2 /* $OpenBSD: servconf.c,v 1.326 2018/03/01 20:32:16 markus Exp $ */
4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
7 * As far as I am concerned, the code I have written for this software
8 * can be used freely for any purpose. Any derived versions of this
9 * software must be clearly marked as such, and if the derived work is
10 * incompatible with the protocol description in the RFC file, it must be
11 * called by a name other than "ssh" or "Secure Shell".
16 #include <sys/types.h>
17 #include <sys/socket.h>
18 #ifdef HAVE_SYS_SYSCTL_H
19 #include <sys/sysctl.h>
22 #include <netinet/in.h>
23 #include <netinet/in_systm.h>
24 #include <netinet/ip.h>
25 #ifdef HAVE_NET_ROUTE_H
26 #include <net/route.h>
44 #include "openbsd-compat/sys-queue.h"
52 #include "pathnames.h"
59 #include "groupaccess.h"
64 #include "myproposal.h"
67 static void add_listen_addr(ServerOptions *, const char *,
69 static void add_one_listen_addr(ServerOptions *, const char *,
72 /* Use of privilege separation or not */
73 extern int use_privsep;
76 /* Initializes the server options to their default values. */
79 initialize_server_options(ServerOptions *options)
81 memset(options, 0, sizeof(*options));
83 /* Portable-specific options */
84 options->use_pam = -1;
86 /* Standard Options */
87 options->num_ports = 0;
88 options->ports_from_cmdline = 0;
89 options->queued_listen_addrs = NULL;
90 options->num_queued_listens = 0;
91 options->listen_addrs = NULL;
92 options->num_listen_addrs = 0;
93 options->address_family = -1;
94 options->routing_domain = NULL;
95 options->num_host_key_files = 0;
96 options->num_host_cert_files = 0;
97 options->host_key_agent = NULL;
98 options->pid_file = NULL;
99 options->login_grace_time = -1;
100 options->permit_root_login = PERMIT_NOT_SET;
101 options->ignore_rhosts = -1;
102 options->ignore_user_known_hosts = -1;
103 options->print_motd = -1;
104 options->print_lastlog = -1;
105 options->x11_forwarding = -1;
106 options->x11_display_offset = -1;
107 options->x11_use_localhost = -1;
108 options->permit_tty = -1;
109 options->permit_user_rc = -1;
110 options->xauth_location = NULL;
111 options->strict_modes = -1;
112 options->tcp_keep_alive = -1;
113 options->log_facility = SYSLOG_FACILITY_NOT_SET;
114 options->log_level = SYSLOG_LEVEL_NOT_SET;
115 options->hostbased_authentication = -1;
116 options->hostbased_uses_name_from_packet_only = -1;
117 options->hostbased_key_types = NULL;
118 options->hostkeyalgorithms = NULL;
119 options->pubkey_authentication = -1;
120 options->pubkey_key_types = NULL;
121 options->kerberos_authentication = -1;
122 options->kerberos_or_local_passwd = -1;
123 options->kerberos_ticket_cleanup = -1;
124 options->kerberos_get_afs_token = -1;
125 options->gss_authentication=-1;
126 options->gss_cleanup_creds = -1;
127 options->gss_strict_acceptor = -1;
128 options->password_authentication = -1;
129 options->kbd_interactive_authentication = -1;
130 options->challenge_response_authentication = -1;
131 options->permit_empty_passwd = -1;
132 options->permit_user_env = -1;
133 options->compression = -1;
134 options->rekey_limit = -1;
135 options->rekey_interval = -1;
136 options->allow_tcp_forwarding = -1;
137 options->allow_streamlocal_forwarding = -1;
138 options->allow_agent_forwarding = -1;
139 options->num_allow_users = 0;
140 options->num_deny_users = 0;
141 options->num_allow_groups = 0;
142 options->num_deny_groups = 0;
143 options->ciphers = NULL;
144 options->macs = NULL;
145 options->kex_algorithms = NULL;
146 options->fwd_opts.gateway_ports = -1;
147 options->fwd_opts.streamlocal_bind_mask = (mode_t)-1;
148 options->fwd_opts.streamlocal_bind_unlink = -1;
149 options->num_subsystems = 0;
150 options->max_startups_begin = -1;
151 options->max_startups_rate = -1;
152 options->max_startups = -1;
153 options->max_authtries = -1;
154 options->max_sessions = -1;
155 options->banner = NULL;
156 options->use_dns = -1;
157 options->client_alive_interval = -1;
158 options->client_alive_count_max = -1;
159 options->num_authkeys_files = 0;
160 options->num_accept_env = 0;
161 options->permit_tun = -1;
162 options->permitted_opens = NULL;
163 options->adm_forced_command = NULL;
164 options->chroot_directory = NULL;
165 options->authorized_keys_command = NULL;
166 options->authorized_keys_command_user = NULL;
167 options->revoked_keys_file = NULL;
168 options->trusted_user_ca_keys = NULL;
169 options->authorized_principals_file = NULL;
170 options->authorized_principals_command = NULL;
171 options->authorized_principals_command_user = NULL;
172 options->ip_qos_interactive = -1;
173 options->ip_qos_bulk = -1;
174 options->version_addendum = NULL;
175 options->fingerprint_hash = -1;
176 options->disable_forwarding = -1;
177 options->expose_userauth_info = -1;
180 /* Returns 1 if a string option is unset or set to "none" or 0 otherwise. */
182 option_clear_or_none(const char *o)
184 return o == NULL || strcasecmp(o, "none") == 0;
188 assemble_algorithms(ServerOptions *o)
190 if (kex_assemble_names(KEX_SERVER_ENCRYPT, &o->ciphers) != 0 ||
191 kex_assemble_names(KEX_SERVER_MAC, &o->macs) != 0 ||
192 kex_assemble_names(KEX_SERVER_KEX, &o->kex_algorithms) != 0 ||
193 kex_assemble_names(KEX_DEFAULT_PK_ALG,
194 &o->hostkeyalgorithms) != 0 ||
195 kex_assemble_names(KEX_DEFAULT_PK_ALG,
196 &o->hostbased_key_types) != 0 ||
197 kex_assemble_names(KEX_DEFAULT_PK_ALG, &o->pubkey_key_types) != 0)
198 fatal("kex_assemble_names failed");
202 array_append(const char *file, const int line, const char *directive,
203 char ***array, u_int *lp, const char *s)
207 fatal("%s line %d: Too many %s entries", file, line, directive);
209 *array = xrecallocarray(*array, *lp, *lp + 1, sizeof(**array));
210 (*array)[*lp] = xstrdup(s);
215 servconf_add_hostkey(const char *file, const int line,
216 ServerOptions *options, const char *path)
218 char *apath = derelativise_path(path);
220 array_append(file, line, "HostKey",
221 &options->host_key_files, &options->num_host_key_files, apath);
226 servconf_add_hostcert(const char *file, const int line,
227 ServerOptions *options, const char *path)
229 char *apath = derelativise_path(path);
231 array_append(file, line, "HostCertificate",
232 &options->host_cert_files, &options->num_host_cert_files, apath);
237 fill_default_server_options(ServerOptions *options)
241 /* Portable-specific options */
242 if (options->use_pam == -1)
243 options->use_pam = 0;
245 /* Standard Options */
246 if (options->num_host_key_files == 0) {
247 /* fill default hostkeys for protocols */
248 servconf_add_hostkey("[default]", 0, options,
249 _PATH_HOST_RSA_KEY_FILE);
250 #ifdef OPENSSL_HAS_ECC
251 servconf_add_hostkey("[default]", 0, options,
252 _PATH_HOST_ECDSA_KEY_FILE);
254 servconf_add_hostkey("[default]", 0, options,
255 _PATH_HOST_ED25519_KEY_FILE);
257 servconf_add_hostkey("[default]", 0, options,
258 _PATH_HOST_XMSS_KEY_FILE);
259 #endif /* WITH_XMSS */
261 /* No certificates by default */
262 if (options->num_ports == 0)
263 options->ports[options->num_ports++] = SSH_DEFAULT_PORT;
264 if (options->address_family == -1)
265 options->address_family = AF_UNSPEC;
266 if (options->listen_addrs == NULL)
267 add_listen_addr(options, NULL, NULL, 0);
268 if (options->pid_file == NULL)
269 options->pid_file = xstrdup(_PATH_SSH_DAEMON_PID_FILE);
270 if (options->login_grace_time == -1)
271 options->login_grace_time = 120;
272 if (options->permit_root_login == PERMIT_NOT_SET)
273 options->permit_root_login = PERMIT_NO_PASSWD;
274 if (options->ignore_rhosts == -1)
275 options->ignore_rhosts = 1;
276 if (options->ignore_user_known_hosts == -1)
277 options->ignore_user_known_hosts = 0;
278 if (options->print_motd == -1)
279 options->print_motd = 1;
280 if (options->print_lastlog == -1)
281 options->print_lastlog = 1;
282 if (options->x11_forwarding == -1)
283 options->x11_forwarding = 0;
284 if (options->x11_display_offset == -1)
285 options->x11_display_offset = 10;
286 if (options->x11_use_localhost == -1)
287 options->x11_use_localhost = 1;
288 if (options->xauth_location == NULL)
289 options->xauth_location = xstrdup(_PATH_XAUTH);
290 if (options->permit_tty == -1)
291 options->permit_tty = 1;
292 if (options->permit_user_rc == -1)
293 options->permit_user_rc = 1;
294 if (options->strict_modes == -1)
295 options->strict_modes = 1;
296 if (options->tcp_keep_alive == -1)
297 options->tcp_keep_alive = 1;
298 if (options->log_facility == SYSLOG_FACILITY_NOT_SET)
299 options->log_facility = SYSLOG_FACILITY_AUTH;
300 if (options->log_level == SYSLOG_LEVEL_NOT_SET)
301 options->log_level = SYSLOG_LEVEL_INFO;
302 if (options->hostbased_authentication == -1)
303 options->hostbased_authentication = 0;
