]> andersk Git - openssh.git/blame - readconf.c
andersk / openssh.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
- (djm) OpenBSD CVS updates:
[openssh.git] / readconf.c
CommitLineData
8efc0c15 1/*
6ae2364d 2 *
5260325f 3 * readconf.c
6ae2364d 4 *
5260325f 5 * Author: Tatu Ylonen <ylo@cs.hut.fi>
6ae2364d 6 *
5260325f 7 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
8 * All rights reserved
6ae2364d 9 *
5260325f 10 * Created: Sat Apr 22 00:03:10 1995 ylo
6ae2364d 11 *
5260325f 12 * Functions for reading the configuration files.
6ae2364d 13 *
5260325f 14 */
8efc0c15 15
16#include "includes.h"
089fbbd2 17RCSID("$OpenBSD: readconf.c,v 1.40 2000/07/10 16:27:05 ho Exp $");
8efc0c15 18
19#include "ssh.h"
20#include "cipher.h"
21#include "readconf.h"
7368a6c8 22#include "match.h"
8efc0c15 23#include "xmalloc.h"
a8be9f80 24#include "compat.h"
8efc0c15 25
26/* Format of the configuration file:
27
28 # Configuration data is parsed as follows:
29 # 1. command line options
30 # 2. user-specific file
31 # 3. system-wide file
32 # Any configuration value is only changed the first time it is set.
33 # Thus, host-specific definitions should be at the beginning of the
34 # configuration file, and defaults at the end.
35
36 # Host-specific declarations. These may override anything above. A single
37 # host may match multiple declarations; these are processed in the order
38 # that they are given in.
39
40 Host *.ngs.fi ngs.fi
41 FallBackToRsh no
42
43 Host fake.com
44 HostName another.host.name.real.org
45 User blaah
46 Port 34289
47 ForwardX11 no
48 ForwardAgent no
49
50 Host books.com
51 RemoteForward 9999 shadows.cs.hut.fi:9999
52 Cipher 3des
53
54 Host fascist.blob.com
55 Port 23123
56 User tylonen
57 RhostsAuthentication no
58 PasswordAuthentication no
59
60 Host puukko.hut.fi
61 User t35124p
62 ProxyCommand ssh-proxy %h %p
63
64 Host *.fr
65 UseRsh yes
66
67 Host *.su
68 Cipher none
69 PasswordAuthentication no
70
71 # Defaults for various options
72 Host *
73 ForwardAgent no
74 ForwardX11 yes
75 RhostsAuthentication yes
76 PasswordAuthentication yes
77 RSAAuthentication yes
78 RhostsRSAAuthentication yes
79 FallBackToRsh no
80 UseRsh no
81 StrictHostKeyChecking yes
82 KeepAlives no
83 IdentityFile ~/.ssh/identity
84 Port 22
85 EscapeChar ~
86
87*/
88
89/* Keyword tokens. */
90
5260325f 91typedef enum {
92 oBadOption,
93 oForwardAgent, oForwardX11, oGatewayPorts, oRhostsAuthentication,
94 oPasswordAuthentication, oRSAAuthentication, oFallBackToRsh, oUseRsh,
fa649821 95 oSkeyAuthentication, oXAuthLocation,
8efc0c15 96#ifdef KRB4
5260325f 97 oKerberosAuthentication,
8efc0c15 98#endif /* KRB4 */
99#ifdef AFS
5260325f 100 oKerberosTgtPassing, oAFSTokenPassing,
8efc0c15 101#endif
5260325f 102 oIdentityFile, oHostName, oPort, oCipher, oRemoteForward, oLocalForward,
103 oUser, oHost, oEscapeChar, oRhostsRSAAuthentication, oProxyCommand,
104 oGlobalKnownHostsFile, oUserKnownHostsFile, oConnectionAttempts,
105 oBatchMode, oCheckHostIP, oStrictHostKeyChecking, oCompression,
106 oCompressionLevel, oKeepAlives, oNumberOfPasswordPrompts, oTISAuthentication,
a306f2dd 107 oUsePrivilegedPort, oLogLevel, oCiphers, oProtocol, oIdentityFile2,
1d1ffb87 108 oGlobalKnownHostsFile2, oUserKnownHostsFile2, oDSAAuthentication
