src/usr.bin/ssh/servconf.c - diff

Return to servconf.c CVS log

Up to [local] / src / usr.bin / ssh

Diff for /src/usr.bin/ssh/servconf.c between version 1.40.2.5 and 1.41

version 1.40.2.5, 2001/03/21 18:53:00

version 1.41, 2000/05/22 18:42:01

Line 1

* servconf.c

* Author: Tatu Ylonen <ylo@cs.hut.fi>

* As far as I am concerned, the code I have written for this software

* Created: Mon Aug 21 15:48:58 1995 ylo

* can be used freely for any purpose. Any derived versions of this

* software must be clearly marked as such, and if the derived work is

* incompatible with the protocol description in the RFC file, it must be

* called by a name other than "ssh" or "Secure Shell".

#include "includes.h"

RCSID("$OpenBSD$");

RCSID("$Id$");

#ifdef KRB4

#include <krb.h>

#endif

#ifdef AFS

#include <kafs.h>

#endif

#include "ssh.h"

#include "log.h"

#include "servconf.h"

#include "xmalloc.h"

#include "compat.h"

#include "pathnames.h"

#include "tildexpand.h"

#include "misc.h"

#include "cipher.h"

#include "kex.h"

#include "mac.h"

/* add listen address */

void add_listen_addr(ServerOptions *options, char *addr);

/* AF_UNSPEC or AF_INET or AF_INET6 */

extern int IPv4or6;

/* Initializes the server options to their default values. */

void

Line 46

Line 31

options->num_ports = 0;

options->ports_from_cmdline = 0;

options->listen_addrs = NULL;

options->num_host_key_files = 0;

options->host_key_file = NULL;

options->host_dsa_key_file = NULL;

options->pid_file = NULL;

options->server_key_bits = -1;

options->login_grace_time = -1;

options->key_regeneration_time = -1;

options->permit_root_login = PERMIT_NOT_SET;

options->permit_root_login = -1;

options->ignore_rhosts = -1;

options->ignore_user_known_hosts = -1;

options->print_motd = -1;

options->check_mail = -1;

options->x11_forwarding = -1;

options->x11_display_offset = -1;

options->xauth_location = NULL;

options->strict_modes = -1;

options->keepalives = -1;

options->log_facility = (SyslogFacility) - 1;

Line 66

Line 51

options->rhosts_authentication = -1;

options->rhosts_rsa_authentication = -1;

options->rsa_authentication = -1;

options->pubkey_authentication = -1;

options->dsa_authentication = -1;

#ifdef KRB4

options->kerberos_authentication = -1;

options->kerberos_or_local_passwd = -1;

Line 77

Line 62

options->afs_token_passing = -1;

#endif

options->password_authentication = -1;

options->kbd_interactive_authentication = -1;

#ifdef SKEY

options->challenge_reponse_authentication = -1;

options->skey_authentication = -1;

#endif

options->permit_empty_passwd = -1;

options->use_login = -1;

options->allow_tcp_forwarding = -1;

options->num_allow_users = 0;

options->num_deny_users = 0;

options->num_allow_groups = 0;

options->num_deny_groups = 0;

options->ciphers = NULL;

options->macs = NULL;

options->protocol = SSH_PROTO_UNKNOWN;

options->gateway_ports = -1;

options->num_subsystems = 0;

options->max_startups_begin = -1;

options->max_startups_rate = -1;

options->max_startups = -1;

options->banner = NULL;

options->reverse_mapping_check = -1;

}

void

fill_default_server_options(ServerOptions *options)

{

if (options->protocol == SSH_PROTO_UNKNOWN)

options->protocol = SSH_PROTO_1|SSH_PROTO_2;

if (options->num_host_key_files == 0) {

/* fill default hostkeys for protocols */

if (options->protocol & SSH_PROTO_1)

options->host_key_files[options->num_host_key_files++] = _PATH_HOST_KEY_FILE;

if (options->protocol & SSH_PROTO_2)

options->host_key_files[options->num_host_key_files++] = _PATH_HOST_DSA_KEY_FILE;