304 if (options->hostbased_uses_name_from_packet_only == -1)
305 options->hostbased_uses_name_from_packet_only = 0;
306 if (options->pubkey_authentication == -1)
307 options->pubkey_authentication = 1;
308 if (options->kerberos_authentication == -1)
309 options->kerberos_authentication = 0;
310 if (options->kerberos_or_local_passwd == -1)
311 options->kerberos_or_local_passwd = 1;
312 if (options->kerberos_ticket_cleanup == -1)
313 options->kerberos_ticket_cleanup = 1;
314 if (options->kerberos_get_afs_token == -1)
315 options->kerberos_get_afs_token = 0;
316 if (options->gss_authentication == -1)
317 options->gss_authentication = 0;
318 if (options->gss_cleanup_creds == -1)
319 options->gss_cleanup_creds = 1;
320 if (options->gss_strict_acceptor == -1)
321 options->gss_strict_acceptor = 1;
322 if (options->password_authentication == -1)
323 options->password_authentication = 1;
324 if (options->kbd_interactive_authentication == -1)
325 options->kbd_interactive_authentication = 0;
326 if (options->challenge_response_authentication == -1)
327 options->challenge_response_authentication = 1;
328 if (options->permit_empty_passwd == -1)
329 options->permit_empty_passwd = 0;
330 if (options->permit_user_env == -1)
331 options->permit_user_env = 0;
332 if (options->compression == -1)
333 options->compression = COMP_DELAYED;
334 if (options->rekey_limit == -1)
335 options->rekey_limit = 0;
336 if (options->rekey_interval == -1)
337 options->rekey_interval = 0;
338 if (options->allow_tcp_forwarding == -1)
339 options->allow_tcp_forwarding = FORWARD_ALLOW;
340 if (options->allow_streamlocal_forwarding == -1)
341 options->allow_streamlocal_forwarding = FORWARD_ALLOW;
342 if (options->allow_agent_forwarding == -1)
343 options->allow_agent_forwarding = 1;
344 if (options->fwd_opts.gateway_ports == -1)
345 options->fwd_opts.gateway_ports = 0;
346 if (options->max_startups == -1)
347 options->max_startups = 100;
348 if (options->max_startups_rate == -1)
349 options->max_startups_rate = 30; /* 30% */
350 if (options->max_startups_begin == -1)
351 options->max_startups_begin = 10;
352 if (options->max_authtries == -1)
353 options->max_authtries = DEFAULT_AUTH_FAIL_MAX;
354 if (options->max_sessions == -1)
355 options->max_sessions = DEFAULT_SESSIONS_MAX;
356 if (options->use_dns == -1)
357 options->use_dns = 0;
358 if (options->client_alive_interval == -1)
359 options->client_alive_interval = 0;
360 if (options->client_alive_count_max == -1)
361 options->client_alive_count_max = 3;
362 if (options->num_authkeys_files == 0) {
363 array_append("[default]", 0, "AuthorizedKeysFiles",
364 &options->authorized_keys_files,
365 &options->num_authkeys_files,
366 _PATH_SSH_USER_PERMITTED_KEYS);
367 array_append("[default]", 0, "AuthorizedKeysFiles",
368 &options->authorized_keys_files,
369 &options->num_authkeys_files,
370 _PATH_SSH_USER_PERMITTED_KEYS2);
372 if (options->permit_tun == -1)
373 options->permit_tun = SSH_TUNMODE_NO;
374 if (options->ip_qos_interactive == -1)
375 options->ip_qos_interactive = IPTOS_LOWDELAY;
376 if (options->ip_qos_bulk == -1)
377 options->ip_qos_bulk = IPTOS_THROUGHPUT;
378 if (options->version_addendum == NULL)
379 options->version_addendum = xstrdup("");
380 if (options->fwd_opts.streamlocal_bind_mask == (mode_t)-1)
381 options->fwd_opts.streamlocal_bind_mask = 0177;
382 if (options->fwd_opts.streamlocal_bind_unlink == -1)
383 options->fwd_opts.streamlocal_bind_unlink = 0;
384 if (options->fingerprint_hash == -1)
385 options->fingerprint_hash = SSH_FP_HASH_DEFAULT;
386 if (options->disable_forwarding == -1)
387 options->disable_forwarding = 0;
388 if (options->expose_userauth_info == -1)
389 options->expose_userauth_info = 0;
391 assemble_algorithms(options);
393 /* Turn privilege separation and sandboxing on by default */
394 if (use_privsep == -1)
395 use_privsep = PRIVSEP_ON;
397 #define CLEAR_ON_NONE(v) \
399 if (option_clear_or_none(v)) { \
404 CLEAR_ON_NONE(options->pid_file);
405 CLEAR_ON_NONE(options->xauth_location);
406 CLEAR_ON_NONE(options->banner);
407 CLEAR_ON_NONE(options->trusted_user_ca_keys);
408 CLEAR_ON_NONE(options->revoked_keys_file);
409 CLEAR_ON_NONE(options->authorized_principals_file);
410 CLEAR_ON_NONE(options->adm_forced_command);
411 CLEAR_ON_NONE(options->chroot_directory);
412 CLEAR_ON_NONE(options->routing_domain);
413 for (i = 0; i < options->num_host_key_files; i++)
414 CLEAR_ON_NONE(options->host_key_files[i]);
415 for (i = 0; i < options->num_host_cert_files; i++)
416 CLEAR_ON_NONE(options->host_cert_files[i]);
419 /* Similar handling for AuthenticationMethods=any */
420 if (options->num_auth_methods == 1 &&
421 strcmp(options->auth_methods[0], "any") == 0) {
422 free(options->auth_methods[0]);
423 options->auth_methods[0] = NULL;
424 options->num_auth_methods = 0;
428 if (use_privsep && options->compression == 1) {
429 error("This platform does not support both privilege "
430 "separation and compression");
431 error("Compression disabled");
432 options->compression = 0;
438 /* Keyword tokens. */
440 sBadOption, /* == unknown option */
441 /* Portable-specific options */
443 /* Standard Options */
444 sPort, sHostKeyFile, sLoginGraceTime,
445 sPermitRootLogin, sLogFacility, sLogLevel,
446 sRhostsRSAAuthentication, sRSAAuthentication,
447 sKerberosAuthentication, sKerberosOrLocalPasswd, sKerberosTicketCleanup,
448 sKerberosGetAFSToken, sChallengeResponseAuthentication,
449 sPasswordAuthentication, sKbdInteractiveAuthentication,
450 sListenAddress, sAddressFamily,
451 sPrintMotd, sPrintLastLog, sIgnoreRhosts,
452 sX11Forwarding, sX11DisplayOffset, sX11UseLocalhost,
453 sPermitTTY, sStrictModes, sEmptyPasswd, sTCPKeepAlive,
454 sPermitUserEnvironment, sAllowTcpForwarding, sCompression,
455 sRekeyLimit, sAllowUsers, sDenyUsers, sAllowGroups, sDenyGroups,
456 sIgnoreUserKnownHosts, sCiphers, sMacs, sPidFile,
457 sGatewayPorts, sPubkeyAuthentication, sPubkeyAcceptedKeyTypes,
458 sXAuthLocation, sSubsystem, sMaxStartups, sMaxAuthTries, sMaxSessions,
459 sBanner, sUseDNS, sHostbasedAuthentication,
460 sHostbasedUsesNameFromPacketOnly, sHostbasedAcceptedKeyTypes,
462 sClientAliveInterval, sClientAliveCountMax, sAuthorizedKeysFile,
463 sGssAuthentication, sGssCleanupCreds, sGssStrictAcceptor,
464 sAcceptEnv, sPermitTunnel,
465 sMatch, sPermitOpen, sForceCommand, sChrootDirectory,
466 sUsePrivilegeSeparation, sAllowAgentForwarding,
468 sRevokedKeys, sTrustedUserCAKeys, sAuthorizedPrincipalsFile,
469 sAuthorizedPrincipalsCommand, sAuthorizedPrincipalsCommandUser,
470 sKexAlgorithms, sIPQoS, sVersionAddendum,
471 sAuthorizedKeysCommand, sAuthorizedKeysCommandUser,
472 sAuthenticationMethods, sHostKeyAgent, sPermitUserRC,
473 sStreamLocalBindMask, sStreamLocalBindUnlink,
474 sAllowStreamLocalForwarding, sFingerprintHash, sDisableForwarding,
475 sExposeAuthInfo, sRDomain,
476 sDeprecated, sIgnore, sUnsupported
479 #define SSHCFG_GLOBAL 0x01 /* allowed in main section of sshd_config */
480 #define SSHCFG_MATCH 0x02 /* allowed inside a Match section */
481 #define SSHCFG_ALL (SSHCFG_GLOBAL|SSHCFG_MATCH)
483 /* Textual representation of the tokens. */
486 ServerOpCodes opcode;
489 /* Portable-specific options */
491 { "usepam", sUsePAM, SSHCFG_GLOBAL },
493 { "usepam", sUnsupported, SSHCFG_GLOBAL },
495 { "pamauthenticationviakbdint", sDeprecated, SSHCFG_GLOBAL },
496 /* Standard Options */
497 { "port", sPort, SSHCFG_GLOBAL },
498 { "hostkey", sHostKeyFile, SSHCFG_GLOBAL },
499 { "hostdsakey", sHostKeyFile, SSHCFG_GLOBAL }, /* alias */
500 { "hostkeyagent", sHostKeyAgent, SSHCFG_GLOBAL },
501 { "pidfile", sPidFile, SSHCFG_GLOBAL },
502 { "serverkeybits", sDeprecated, SSHCFG_GLOBAL },
503 { "logingracetime", sLoginGraceTime, SSHCFG_GLOBAL },
504 { "keyregenerationinterval", sDeprecated, SSHCFG_GLOBAL },
505 { "permitrootlogin", sPermitRootLogin, SSHCFG_ALL },
506 { "syslogfacility", sLogFacility, SSHCFG_GLOBAL },
507 { "loglevel", sLogLevel, SSHCFG_ALL },
508 { "rhostsauthentication", sDeprecated, SSHCFG_GLOBAL },
509 { "rhostsrsaauthentication", sDeprecated, SSHCFG_ALL },
510 { "hostbasedauthentication", sHostbasedAuthentication, SSHCFG_ALL },
511 { "hostbasedusesnamefrompacketonly", sHostbasedUsesNameFromPacketOnly, SSHCFG_ALL },
512 { "hostbasedacceptedkeytypes", sHostbasedAcceptedKeyTypes, SSHCFG_ALL },
513 { "hostkeyalgorithms", sHostKeyAlgorithms, SSHCFG_GLOBAL },
514 { "rsaauthentication", sDeprecated, SSHCFG_ALL },
515 { "pubkeyauthentication", sPubkeyAuthentication, SSHCFG_ALL },
516 { "pubkeyacceptedkeytypes", sPubkeyAcceptedKeyTypes, SSHCFG_ALL },
517 { "dsaauthentication", sPubkeyAuthentication, SSHCFG_GLOBAL }, /* alias */
519 { "kerberosauthentication", sKerberosAuthentication, SSHCFG_ALL },
