.2.4, 2002/06/26 15:30:38 |
|
|
| options->challenge_response_authentication = -1; |
options->challenge_response_authentication = -1; |
| options->permit_empty_passwd = -1; |
options->permit_empty_passwd = -1; |
| options->use_login = -1; |
options->use_login = -1; |
| |
options->compression = -1; |
| options->allow_tcp_forwarding = -1; |
options->allow_tcp_forwarding = -1; |
| options->num_allow_users = 0; |
options->num_allow_users = 0; |
| options->num_deny_users = 0; |
options->num_deny_users = 0; |
|
|
| options->pubkey_authentication = 1; |
options->pubkey_authentication = 1; |
| #if defined(KRB4) || defined(KRB5) |
#if defined(KRB4) || defined(KRB5) |
| if (options->kerberos_authentication == -1) |
if (options->kerberos_authentication == -1) |
| options->kerberos_authentication = (access(KEYFILE, R_OK) == 0); |
options->kerberos_authentication = 0; |
| if (options->kerberos_or_local_passwd == -1) |
if (options->kerberos_or_local_passwd == -1) |
| options->kerberos_or_local_passwd = 1; |
options->kerberos_or_local_passwd = 1; |
| if (options->kerberos_ticket_cleanup == -1) |
if (options->kerberos_ticket_cleanup == -1) |
|
|
| #endif |
#endif |
| #ifdef AFS |
#ifdef AFS |
| if (options->afs_token_passing == -1) |
if (options->afs_token_passing == -1) |
| options->afs_token_passing = k_hasafs(); |
options->afs_token_passing = 0; |
| #endif |
#endif |
| if (options->password_authentication == -1) |
if (options->password_authentication == -1) |
| options->password_authentication = 1; |
options->password_authentication = 1; |
|
|
| options->permit_empty_passwd = 0; |
options->permit_empty_passwd = 0; |
| if (options->use_login == -1) |
if (options->use_login == -1) |
| options->use_login = 0; |
options->use_login = 0; |
| |
if (options->compression == -1) |
| |
options->compression = 1; |
| if (options->allow_tcp_forwarding == -1) |
if (options->allow_tcp_forwarding == -1) |
| options->allow_tcp_forwarding = 1; |
options->allow_tcp_forwarding = 1; |
| if (options->gateway_ports == -1) |
if (options->gateway_ports == -1) |
|
|
| if (options->authorized_keys_file == NULL) |
if (options->authorized_keys_file == NULL) |
| options->authorized_keys_file = _PATH_SSH_USER_PERMITTED_KEYS; |
options->authorized_keys_file = _PATH_SSH_USER_PERMITTED_KEYS; |
| |
|
| /* Turn privilege separation _off_ by default */ |
/* Turn privilege separation on by default */ |
| if (use_privsep == -1) |
if (use_privsep == -1) |
| use_privsep = 0; |
use_privsep = 1; |
| } |
} |
| |
|
| /* Keyword tokens. */ |
/* Keyword tokens. */ |
|
|
| sPrintMotd, sPrintLastLog, sIgnoreRhosts, |
sPrintMotd, sPrintLastLog, sIgnoreRhosts, |
| sX11Forwarding, sX11DisplayOffset, sX11UseLocalhost, |
sX11Forwarding, sX11DisplayOffset, sX11UseLocalhost, |
| sStrictModes, sEmptyPasswd, sKeepAlives, |
sStrictModes, sEmptyPasswd, sKeepAlives, |
| sUseLogin, sAllowTcpForwarding, |
sUseLogin, sAllowTcpForwarding, sCompression, |
| sAllowUsers, sDenyUsers, sAllowGroups, sDenyGroups, |
sAllowUsers, sDenyUsers, sAllowGroups, sDenyGroups, |
| sIgnoreUserKnownHosts, sCiphers, sMacs, sProtocol, sPidFile, |
sIgnoreUserKnownHosts, sCiphers, sMacs, sProtocol, sPidFile, |
| sGatewayPorts, sPubkeyAuthentication, sXAuthLocation, sSubsystem, sMaxStartups, |
sGatewayPorts, sPubkeyAuthentication, sXAuthLocation, sSubsystem, sMaxStartups, |
|
|
| { "strictmodes", sStrictModes }, |
{ "strictmodes", sStrictModes }, |
| { "permitemptypasswords", sEmptyPasswd }, |
{ "permitemptypasswords", sEmptyPasswd }, |
