src/usr.bin/ssh/servconf.c - diff

Return to servconf.c CVS log

Up to [local] / src / usr.bin / ssh

Diff for /src/usr.bin/ssh/servconf.c between version 1.127.2.2 and 1.128

version 1.127.2.2, 2004/08/19 22:37:32

version 1.128, 2003/09/29 20:19:57

Line 18

#include "xmalloc.h"

#include "compat.h"

#include "pathnames.h"

#include "tildexpand.h"

#include "misc.h"

#include "cipher.h"

#include "kex.h"

Line 55

Line 56

options->x11_use_localhost = -1;

options->xauth_location = NULL;

options->strict_modes = -1;

options->tcp_keep_alive = -1;

options->keepalives = -1;

options->log_facility = SYSLOG_FACILITY_NOT_SET;

options->log_level = SYSLOG_LEVEL_NOT_SET;

options->rhosts_rsa_authentication = -1;

Line 66

Line 67

options->kerberos_authentication = -1;

options->kerberos_or_local_passwd = -1;

options->kerberos_ticket_cleanup = -1;

options->kerberos_get_afs_token = -1;

options->gss_authentication=-1;

options->gss_cleanup_creds = -1;

options->password_authentication = -1;

Line 89

options->max_startups_begin = -1;

options->max_startups_rate = -1;

options->max_startups = -1;

options->max_authtries = -1;

options->banner = NULL;

options->use_dns = -1;

options->client_alive_interval = -1;

options->client_alive_count_max = -1;

options->authorized_keys_file = NULL;

options->authorized_keys_file2 = NULL;

options->num_accept_env = 0;

/* Needs to be accessable in many places */

use_privsep = -1;

Line 151

Line 149

options->xauth_location = _PATH_XAUTH;

if (options->strict_modes == -1)

options->strict_modes = 1;

if (options->tcp_keep_alive == -1)

if (options->keepalives == -1)

options->tcp_keep_alive = 1;

options->keepalives = 1;

if (options->log_facility == SYSLOG_FACILITY_NOT_SET)

options->log_facility = SYSLOG_FACILITY_AUTH;

if (options->log_level == SYSLOG_LEVEL_NOT_SET)

Line 173

Line 171

options->kerberos_or_local_passwd = 1;

if (options->kerberos_ticket_cleanup == -1)

options->kerberos_ticket_cleanup = 1;

if (options->kerberos_get_afs_token == -1)

options->kerberos_get_afs_token = 0;

if (options->gss_authentication == -1)

options->gss_authentication = 0;

if (options->gss_cleanup_creds == -1)

Line 203

Line 199

options->max_startups_rate = 100; /* 100% */

if (options->max_startups_begin == -1)

options->max_startups_begin = options->max_startups;

if (options->max_authtries == -1)

options->max_authtries = DEFAULT_AUTH_FAIL_MAX;

if (options->use_dns == -1)

options->use_dns = 1;

if (options->client_alive_interval == -1)

Line 233

Line 227

sPermitRootLogin, sLogFacility, sLogLevel,

sRhostsRSAAuthentication, sRSAAuthentication,

sKerberosAuthentication, sKerberosOrLocalPasswd, sKerberosTicketCleanup,

sKerberosGetAFSToken,

sKerberosTgtPassing, sChallengeResponseAuthentication,

sPasswordAuthentication, sKbdInteractiveAuthentication, sListenAddress,

sPrintMotd, sPrintLastLog, sIgnoreRhosts,

sX11Forwarding, sX11DisplayOffset, sX11UseLocalhost,

sStrictModes, sEmptyPasswd, sTCPKeepAlive,

sStrictModes, sEmptyPasswd, sKeepAlives,

sPermitUserEnvironment, sUseLogin, sAllowTcpForwarding, sCompression,

sAllowUsers, sDenyUsers, sAllowGroups, sDenyGroups,

sIgnoreUserKnownHosts, sCiphers, sMacs, sProtocol, sPidFile,

sGatewayPorts, sPubkeyAuthentication, sXAuthLocation, sSubsystem,

sGatewayPorts, sPubkeyAuthentication, sXAuthLocation, sSubsystem, sMaxStartups,

sMaxStartups, sMaxAuthTries,

sBanner, sUseDNS, sHostbasedAuthentication,

sHostbasedUsesNameFromPacketOnly, sClientAliveInterval,

sClientAliveCountMax, sAuthorizedKeysFile, sAuthorizedKeysFile2,

sGssAuthentication, sGssCleanupCreds, sAcceptEnv,

sGssAuthentication, sGssCleanupCreds,

sUsePrivilegeSeparation,

sDeprecated, sUnsupported

} ServerOpCodes;