520 { "kerberosorlocalpasswd", sKerberosOrLocalPasswd, SSHCFG_GLOBAL },
521 { "kerberosticketcleanup", sKerberosTicketCleanup, SSHCFG_GLOBAL },
523 { "kerberosgetafstoken", sKerberosGetAFSToken, SSHCFG_GLOBAL },
525 { "kerberosgetafstoken", sUnsupported, SSHCFG_GLOBAL },
528 { "kerberosauthentication", sUnsupported, SSHCFG_ALL },
529 { "kerberosorlocalpasswd", sUnsupported, SSHCFG_GLOBAL },
530 { "kerberosticketcleanup", sUnsupported, SSHCFG_GLOBAL },
531 { "kerberosgetafstoken", sUnsupported, SSHCFG_GLOBAL },
533 { "kerberostgtpassing", sUnsupported, SSHCFG_GLOBAL },
534 { "afstokenpassing", sUnsupported, SSHCFG_GLOBAL },
536 { "gssapiauthentication", sGssAuthentication, SSHCFG_ALL },
537 { "gssapicleanupcredentials", sGssCleanupCreds, SSHCFG_GLOBAL },
538 { "gssapistrictacceptorcheck", sGssStrictAcceptor, SSHCFG_GLOBAL },
540 { "gssapiauthentication", sUnsupported, SSHCFG_ALL },
541 { "gssapicleanupcredentials", sUnsupported, SSHCFG_GLOBAL },
542 { "gssapistrictacceptorcheck", sUnsupported, SSHCFG_GLOBAL },
544 { "passwordauthentication", sPasswordAuthentication, SSHCFG_ALL },
545 { "kbdinteractiveauthentication", sKbdInteractiveAuthentication, SSHCFG_ALL },
546 { "challengeresponseauthentication", sChallengeResponseAuthentication, SSHCFG_GLOBAL },
547 { "skeyauthentication", sChallengeResponseAuthentication, SSHCFG_GLOBAL }, /* alias */
548 { "checkmail", sDeprecated, SSHCFG_GLOBAL },
549 { "listenaddress", sListenAddress, SSHCFG_GLOBAL },
550 { "addressfamily", sAddressFamily, SSHCFG_GLOBAL },
551 { "printmotd", sPrintMotd, SSHCFG_GLOBAL },
552 #ifdef DISABLE_LASTLOG
553 { "printlastlog", sUnsupported, SSHCFG_GLOBAL },
555 { "printlastlog", sPrintLastLog, SSHCFG_GLOBAL },
557 { "ignorerhosts", sIgnoreRhosts, SSHCFG_GLOBAL },
558 { "ignoreuserknownhosts", sIgnoreUserKnownHosts, SSHCFG_GLOBAL },
559 { "x11forwarding", sX11Forwarding, SSHCFG_ALL },
560 { "x11displayoffset", sX11DisplayOffset, SSHCFG_ALL },
561 { "x11uselocalhost", sX11UseLocalhost, SSHCFG_ALL },
562 { "xauthlocation", sXAuthLocation, SSHCFG_GLOBAL },
563 { "strictmodes", sStrictModes, SSHCFG_GLOBAL },
564 { "permitemptypasswords", sEmptyPasswd, SSHCFG_ALL },
565 { "permituserenvironment", sPermitUserEnvironment, SSHCFG_GLOBAL },
566 { "uselogin", sDeprecated, SSHCFG_GLOBAL },
567 { "compression", sCompression, SSHCFG_GLOBAL },
568 { "rekeylimit", sRekeyLimit, SSHCFG_ALL },
569 { "tcpkeepalive", sTCPKeepAlive, SSHCFG_GLOBAL },
570 { "keepalive", sTCPKeepAlive, SSHCFG_GLOBAL }, /* obsolete alias */
571 { "allowtcpforwarding", sAllowTcpForwarding, SSHCFG_ALL },
572 { "allowagentforwarding", sAllowAgentForwarding, SSHCFG_ALL },
573 { "allowusers", sAllowUsers, SSHCFG_ALL },
574 { "denyusers", sDenyUsers, SSHCFG_ALL },
575 { "allowgroups", sAllowGroups, SSHCFG_ALL },
576 { "denygroups", sDenyGroups, SSHCFG_ALL },
577 { "ciphers", sCiphers, SSHCFG_GLOBAL },
578 { "macs", sMacs, SSHCFG_GLOBAL },
579 { "protocol", sIgnore, SSHCFG_GLOBAL },
580 { "gatewayports", sGatewayPorts, SSHCFG_ALL },
581 { "subsystem", sSubsystem, SSHCFG_GLOBAL },
582 { "maxstartups", sMaxStartups, SSHCFG_GLOBAL },
583 { "maxauthtries", sMaxAuthTries, SSHCFG_ALL },
584 { "maxsessions", sMaxSessions, SSHCFG_ALL },
585 { "banner", sBanner, SSHCFG_ALL },
586 { "usedns", sUseDNS, SSHCFG_GLOBAL },
587 { "verifyreversemapping", sDeprecated, SSHCFG_GLOBAL },
588 { "reversemappingcheck", sDeprecated, SSHCFG_GLOBAL },
589 { "clientaliveinterval", sClientAliveInterval, SSHCFG_ALL },
590 { "clientalivecountmax", sClientAliveCountMax, SSHCFG_ALL },
591 { "authorizedkeysfile", sAuthorizedKeysFile, SSHCFG_ALL },
592 { "authorizedkeysfile2", sDeprecated, SSHCFG_ALL },
593 { "useprivilegeseparation", sDeprecated, SSHCFG_GLOBAL},
594 { "acceptenv", sAcceptEnv, SSHCFG_ALL },
595 { "permittunnel", sPermitTunnel, SSHCFG_ALL },
596 { "permittty", sPermitTTY, SSHCFG_ALL },
597 { "permituserrc", sPermitUserRC, SSHCFG_ALL },
598 { "match", sMatch, SSHCFG_ALL },
599 { "permitopen", sPermitOpen, SSHCFG_ALL },
600 { "forcecommand", sForceCommand, SSHCFG_ALL },
601 { "chrootdirectory", sChrootDirectory, SSHCFG_ALL },
602 { "hostcertificate", sHostCertificate, SSHCFG_GLOBAL },
603 { "revokedkeys", sRevokedKeys, SSHCFG_ALL },
604 { "trustedusercakeys", sTrustedUserCAKeys, SSHCFG_ALL },
605 { "authorizedprincipalsfile", sAuthorizedPrincipalsFile, SSHCFG_ALL },
606 { "kexalgorithms", sKexAlgorithms, SSHCFG_GLOBAL },
607 { "ipqos", sIPQoS, SSHCFG_ALL },
608 { "authorizedkeyscommand", sAuthorizedKeysCommand, SSHCFG_ALL },
609 { "authorizedkeyscommanduser", sAuthorizedKeysCommandUser, SSHCFG_ALL },
610 { "authorizedprincipalscommand", sAuthorizedPrincipalsCommand, SSHCFG_ALL },
611 { "authorizedprincipalscommanduser", sAuthorizedPrincipalsCommandUser, SSHCFG_ALL },
612 { "versionaddendum", sVersionAddendum, SSHCFG_GLOBAL },
613 { "authenticationmethods", sAuthenticationMethods, SSHCFG_ALL },
614 { "streamlocalbindmask", sStreamLocalBindMask, SSHCFG_ALL },
615 { "streamlocalbindunlink", sStreamLocalBindUnlink, SSHCFG_ALL },
616 { "allowstreamlocalforwarding", sAllowStreamLocalForwarding, SSHCFG_ALL },
617 { "fingerprinthash", sFingerprintHash, SSHCFG_GLOBAL },
618 { "disableforwarding", sDisableForwarding, SSHCFG_ALL },
619 { "exposeauthinfo", sExposeAuthInfo, SSHCFG_ALL },
620 { "rdomain", sRDomain, SSHCFG_ALL },
621 { NULL, sBadOption, 0 }
628 { SSH_TUNMODE_NO, "no" },
629 { SSH_TUNMODE_POINTOPOINT, "point-to-point" },
630 { SSH_TUNMODE_ETHERNET, "ethernet" },
631 { SSH_TUNMODE_YES, "yes" },
636 * Returns the number of the token pointed to by cp or sBadOption.
640 parse_token(const char *cp, const char *filename,
641 int linenum, u_int *flags)
645 for (i = 0; keywords[i].name; i++)
646 if (strcasecmp(cp, keywords[i].name) == 0) {
647 *flags = keywords[i].flags;
648 return keywords[i].opcode;
651 error("%s: line %d: Bad configuration option: %s",
652 filename, linenum, cp);
657 derelativise_path(const char *path)
659 char *expanded, *ret, cwd[PATH_MAX];
661 if (strcasecmp(path, "none") == 0)
662 return xstrdup("none");
663 expanded = tilde_expand_filename(path, getuid());
664 if (*expanded == '/')
666 if (getcwd(cwd, sizeof(cwd)) == NULL)
667 fatal("%s: getcwd: %s", __func__, strerror(errno));
668 xasprintf(&ret, "%s/%s", cwd, expanded);
674 add_listen_addr(ServerOptions *options, const char *addr,
675 const char *rdomain, int port)
680 add_one_listen_addr(options, addr, rdomain, port);
682 for (i = 0; i < options->num_ports; i++) {
683 add_one_listen_addr(options, addr, rdomain,
690 add_one_listen_addr(ServerOptions *options, const char *addr,
691 const char *rdomain, int port)
693 struct addrinfo hints, *ai, *aitop;
694 char strport[NI_MAXSERV];
698 /* Find listen_addrs entry for this rdomain */
699 for (i = 0; i < options->num_listen_addrs; i++) {
700 if (rdomain == NULL && options->listen_addrs[i].rdomain == NULL)
702 if (rdomain == NULL || options->listen_addrs[i].rdomain == NULL)
704 if (strcmp(rdomain, options->listen_addrs[i].rdomain) == 0)
707 if (i >= options->num_listen_addrs) {
708 /* No entry for this rdomain; allocate one */
710 fatal("%s: too many listen addresses", __func__);
711 options->listen_addrs = xrecallocarray(options->listen_addrs,
712 options->num_listen_addrs, options->num_listen_addrs + 1,
713 sizeof(*options->listen_addrs));
714 i = options->num_listen_addrs++;
716 options->listen_addrs[i].rdomain = xstrdup(rdomain);
718 /* options->listen_addrs[i] points to the addresses for this rdomain */
720 memset(&hints, 0, sizeof(hints));
721 hints.ai_family = options->address_family;
722 hints.ai_socktype = SOCK_STREAM;
723 hints.ai_flags = (addr == NULL) ? AI_PASSIVE : 0;
724 snprintf(strport, sizeof strport, "%d", port);
725 if ((gaierr = getaddrinfo(addr, strport, &hints, &aitop)) != 0)
726 fatal("bad addr or host: %s (%s)",
727 addr ? addr : "<NULL>",
728 ssh_gai_strerror(gaierr));
729 for (ai = aitop; ai->ai_next; ai = ai->ai_next)
731 ai->ai_next = options->listen_addrs[i].addrs;
732 options->listen_addrs[i].addrs = aitop;
735 /* Returns nonzero if the routing domain name is valid */
737 valid_rdomain(const char *name)
739 #if defined(HAVE_SYS_VALID_RDOMAIN)
740 return sys_valid_rdomain(name);
741 #elif defined(__OpenBSD__)
744 struct rt_tableinfo info;
746 size_t miblen = sizeof(mib);
751 num = strtonum(name, 0, 255, &errstr);
755 /* Check whether the table actually exists */
756 memset(mib, 0, sizeof(mib));
759 mib[4] = NET_RT_TABLE;
761 if (sysctl(mib, 6, &info, &miblen, NULL, 0) == -1)
765 #else /* defined(__OpenBSD__) */
766 error("Routing domains are not supported on this platform");
772 * Queue a ListenAddress to be processed once we have all of the Ports
773 * and AddressFamily options.
