version 1.140, 2005/03/10 22:01:05 |
version 1.140.2.2, 2006/02/03 02:53:44 |
|
|
options->authorized_keys_file = NULL; |
options->authorized_keys_file = NULL; |
options->authorized_keys_file2 = NULL; |
options->authorized_keys_file2 = NULL; |
options->num_accept_env = 0; |
options->num_accept_env = 0; |
|
options->permit_tun = -1; |
|
|
/* Needs to be accessable in many places */ |
/* Needs to be accessable in many places */ |
use_privsep = -1; |
use_privsep = -1; |
|
|
if (options->use_login == -1) |
if (options->use_login == -1) |
options->use_login = 0; |
options->use_login = 0; |
if (options->compression == -1) |
if (options->compression == -1) |
options->compression = 1; |
options->compression = COMP_DELAYED; |
if (options->allow_tcp_forwarding == -1) |
if (options->allow_tcp_forwarding == -1) |
options->allow_tcp_forwarding = 1; |
options->allow_tcp_forwarding = 1; |
if (options->gateway_ports == -1) |
if (options->gateway_ports == -1) |
|
|
} |
} |
if (options->authorized_keys_file == NULL) |
if (options->authorized_keys_file == NULL) |
options->authorized_keys_file = _PATH_SSH_USER_PERMITTED_KEYS; |
options->authorized_keys_file = _PATH_SSH_USER_PERMITTED_KEYS; |
|
if (options->permit_tun == -1) |
|
options->permit_tun = SSH_TUNMODE_NO; |
|
|
/* Turn privilege separation on by default */ |
/* Turn privilege separation on by default */ |
if (use_privsep == -1) |
if (use_privsep == -1) |
|
|
sBanner, sUseDNS, sHostbasedAuthentication, |
sBanner, sUseDNS, sHostbasedAuthentication, |
sHostbasedUsesNameFromPacketOnly, sClientAliveInterval, |
sHostbasedUsesNameFromPacketOnly, sClientAliveInterval, |
sClientAliveCountMax, sAuthorizedKeysFile, sAuthorizedKeysFile2, |
sClientAliveCountMax, sAuthorizedKeysFile, sAuthorizedKeysFile2, |
sGssAuthentication, sGssCleanupCreds, sAcceptEnv, |
sGssAuthentication, sGssCleanupCreds, sAcceptEnv, sPermitTunnel, |
sUsePrivilegeSeparation, |
sUsePrivilegeSeparation, |
sDeprecated, sUnsupported |
sDeprecated, sUnsupported |
} ServerOpCodes; |
} ServerOpCodes; |
|
|
{ "authorizedkeysfile2", sAuthorizedKeysFile2 }, |
{ "authorizedkeysfile2", sAuthorizedKeysFile2 }, |
{ "useprivilegeseparation", sUsePrivilegeSeparation}, |
{ "useprivilegeseparation", sUsePrivilegeSeparation}, |
{ "acceptenv", sAcceptEnv }, |
{ "acceptenv", sAcceptEnv }, |
|
{ "permittunnel", sPermitTunnel }, |
{ NULL, sBadOption } |
{ NULL, sBadOption } |
}; |
}; |
|
|
|
|
static void |
static void |
add_listen_addr(ServerOptions *options, char *addr, u_short port) |
add_listen_addr(ServerOptions *options, char *addr, u_short port) |
{ |
{ |
int i; |
u_int i; |
|
|
if (options->num_ports == 0) |
if (options->num_ports == 0) |
options->ports[options->num_ports++] = SSH_DEFAULT_PORT; |
options->ports[options->num_ports++] = SSH_DEFAULT_PORT; |
|
|
const char *filename, int linenum) |
const char *filename, int linenum) |
{ |
{ |
char *cp, **charptr, *arg, *p; |
char *cp, **charptr, *arg, *p; |
int *intptr, value, i, n; |
