| version 1.105.2.6, 2003/04/03 22:35:17 |
version 1.106, 2002/04/20 09:02:03 |
|
|
| options->kbd_interactive_authentication = -1; |
options->kbd_interactive_authentication = -1; |
| options->challenge_response_authentication = -1; |
options->challenge_response_authentication = -1; |
| options->permit_empty_passwd = -1; |
options->permit_empty_passwd = -1; |
| options->permit_user_env = -1; |
|
| options->use_login = -1; |
options->use_login = -1; |
| options->compression = -1; |
|
| options->allow_tcp_forwarding = -1; |
options->allow_tcp_forwarding = -1; |
| options->num_allow_users = 0; |
options->num_allow_users = 0; |
| options->num_deny_users = 0; |
options->num_deny_users = 0; |
|
|
| if (options->server_key_bits == -1) |
if (options->server_key_bits == -1) |
| options->server_key_bits = 768; |
options->server_key_bits = 768; |
| if (options->login_grace_time == -1) |
if (options->login_grace_time == -1) |
| options->login_grace_time = 120; |
options->login_grace_time = 600; |
| if (options->key_regeneration_time == -1) |
if (options->key_regeneration_time == -1) |
| options->key_regeneration_time = 3600; |
options->key_regeneration_time = 3600; |
| if (options->permit_root_login == PERMIT_NOT_SET) |
if (options->permit_root_login == PERMIT_NOT_SET) |
|
|
| options->pubkey_authentication = 1; |
options->pubkey_authentication = 1; |
| #if defined(KRB4) || defined(KRB5) |
#if defined(KRB4) || defined(KRB5) |
| if (options->kerberos_authentication == -1) |
if (options->kerberos_authentication == -1) |
| options->kerberos_authentication = 0; |
options->kerberos_authentication = (access(KEYFILE, R_OK) == 0); |
| if (options->kerberos_or_local_passwd == -1) |
if (options->kerberos_or_local_passwd == -1) |
| options->kerberos_or_local_passwd = 1; |
options->kerberos_or_local_passwd = 1; |
| if (options->kerberos_ticket_cleanup == -1) |
if (options->kerberos_ticket_cleanup == -1) |
|
|
| options->challenge_response_authentication = 1; |
options->challenge_response_authentication = 1; |
| if (options->permit_empty_passwd == -1) |
if (options->permit_empty_passwd == -1) |
| options->permit_empty_passwd = 0; |
options->permit_empty_passwd = 0; |
| if (options->permit_user_env == -1) |
|
| options->permit_user_env = 0; |
|
| if (options->use_login == -1) |
if (options->use_login == -1) |
| options->use_login = 0; |
options->use_login = 0; |
| if (options->compression == -1) |
|
| options->compression = 1; |
|
| if (options->allow_tcp_forwarding == -1) |
if (options->allow_tcp_forwarding == -1) |
| options->allow_tcp_forwarding = 1; |
options->allow_tcp_forwarding = 1; |
| if (options->gateway_ports == -1) |
if (options->gateway_ports == -1) |
|
|
| if (options->authorized_keys_file == NULL) |
if (options->authorized_keys_file == NULL) |
| options->authorized_keys_file = _PATH_SSH_USER_PERMITTED_KEYS; |
options->authorized_keys_file = _PATH_SSH_USER_PERMITTED_KEYS; |
| |
|
| /* Turn privilege separation on by default */ |
/* Turn privilege separation _off_ by default */ |
| if (use_privsep == -1) |
if (use_privsep == -1) |
| use_privsep = 1; |
use_privsep = 0; |
| } |
} |
| |
|
| /* Keyword tokens. */ |
/* Keyword tokens. */ |
|
|
| sPrintMotd, sPrintLastLog, sIgnoreRhosts, |
sPrintMotd, sPrintLastLog, sIgnoreRhosts, |
| sX11Forwarding, sX11DisplayOffset, sX11UseLocalhost, |
sX11Forwarding, sX11DisplayOffset, sX11UseLocalhost, |
| sStrictModes, sEmptyPasswd, sKeepAlives, |
sStrictModes, sEmptyPasswd, sKeepAlives, |
| sPermitUserEnvironment, sUseLogin, sAllowTcpForwarding, sCompression, |
sUseLogin, sAllowTcpForwarding, |
| sAllowUsers, sDenyUsers, sAllowGroups, sDenyGroups, |
sAllowUsers, sDenyUsers, sAllowGroups, sDenyGroups, |
| sIgnoreUserKnownHosts, sCiphers, sMacs, sProtocol, sPidFile, |
sIgnoreUserKnownHosts, sCiphers, sMacs, sProtocol, sPidFile, |
| sGatewayPorts, sPubkeyAuthentication, sXAuthLocation, sSubsystem, sMaxStartups, |
sGatewayPorts, sPubkeyAuthentication, sXAuthLocation, sSubsystem, sMaxStartups, |
|
|
| { "xauthlocation", sXAuthLocation }, |
{ "xauthlocation", sXAuthLocation }, |