8efc0c15 109} OpCodes;
110
111/* Textual representations of the tokens. */
112
5260325f 113static struct {
114 const char *name;
115 OpCodes opcode;
116} keywords[] = {
117 { "forwardagent", oForwardAgent },
118 { "forwardx11", oForwardX11 },
fa649821 119 { "xauthlocation", oXAuthLocation },
5260325f 120 { "gatewayports", oGatewayPorts },
121 { "useprivilegedport", oUsePrivilegedPort },
122 { "rhostsauthentication", oRhostsAuthentication },
123 { "passwordauthentication", oPasswordAuthentication },
124 { "rsaauthentication", oRSAAuthentication },
1d1ffb87 125 { "dsaauthentication", oDSAAuthentication },
5260325f 126 { "skeyauthentication", oSkeyAuthentication },
8efc0c15 127#ifdef KRB4
5260325f 128 { "kerberosauthentication", oKerberosAuthentication },
8efc0c15 129#endif /* KRB4 */
130#ifdef AFS
5260325f 131 { "kerberostgtpassing", oKerberosTgtPassing },
132 { "afstokenpassing", oAFSTokenPassing },
8efc0c15 133#endif
5260325f 134 { "fallbacktorsh", oFallBackToRsh },
135 { "usersh", oUseRsh },
136 { "identityfile", oIdentityFile },
a306f2dd 137 { "identityfile2", oIdentityFile2 },
5260325f 138 { "hostname", oHostName },
139 { "proxycommand", oProxyCommand },
140 { "port", oPort },
141 { "cipher", oCipher },
a8be9f80 142 { "ciphers", oCiphers },
143 { "protocol", oProtocol },
5260325f 144 { "remoteforward", oRemoteForward },
145 { "localforward", oLocalForward },
146 { "user", oUser },
147 { "host", oHost },
148 { "escapechar", oEscapeChar },
149 { "rhostsrsaauthentication", oRhostsRSAAuthentication },
150 { "globalknownhostsfile", oGlobalKnownHostsFile },
151 { "userknownhostsfile", oUserKnownHostsFile },
a306f2dd 152 { "globalknownhostsfile2", oGlobalKnownHostsFile2 },
153 { "userknownhostsfile2", oUserKnownHostsFile2 },
5260325f 154 { "connectionattempts", oConnectionAttempts },
155 { "batchmode", oBatchMode },
156 { "checkhostip", oCheckHostIP },
157 { "stricthostkeychecking", oStrictHostKeyChecking },
158 { "compression", oCompression },
159 { "compressionlevel", oCompressionLevel },
160 { "keepalive", oKeepAlives },
161 { "numberofpasswordprompts", oNumberOfPasswordPrompts },
162 { "tisauthentication", oTISAuthentication },
163 { "loglevel", oLogLevel },
164 { NULL, 0 }
6a17f9c2 165};
166
089fbbd2 167/* Characters considered whitespace in strsep calls. */
38c295d6 168#define WHITESPACE " \t\r\n="
8efc0c15 169
170
aa3378df 171/*
172 * Adds a local TCP/IP port forward to options. Never returns if there is an
173 * error.
174 */
8efc0c15 175
6ae2364d 176void
57112b5a 177add_local_forward(Options *options, u_short port, const char *host,
178 u_short host_port)
8efc0c15 179{
5260325f 180 Forward *fwd;
181 extern uid_t original_real_uid;
5260325f 182 if (port < IPPORT_RESERVED && original_real_uid != 0)
183 fatal("Privileged ports can only be forwarded by root.\n");
184 if (options->num_local_forwards >= SSH_MAX_FORWARDS_PER_DIRECTION)
185 fatal("Too many local forwards (max %d).", SSH_MAX_FORWARDS_PER_DIRECTION);
186 fwd = &options->local_forwards[options->num_local_forwards++];
187 fwd->port = port;
188 fwd->host = xstrdup(host);
189 fwd->host_port = host_port;
8efc0c15 190}
191
aa3378df 192/*
193 * Adds a remote TCP/IP port forward to options. Never returns if there is
194 * an error.