int *intptr, value, n; |
ServerOpCodes opcode; |
ServerOpCodes opcode; |
u_short port; |
u_short port; |
|
u_int i; |
|
|
cp = line; |
cp = line; |
arg = strdelim(&cp); |
arg = strdelim(&cp); |
|
|
if (arg == NULL || *arg == '\0') |
if (arg == NULL || *arg == '\0') |
fatal("%s line %d: missing address", |
fatal("%s line %d: missing address", |
filename, linenum); |
filename, linenum); |
|
/* check for bare IPv6 address: no "[]" and 2 or more ":" */ |
|
if (strchr(arg, '[') == NULL && (p = strchr(arg, ':')) != NULL |
|
&& strchr(p+1, ':') != NULL) { |
|
add_listen_addr(options, arg, 0); |
|
break; |
|
} |
p = hpdelim(&arg); |
p = hpdelim(&arg); |
if (p == NULL) |
if (p == NULL) |
fatal("%s line %d: bad address:port usage", |
fatal("%s line %d: bad address:port usage", |
|
|
|
|
case sAddressFamily: |
case sAddressFamily: |
arg = strdelim(&cp); |
arg = strdelim(&cp); |
|
if (!arg || *arg == '\0') |
|
fatal("%s line %d: missing address family.", |
|
filename, linenum); |
intptr = &options->address_family; |
intptr = &options->address_family; |
if (options->listen_addrs != NULL) |
if (options->listen_addrs != NULL) |
fatal("%s line %d: address family must be specified before " |
fatal("%s line %d: address family must be specified before " |
|
|
|
|
case sCompression: |
case sCompression: |
intptr = &options->compression; |
intptr = &options->compression; |
goto parse_flag; |
arg = strdelim(&cp); |
|
if (!arg || *arg == '\0') |
|
fatal("%s line %d: missing yes/no/delayed " |
|
"argument.", filename, linenum); |
|
value = 0; /* silence compiler */ |
|
if (strcmp(arg, "delayed") == 0) |
|
value = COMP_DELAYED; |
|
else if (strcmp(arg, "yes") == 0) |
|
value = COMP_ZLIB; |
|
else if (strcmp(arg, "no") == 0) |
|
value = COMP_NONE; |
|
else |
|
fatal("%s line %d: Bad yes/no/delayed " |
|
"argument: %s", filename, linenum, arg); |
|
if (*intptr == -1) |
|
*intptr = value; |
|
break; |
|
|
case sGatewayPorts: |
case sGatewayPorts: |
intptr = &options->gateway_ports; |
intptr = &options->gateway_ports; |
|
|
options->accept_env[options->num_accept_env++] = |
options->accept_env[options->num_accept_env++] = |
xstrdup(arg); |
xstrdup(arg); |
} |
} |
|
break; |
|
|
|
case sPermitTunnel: |
|
intptr = &options->permit_tun; |
|
arg = strdelim(&cp); |
|
if (!arg || *arg == '\0') |
|
fatal("%s line %d: Missing yes/point-to-point/" |
|
"ethernet/no argument.", filename, linenum); |
|
value = 0; /* silence compiler */ |
|
if (strcasecmp(arg, "ethernet") == 0) |
|
value = SSH_TUNMODE_ETHERNET; |
|
else if (strcasecmp(arg, "point-to-point") == 0) |
|
value = SSH_TUNMODE_POINTOPOINT; |
|
else if (strcasecmp(arg, "yes") == 0) |
|
value = SSH_TUNMODE_YES; |
|
else if (strcasecmp(arg, "no") == 0) |
|
value = SSH_TUNMODE_NO; |
|
else |
|
fatal("%s line %d: Bad yes/point-to-point/ethernet/" |
|
"no argument: %s", filename, linenum, arg); |
|
if (*intptr == -1) |
|
*intptr = value; |
break; |
break; |
|
|
case sDeprecated: |
case sDeprecated: |