776 queue_listen_addr(ServerOptions *options, const char *addr,
777 const char *rdomain, int port)
779 struct queued_listenaddr *qla;
781 options->queued_listen_addrs = xrecallocarray(
782 options->queued_listen_addrs,
783 options->num_queued_listens, options->num_queued_listens + 1,
784 sizeof(*options->queued_listen_addrs));
785 qla = &options->queued_listen_addrs[options->num_queued_listens++];
786 qla->addr = xstrdup(addr);
788 qla->rdomain = rdomain == NULL ? NULL : xstrdup(rdomain);
792 * Process queued (text) ListenAddress entries.
795 process_queued_listen_addrs(ServerOptions *options)
798 struct queued_listenaddr *qla;
800 if (options->num_ports == 0)
801 options->ports[options->num_ports++] = SSH_DEFAULT_PORT;
802 if (options->address_family == -1)
803 options->address_family = AF_UNSPEC;
805 for (i = 0; i < options->num_queued_listens; i++) {
806 qla = &options->queued_listen_addrs[i];
807 add_listen_addr(options, qla->addr, qla->rdomain, qla->port);
811 free(options->queued_listen_addrs);
812 options->queued_listen_addrs = NULL;
813 options->num_queued_listens = 0;
817 * Inform channels layer of permitopen options from configuration.
820 process_permitopen(struct ssh *ssh, ServerOptions *options)
824 char *host, *arg, *oarg;
826 channel_clear_adm_permitted_opens(ssh);
827 if (options->num_permitted_opens == 0)
828 return; /* permit any */
830 /* handle keywords: "any" / "none" */
831 if (options->num_permitted_opens == 1 &&
832 strcmp(options->permitted_opens[0], "any") == 0)
834 if (options->num_permitted_opens == 1 &&
835 strcmp(options->permitted_opens[0], "none") == 0) {
836 channel_disable_adm_local_opens(ssh);
839 /* Otherwise treat it as a list of permitted host:port */
840 for (i = 0; i < options->num_permitted_opens; i++) {
841 oarg = arg = xstrdup(options->permitted_opens[i]);
842 host = hpdelim(&arg);
844 fatal("%s: missing host in PermitOpen", __func__);
845 host = cleanhostname(host);
846 if (arg == NULL || ((port = permitopen_port(arg)) < 0))
847 fatal("%s: bad port number in PermitOpen", __func__);
848 /* Send it to channels layer */
849 channel_add_adm_permitted_opens(ssh, host, port);
854 struct connection_info *
855 get_connection_info(int populate, int use_dns)
857 struct ssh *ssh = active_state; /* XXX */
858 static struct connection_info ci;
862 ci.host = auth_get_canonical_hostname(ssh, use_dns);
863 ci.address = ssh_remote_ipaddr(ssh);
864 ci.laddress = ssh_local_ipaddr(ssh);
865 ci.lport = ssh_local_port(ssh);
866 ci.rdomain = ssh_packet_rdomain_in(ssh);
871 * The strategy for the Match blocks is that the config file is parsed twice.
873 * The first time is at startup. activep is initialized to 1 and the
874 * directives in the global context are processed and acted on. Hitting a
875 * Match directive unsets activep and the directives inside the block are
876 * checked for syntax only.
878 * The second time is after a connection has been established but before
879 * authentication. activep is initialized to 2 and global config directives
880 * are ignored since they have already been processed. If the criteria in a
881 * Match block is met, activep is set and the subsequent directives
882 * processed and actioned until EOF or another Match block unsets it. Any
883 * options set are copied into the main server config.
885 * Potential additions/improvements:
886 * - Add Match support for pre-kex directives, eg. Ciphers.
888 * - Add a Tag directive (idea from David Leonard) ala pf, eg:
889 * Match Address 192.168.0.*
894 * AllowTcpForwarding yes
895 * GatewayPorts clientspecified
898 * - Add a PermittedChannelRequests directive
900 * PermittedChannelRequests session,forwarded-tcpip
904 match_cfg_line_group(const char *grps, int line, const char *user)
912 if ((pw = getpwnam(user)) == NULL) {
913 debug("Can't match group at line %d because user %.100s does "
914 "not exist", line, user);
915 } else if (ga_init(pw->pw_name, pw->pw_gid) == 0) {
916 debug("Can't Match group because user %.100s not in any group "
917 "at line %d", user, line);
918 } else if (ga_match_pattern_list(grps) != 1) {
919 debug("user %.100s does not match group list %.100s at line %d",
922 debug("user %.100s matched group list %.100s at line %d", user,
932 match_test_missing_fatal(const char *criteria, const char *attrib)
934 fatal("'Match %s' in configuration but '%s' not in connection "
935 "test specification.", criteria, attrib);
939 * All of the attributes on a single Match line are ANDed together, so we need
940 * to check every attribute and set the result to zero if any attribute does
944 match_cfg_line(char **condition, int line, struct connection_info *ci)
946 int result = 1, attributes = 0, port;
947 char *arg, *attrib, *cp = *condition;
950 debug3("checking syntax for 'Match %s'", cp);
952 debug3("checking match for '%s' user %s host %s addr %s "
953 "laddr %s lport %d", cp, ci->user ? ci->user : "(null)",
954 ci->host ? ci->host : "(null)",
955 ci->address ? ci->address : "(null)",
956 ci->laddress ? ci->laddress : "(null)", ci->lport);
958 while ((attrib = strdelim(&cp)) && *attrib != '\0') {
960 if (strcasecmp(attrib, "all") == 0) {
961 if (attributes != 1 ||
962 ((arg = strdelim(&cp)) != NULL && *arg != '\0')) {
963 error("'all' cannot be combined with other "
970 if ((arg = strdelim(&cp)) == NULL || *arg == '\0') {
971 error("Missing Match criteria for %s", attrib);
974 if (strcasecmp(attrib, "user") == 0) {
979 if (ci->user == NULL)
980 match_test_missing_fatal("User", "user");
981 if (match_pattern_list(ci->user, arg, 0) != 1)
984 debug("user %.100s matched 'User %.100s' at "
985 "line %d", ci->user, arg, line);
986 } else if (strcasecmp(attrib, "group") == 0) {
991 if (ci->user == NULL)
992 match_test_missing_fatal("Group", "user");
993 switch (match_cfg_line_group(arg, line, ci->user)) {
999 } else if (strcasecmp(attrib, "host") == 0) {
1004 if (ci->host == NULL)
1005 match_test_missing_fatal("Host", "host");
1006 if (match_hostname(ci->host, arg) != 1)
1009 debug("connection from %.100s matched 'Host "
1010 "%.100s' at line %d", ci->host, arg, line);
1011 } else if (strcasecmp(attrib, "address") == 0) {
1016 if (ci->address == NULL)
1017 match_test_missing_fatal("Address", "addr");
1018 switch (addr_match_list(ci->address, arg)) {
1020 debug("connection from %.100s matched 'Address "
1021 "%.100s' at line %d", ci->address, arg, line);
1030 } else if (strcasecmp(attrib, "localaddress") == 0){
1035 if (ci->laddress == NULL)
1036 match_test_missing_fatal("LocalAddress",
1038 switch (addr_match_list(ci->laddress, arg)) {
1040 debug("connection from %.100s matched "
1041 "'LocalAddress %.100s' at line %d",
1042 ci->laddress, arg, line);
1051 } else if (strcasecmp(attrib, "localport") == 0) {
1052 if ((port = a2port(arg)) == -1) {
1053 error("Invalid LocalPort '%s' on Match line",
1062 match_test_missing_fatal("LocalPort", "lport");
1063 /* TODO support port lists */
1064 if (port == ci->lport)
1065 debug("connection from %.100s matched "
1066 "'LocalPort %d' at line %d",
1067 ci->laddress, port, line);
1070 } else if (strcasecmp(attrib, "rdomain") == 0) {
1071 if (ci == NULL || ci->rdomain == NULL) {
1075 if (match_pattern_list(ci->rdomain, arg, 0) != 1)
1078 debug("user %.100s matched 'RDomain %.100s' at "
1079 "line %d", ci->rdomain, arg, line);
1081 error("Unsupported Match attribute %s", attrib);
1085 if (attributes == 0) {
1086 error("One or more attributes required for Match");
1090 debug3("match %sfound", result ? "" : "not ");
1095 #define WHITESPACE " \t\r\n"
1097 /* Multistate option parsing */
1102 static const struct multistate multistate_flag[] = {
1107 static const struct multistate multistate_addressfamily[] = {
1108 { "inet", AF_INET },
1109 { "inet6", AF_INET6 },
1110 { "any", AF_UNSPEC },
1113 static const struct multistate multistate_permitrootlogin[] = {
1114 { "without-password", PERMIT_NO_PASSWD },
1115 { "prohibit-password", PERMIT_NO_PASSWD },
1116 { "forced-commands-only", PERMIT_FORCED_ONLY },
1117 { "yes", PERMIT_YES },
1118 { "no", PERMIT_NO },
1121 static const struct multistate multistate_compression[] = {
1122 { "yes", COMP_DELAYED },
1123 { "delayed", COMP_DELAYED },
1124 { "no", COMP_NONE },
1127 static const struct multistate multistate_gatewayports[] = {
1128 { "clientspecified", 2 },
1133 static const struct multistate multistate_tcpfwd[] = {
1134 { "yes", FORWARD_ALLOW },
1135 { "all", FORWARD_ALLOW },
1136 { "no", FORWARD_DENY },
1137 { "remote", FORWARD_REMOTE },
1138 { "local", FORWARD_LOCAL },
1143 process_server_config_line(ServerOptions *options, char *line,
1144 const char *filename, int linenum, int *activep,
1145 struct connection_info *connectinfo)
1147 char *cp, **charptr, *arg, *arg2, *p;
1148 int cmdline = 0, *intptr, value, value2, n, port;
1149 SyslogFacility *log_facility_ptr;
1150 LogLevel *log_level_ptr;
1151 ServerOpCodes opcode;
1155 const struct multistate *multistate_ptr;
1158 /* Strip trailing whitespace. Allow \f (form feed) at EOL only */
1159 if ((len = strlen(line)) == 0)
1161 for (len--; len > 0; len--) {
1162 if (strchr(WHITESPACE "\f", line[len]) == NULL)
1168 if ((arg = strdelim(&cp)) == NULL)
1170 /* Ignore leading whitespace */
1172 arg = strdelim(&cp);
1173 if (!arg || !*arg || *arg == '#')
1177 opcode = parse_token(arg, filename, linenum, &flags);
1179 if (activep == NULL) { /* We are processing a command line directive */
1183 if (*activep && opcode != sMatch)
1184 debug3("%s:%d setting %s %s", filename, linenum, arg, cp);
1185 if (*activep == 0 && !(flags & SSHCFG_MATCH)) {
1186 if (connectinfo == NULL) {
1187 fatal("%s line %d: Directive '%s' is not allowed "
1188 "within a Match block", filename, linenum, arg);
1189 } else { /* this is a directive we have already processed */
1191 arg = strdelim(&cp);
1197 /* Portable-specific options */
1199 intptr = &options->use_pam;
1202 /* Standard Options */
1206 /* ignore ports from configfile if cmdline specifies ports */
1207 if (options->ports_from_cmdline)
1209 if (options->num_ports >= MAX_PORTS)
1210 fatal("%s line %d: too many ports.",
1212 arg = strdelim(&cp);
1213 if (!arg || *arg == '\0')
1214 fatal("%s line %d: missing port number.",
1216 options->ports[options->num_ports++] = a2port(arg);
1217 if (options->ports[options->num_ports-1] <= 0)
1218 fatal("%s line %d: Badly formatted port number.",
1222 case sLoginGraceTime:
1223 intptr = &options->login_grace_time;
1225 arg = strdelim(&cp);
1226 if (!arg || *arg == '\0')
1227 fatal("%s line %d: missing time value.",
1229 if ((value = convtime(arg)) == -1)
1230 fatal("%s line %d: invalid time value.",
1232 if (*activep && *intptr == -1)
1236 case sListenAddress:
1237 arg = strdelim(&cp);
1238 if (arg == NULL || *arg == '\0')
1239 fatal("%s line %d: missing address",
1241 /* check for bare IPv6 address: no "[]" and 2 or more ":" */
1242 if (strchr(arg, '[') == NULL && (p = strchr(arg, ':')) != NULL
1243 && strchr(p+1, ':') != NULL) {
1249 fatal("%s line %d: bad address:port usage",
1251 p = cleanhostname(p);
1254 else if ((port = a2port(arg)) <= 0)
1255 fatal("%s line %d: bad port number",
1258 /* Optional routing table */
1260 if ((arg = strdelim(&cp)) != NULL) {
1261 if (strcmp(arg, "rdomain") != 0 ||
1262 (arg2 = strdelim(&cp)) == NULL)
1263 fatal("%s line %d: bad ListenAddress syntax",
1265 if (!valid_rdomain(arg2))
1266 fatal("%s line %d: bad routing domain",
1270 queue_listen_addr(options, p, arg2, port);
1274 case sAddressFamily:
1275 intptr = &options->address_family;
1276 multistate_ptr = multistate_addressfamily;
1278 arg = strdelim(&cp);
1279 if (!arg || *arg == '\0')
1280 fatal("%s line %d: missing argument.",
1283 for (i = 0; multistate_ptr[i].key != NULL; i++) {
1284 if (strcasecmp(arg, multistate_ptr[i].key) == 0) {
1285 value = multistate_ptr[i].value;
1290 fatal("%s line %d: unsupported option \"%s\".",
1291 filename, linenum, arg);
1292 if (*activep && *intptr == -1)
1297 arg = strdelim(&cp);
1298 if (!arg || *arg == '\0')
1299 fatal("%s line %d: missing file name.",
1302 servconf_add_hostkey(filename, linenum, options, arg);
1306 charptr = &options->host_key_agent;
1307 arg = strdelim(&cp);
1308 if (!arg || *arg == '\0')
1309 fatal("%s line %d: missing socket name.",
1311 if (*activep && *charptr == NULL)
1312 *charptr = !strcmp(arg, SSH_AUTHSOCKET_ENV_NAME) ?