195 */
8efc0c15 196
6ae2364d 197void
57112b5a 198add_remote_forward(Options *options, u_short port, const char *host,
199 u_short host_port)
8efc0c15 200{
5260325f 201 Forward *fwd;
202 if (options->num_remote_forwards >= SSH_MAX_FORWARDS_PER_DIRECTION)
203 fatal("Too many remote forwards (max %d).",
204 SSH_MAX_FORWARDS_PER_DIRECTION);
205 fwd = &options->remote_forwards[options->num_remote_forwards++];
206 fwd->port = port;
207 fwd->host = xstrdup(host);
208 fwd->host_port = host_port;
8efc0c15 209}
210
aa3378df 211/*
212 * Returns the number of the token pointed to by cp of length len. Never
213 * returns if the token is not known.
214 */
8efc0c15 215
6ae2364d 216static OpCodes
5260325f 217parse_token(const char *cp, const char *filename, int linenum)
8efc0c15 218{
5260325f 219 unsigned int i;
8efc0c15 220
5260325f 221 for (i = 0; keywords[i].name; i++)
aa3378df 222 if (strcasecmp(cp, keywords[i].name) == 0)
5260325f 223 return keywords[i].opcode;
8efc0c15 224
5260325f 225 fprintf(stderr, "%s: line %d: Bad configuration option: %s\n",
226 filename, linenum, cp);
227 return oBadOption;
8efc0c15 228}
229
aa3378df 230/*
231 * Processes a single option line as used in the configuration files. This
232 * only sets those values that have not already been set.
233 */
8efc0c15 234
e7c0f9d5 235int
236process_config_line(Options *options, const char *host,
5260325f 237 char *line, const char *filename, int linenum,
238 int *activep)
8efc0c15 239{
089fbbd2 240 char buf[256], *s, *string, **charptr, *endofnumber, *keyword, *arg;
57112b5a 241 int opcode, *intptr, value;
242 u_short fwd_port, fwd_host_port;
5260325f 243
244 /* Skip leading whitespace. */
089fbbd2 245 s = line + strspn(line, WHITESPACE);
246 if (!*s || *s == '\n' || *s == '#')
5260325f 247 return 0;
248
aa3378df 249 /* Get the keyword. (Each line is supposed to begin with a keyword). */
089fbbd2 250 keyword = strsep(&s, WHITESPACE);
251 opcode = parse_token(keyword, filename, linenum);
5260325f 252
253 switch (opcode) {
254 case oBadOption:
aa3378df 255 /* don't panic, but count bad options */
256 return -1;
5260325f 257 /* NOTREACHED */
258 case oForwardAgent:
259 intptr = &options->forward_agent;
260parse_flag:
089fbbd2 261 arg = strsep(&s, WHITESPACE);
262 if (!arg || *arg == '\0')
5260325f 263 fatal("%.200s line %d: Missing yes/no argument.", filename, linenum);
264 value = 0; /* To avoid compiler warning... */
089fbbd2 265 if (strcmp(arg, "yes") == 0 || strcmp(arg, "true") == 0)
5260325f 266 value = 1;
089fbbd2 267 else if (strcmp(arg, "no") == 0 || strcmp(arg, "false") == 0)
5260325f 268 value = 0;
269 else
270 fatal("%.200s line %d: Bad yes/no argument.", filename, linenum);
271 if (*activep && *intptr == -1)
272 *intptr = value;
273 break;
274
275 case oForwardX11:
276 intptr = &options->forward_x11;
277 goto parse_flag;
278
279 case oGatewayPorts:
280 intptr = &options->gateway_ports;
281 goto parse_flag;
282
283 case oUsePrivilegedPort:
284 intptr = &options->use_privileged_port;
285 goto parse_flag;
286
287 case oRhostsAuthentication:
288 intptr = &options->rhosts_authentication;