}

if (options->num_ports == 0)

options->ports[options->num_ports++] = SSH_DEFAULT_PORT;

if (options->listen_addrs == NULL)

add_listen_addr(options, NULL);

if (options->host_key_file == NULL)

options->host_key_file = HOST_KEY_FILE;

if (options->host_dsa_key_file == NULL)

options->host_dsa_key_file = HOST_DSA_KEY_FILE;

if (options->pid_file == NULL)

options->pid_file = _PATH_SSH_DAEMON_PID_FILE;

options->pid_file = SSH_DAEMON_PID_FILE;

if (options->server_key_bits == -1)

options->server_key_bits = 768;

if (options->login_grace_time == -1)

options->login_grace_time = 600;

if (options->key_regeneration_time == -1)

options->key_regeneration_time = 3600;

if (options->permit_root_login == PERMIT_NOT_SET)

if (options->permit_root_login == -1)

options->permit_root_login = PERMIT_YES;

options->permit_root_login = 1; /* yes */

if (options->ignore_rhosts == -1)

options->ignore_rhosts = 1;

if (options->ignore_user_known_hosts == -1)

Line 136

Line 109

options->x11_forwarding = 0;

if (options->x11_display_offset == -1)

options->x11_display_offset = 10;

#ifdef XAUTH_PATH

if (options->xauth_location == NULL)

options->xauth_location = XAUTH_PATH;

#endif /* XAUTH_PATH */

if (options->strict_modes == -1)

options->strict_modes = 1;

if (options->keepalives == -1)

Line 154

Line 123

options->rhosts_rsa_authentication = 0;

if (options->rsa_authentication == -1)

options->rsa_authentication = 1;

if (options->pubkey_authentication == -1)

if (options->dsa_authentication == -1)

options->pubkey_authentication = 1;

options->dsa_authentication = 1;

#ifdef KRB4

if (options->kerberos_authentication == -1)

options->kerberos_authentication = (access(KEYFILE, R_OK) == 0);

Line 172

Line 141

#endif /* AFS */

if (options->password_authentication == -1)

options->password_authentication = 1;

if (options->kbd_interactive_authentication == -1)

#ifdef SKEY

options->kbd_interactive_authentication = 0;

if (options->skey_authentication == -1)

if (options->challenge_reponse_authentication == -1)

options->skey_authentication = 1;

options->challenge_reponse_authentication = 1;

#endif

if (options->permit_empty_passwd == -1)

options->permit_empty_passwd = 0;

if (options->use_login == -1)

options->use_login = 0;

if (options->allow_tcp_forwarding == -1)

if (options->protocol == SSH_PROTO_UNKNOWN)

options->allow_tcp_forwarding = 1;

options->protocol = SSH_PROTO_1|SSH_PROTO_2;

if (options->gateway_ports == -1)

options->gateway_ports = 0;

if (options->max_startups == -1)

options->max_startups = 10;

if (options->max_startups_rate == -1)

options->max_startups_rate = 100; /* 100% */

if (options->max_startups_begin == -1)

options->max_startups_begin = options->max_startups;

if (options->reverse_mapping_check == -1)

options->reverse_mapping_check = 0;

}

#define WHITESPACE " \t\r\n"

/* Keyword tokens. */

typedef enum {

sBadOption, /* == unknown option */

Line 206

Line 169

#ifdef AFS

sKerberosTgtPassing, sAFSTokenPassing,

#endif

sChallengeResponseAuthentication,

#ifdef SKEY

sPasswordAuthentication, sKbdInteractiveAuthentication, sListenAddress,

sSkeyAuthentication,

#endif

sPasswordAuthentication, sListenAddress,

sPrintMotd, sIgnoreRhosts, sX11Forwarding, sX11DisplayOffset,

sStrictModes, sEmptyPasswd, sKeepAlives, sCheckMail,

sStrictModes, sEmptyPasswd, sRandomSeedFile, sKeepAlives, sCheckMail,

sUseLogin, sAllowTcpForwarding,

sUseLogin, sAllowUsers, sDenyUsers, sAllowGroups, sDenyGroups,

sAllowUsers, sDenyUsers, sAllowGroups, sDenyGroups,

sIgnoreUserKnownHosts, sHostDSAKeyFile, sCiphers, sProtocol, sPidFile,

sIgnoreUserKnownHosts, sCiphers, sMacs, sProtocol, sPidFile,

sGatewayPorts, sDSAAuthentication

sGatewayPorts, sPubkeyAuthentication, sXAuthLocation, sSubsystem, sMaxStartups,

sBanner, sReverseMappingCheck

} ServerOpCodes;