Line 278

Line 270

{ "kerberosauthentication", sKerberosAuthentication },

{ "kerberosorlocalpasswd", sKerberosOrLocalPasswd },

{ "kerberosticketcleanup", sKerberosTicketCleanup },

{ "kerberosgetafstoken", sKerberosGetAFSToken },

#else

{ "kerberosauthentication", sUnsupported },

{ "kerberosorlocalpasswd", sUnsupported },

{ "kerberosticketcleanup", sUnsupported },

{ "kerberosgetafstoken", sUnsupported },

#endif

{ "kerberostgtpassing", sUnsupported },

{ "afstokenpassing", sUnsupported },

Line 313

Line 303

{ "permituserenvironment", sPermitUserEnvironment },

{ "uselogin", sUseLogin },

{ "compression", sCompression },

{ "tcpkeepalive", sTCPKeepAlive },

{ "keepalive", sKeepAlives },

{ "keepalive", sTCPKeepAlive }, /* obsolete alias */

{ "allowtcpforwarding", sAllowTcpForwarding },

{ "allowusers", sAllowUsers },

{ "denyusers", sDenyUsers },

Line 326

Line 315

{ "gatewayports", sGatewayPorts },

{ "subsystem", sSubsystem },

{ "maxstartups", sMaxStartups },

{ "maxauthtries", sMaxAuthTries },

{ "banner", sBanner },

{ "usedns", sUseDNS },

{ "verifyreversemapping", sDeprecated },

Line 336

Line 324

{ "authorizedkeysfile", sAuthorizedKeysFile },

{ "authorizedkeysfile2", sAuthorizedKeysFile2 },

{ "useprivilegeseparation", sUsePrivilegeSeparation},

{ "acceptenv", sAcceptEnv },

{ NULL, sBadOption }

};

Line 605

Line 592

intptr = &options->kerberos_ticket_cleanup;

goto parse_flag;

case sKerberosGetAFSToken:

intptr = &options->kerberos_get_afs_token;

goto parse_flag;

case sGssAuthentication:

intptr = &options->gss_authentication;

goto parse_flag;

Line 657

Line 640

intptr = &options->strict_modes;

goto parse_flag;

case sTCPKeepAlive:

case sKeepAlives:

intptr = &options->tcp_keep_alive;

intptr = &options->keepalives;

goto parse_flag;

case sEmptyPasswd:

Line 833

Line 816

options->max_startups = options->max_startups_begin;

break;

case sMaxAuthTries:

intptr = &options->max_authtries;

goto parse_int;

case sBanner:

charptr = &options->banner;

goto parse_filename;

Line 861

Line 840

intptr = &options->client_alive_count_max;

goto parse_int;

case sAcceptEnv:

while ((arg = strdelim(&cp)) && *arg != '\0') {

if (strchr(arg, '=') != NULL)

fatal("%s line %d: Invalid environment name.",

filename, linenum);

if (options->num_accept_env >= MAX_ACCEPT_ENV)

fatal("%s line %d: too many allow env.",

filename, linenum);

options->accept_env[options->num_accept_env++] =

xstrdup(arg);

}

break;

case sDeprecated:

logit("%s line %d: Deprecated option %s",

filename, linenum, arg);

Line 901

Line 867

/* Reads the server configuration file. */

void

load_server_config(const char *filename, Buffer *conf)

read_server_config(ServerOptions *options, const char *filename)

{

char line[1024], *cp;

int linenum, bad_options = 0;

char line[1024];

FILE *f;

debug2("%s: filename %s", __func__, filename);

debug2("read_server_config: filename %s", filename);

if ((f = fopen(filename, "r")) == NULL) {

f = fopen(filename, "r");

if (!f) {

perror(filename);

exit(1);

}

buffer_clear(conf);

linenum = 0;

while (fgets(line, sizeof(line), f)) {

/* Update line number counter. */

* Trim out comments and strip whitespace

linenum++;

* NB - preserve newlines, they are needed to reproduce

if (process_server_config_line(options, line, filename, linenum) != 0)

* line numbers later for error messages

if ((cp = strchr(line, '#')) != NULL)

memcpy(cp, "\n", 2);

cp = line + strspn(line, " \t\r");

buffer_append(conf, cp, strlen(cp));

}

buffer_append(conf, "\0", 1);

fclose(f);

debug2("%s: done config len = %d", __func__, buffer_len(conf));

}

void

parse_server_config(ServerOptions *options, const char *filename, Buffer *conf)

{

int linenum, bad_options = 0;

char *cp, *obuf, *cbuf;

debug2("%s: config %s len %d", __func__, filename, buffer_len(conf));

obuf = cbuf = xstrdup(buffer_ptr(conf));

linenum = 1;

while((cp = strsep(&cbuf, "\n")) != NULL) {

if (process_server_config_line(options, cp, filename,

linenum++) != 0)

bad_options++;

}

xfree(obuf);

fclose(f);

if (bad_options > 0)

fatal("%s: terminating, %d bad configuration options",

filename, bad_options);