289 goto parse_flag;
290
291 case oPasswordAuthentication:
292 intptr = &options->password_authentication;
293 goto parse_flag;
294
1d1ffb87 295 case oDSAAuthentication:
296 intptr = &options->dsa_authentication;
297 goto parse_flag;
298
5260325f 299 case oRSAAuthentication:
300 intptr = &options->rsa_authentication;
301 goto parse_flag;
302
303 case oRhostsRSAAuthentication:
304 intptr = &options->rhosts_rsa_authentication;
305 goto parse_flag;
306
307 case oTISAuthentication:
308 /* fallthrough, there is no difference on the client side */
309 case oSkeyAuthentication:
310 intptr = &options->skey_authentication;
311 goto parse_flag;
8efc0c15 312
313#ifdef KRB4
5260325f 314 case oKerberosAuthentication:
315 intptr = &options->kerberos_authentication;
316 goto parse_flag;
8efc0c15 317#endif /* KRB4 */
318
319#ifdef AFS
5260325f 320 case oKerberosTgtPassing:
321 intptr = &options->kerberos_tgt_passing;
322 goto parse_flag;
8efc0c15 323
5260325f 324 case oAFSTokenPassing:
325 intptr = &options->afs_token_passing;
326 goto parse_flag;
8efc0c15 327#endif
5260325f 328
329 case oFallBackToRsh:
330 intptr = &options->fallback_to_rsh;
331 goto parse_flag;
332
333 case oUseRsh:
334 intptr = &options->use_rsh;
335 goto parse_flag;
336
337 case oBatchMode:
338 intptr = &options->batch_mode;
339 goto parse_flag;
340
341 case oCheckHostIP:
342 intptr = &options->check_host_ip;
343 goto parse_flag;
344
345 case oStrictHostKeyChecking:
346 intptr = &options->strict_host_key_checking;
089fbbd2 347 arg = strsep(&s, WHITESPACE);
348 if (!arg || *arg == '\0')
5260325f 349 fatal("%.200s line %d: Missing yes/no argument.",
350 filename, linenum);
351 value = 0; /* To avoid compiler warning... */
089fbbd2 352 if (strcmp(arg, "yes") == 0 || strcmp(arg, "true") == 0)
5260325f 353 value = 1;
089fbbd2 354 else if (strcmp(arg, "no") == 0 || strcmp(arg, "false") == 0)
5260325f 355 value = 0;
089fbbd2 356 else if (strcmp(arg, "ask") == 0)
5260325f 357 value = 2;
358 else
359 fatal("%.200s line %d: Bad yes/no/ask argument.", filename, linenum);
360 if (*activep && *intptr == -1)
361 *intptr = value;
362 break;
363
364 case oCompression:
365 intptr = &options->compression;
366 goto parse_flag;
367
368 case oKeepAlives:
369 intptr = &options->keepalives;
370 goto parse_flag;
371
372 case oNumberOfPasswordPrompts:
373 intptr = &options->number_of_password_prompts;
374 goto parse_int;
375
376 case oCompressionLevel:
377 intptr = &options->compression_level;
378 goto parse_int;
379
380 case oIdentityFile:
a306f2dd 381 case oIdentityFile2:
089fbbd2 382 arg = strsep(&s, WHITESPACE);
383 if (!arg || *arg == '\0')
5260325f 384 fatal("%.200s line %d: Missing argument.", filename, linenum);
385 if (*activep) {
a306f2dd 386 intptr = (opcode == oIdentityFile) ?
387 &options->num_identity_files :
388 &options->num_identity_files2;
389 if (*intptr >= SSH_MAX_IDENTITY_FILES)
5260325f 390 fatal("%.200s line %d: Too many identity files specified (max %d).",
391 filename, linenum, SSH_MAX_IDENTITY_FILES);
a306f2dd 392 charptr = (opcode == oIdentityFile) ?