/* Textual representation of the tokens. */

Line 224

Line 187

} keywords[] = {

{ "port", sPort },

{ "hostkey", sHostKeyFile },

{ "hostdsakey", sHostKeyFile }, /* alias */

{ "hostdsakey", sHostDSAKeyFile },

{ "pidfile", sPidFile },

{ "serverkeybits", sServerKeyBits },

{ "logingracetime", sLoginGraceTime },

{ "keyregenerationinterval", sKeyRegenerationTime },

Line 235

Line 198

{ "rhostsauthentication", sRhostsAuthentication },

{ "rhostsrsaauthentication", sRhostsRSAAuthentication },

{ "rsaauthentication", sRSAAuthentication },

{ "pubkeyauthentication", sPubkeyAuthentication },

{ "dsaauthentication", sDSAAuthentication },

{ "dsaauthentication", sPubkeyAuthentication }, /* alias */

#ifdef KRB4

{ "kerberosauthentication", sKerberosAuthentication },

{ "kerberosorlocalpasswd", sKerberosOrLocalPasswd },

Line 247

Line 209

{ "afstokenpassing", sAFSTokenPassing },

#endif

{ "passwordauthentication", sPasswordAuthentication },

{ "kbdinteractiveauthentication", sKbdInteractiveAuthentication },

#ifdef SKEY

{ "challengeresponseauthentication", sChallengeResponseAuthentication },

{ "skeyauthentication", sSkeyAuthentication },

{ "skeyauthentication", sChallengeResponseAuthentication }, /* alias */

#endif

{ "checkmail", sCheckMail },

{ "listenaddress", sListenAddress },

{ "printmotd", sPrintMotd },

Line 257

Line 219

{ "ignoreuserknownhosts", sIgnoreUserKnownHosts },

{ "x11forwarding", sX11Forwarding },

{ "x11displayoffset", sX11DisplayOffset },

{ "xauthlocation", sXAuthLocation },

{ "strictmodes", sStrictModes },

{ "permitemptypasswords", sEmptyPasswd },

{ "uselogin", sUseLogin },

{ "randomseed", sRandomSeedFile },

{ "keepalive", sKeepAlives },

{ "allowtcpforwarding", sAllowTcpForwarding },

{ "allowusers", sAllowUsers },

{ "denyusers", sDenyUsers },

{ "allowgroups", sAllowGroups },

{ "denygroups", sDenyGroups },

{ "ciphers", sCiphers },

{ "macs", sMacs },

{ "protocol", sProtocol },

{ "gatewayports", sGatewayPorts },

{ "subsystem", sSubsystem },

{ "maxstartups", sMaxStartups },

{ "banner", sBanner },

{ "reversemappingcheck", sReverseMappingCheck },

{ NULL, 0 }

};

Line 287

Line 243

parse_token(const char *cp, const char *filename,

int linenum)

{

u_int i;

unsigned int i;

for (i = 0; keywords[i].name; i++)

if (strcasecmp(cp, keywords[i].name) == 0)

Line 304

Line 260

void

add_listen_addr(ServerOptions *options, char *addr)

{

extern int IPv4or6;

struct addrinfo hints, *ai, *aitop;

char strport[NI_MAXSERV];

int gaierr;

Line 318

Line 275

hints.ai_flags = (addr == NULL) ? AI_PASSIVE : 0;

snprintf(strport, sizeof strport, "%d", options->ports[i]);

if ((gaierr = getaddrinfo(addr, strport, &hints, &aitop)) != 0)

fatal("bad addr or host: %s (%s)",

fatal("bad addr or host: %s (%s)\n",

addr ? addr : "<NULL>",

gai_strerror(gaierr));

for (ai = aitop; ai->ai_next; ai = ai->ai_next)

Line 335

Line 292

{

FILE *f;

char line[1024];

char *cp, **charptr, *arg;

char *cp, **charptr;

int linenum, *intptr, value;

int bad_options = 0;

ServerOpCodes opcode;

int i;

f = fopen(filename, "r");

if (!f) {

Line 349

Line 305

linenum = 0;

while (fgets(line, sizeof(line), f)) {

linenum++;

cp = line;

cp = line + strspn(line, WHITESPACE);

arg = strdelim(&cp);

if (!*cp || *cp == '#')

/* Ignore leading whitespace */

if (*arg == '\0')

arg = strdelim(&cp);

if (!arg || !*arg || *arg == '#')

continue;

intptr = NULL;

cp = strtok(cp, WHITESPACE);

charptr = NULL;

opcode = parse_token(cp, filename, linenum);

opcode = parse_token(arg, filename, linenum);

switch (opcode) {

case sBadOption:

bad_options++;

Line 371

Line 322

fatal("%s line %d: ports must be specified before "