1313 xstrdup(arg) : derelativise_path(arg);
1316 case sHostCertificate:
1317 arg = strdelim(&cp);
1318 if (!arg || *arg == '\0')
1319 fatal("%s line %d: missing file name.",
1322 servconf_add_hostcert(filename, linenum, options, arg);
1326 charptr = &options->pid_file;
1328 arg = strdelim(&cp);
1329 if (!arg || *arg == '\0')
1330 fatal("%s line %d: missing file name.",
1332 if (*activep && *charptr == NULL) {
1333 *charptr = derelativise_path(arg);
1334 /* increase optional counter */
1336 *intptr = *intptr + 1;
1340 case sPermitRootLogin:
1341 intptr = &options->permit_root_login;
1342 multistate_ptr = multistate_permitrootlogin;
1343 goto parse_multistate;
1346 intptr = &options->ignore_rhosts;
1348 multistate_ptr = multistate_flag;
1349 goto parse_multistate;
1351 case sIgnoreUserKnownHosts:
1352 intptr = &options->ignore_user_known_hosts;
1355 case sHostbasedAuthentication:
1356 intptr = &options->hostbased_authentication;
1359 case sHostbasedUsesNameFromPacketOnly:
1360 intptr = &options->hostbased_uses_name_from_packet_only;
1363 case sHostbasedAcceptedKeyTypes:
1364 charptr = &options->hostbased_key_types;
1366 arg = strdelim(&cp);
1367 if (!arg || *arg == '\0')
1368 fatal("%s line %d: Missing argument.",
1371 !sshkey_names_valid2(*arg == '+' ? arg + 1 : arg, 1))
1372 fatal("%s line %d: Bad key types '%s'.",
1373 filename, linenum, arg ? arg : "<NONE>");
1374 if (*activep && *charptr == NULL)
1375 *charptr = xstrdup(arg);
1378 case sHostKeyAlgorithms:
1379 charptr = &options->hostkeyalgorithms;
1380 goto parse_keytypes;
1382 case sPubkeyAuthentication:
1383 intptr = &options->pubkey_authentication;
1386 case sPubkeyAcceptedKeyTypes:
1387 charptr = &options->pubkey_key_types;
1388 goto parse_keytypes;
1390 case sKerberosAuthentication:
1391 intptr = &options->kerberos_authentication;
1394 case sKerberosOrLocalPasswd:
1395 intptr = &options->kerberos_or_local_passwd;
1398 case sKerberosTicketCleanup:
1399 intptr = &options->kerberos_ticket_cleanup;
1402 case sKerberosGetAFSToken:
1403 intptr = &options->kerberos_get_afs_token;
1406 case sGssAuthentication:
1407 intptr = &options->gss_authentication;
1410 case sGssCleanupCreds:
1411 intptr = &options->gss_cleanup_creds;
1414 case sGssStrictAcceptor:
1415 intptr = &options->gss_strict_acceptor;
1418 case sPasswordAuthentication:
1419 intptr = &options->password_authentication;
1422 case sKbdInteractiveAuthentication:
1423 intptr = &options->kbd_interactive_authentication;
1426 case sChallengeResponseAuthentication:
1427 intptr = &options->challenge_response_authentication;
1431 intptr = &options->print_motd;
1435 intptr = &options->print_lastlog;
1438 case sX11Forwarding:
1439 intptr = &options->x11_forwarding;
1442 case sX11DisplayOffset:
1443 intptr = &options->x11_display_offset;
1445 arg = strdelim(&cp);
1446 if ((errstr = atoi_err(arg, &value)) != NULL)
1447 fatal("%s line %d: integer value %s.",
1448 filename, linenum, errstr);
1449 if (*activep && *intptr == -1)
1453 case sX11UseLocalhost:
1454 intptr = &options->x11_use_localhost;
1457 case sXAuthLocation:
1458 charptr = &options->xauth_location;
1459 goto parse_filename;
1462 intptr = &options->permit_tty;
1466 intptr = &options->permit_user_rc;
1470 intptr = &options->strict_modes;
1474 intptr = &options->tcp_keep_alive;
1478 intptr = &options->permit_empty_passwd;
1481 case sPermitUserEnvironment:
1482 intptr = &options->permit_user_env;
1486 intptr = &options->compression;
1487 multistate_ptr = multistate_compression;
1488 goto parse_multistate;
1491 arg = strdelim(&cp);
1492 if (!arg || *arg == '\0')
1493 fatal("%.200s line %d: Missing argument.", filename,
1495 if (strcmp(arg, "default") == 0) {
1498 if (scan_scaled(arg, &val64) == -1)
1499 fatal("%.200s line %d: Bad number '%s': %s",
1500 filename, linenum, arg, strerror(errno));
1501 if (val64 != 0 && val64 < 16)
1502 fatal("%.200s line %d: RekeyLimit too small",
1505 if (*activep && options->rekey_limit == -1)
1506 options->rekey_limit = val64;
1507 if (cp != NULL) { /* optional rekey interval present */
1508 if (strcmp(cp, "none") == 0) {
1509 (void)strdelim(&cp); /* discard */
1512 intptr = &options->rekey_interval;
1518 intptr = &options->fwd_opts.gateway_ports;
1519 multistate_ptr = multistate_gatewayports;
1520 goto parse_multistate;
1523 intptr = &options->use_dns;
1527 log_facility_ptr = &options->log_facility;
1528 arg = strdelim(&cp);
1529 value = log_facility_number(arg);
1530 if (value == SYSLOG_FACILITY_NOT_SET)
1531 fatal("%.200s line %d: unsupported log facility '%s'",
1532 filename, linenum, arg ? arg : "<NONE>");
1533 if (*log_facility_ptr == -1)
1534 *log_facility_ptr = (SyslogFacility) value;
1538 log_level_ptr = &options->log_level;
1539 arg = strdelim(&cp);
1540 value = log_level_number(arg);
1541 if (value == SYSLOG_LEVEL_NOT_SET)
1542 fatal("%.200s line %d: unsupported log level '%s'",
1543 filename, linenum, arg ? arg : "<NONE>");
1544 if (*activep && *log_level_ptr == -1)
1545 *log_level_ptr = (LogLevel) value;
1548 case sAllowTcpForwarding:
1549 intptr = &options->allow_tcp_forwarding;
1550 multistate_ptr = multistate_tcpfwd;
1551 goto parse_multistate;
1553 case sAllowStreamLocalForwarding:
1554 intptr = &options->allow_streamlocal_forwarding;
1555 multistate_ptr = multistate_tcpfwd;
1556 goto parse_multistate;
1558 case sAllowAgentForwarding:
1559 intptr = &options->allow_agent_forwarding;
1562 case sDisableForwarding:
1563 intptr = &options->disable_forwarding;
1567 while ((arg = strdelim(&cp)) && *arg != '\0') {
1568 if (match_user(NULL, NULL, NULL, arg) == -1)
1569 fatal("%s line %d: invalid AllowUsers pattern: "
1570 "\"%.100s\"", filename, linenum, arg);
1573 array_append(filename, linenum, "AllowUsers",
1574 &options->allow_users, &options->num_allow_users,
1580 while ((arg = strdelim(&cp)) && *arg != '\0') {
1581 if (match_user(NULL, NULL, NULL, arg) == -1)
1582 fatal("%s line %d: invalid DenyUsers pattern: "
1583 "\"%.100s\"", filename, linenum, arg);
1586 array_append(filename, linenum, "DenyUsers",
1587 &options->deny_users, &options->num_deny_users,
1593 while ((arg = strdelim(&cp)) && *arg != '\0') {
1596 array_append(filename, linenum, "AllowGroups",
1597 &options->allow_groups, &options->num_allow_groups,
1603 while ((arg = strdelim(&cp)) && *arg != '\0') {
1606 array_append(filename, linenum, "DenyGroups",
1607 &options->deny_groups, &options->num_deny_groups,
1613 arg = strdelim(&cp);
1614 if (!arg || *arg == '\0')
1615 fatal("%s line %d: Missing argument.", filename, linenum);
1616 if (*arg != '-' && !ciphers_valid(*arg == '+' ? arg + 1 : arg))
1617 fatal("%s line %d: Bad SSH2 cipher spec '%s'.",
1618 filename, linenum, arg ? arg : "<NONE>");
1619 if (options->ciphers == NULL)
1620 options->ciphers = xstrdup(arg);
1624 arg = strdelim(&cp);
1625 if (!arg || *arg == '\0')
1626 fatal("%s line %d: Missing argument.", filename, linenum);
1627 if (*arg != '-' && !mac_valid(*arg == '+' ? arg + 1 : arg))
1628 fatal("%s line %d: Bad SSH2 mac spec '%s'.",
1629 filename, linenum, arg ? arg : "<NONE>");
1630 if (options->macs == NULL)
1631 options->macs = xstrdup(arg);
1634 case sKexAlgorithms:
1635 arg = strdelim(&cp);
1636 if (!arg || *arg == '\0')
1637 fatal("%s line %d: Missing argument.",
1640 !kex_names_valid(*arg == '+' ? arg + 1 : arg))
1641 fatal("%s line %d: Bad SSH2 KexAlgorithms '%s'.",
1642 filename, linenum, arg ? arg : "<NONE>");
1643 if (options->kex_algorithms == NULL)
1644 options->kex_algorithms = xstrdup(arg);
1648 if (options->num_subsystems >= MAX_SUBSYSTEMS) {
1649 fatal("%s line %d: too many subsystems defined.",
1652 arg = strdelim(&cp);
1653 if (!arg || *arg == '\0')
1654 fatal("%s line %d: Missing subsystem name.",
1657 arg = strdelim(&cp);
1660 for (i = 0; i < options->num_subsystems; i++)
1661 if (strcmp(arg, options->subsystem_name[i]) == 0)
1662 fatal("%s line %d: Subsystem '%s' already defined.",
1663 filename, linenum, arg);
1664 options->subsystem_name[options->num_subsystems] = xstrdup(arg);
1665 arg = strdelim(&cp);
1666 if (!arg || *arg == '\0')
1667 fatal("%s line %d: Missing subsystem command.",
1669 options->subsystem_command[options->num_subsystems] = xstrdup(arg);
1671 /* Collect arguments (separate to executable) */
1673 len = strlen(p) + 1;
1674 while ((arg = strdelim(&cp)) != NULL && *arg != '\0') {
1675 len += 1 + strlen(arg);
1676 p = xreallocarray(p, 1, len);
1677 strlcat(p, " ", len);
1678 strlcat(p, arg, len);
1680 options->subsystem_args[options->num_subsystems] = p;
1681 options->num_subsystems++;
1685 arg = strdelim(&cp);