393 &options->identity_files[*intptr] :
394 &options->identity_files2[*intptr];
089fbbd2 395 *charptr = xstrdup(arg);
a306f2dd 396 *intptr = *intptr + 1;
5260325f 397 }
398 break;
399
fa649821 400 case oXAuthLocation:
401 charptr=&options->xauth_location;
402 goto parse_string;
403
5260325f 404 case oUser:
405 charptr = &options->user;
406parse_string:
089fbbd2 407 arg = strsep(&s, WHITESPACE);
408 if (!arg || *arg == '\0')
5260325f 409 fatal("%.200s line %d: Missing argument.", filename, linenum);
410 if (*activep && *charptr == NULL)
089fbbd2 411 *charptr = xstrdup(arg);
5260325f 412 break;
413
414 case oGlobalKnownHostsFile:
415 charptr = &options->system_hostfile;
416 goto parse_string;
417
418 case oUserKnownHostsFile:
419 charptr = &options->user_hostfile;
420 goto parse_string;
421
a306f2dd 422 case oGlobalKnownHostsFile2:
423 charptr = &options->system_hostfile2;
424 goto parse_string;
425
426 case oUserKnownHostsFile2:
427 charptr = &options->user_hostfile2;
428 goto parse_string;
429
5260325f 430 case oHostName:
431 charptr = &options->hostname;
432 goto parse_string;
433
434 case oProxyCommand:
435 charptr = &options->proxy_command;
436 string = xstrdup("");
089fbbd2 437 while ((arg = strsep(&s, WHITESPACE)) != NULL && *arg != '\0') {
438 string = xrealloc(string, strlen(string) + strlen(arg) + 2);
5260325f 439 strcat(string, " ");
089fbbd2 440 strcat(string, arg);
5260325f 441 }
442 if (*activep && *charptr == NULL)
443 *charptr = string;
444 else
445 xfree(string);
446 return 0;
447
448 case oPort:
449 intptr = &options->port;
450parse_int:
089fbbd2 451 arg = strsep(&s, WHITESPACE);
452 if (!arg || *arg == '\0')
5260325f 453 fatal("%.200s line %d: Missing argument.", filename, linenum);
089fbbd2 454 if (arg[0] < '0' || arg[0] > '9')
5260325f 455 fatal("%.200s line %d: Bad number.", filename, linenum);
aa3378df 456
457 /* Octal, decimal, or hex format? */
089fbbd2 458 value = strtol(arg, &endofnumber, 0);
459 if (arg == endofnumber)
aa3378df 460 fatal("%.200s line %d: Bad number.", filename, linenum);
5260325f 461 if (*activep && *intptr == -1)
462 *intptr = value;
463 break;
464
465 case oConnectionAttempts:
466 intptr = &options->connection_attempts;
467 goto parse_int;
468
469 case oCipher:
470 intptr = &options->cipher;
089fbbd2 471 arg = strsep(&s, WHITESPACE);
472 if (!arg || *arg == '\0')
71276795 473 fatal("%.200s line %d: Missing argument.", filename, linenum);
089fbbd2 474 value = cipher_number(arg);
5260325f 475 if (value == -1)
476 fatal("%.200s line %d: Bad cipher '%s'.",
089fbbd2 477 filename, linenum, arg ? arg : "<NONE>");
5260325f 478 if (*activep && *intptr == -1)
479 *intptr = value;
480 break;
481
a8be9f80 482 case oCiphers:
089fbbd2 483 arg = strsep(&s, WHITESPACE);
484 if (!arg || *arg == '\0')
71276795 485 fatal("%.200s line %d: Missing argument.", filename, linenum);
089fbbd2 486 if (!ciphers_valid(arg))
d0c832f3 487 fatal("%.200s line %d: Bad SSH2 cipher spec '%s'.",
089fbbd2 488 filename, linenum, arg ? arg : "<NONE>");
a8be9f80 489 if (*activep && options->ciphers == NULL)
089fbbd2 490 options->ciphers = xstrdup(arg);
a8be9f80 491 break;
492
493 case oProtocol:
494 intptr = &options->protocol;
089fbbd2 495 arg = strsep(&s, WHITESPACE);
496 if (!arg || *arg == '\0')
71276795 497 fatal("%.200s line %d: Missing argument.", filename, linenum);
089fbbd2 498 value = proto_spec(arg);
a8be9f80 499 if (value == SSH_PROTO_UNKNOWN)
500 fatal("%.200s line %d: Bad protocol spec '%s'.",
089fbbd2 501 filename, linenum, arg ? arg : "<NONE>");
a8be9f80 502 if (*activep && *intptr == SSH_PROTO_UNKNOWN)
503 *intptr = value;