| { "uselogin", sUseLogin }, |
{ "uselogin", sUseLogin }, |
| |
{ "compression", sCompression }, |
| { "keepalive", sKeepAlives }, |
{ "keepalive", sKeepAlives }, |
| { "allowtcpforwarding", sAllowTcpForwarding }, |
{ "allowtcpforwarding", sAllowTcpForwarding }, |
| { "allowusers", sAllowUsers }, |
{ "allowusers", sAllowUsers }, |
|
|
| hints.ai_family = IPv4or6; |
hints.ai_family = IPv4or6; |
| hints.ai_socktype = SOCK_STREAM; |
hints.ai_socktype = SOCK_STREAM; |
| hints.ai_flags = (addr == NULL) ? AI_PASSIVE : 0; |
hints.ai_flags = (addr == NULL) ? AI_PASSIVE : 0; |
| snprintf(strport, sizeof strport, "%d", port); |
snprintf(strport, sizeof strport, "%u", port); |
| if ((gaierr = getaddrinfo(addr, strport, &hints, &aitop)) != 0) |
if ((gaierr = getaddrinfo(addr, strport, &hints, &aitop)) != 0) |
| fatal("bad addr or host: %s (%s)", |
fatal("bad addr or host: %s (%s)", |
| addr ? addr : "<NULL>", |
addr ? addr : "<NULL>", |
|
|
| const char *filename, int linenum) |
const char *filename, int linenum) |
| { |
{ |
| char *cp, **charptr, *arg, *p; |
char *cp, **charptr, *arg, *p; |
| int *intptr, value; |
int *intptr, value, i, n; |
| ServerOpCodes opcode; |
ServerOpCodes opcode; |
| int i, n; |
|
| |
|
| cp = line; |
cp = line; |
| arg = strdelim(&cp); |
arg = strdelim(&cp); |
|
|
| intptr = &options->use_login; |
intptr = &options->use_login; |
| goto parse_flag; |
goto parse_flag; |
| |
|
| |
case sCompression: |
| |
intptr = &options->compression; |
| |
goto parse_flag; |
| |
|
| case sGatewayPorts: |
case sGatewayPorts: |
| intptr = &options->gateway_ports; |
intptr = &options->gateway_ports; |
| goto parse_flag; |
goto parse_flag; |
|
|
| if (options->num_allow_users >= MAX_ALLOW_USERS) |
if (options->num_allow_users >= MAX_ALLOW_USERS) |
| fatal("%s line %d: too many allow users.", |
fatal("%s line %d: too many allow users.", |
| filename, linenum); |
filename, linenum); |
| options->allow_users[options->num_allow_users++] = xstrdup(arg); |
options->allow_users[options->num_allow_users++] = |
| |
xstrdup(arg); |
| } |
} |
| break; |
break; |
| |
|
|
|
| if (options->num_deny_users >= MAX_DENY_USERS) |
if (options->num_deny_users >= MAX_DENY_USERS) |
| fatal( "%s line %d: too many deny users.", |
fatal( "%s line %d: too many deny users.", |
| filename, linenum); |
filename, linenum); |
| options->deny_users[options->num_deny_users++] = xstrdup(arg); |
options->deny_users[options->num_deny_users++] = |
| |
xstrdup(arg); |
| } |
} |
| break; |
break; |
| |
|
|
|
| if (options->num_allow_groups >= MAX_ALLOW_GROUPS) |
if (options->num_allow_groups >= MAX_ALLOW_GROUPS) |
| fatal("%s line %d: too many allow groups.", |
fatal("%s line %d: too many allow groups.", |
| filename, linenum); |
filename, linenum); |
| options->allow_groups[options->num_allow_groups++] = xstrdup(arg); |
options->allow_groups[options->num_allow_groups++] = |
| |
xstrdup(arg); |
| } |
} |
| break; |
break; |
| |
|
|
|
| void |
void |
| read_server_config(ServerOptions *options, const char *filename) |
read_server_config(ServerOptions *options, const char *filename) |
| { |
{ |
| FILE *f; |
int linenum, bad_options = 0; |
| char line[1024]; |
char line[1024]; |
| int linenum; |
FILE *f; |
| int bad_options = 0; |
|
| |
|
| f = fopen(filename, "r"); |
f = fopen(filename, "r"); |
| if (!f) { |
if (!f) { |
![[BACK]](/icons/back.gif){kind=icon}
Return to servconf.c CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / src / usr.bin / ssh