"ListenAdress.\n", filename, linenum);

if (options->num_ports >= MAX_PORTS)

fatal("%s line %d: too many ports.",

fatal("%s line %d: too many ports.\n",

filename, linenum);

arg = strdelim(&cp);

cp = strtok(NULL, WHITESPACE);

if (!arg || *arg == '\0')

if (!cp)

fatal("%s line %d: missing port number.",

fatal("%s line %d: missing port number.\n",

filename, linenum);

options->ports[options->num_ports++] = atoi(arg);

options->ports[options->num_ports++] = atoi(cp);

break;

case sServerKeyBits:

intptr = &options->server_key_bits;

parse_int:

arg = strdelim(&cp);

cp = strtok(NULL, WHITESPACE);

if (!arg || *arg == '\0') {

if (!cp) {

fprintf(stderr, "%s line %d: missing integer value.\n",

filename, linenum);

exit(1);

}

value = atoi(arg);

value = atoi(cp);

if (*intptr == -1)

*intptr = value;

break;

Line 403

Line 354

goto parse_int;

case sListenAddress:

arg = strdelim(&cp);

cp = strtok(NULL, WHITESPACE);

if (!arg || *arg == '\0')

if (!cp)

fatal("%s line %d: missing inet addr.",

fatal("%s line %d: missing inet addr.\n",

filename, linenum);

add_listen_addr(options, arg);

add_listen_addr(options, cp);

break;

case sHostKeyFile:

intptr = &options->num_host_key_files;

case sHostDSAKeyFile:

if (*intptr >= MAX_HOSTKEYS) {

charptr = (opcode == sHostKeyFile ) ?

fprintf(stderr,

&options->host_key_file : &options->host_dsa_key_file;

"%s line %d: too many host keys specified (max %d).\n",

cp = strtok(NULL, WHITESPACE);

filename, linenum, MAX_HOSTKEYS);

if (!cp) {

exit(1);

}

charptr = &options->host_key_files[*intptr];

parse_filename:

arg = strdelim(&cp);

if (!arg || *arg == '\0') {

fprintf(stderr, "%s line %d: missing file name.\n",

filename, linenum);

exit(1);

}

if (*charptr == NULL) {

if (*charptr == NULL)

*charptr = tilde_expand_filename(arg, getuid());

*charptr = tilde_expand_filename(cp, getuid());

/* increase optional counter */

if (intptr != NULL)

*intptr = *intptr + 1;

}

break;

case sPidFile:

charptr = &options->pid_file;

goto parse_filename;

cp = strtok(NULL, WHITESPACE);

if (!cp) {

fprintf(stderr, "%s line %d: missing file name.\n",

filename, linenum);

exit(1);

}

if (*charptr == NULL)

*charptr = tilde_expand_filename(cp, getuid());

break;

case sRandomSeedFile:

fprintf(stderr, "%s line %d: \"randomseed\" option is obsolete.\n",

filename, linenum);

cp = strtok(NULL, WHITESPACE);

break;

case sPermitRootLogin:

intptr = &options->permit_root_login;

arg = strdelim(&cp);

cp = strtok(NULL, WHITESPACE);

if (!arg || *arg == '\0') {

if (!cp) {

fprintf(stderr, "%s line %d: missing yes/"

fprintf(stderr, "%s line %d: missing yes/without-password/no argument.\n",

"without-password/forced-commands-only/no "

filename, linenum);

"argument.\n", filename, linenum);

exit(1);

}

if (strcmp(arg, "without-password") == 0)

if (strcmp(cp, "without-password") == 0)

value = PERMIT_NO_PASSWD;

value = 2;

else if (strcmp(arg, "forced-commands-only") == 0)

else if (strcmp(cp, "yes") == 0)

value = PERMIT_FORCED_ONLY;

value = 1;

else if (strcmp(arg, "yes") == 0)

else if (strcmp(cp, "no") == 0)

value = PERMIT_YES;

value = 0;

else if (strcmp(arg, "no") == 0)

value = PERMIT_NO;

else {

fprintf(stderr, "%s line %d: Bad yes/"

fprintf(stderr, "%s line %d: Bad yes/without-password/no argument: %s\n",

"without-password/forced-commands-only/no "

filename, linenum, cp);

"argument: %s\n", filename, linenum, arg);

exit(1);

}

if (*intptr == -1)