1686 if (!arg || *arg == '\0')
1687 fatal("%s line %d: Missing MaxStartups spec.",
1689 if ((n = sscanf(arg, "%d:%d:%d",
1690 &options->max_startups_begin,
1691 &options->max_startups_rate,
1692 &options->max_startups)) == 3) {
1693 if (options->max_startups_begin >
1694 options->max_startups ||
1695 options->max_startups_rate > 100 ||
1696 options->max_startups_rate < 1)
1697 fatal("%s line %d: Illegal MaxStartups spec.",
1700 fatal("%s line %d: Illegal MaxStartups spec.",
1703 options->max_startups = options->max_startups_begin;
1707 intptr = &options->max_authtries;
1711 intptr = &options->max_sessions;
1715 charptr = &options->banner;
1716 goto parse_filename;
1719 * These options can contain %X options expanded at
1720 * connect time, so that you can specify paths like:
1722 * AuthorizedKeysFile /etc/ssh_keys/%u
1724 case sAuthorizedKeysFile:
1725 if (*activep && options->num_authkeys_files == 0) {
1726 while ((arg = strdelim(&cp)) && *arg != '\0') {
1727 arg = tilde_expand_filename(arg, getuid());
1728 array_append(filename, linenum,
1729 "AuthorizedKeysFile",
1730 &options->authorized_keys_files,
1731 &options->num_authkeys_files, arg);
1737 case sAuthorizedPrincipalsFile:
1738 charptr = &options->authorized_principals_file;
1739 arg = strdelim(&cp);
1740 if (!arg || *arg == '\0')
1741 fatal("%s line %d: missing file name.",
1743 if (*activep && *charptr == NULL) {
1744 *charptr = tilde_expand_filename(arg, getuid());
1745 /* increase optional counter */
1747 *intptr = *intptr + 1;
1751 case sClientAliveInterval:
1752 intptr = &options->client_alive_interval;
1755 case sClientAliveCountMax:
1756 intptr = &options->client_alive_count_max;
1760 while ((arg = strdelim(&cp)) && *arg != '\0') {
1761 if (strchr(arg, '=') != NULL)
1762 fatal("%s line %d: Invalid environment name.",
1766 array_append(filename, linenum, "AcceptEnv",
1767 &options->accept_env, &options->num_accept_env,
1773 intptr = &options->permit_tun;
1774 arg = strdelim(&cp);
1775 if (!arg || *arg == '\0')
1776 fatal("%s line %d: Missing yes/point-to-point/"
1777 "ethernet/no argument.", filename, linenum);
1779 for (i = 0; tunmode_desc[i].val != -1; i++)
1780 if (strcmp(tunmode_desc[i].text, arg) == 0) {
1781 value = tunmode_desc[i].val;
1785 fatal("%s line %d: Bad yes/point-to-point/ethernet/"
1786 "no argument: %s", filename, linenum, arg);
1787 if (*activep && *intptr == -1)
1793 fatal("Match directive not supported as a command-line "
1795 value = match_cfg_line(&cp, linenum, connectinfo);
1797 fatal("%s line %d: Bad Match condition", filename,
1803 arg = strdelim(&cp);
1804 if (!arg || *arg == '\0')
1805 fatal("%s line %d: missing PermitOpen specification",
1807 value = options->num_permitted_opens; /* modified later */
1808 if (strcmp(arg, "any") == 0 || strcmp(arg, "none") == 0) {
1809 if (*activep && value == 0) {
1810 options->num_permitted_opens = 1;
1811 options->permitted_opens = xcalloc(1,
1812 sizeof(*options->permitted_opens));
1813 options->permitted_opens[0] = xstrdup(arg);
1817 for (; arg != NULL && *arg != '\0'; arg = strdelim(&cp)) {
1818 arg2 = xstrdup(arg);
1821 fatal("%s line %d: missing host in PermitOpen",
1823 p = cleanhostname(p);
1824 if (arg == NULL || ((port = permitopen_port(arg)) < 0))
1825 fatal("%s line %d: bad port number in "
1826 "PermitOpen", filename, linenum);
1827 if (*activep && value == 0) {
1828 array_append(filename, linenum,
1830 &options->permitted_opens,
1831 &options->num_permitted_opens, arg2);
1838 if (cp == NULL || *cp == '\0')
1839 fatal("%.200s line %d: Missing argument.", filename,
1841 len = strspn(cp, WHITESPACE);
1842 if (*activep && options->adm_forced_command == NULL)
1843 options->adm_forced_command = xstrdup(cp + len);
1846 case sChrootDirectory:
1847 charptr = &options->chroot_directory;
1849 arg = strdelim(&cp);
1850 if (!arg || *arg == '\0')
1851 fatal("%s line %d: missing file name.",
1853 if (*activep && *charptr == NULL)
1854 *charptr = xstrdup(arg);
1857 case sTrustedUserCAKeys:
1858 charptr = &options->trusted_user_ca_keys;
1859 goto parse_filename;
1862 charptr = &options->revoked_keys_file;
1863 goto parse_filename;
1866 arg = strdelim(&cp);
1867 if ((value = parse_ipqos(arg)) == -1)
1868 fatal("%s line %d: Bad IPQoS value: %s",
1869 filename, linenum, arg);
1870 arg = strdelim(&cp);
1873 else if ((value2 = parse_ipqos(arg)) == -1)
1874 fatal("%s line %d: Bad IPQoS value: %s",
1875 filename, linenum, arg);
1877 options->ip_qos_interactive = value;
1878 options->ip_qos_bulk = value2;
1882 case sVersionAddendum:
1883 if (cp == NULL || *cp == '\0')
1884 fatal("%.200s line %d: Missing argument.", filename,
1886 len = strspn(cp, WHITESPACE);
1887 if (*activep && options->version_addendum == NULL) {
1888 if (strcasecmp(cp + len, "none") == 0)
1889 options->version_addendum = xstrdup("");
1890 else if (strchr(cp + len, '\r') != NULL)
1891 fatal("%.200s line %d: Invalid argument",
1894 options->version_addendum = xstrdup(cp + len);
1898 case sAuthorizedKeysCommand:
1900 fatal("%.200s line %d: Missing argument.", filename,
1902 len = strspn(cp, WHITESPACE);
1903 if (*activep && options->authorized_keys_command == NULL) {
1904 if (cp[len] != '/' && strcasecmp(cp + len, "none") != 0)
1905 fatal("%.200s line %d: AuthorizedKeysCommand "
1906 "must be an absolute path",
1908 options->authorized_keys_command = xstrdup(cp + len);
1912 case sAuthorizedKeysCommandUser:
1913 charptr = &options->authorized_keys_command_user;
1915 arg = strdelim(&cp);
1916 if (!arg || *arg == '\0')
1917 fatal("%s line %d: missing AuthorizedKeysCommandUser "
1918 "argument.", filename, linenum);
1919 if (*activep && *charptr == NULL)
1920 *charptr = xstrdup(arg);
1923 case sAuthorizedPrincipalsCommand:
1925 fatal("%.200s line %d: Missing argument.", filename,
1927 len = strspn(cp, WHITESPACE);
1929 options->authorized_principals_command == NULL) {
1930 if (cp[len] != '/' && strcasecmp(cp + len, "none") != 0)
1931 fatal("%.200s line %d: "
1932 "AuthorizedPrincipalsCommand must be "
1933 "an absolute path", filename, linenum);
1934 options->authorized_principals_command =
1939 case sAuthorizedPrincipalsCommandUser:
1940 charptr = &options->authorized_principals_command_user;
1942 arg = strdelim(&cp);
1943 if (!arg || *arg == '\0')
1944 fatal("%s line %d: missing "
1945 "AuthorizedPrincipalsCommandUser argument.",
1947 if (*activep && *charptr == NULL)
1948 *charptr = xstrdup(arg);
1951 case sAuthenticationMethods:
1952 if (options->num_auth_methods == 0) {
1953 value = 0; /* seen "any" pseudo-method */
1954 value2 = 0; /* sucessfully parsed any method */
1955 while ((arg = strdelim(&cp)) && *arg != '\0') {
1956 if (strcmp(arg, "any") == 0) {
1957 if (options->num_auth_methods > 0) {
1958 fatal("%s line %d: \"any\" "
1959 "must appear alone in "
1960 "AuthenticationMethods",
1965 fatal("%s line %d: \"any\" must appear "
1966 "alone in AuthenticationMethods",
1968 } else if (auth2_methods_valid(arg, 0) != 0) {
1969 fatal("%s line %d: invalid "
1970 "authentication method list.",
1976 array_append(filename, linenum,
1977 "AuthenticationMethods",
1978 &options->auth_methods,
1979 &options->num_auth_methods, arg);
1982 fatal("%s line %d: no AuthenticationMethods "
1983 "specified", filename, linenum);
1988 case sStreamLocalBindMask:
1989 arg = strdelim(&cp);
1990 if (!arg || *arg == '\0')
1991 fatal("%s line %d: missing StreamLocalBindMask "
1992 "argument.", filename, linenum);
1993 /* Parse mode in octal format */
1994 value = strtol(arg, &p, 8);
1995 if (arg == p || value < 0 || value > 0777)
1996 fatal("%s line %d: Bad mask.", filename, linenum);
1998 options->fwd_opts.streamlocal_bind_mask = (mode_t)value;
2001 case sStreamLocalBindUnlink:
2002 intptr = &options->fwd_opts.streamlocal_bind_unlink;
2005 case sFingerprintHash:
2006 arg = strdelim(&cp);
2007 if (!arg || *arg == '\0')
2008 fatal("%.200s line %d: Missing argument.",
2010 if ((value = ssh_digest_alg_by_name(arg)) == -1)
2011 fatal("%.200s line %d: Invalid hash algorithm \"%s\".",
2012 filename, linenum, arg);
2014 options->fingerprint_hash = value;
2017 case sExposeAuthInfo:
2018 intptr = &options->expose_userauth_info;
2022 charptr = &options->routing_domain;
2023 arg = strdelim(&cp);
2024 if (!arg || *arg == '\0')
2025 fatal("%.200s line %d: Missing argument.",
2027 if (strcasecmp(arg, "none") != 0 && strcmp(arg, "%D") != 0 &&
2028 !valid_rdomain(arg))
2029 fatal("%s line %d: bad routing domain",
2031 if (*activep && *charptr == NULL)
2032 *charptr = xstrdup(arg);
2038 do_log2(opcode == sIgnore ?