| { "strictmodes", sStrictModes }, |
{ "strictmodes", sStrictModes }, |
| { "permitemptypasswords", sEmptyPasswd }, |
{ "permitemptypasswords", sEmptyPasswd }, |
| { "permituserenvironment", sPermitUserEnvironment }, |
|
| { "uselogin", sUseLogin }, |
{ "uselogin", sUseLogin }, |
| { "compression", sCompression }, |
|
| { "keepalive", sKeepAlives }, |
{ "keepalive", sKeepAlives }, |
| { "allowtcpforwarding", sAllowTcpForwarding }, |
{ "allowtcpforwarding", sAllowTcpForwarding }, |
| { "allowusers", sAllowUsers }, |
{ "allowusers", sAllowUsers }, |
|
|
| hints.ai_family = IPv4or6; |
hints.ai_family = IPv4or6; |
| hints.ai_socktype = SOCK_STREAM; |
hints.ai_socktype = SOCK_STREAM; |
| hints.ai_flags = (addr == NULL) ? AI_PASSIVE : 0; |
hints.ai_flags = (addr == NULL) ? AI_PASSIVE : 0; |
| snprintf(strport, sizeof strport, "%u", port); |
snprintf(strport, sizeof strport, "%d", port); |
| if ((gaierr = getaddrinfo(addr, strport, &hints, &aitop)) != 0) |
if ((gaierr = getaddrinfo(addr, strport, &hints, &aitop)) != 0) |
| fatal("bad addr or host: %s (%s)", |
fatal("bad addr or host: %s (%s)", |
| addr ? addr : "<NULL>", |
addr ? addr : "<NULL>", |
|
|
| const char *filename, int linenum) |
const char *filename, int linenum) |
| { |
{ |
| char *cp, **charptr, *arg, *p; |
char *cp, **charptr, *arg, *p; |
| int *intptr, value, i, n; |
int *intptr, value; |
| ServerOpCodes opcode; |
ServerOpCodes opcode; |
| |
int i, n; |
| |
|
| cp = line; |
cp = line; |
| arg = strdelim(&cp); |
arg = strdelim(&cp); |
|
|
| intptr = &options->permit_empty_passwd; |
intptr = &options->permit_empty_passwd; |
| goto parse_flag; |
goto parse_flag; |
| |
|
| case sPermitUserEnvironment: |
|
| intptr = &options->permit_user_env; |
|
| goto parse_flag; |
|
| |
|
| case sUseLogin: |
case sUseLogin: |
| intptr = &options->use_login; |
intptr = &options->use_login; |
| goto parse_flag; |
goto parse_flag; |
| |
|
| case sCompression: |
|
| intptr = &options->compression; |
|
| goto parse_flag; |
|
| |
|
| case sGatewayPorts: |
case sGatewayPorts: |
| intptr = &options->gateway_ports; |
intptr = &options->gateway_ports; |
| goto parse_flag; |
goto parse_flag; |
|
|
| if (options->num_allow_users >= MAX_ALLOW_USERS) |
if (options->num_allow_users >= MAX_ALLOW_USERS) |
| fatal("%s line %d: too many allow users.", |
fatal("%s line %d: too many allow users.", |
| filename, linenum); |
filename, linenum); |
| options->allow_users[options->num_allow_users++] = |
options->allow_users[options->num_allow_users++] = xstrdup(arg); |
| xstrdup(arg); |
|
| } |
} |
| break; |
break; |
| |
|
|
|
| if (options->num_deny_users >= MAX_DENY_USERS) |
if (options->num_deny_users >= MAX_DENY_USERS) |
| fatal( "%s line %d: too many deny users.", |
fatal( "%s line %d: too many deny users.", |
| filename, linenum); |
filename, linenum); |
| options->deny_users[options->num_deny_users++] = |
options->deny_users[options->num_deny_users++] = xstrdup(arg); |
| xstrdup(arg); |
|
| } |
} |
| break; |
break; |
| |
|
|
|
| if (options->num_allow_groups >= MAX_ALLOW_GROUPS) |
if (options->num_allow_groups >= MAX_ALLOW_GROUPS) |
| fatal("%s line %d: too many allow groups.", |
fatal("%s line %d: too many allow groups.", |
| filename, linenum); |
filename, linenum); |
| options->allow_groups[options->num_allow_groups++] = |
options->allow_groups[options->num_allow_groups++] = xstrdup(arg); |
| xstrdup(arg); |
|
| } |
} |
| break; |
break; |
| |
|
|
|
| void |
void |
| read_server_config(ServerOptions *options, const char *filename) |
read_server_config(ServerOptions *options, const char *filename) |
| { |
{ |
| int linenum, bad_options = 0; |
|
| char line[1024]; |
|
| FILE *f; |
FILE *f; |
| |
char line[1024]; |
| |
int linenum; |
| |
int bad_options = 0; |
| |
|
| debug2("read_server_config: filename %s", filename); |
|
| f = fopen(filename, "r"); |
f = fopen(filename, "r"); |
| if (!f) { |
if (!f) { |
| perror(filename); |
perror(filename); |
![[BACK]](/icons/back.gif){kind=icon}
Return to servconf.c CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / src / usr.bin / ssh