Line 468

Line 419

case sIgnoreRhosts:

intptr = &options->ignore_rhosts;

parse_flag:

arg = strdelim(&cp);

cp = strtok(NULL, WHITESPACE);

if (!arg || *arg == '\0') {

if (!cp) {

fprintf(stderr, "%s line %d: missing yes/no argument.\n",

filename, linenum);

exit(1);

}

if (strcmp(arg, "yes") == 0)

if (strcmp(cp, "yes") == 0)

value = 1;

else if (strcmp(arg, "no") == 0)

else if (strcmp(cp, "no") == 0)

value = 0;

else {

fprintf(stderr, "%s line %d: Bad yes/no argument: %s\n",

filename, linenum, arg);

filename, linenum, cp);

exit(1);

}

if (*intptr == -1)

Line 503

Line 454

intptr = &options->rsa_authentication;

goto parse_flag;

case sPubkeyAuthentication:

case sDSAAuthentication:

intptr = &options->pubkey_authentication;

intptr = &options->dsa_authentication;

goto parse_flag;

#ifdef KRB4

Line 535

Line 486

intptr = &options->password_authentication;

goto parse_flag;

case sKbdInteractiveAuthentication:

intptr = &options->kbd_interactive_authentication;

goto parse_flag;

case sCheckMail:

intptr = &options->check_mail;

goto parse_flag;

case sChallengeResponseAuthentication:

#ifdef SKEY

intptr = &options->challenge_reponse_authentication;

case sSkeyAuthentication:

intptr = &options->skey_authentication;

goto parse_flag;

#endif

case sPrintMotd:

intptr = &options->print_motd;

Line 559

Line 508

intptr = &options->x11_display_offset;

goto parse_int;

case sXAuthLocation:

charptr = &options->xauth_location;

goto parse_filename;

case sStrictModes:

intptr = &options->strict_modes;

goto parse_flag;

Line 583

Line 528

intptr = &options->gateway_ports;

goto parse_flag;

case sReverseMappingCheck:

intptr = &options->reverse_mapping_check;

goto parse_flag;

case sLogFacility:

intptr = (int *) &options->log_facility;

arg = strdelim(&cp);

cp = strtok(NULL, WHITESPACE);

value = log_facility_number(arg);

value = log_facility_number(cp);

if (value == (SyslogFacility) - 1)

fatal("%.200s line %d: unsupported log facility '%s'",

fatal("%.200s line %d: unsupported log facility '%s'\n",

filename, linenum, arg ? arg : "<NONE>");

filename, linenum, cp ? cp : "<NONE>");

if (*intptr == -1)

*intptr = (SyslogFacility) value;

break;

case sLogLevel:

intptr = (int *) &options->log_level;

arg = strdelim(&cp);

cp = strtok(NULL, WHITESPACE);

value = log_level_number(arg);

value = log_level_number(cp);

if (value == (LogLevel) - 1)

fatal("%.200s line %d: unsupported log level '%s'",

fatal("%.200s line %d: unsupported log level '%s'\n",

filename, linenum, arg ? arg : "<NONE>");

filename, linenum, cp ? cp : "<NONE>");

if (*intptr == -1)

*intptr = (LogLevel) value;

break;

case sAllowTcpForwarding:

intptr = &options->allow_tcp_forwarding;

goto parse_flag;

case sAllowUsers:

while ((arg = strdelim(&cp)) && *arg != '\0') {

while ((cp = strtok(NULL, WHITESPACE))) {

if (options->num_allow_users >= MAX_ALLOW_USERS)

fatal("%s line %d: too many allow users.",

fatal("%s line %d: too many allow users.\n",

filename, linenum);

options->allow_users[options->num_allow_users++] = xstrdup(arg);

options->allow_users[options->num_allow_users++] = xstrdup(cp);

}

break;

case sDenyUsers:

while ((arg = strdelim(&cp)) && *arg != '\0') {

while ((cp = strtok(NULL, WHITESPACE))) {

if (options->num_deny_users >= MAX_DENY_USERS)

fatal( "%s line %d: too many deny users.",

fatal( "%s line %d: too many deny users.\n",

filename, linenum);

options->deny_users[options->num_deny_users++] = xstrdup(arg);

options->deny_users[options->num_deny_users++] = xstrdup(cp);

}

break;

case sAllowGroups:

while ((arg = strdelim(&cp)) && *arg != '\0') {

while ((cp = strtok(NULL, WHITESPACE))) {

if (options->num_allow_groups >= MAX_ALLOW_GROUPS)

fatal("%s line %d: too many allow groups.",

fatal("%s line %d: too many allow groups.\n",

filename, linenum);

options->allow_groups[options->num_allow_groups++] = xstrdup(arg);

options->allow_groups[options->num_allow_groups++] = xstrdup(cp);