504 break;
505
5260325f 506 case oLogLevel:
507 intptr = (int *) &options->log_level;
089fbbd2 508 arg = strsep(&s, WHITESPACE);
509 value = log_level_number(arg);
5260325f 510 if (value == (LogLevel) - 1)
511 fatal("%.200s line %d: unsupported log level '%s'\n",
089fbbd2 512 filename, linenum, arg ? arg : "<NONE>");
5260325f 513 if (*activep && (LogLevel) * intptr == -1)
514 *intptr = (LogLevel) value;
515 break;
516
517 case oRemoteForward:
089fbbd2 518 arg = strsep(&s, WHITESPACE);
519 if (!arg || *arg == '\0')
5260325f 520 fatal("%.200s line %d: Missing argument.", filename, linenum);
089fbbd2 521 if (arg[0] < '0' || arg[0] > '9')
5260325f 522 fatal("%.200s line %d: Badly formatted port number.",
523 filename, linenum);
089fbbd2 524 fwd_port = atoi(arg);
525 arg = strsep(&s, WHITESPACE);
526 if (!arg || *arg == '\0')
5260325f 527 fatal("%.200s line %d: Missing second argument.",
528 filename, linenum);
089fbbd2 529 if (sscanf(arg, "%255[^:]:%hu", buf, &fwd_host_port) != 2)
5260325f 530 fatal("%.200s line %d: Badly formatted host:port.",
531 filename, linenum);
532 if (*activep)
533 add_remote_forward(options, fwd_port, buf, fwd_host_port);
534 break;
535
536 case oLocalForward:
089fbbd2 537 arg = strsep(&s, WHITESPACE);
538 if (!arg || *arg == '\0')
5260325f 539 fatal("%.200s line %d: Missing argument.", filename, linenum);
089fbbd2 540 if (arg[0] < '0' || arg[0] > '9')
5260325f 541 fatal("%.200s line %d: Badly formatted port number.",
542 filename, linenum);
089fbbd2 543 fwd_port = atoi(arg);
544 arg = strsep(&s, WHITESPACE);
545 if (!arg || *arg == '\0')
5260325f 546 fatal("%.200s line %d: Missing second argument.",
547 filename, linenum);
089fbbd2 548 if (sscanf(arg, "%255[^:]:%hu", buf, &fwd_host_port) != 2)
5260325f 549 fatal("%.200s line %d: Badly formatted host:port.",
550 filename, linenum);
551 if (*activep)
552 add_local_forward(options, fwd_port, buf, fwd_host_port);
553 break;
554
555 case oHost:
556 *activep = 0;
089fbbd2 557 while ((arg = strsep(&s, WHITESPACE)) != NULL && *arg != '\0')
558 if (match_pattern(host, arg)) {
559 debug("Applying options for %.100s", arg);
5260325f 560 *activep = 1;
561 break;
562 }
089fbbd2 563 /* Avoid garbage check below, as strsep is done. */
5260325f 564 return 0;
565
566 case oEscapeChar:
567 intptr = &options->escape_char;
089fbbd2 568 arg = strsep(&s, WHITESPACE);
569 if (!arg || *arg == '\0')
5260325f 570 fatal("%.200s line %d: Missing argument.", filename, linenum);
089fbbd2 571 if (arg[0] == '^' && arg[2] == 0 &&
572 (unsigned char) arg[1] >= 64 && (unsigned char) arg[1] < 128)
573 value = (unsigned char) arg[1] & 31;
574 else if (strlen(arg) == 1)
575 value = (unsigned char) arg[0];
576 else if (strcmp(arg, "none") == 0)
5260325f 577 value = -2;
578 else {
579 fatal("%.200s line %d: Bad escape character.",
580 filename, linenum);
581 /* NOTREACHED */
582 value = 0; /* Avoid compiler warning. */
583 }
584 if (*activep && *intptr == -1)
585 *intptr = value;
586 break;
587
588 default:
589 fatal("process_config_line: Unimplemented opcode %d", opcode);
590 }
591
592 /* Check that there is no garbage at end of line. */
089fbbd2 593 if ((arg = strsep(&s, WHITESPACE)) != NULL && *arg != '\0')
594 {
595 fatal("%.200s line %d: garbage at end of line; \"%.200s\".",
596 filename, linenum, arg);
597 }
5260325f 598 return 0;
8efc0c15 599}
600
601
aa3378df 602/*
603 * Reads the config file and modifies the options accordingly. Options
604 * should already be initialized before this call. This never returns if
605 * there is an error. If the file does not exist, this returns immediately.