2039 SYSLOG_LEVEL_DEBUG2 : SYSLOG_LEVEL_INFO,
2040 "%s line %d: %s option %s", filename, linenum,
2041 opcode == sUnsupported ? "Unsupported" : "Deprecated", arg);
2043 arg = strdelim(&cp);
2047 fatal("%s line %d: Missing handler for opcode %s (%d)",
2048 filename, linenum, arg, opcode);
2050 if ((arg = strdelim(&cp)) != NULL && *arg != '\0')
2051 fatal("%s line %d: garbage at end of line; \"%.200s\".",
2052 filename, linenum, arg);
2056 /* Reads the server configuration file. */
2059 load_server_config(const char *filename, Buffer *conf)
2061 char line[4096], *cp;
2065 debug2("%s: filename %s", __func__, filename);
2066 if ((f = fopen(filename, "r")) == NULL) {
2071 while (fgets(line, sizeof(line), f)) {
2073 if (strlen(line) == sizeof(line) - 1)
2074 fatal("%s line %d too long", filename, lineno);
2076 * Trim out comments and strip whitespace
2077 * NB - preserve newlines, they are needed to reproduce
2078 * line numbers later for error messages
2080 if ((cp = strchr(line, '#')) != NULL)
2081 memcpy(cp, "\n", 2);
2082 cp = line + strspn(line, " \t\r");
2084 buffer_append(conf, cp, strlen(cp));
2086 buffer_append(conf, "\0", 1);
2088 debug2("%s: done config len = %d", __func__, buffer_len(conf));
2092 parse_server_match_config(ServerOptions *options,
2093 struct connection_info *connectinfo)
2097 initialize_server_options(&mo);
2098 parse_server_config(&mo, "reprocess config", &cfg, connectinfo);
2099 copy_set_server_options(options, &mo, 0);
2102 int parse_server_match_testspec(struct connection_info *ci, char *spec)
2106 while ((p = strsep(&spec, ",")) && *p != '\0') {
2107 if (strncmp(p, "addr=", 5) == 0) {
2108 ci->address = xstrdup(p + 5);
2109 } else if (strncmp(p, "host=", 5) == 0) {
2110 ci->host = xstrdup(p + 5);
2111 } else if (strncmp(p, "user=", 5) == 0) {
2112 ci->user = xstrdup(p + 5);
2113 } else if (strncmp(p, "laddr=", 6) == 0) {
2114 ci->laddress = xstrdup(p + 6);
2115 } else if (strncmp(p, "rdomain=", 8) == 0) {
2116 ci->rdomain = xstrdup(p + 8);
2117 } else if (strncmp(p, "lport=", 6) == 0) {
2118 ci->lport = a2port(p + 6);
2119 if (ci->lport == -1) {
2120 fprintf(stderr, "Invalid port '%s' in test mode"
2121 " specification %s\n", p+6, p);
2125 fprintf(stderr, "Invalid test mode specification %s\n",
2134 * Copy any supported values that are set.
2136 * If the preauth flag is set, we do not bother copying the string or
2137 * array values that are not used pre-authentication, because any that we
2138 * do use must be explictly sent in mm_getpwnamallow().
2141 copy_set_server_options(ServerOptions *dst, ServerOptions *src, int preauth)
2143 #define M_CP_INTOPT(n) do {\
2148 M_CP_INTOPT(password_authentication);
2149 M_CP_INTOPT(gss_authentication);
2150 M_CP_INTOPT(pubkey_authentication);
2151 M_CP_INTOPT(kerberos_authentication);
2152 M_CP_INTOPT(hostbased_authentication);
2153 M_CP_INTOPT(hostbased_uses_name_from_packet_only);
2154 M_CP_INTOPT(kbd_interactive_authentication);
2155 M_CP_INTOPT(permit_root_login);
2156 M_CP_INTOPT(permit_empty_passwd);
2158 M_CP_INTOPT(allow_tcp_forwarding);
2159 M_CP_INTOPT(allow_streamlocal_forwarding);
2160 M_CP_INTOPT(allow_agent_forwarding);
2161 M_CP_INTOPT(disable_forwarding);
2162 M_CP_INTOPT(expose_userauth_info);
2163 M_CP_INTOPT(permit_tun);
2164 M_CP_INTOPT(fwd_opts.gateway_ports);
2165 M_CP_INTOPT(fwd_opts.streamlocal_bind_unlink);
2166 M_CP_INTOPT(x11_display_offset);
2167 M_CP_INTOPT(x11_forwarding);
2168 M_CP_INTOPT(x11_use_localhost);
2169 M_CP_INTOPT(permit_tty);
2170 M_CP_INTOPT(permit_user_rc);
2171 M_CP_INTOPT(max_sessions);
2172 M_CP_INTOPT(max_authtries);
2173 M_CP_INTOPT(client_alive_count_max);
2174 M_CP_INTOPT(client_alive_interval);
2175 M_CP_INTOPT(ip_qos_interactive);
2176 M_CP_INTOPT(ip_qos_bulk);
2177 M_CP_INTOPT(rekey_limit);
2178 M_CP_INTOPT(rekey_interval);
2179 M_CP_INTOPT(log_level);
2182 * The bind_mask is a mode_t that may be unsigned, so we can't use
2183 * M_CP_INTOPT - it does a signed comparison that causes compiler
2186 if (src->fwd_opts.streamlocal_bind_mask != (mode_t)-1) {
2187 dst->fwd_opts.streamlocal_bind_mask =
2188 src->fwd_opts.streamlocal_bind_mask;
2191 /* M_CP_STROPT and M_CP_STRARRAYOPT should not appear before here */
2192 #define M_CP_STROPT(n) do {\
2193 if (src->n != NULL && dst->n != src->n) { \
2198 #define M_CP_STRARRAYOPT(s, num_s) do {\
2200 if (src->num_s != 0) { \
2201 for (i = 0; i < dst->num_s; i++) \
2204 dst->s = xcalloc(src->num_s, sizeof(*dst->s)); \
2205 for (i = 0; i < src->num_s; i++) \
2206 dst->s[i] = xstrdup(src->s[i]); \
2207 dst->num_s = src->num_s; \
2211 /* See comment in servconf.h */
2212 COPY_MATCH_STRING_OPTS();
2214 /* Arguments that accept '+...' need to be expanded */
2215 assemble_algorithms(dst);
2218 * The only things that should be below this point are string options
2219 * which are only used after authentication.
2224 /* These options may be "none" to clear a global setting */
2225 M_CP_STROPT(adm_forced_command);
2226 if (option_clear_or_none(dst->adm_forced_command)) {
2227 free(dst->adm_forced_command);
2228 dst->adm_forced_command = NULL;
2230 M_CP_STROPT(chroot_directory);
2231 if (option_clear_or_none(dst->chroot_directory)) {
2232 free(dst->chroot_directory);
2233 dst->chroot_directory = NULL;
2239 #undef M_CP_STRARRAYOPT
2242 parse_server_config(ServerOptions *options, const char *filename, Buffer *conf,
2243 struct connection_info *connectinfo)
2245 int active, linenum, bad_options = 0;
2246 char *cp, *obuf, *cbuf;
2248 debug2("%s: config %s len %d", __func__, filename, buffer_len(conf));
2250 if ((obuf = cbuf = sshbuf_dup_string(conf)) == NULL)
2251 fatal("%s: sshbuf_dup_string failed", __func__);
2252 active = connectinfo ? 0 : 1;
2254 while ((cp = strsep(&cbuf, "\n")) != NULL) {
2255 if (process_server_config_line(options, cp, filename,
2256 linenum++, &active, connectinfo) != 0)
2260 if (bad_options > 0)
2261 fatal("%s: terminating, %d bad configuration options",
2262 filename, bad_options);
2263 process_queued_listen_addrs(options);
2267 fmt_multistate_int(int val, const struct multistate *m)
2271 for (i = 0; m[i].key != NULL; i++) {
2272 if (m[i].value == val)
2279 fmt_intarg(ServerOpCodes code, int val)
2284 case sAddressFamily:
2285 return fmt_multistate_int(val, multistate_addressfamily);
2286 case sPermitRootLogin:
2287 return fmt_multistate_int(val, multistate_permitrootlogin);
2289 return fmt_multistate_int(val, multistate_gatewayports);
2291 return fmt_multistate_int(val, multistate_compression);
2292 case sAllowTcpForwarding:
2293 return fmt_multistate_int(val, multistate_tcpfwd);
2294 case sAllowStreamLocalForwarding:
2295 return fmt_multistate_int(val, multistate_tcpfwd);
2296 case sFingerprintHash:
2297 return ssh_digest_alg_name(val);
2311 lookup_opcode_name(ServerOpCodes code)
2315 for (i = 0; keywords[i].name != NULL; i++)
2316 if (keywords[i].opcode == code)
2317 return(keywords[i].name);
2322 dump_cfg_int(ServerOpCodes code, int val)
2324 printf("%s %d\n", lookup_opcode_name(code), val);
2328 dump_cfg_oct(ServerOpCodes code, int val)
2330 printf("%s 0%o\n", lookup_opcode_name(code), val);
2334 dump_cfg_fmtint(ServerOpCodes code, int val)
2336 printf("%s %s\n", lookup_opcode_name(code), fmt_intarg(code, val));
2340 dump_cfg_string(ServerOpCodes code, const char *val)
2342 printf("%s %s\n", lookup_opcode_name(code),
2343 val == NULL ? "none" : val);
2347 dump_cfg_strarray(ServerOpCodes code, u_int count, char **vals)
2351 for (i = 0; i < count; i++)
2352 printf("%s %s\n", lookup_opcode_name(code), vals[i]);
2356 dump_cfg_strarray_oneline(ServerOpCodes code, u_int count, char **vals)
2360 if (count <= 0 && code != sAuthenticationMethods)
2362 printf("%s", lookup_opcode_name(code));
2363 for (i = 0; i < count; i++)
2364 printf(" %s", vals[i]);
2365 if (code == sAuthenticationMethods && count == 0)
2371 format_listen_addrs(struct listenaddr *la)
2374 struct addrinfo *ai;
2375 char addr[NI_MAXHOST], port[NI_MAXSERV];
2376 char *laddr1 = xstrdup(""), *laddr2 = NULL;
2379 * ListenAddress must be after Port. add_one_listen_addr pushes
2380 * addresses onto a stack, so to maintain ordering we need to
2381 * print these in reverse order.