}

break;

case sDenyGroups:

while ((arg = strdelim(&cp)) && *arg != '\0') {

while ((cp = strtok(NULL, WHITESPACE))) {

if (options->num_deny_groups >= MAX_DENY_GROUPS)

fatal("%s line %d: too many deny groups.",

fatal("%s line %d: too many deny groups.\n",

filename, linenum);

options->deny_groups[options->num_deny_groups++] = xstrdup(arg);

options->deny_groups[options->num_deny_groups++] = xstrdup(cp);

}

break;

case sCiphers:

arg = strdelim(&cp);

cp = strtok(NULL, WHITESPACE);

if (!arg || *arg == '\0')

if (!cp)

fatal("%s line %d: Missing argument.", filename, linenum);

if (!ciphers_valid(arg))

if (!ciphers_valid(cp))

fatal("%s line %d: Bad SSH2 cipher spec '%s'.",

filename, linenum, arg ? arg : "<NONE>");

filename, linenum, cp ? cp : "<NONE>");

if (options->ciphers == NULL)

options->ciphers = xstrdup(arg);

options->ciphers = xstrdup(cp);

break;

case sMacs:

arg = strdelim(&cp);

if (!arg || *arg == '\0')

fatal("%s line %d: Missing argument.", filename, linenum);

if (!mac_valid(arg))

fatal("%s line %d: Bad SSH2 mac spec '%s'.",

filename, linenum, arg ? arg : "<NONE>");

if (options->macs == NULL)

options->macs = xstrdup(arg);

break;

case sProtocol:

intptr = &options->protocol;

arg = strdelim(&cp);

cp = strtok(NULL, WHITESPACE);

if (!arg || *arg == '\0')

if (!cp)

fatal("%s line %d: Missing argument.", filename, linenum);

value = proto_spec(arg);

value = proto_spec(cp);

if (value == SSH_PROTO_UNKNOWN)

fatal("%s line %d: Bad protocol spec '%s'.",

filename, linenum, arg ? arg : "<NONE>");

filename, linenum, cp ? cp : "<NONE>");

if (*intptr == SSH_PROTO_UNKNOWN)

*intptr = value;

break;

case sSubsystem:

if(options->num_subsystems >= MAX_SUBSYSTEMS) {

fatal("%s line %d: too many subsystems defined.",

filename, linenum);

}

arg = strdelim(&cp);

if (!arg || *arg == '\0')

fatal("%s line %d: Missing subsystem name.",

filename, linenum);

for (i = 0; i < options->num_subsystems; i++)

if(strcmp(arg, options->subsystem_name[i]) == 0)

fatal("%s line %d: Subsystem '%s' already defined.",

filename, linenum, arg);

options->subsystem_name[options->num_subsystems] = xstrdup(arg);

arg = strdelim(&cp);

if (!arg || *arg == '\0')

fatal("%s line %d: Missing subsystem command.",

filename, linenum);

options->subsystem_command[options->num_subsystems] = xstrdup(arg);

options->num_subsystems++;

break;

case sMaxStartups:

arg = strdelim(&cp);

if (!arg || *arg == '\0')

fatal("%s line %d: Missing MaxStartups spec.",

filename, linenum);

if (sscanf(arg, "%d:%d:%d",

&options->max_startups_begin,

&options->max_startups_rate,

&options->max_startups) == 3) {

if (options->max_startups_begin >

options->max_startups ||

options->max_startups_rate > 100 ||

options->max_startups_rate < 1)

fatal("%s line %d: Illegal MaxStartups spec.",

filename, linenum);

break;

}

intptr = &options->max_startups;

goto parse_int;

case sBanner:

charptr = &options->banner;

goto parse_filename;

default:

fprintf(stderr, "%s line %d: Missing handler for opcode %s (%d)\n",

filename, linenum, arg, opcode);

filename, linenum, cp, opcode);

exit(1);

}

if ((arg = strdelim(&cp)) != NULL && *arg != '\0') {

if (strtok(NULL, WHITESPACE) != NULL) {

fprintf(stderr,

fprintf(stderr, "%s line %d: garbage at end of line.\n",

"%s line %d: garbage at end of line; \"%.200s\".\n",

filename, linenum);

filename, linenum, arg);

exit(1);

}