606 */
8efc0c15 607
6ae2364d 608void
5260325f 609read_config_file(const char *filename, const char *host, Options *options)
8efc0c15 610{
5260325f 611 FILE *f;
612 char line[1024];
613 int active, linenum;
614 int bad_options = 0;
615
616 /* Open the file. */
617 f = fopen(filename, "r");
618 if (!f)
619 return;
620
621 debug("Reading configuration data %.200s", filename);
622
aa3378df 623 /*
624 * Mark that we are now processing the options. This flag is turned
625 * on/off by Host specifications.
626 */
5260325f 627 active = 1;
628 linenum = 0;
629 while (fgets(line, sizeof(line), f)) {
630 /* Update line number counter. */
631 linenum++;
632 if (process_config_line(options, host, line, filename, linenum, &active) != 0)
633 bad_options++;
634 }
635 fclose(f);
636 if (bad_options > 0)
637 fatal("%s: terminating, %d bad configuration options\n",
638 filename, bad_options);
8efc0c15 639}
640
aa3378df 641/*
642 * Initializes options to special values that indicate that they have not yet
643 * been set. Read_config_file will only set options with this value. Options
644 * are processed in the following order: command line, user config file,
645 * system config file. Last, fill_default_options is called.
646 */
8efc0c15 647
6ae2364d 648void
5260325f 649initialize_options(Options * options)
8efc0c15 650{
5260325f 651 memset(options, 'X', sizeof(*options));
652 options->forward_agent = -1;
653 options->forward_x11 = -1;
fa649821 654 options->xauth_location = NULL;
5260325f 655 options->gateway_ports = -1;
656 options->use_privileged_port = -1;
657 options->rhosts_authentication = -1;
658 options->rsa_authentication = -1;
1d1ffb87 659 options->dsa_authentication = -1;
5260325f 660 options->skey_authentication = -1;
8efc0c15 661#ifdef KRB4
5260325f 662 options->kerberos_authentication = -1;
8efc0c15 663#endif
664#ifdef AFS
5260325f 665 options->kerberos_tgt_passing = -1;
666 options->afs_token_passing = -1;
8efc0c15 667#endif
5260325f 668 options->password_authentication = -1;
669 options->rhosts_rsa_authentication = -1;
670 options->fallback_to_rsh = -1;
671 options->use_rsh = -1;
672 options->batch_mode = -1;
673 options->check_host_ip = -1;
674 options->strict_host_key_checking = -1;
675 options->compression = -1;
676 options->keepalives = -1;
677 options->compression_level = -1;
678 options->port = -1;
679 options->connection_attempts = -1;
680 options->number_of_password_prompts = -1;
681 options->cipher = -1;
a8be9f80 682 options->ciphers = NULL;
683 options->protocol = SSH_PROTO_UNKNOWN;
5260325f 684 options->num_identity_files = 0;
a306f2dd 685 options->num_identity_files2 = 0;
5260325f 686 options->hostname = NULL;
687 options->proxy_command = NULL;
688 options->user = NULL;
689 options->escape_char = -1;
690 options->system_hostfile = NULL;
691 options->user_hostfile = NULL;
a306f2dd 692 options->system_hostfile2 = NULL;
693 options->user_hostfile2 = NULL;
5260325f 694 options->num_local_forwards = 0;
695 options->num_remote_forwards = 0;
696 options->log_level = (LogLevel) - 1;
8efc0c15 697}
698
aa3378df 699/*
700 * Called after processing other sources of option data, this fills those
701 * options for which no value has been specified with their default values.