2383 for (ai = la->addrs; ai; ai = ai->ai_next) {
2384 if ((r = getnameinfo(ai->ai_addr, ai->ai_addrlen, addr,
2385 sizeof(addr), port, sizeof(port),
2386 NI_NUMERICHOST|NI_NUMERICSERV)) != 0) {
2387 error("getnameinfo: %.100s", ssh_gai_strerror(r));
2391 if (ai->ai_family == AF_INET6) {
2392 xasprintf(&laddr1, "listenaddress [%s]:%s%s%s\n%s",
2394 la->rdomain == NULL ? "" : " rdomain ",
2395 la->rdomain == NULL ? "" : la->rdomain,
2398 xasprintf(&laddr1, "listenaddress %s:%s%s%s\n%s",
2400 la->rdomain == NULL ? "" : " rdomain ",
2401 la->rdomain == NULL ? "" : la->rdomain,
2410 dump_config(ServerOptions *o)
2415 /* these are usually at the top of the config */
2416 for (i = 0; i < o->num_ports; i++)
2417 printf("port %d\n", o->ports[i]);
2418 dump_cfg_fmtint(sAddressFamily, o->address_family);
2420 for (i = 0; i < o->num_listen_addrs; i++) {
2421 s = format_listen_addrs(&o->listen_addrs[i]);
2426 /* integer arguments */
2428 dump_cfg_fmtint(sUsePAM, o->use_pam);
2430 dump_cfg_int(sLoginGraceTime, o->login_grace_time);
2431 dump_cfg_int(sX11DisplayOffset, o->x11_display_offset);
2432 dump_cfg_int(sMaxAuthTries, o->max_authtries);
2433 dump_cfg_int(sMaxSessions, o->max_sessions);
2434 dump_cfg_int(sClientAliveInterval, o->client_alive_interval);
2435 dump_cfg_int(sClientAliveCountMax, o->client_alive_count_max);
2436 dump_cfg_oct(sStreamLocalBindMask, o->fwd_opts.streamlocal_bind_mask);
2438 /* formatted integer arguments */
2439 dump_cfg_fmtint(sPermitRootLogin, o->permit_root_login);
2440 dump_cfg_fmtint(sIgnoreRhosts, o->ignore_rhosts);
2441 dump_cfg_fmtint(sIgnoreUserKnownHosts, o->ignore_user_known_hosts);
2442 dump_cfg_fmtint(sHostbasedAuthentication, o->hostbased_authentication);
2443 dump_cfg_fmtint(sHostbasedUsesNameFromPacketOnly,
2444 o->hostbased_uses_name_from_packet_only);
2445 dump_cfg_fmtint(sPubkeyAuthentication, o->pubkey_authentication);
2447 dump_cfg_fmtint(sKerberosAuthentication, o->kerberos_authentication);
2448 dump_cfg_fmtint(sKerberosOrLocalPasswd, o->kerberos_or_local_passwd);
2449 dump_cfg_fmtint(sKerberosTicketCleanup, o->kerberos_ticket_cleanup);
2451 dump_cfg_fmtint(sKerberosGetAFSToken, o->kerberos_get_afs_token);
2455 dump_cfg_fmtint(sGssAuthentication, o->gss_authentication);
2456 dump_cfg_fmtint(sGssCleanupCreds, o->gss_cleanup_creds);
2458 dump_cfg_fmtint(sPasswordAuthentication, o->password_authentication);
2459 dump_cfg_fmtint(sKbdInteractiveAuthentication,
2460 o->kbd_interactive_authentication);
2461 dump_cfg_fmtint(sChallengeResponseAuthentication,
2462 o->challenge_response_authentication);
2463 dump_cfg_fmtint(sPrintMotd, o->print_motd);
2464 #ifndef DISABLE_LASTLOG
2465 dump_cfg_fmtint(sPrintLastLog, o->print_lastlog);
2467 dump_cfg_fmtint(sX11Forwarding, o->x11_forwarding);
2468 dump_cfg_fmtint(sX11UseLocalhost, o->x11_use_localhost);
2469 dump_cfg_fmtint(sPermitTTY, o->permit_tty);
2470 dump_cfg_fmtint(sPermitUserRC, o->permit_user_rc);
2471 dump_cfg_fmtint(sStrictModes, o->strict_modes);
2472 dump_cfg_fmtint(sTCPKeepAlive, o->tcp_keep_alive);
2473 dump_cfg_fmtint(sEmptyPasswd, o->permit_empty_passwd);
2474 dump_cfg_fmtint(sPermitUserEnvironment, o->permit_user_env);
2475 dump_cfg_fmtint(sCompression, o->compression);
2476 dump_cfg_fmtint(sGatewayPorts, o->fwd_opts.gateway_ports);
2477 dump_cfg_fmtint(sUseDNS, o->use_dns);
2478 dump_cfg_fmtint(sAllowTcpForwarding, o->allow_tcp_forwarding);
2479 dump_cfg_fmtint(sAllowAgentForwarding, o->allow_agent_forwarding);
2480 dump_cfg_fmtint(sDisableForwarding, o->disable_forwarding);
2481 dump_cfg_fmtint(sAllowStreamLocalForwarding, o->allow_streamlocal_forwarding);
2482 dump_cfg_fmtint(sStreamLocalBindUnlink, o->fwd_opts.streamlocal_bind_unlink);
2483 dump_cfg_fmtint(sFingerprintHash, o->fingerprint_hash);
2484 dump_cfg_fmtint(sExposeAuthInfo, o->expose_userauth_info);
2486 /* string arguments */
2487 dump_cfg_string(sPidFile, o->pid_file);
2488 dump_cfg_string(sXAuthLocation, o->xauth_location);
2489 dump_cfg_string(sCiphers, o->ciphers ? o->ciphers : KEX_SERVER_ENCRYPT);
2490 dump_cfg_string(sMacs, o->macs ? o->macs : KEX_SERVER_MAC);
2491 dump_cfg_string(sBanner, o->banner);
2492 dump_cfg_string(sForceCommand, o->adm_forced_command);
2493 dump_cfg_string(sChrootDirectory, o->chroot_directory);
2494 dump_cfg_string(sTrustedUserCAKeys, o->trusted_user_ca_keys);
2495 dump_cfg_string(sRevokedKeys, o->revoked_keys_file);
2496 dump_cfg_string(sAuthorizedPrincipalsFile,
2497 o->authorized_principals_file);
2498 dump_cfg_string(sVersionAddendum, *o->version_addendum == '\0'
2499 ? "none" : o->version_addendum);
2500 dump_cfg_string(sAuthorizedKeysCommand, o->authorized_keys_command);
2501 dump_cfg_string(sAuthorizedKeysCommandUser, o->authorized_keys_command_user);
2502 dump_cfg_string(sAuthorizedPrincipalsCommand, o->authorized_principals_command);
2503 dump_cfg_string(sAuthorizedPrincipalsCommandUser, o->authorized_principals_command_user);
2504 dump_cfg_string(sHostKeyAgent, o->host_key_agent);
2505 dump_cfg_string(sKexAlgorithms,
2506 o->kex_algorithms ? o->kex_algorithms : KEX_SERVER_KEX);
2507 dump_cfg_string(sHostbasedAcceptedKeyTypes, o->hostbased_key_types ?
2508 o->hostbased_key_types : KEX_DEFAULT_PK_ALG);
2509 dump_cfg_string(sHostKeyAlgorithms, o->hostkeyalgorithms ?
2510 o->hostkeyalgorithms : KEX_DEFAULT_PK_ALG);
2511 dump_cfg_string(sPubkeyAcceptedKeyTypes, o->pubkey_key_types ?
2512 o->pubkey_key_types : KEX_DEFAULT_PK_ALG);
2513 dump_cfg_string(sRDomain, o->routing_domain);
2515 /* string arguments requiring a lookup */
2516 dump_cfg_string(sLogLevel, log_level_name(o->log_level));
2517 dump_cfg_string(sLogFacility, log_facility_name(o->log_facility));
2519 /* string array arguments */
2520 dump_cfg_strarray_oneline(sAuthorizedKeysFile, o->num_authkeys_files,
2521 o->authorized_keys_files);
2522 dump_cfg_strarray(sHostKeyFile, o->num_host_key_files,
2524 dump_cfg_strarray(sHostCertificate, o->num_host_cert_files,
2525 o->host_cert_files);
2526 dump_cfg_strarray(sAllowUsers, o->num_allow_users, o->allow_users);
2527 dump_cfg_strarray(sDenyUsers, o->num_deny_users, o->deny_users);
2528 dump_cfg_strarray(sAllowGroups, o->num_allow_groups, o->allow_groups);
2529 dump_cfg_strarray(sDenyGroups, o->num_deny_groups, o->deny_groups);
2530 dump_cfg_strarray(sAcceptEnv, o->num_accept_env, o->accept_env);
2531 dump_cfg_strarray_oneline(sAuthenticationMethods,
2532 o->num_auth_methods, o->auth_methods);
2534 /* other arguments */
2535 for (i = 0; i < o->num_subsystems; i++)
2536 printf("subsystem %s %s\n", o->subsystem_name[i],
2537 o->subsystem_args[i]);
2539 printf("maxstartups %d:%d:%d\n", o->max_startups_begin,
2540 o->max_startups_rate, o->max_startups);
2543 for (i = 0; tunmode_desc[i].val != -1; i++) {
2544 if (tunmode_desc[i].val == o->permit_tun) {
2545 s = tunmode_desc[i].text;
2549 dump_cfg_string(sPermitTunnel, s);
2551 printf("ipqos %s ", iptos2str(o->ip_qos_interactive));
2552 printf("%s\n", iptos2str(o->ip_qos_bulk));
2554 printf("rekeylimit %llu %d\n", (unsigned long long)o->rekey_limit,
2557 printf("permitopen");
2558 if (o->num_permitted_opens == 0)
2561 for (i = 0; i < o->num_permitted_opens; i++)
2562 printf(" %s", o->permitted_opens[i]);