702 */
8efc0c15 703
6ae2364d 704void
5260325f 705fill_default_options(Options * options)
8efc0c15 706{
5260325f 707 if (options->forward_agent == -1)
71276795 708 options->forward_agent = 0;
5260325f 709 if (options->forward_x11 == -1)
c8d54615 710 options->forward_x11 = 0;
fa649821 711#ifdef XAUTH_PATH
712 if (options->xauth_location == NULL)
713 options->xauth_location = XAUTH_PATH;
714#endif /* XAUTH_PATH */
5260325f 715 if (options->gateway_ports == -1)
716 options->gateway_ports = 0;
717 if (options->use_privileged_port == -1)
718 options->use_privileged_port = 1;
719 if (options->rhosts_authentication == -1)
720 options->rhosts_authentication = 1;
721 if (options->rsa_authentication == -1)
722 options->rsa_authentication = 1;
1d1ffb87 723 if (options->dsa_authentication == -1)
724 options->dsa_authentication = 1;
5260325f 725 if (options->skey_authentication == -1)
726 options->skey_authentication = 0;
8efc0c15 727#ifdef KRB4
5260325f 728 if (options->kerberos_authentication == -1)
729 options->kerberos_authentication = 1;
8efc0c15 730#endif /* KRB4 */
731#ifdef AFS
5260325f 732 if (options->kerberos_tgt_passing == -1)
733 options->kerberos_tgt_passing = 1;
734 if (options->afs_token_passing == -1)
735 options->afs_token_passing = 1;
8efc0c15 736#endif /* AFS */
5260325f 737 if (options->password_authentication == -1)
738 options->password_authentication = 1;
739 if (options->rhosts_rsa_authentication == -1)
740 options->rhosts_rsa_authentication = 1;
741 if (options->fallback_to_rsh == -1)
742 options->fallback_to_rsh = 1;
743 if (options->use_rsh == -1)
744 options->use_rsh = 0;
745 if (options->batch_mode == -1)
746 options->batch_mode = 0;
747 if (options->check_host_ip == -1)
748 options->check_host_ip = 1;
749 if (options->strict_host_key_checking == -1)
750 options->strict_host_key_checking = 2; /* 2 is default */
751 if (options->compression == -1)
752 options->compression = 0;
753 if (options->keepalives == -1)
754 options->keepalives = 1;
755 if (options->compression_level == -1)
756 options->compression_level = 6;
757 if (options->port == -1)
758 options->port = 0; /* Filled in ssh_connect. */
759 if (options->connection_attempts == -1)
760 options->connection_attempts = 4;
761 if (options->number_of_password_prompts == -1)
762 options->number_of_password_prompts = 3;
763 /* Selected in ssh_login(). */
764 if (options->cipher == -1)
765 options->cipher = SSH_CIPHER_NOT_SET;
d0c832f3 766 /* options->ciphers, default set in myproposals.h */
a8be9f80 767 if (options->protocol == SSH_PROTO_UNKNOWN)
a306f2dd 768 options->protocol = SSH_PROTO_1|SSH_PROTO_2|SSH_PROTO_1_PREFERRED;
5260325f 769 if (options->num_identity_files == 0) {
770 options->identity_files[0] =
771 xmalloc(2 + strlen(SSH_CLIENT_IDENTITY) + 1);
772 sprintf(options->identity_files[0], "~/%.100s", SSH_CLIENT_IDENTITY);
773 options->num_identity_files = 1;
774 }
a306f2dd 775 if (options->num_identity_files2 == 0) {
776 options->identity_files2[0] =
1d1ffb87 777 xmalloc(2 + strlen(SSH_CLIENT_ID_DSA) + 1);
778 sprintf(options->identity_files2[0], "~/%.100s", SSH_CLIENT_ID_DSA);
a306f2dd 779 options->num_identity_files2 = 1;
780 }
5260325f 781 if (options->escape_char == -1)
782 options->escape_char = '~';
783 if (options->system_hostfile == NULL)
784 options->system_hostfile = SSH_SYSTEM_HOSTFILE;
785 if (options->user_hostfile == NULL)
786 options->user_hostfile = SSH_USER_HOSTFILE;
a306f2dd 787 if (options->system_hostfile2 == NULL)
788 options->system_hostfile2 = SSH_SYSTEM_HOSTFILE2;
789 if (options->user_hostfile2 == NULL)
790 options->user_hostfile2 = SSH_USER_HOSTFILE2;
5260325f 791 if (options->log_level == (LogLevel) - 1)
792 options->log_level = SYSLOG_LEVEL_INFO;
793 /* options->proxy_command should not be set by default */
794 /* options->user will be set in the main program if appropriate */
795 /* options->hostname will be set in the main program if appropriate */
8efc0c15 796}
git-cvsimport mirror of OpenSSH
This page took 0.205627 seconds and 5 git commands to generate.