]> andersk Git - openssh.git/blame - servconf.c
andersk / openssh.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
- (djm) Replacement for inet_ntoa for Irix (which breaks on gcc)
[openssh.git] / servconf.c
CommitLineData
8efc0c15 1/*
6ae2364d 2 *
5260325f 3 * servconf.c
6ae2364d 4 *
5260325f 5 * Author: Tatu Ylonen <ylo@cs.hut.fi>
6ae2364d 6 *
5260325f 7 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
8 * All rights reserved
6ae2364d 9 *
5260325f 10 * Created: Mon Aug 21 15:48:58 1995 ylo
6ae2364d 11 *
5260325f 12 */
8efc0c15 13
14#include "includes.h"
704b1659 15RCSID("$OpenBSD: servconf.c,v 1.49 2000/07/14 22:59:46 markus Exp $");
8efc0c15 16
17#include "ssh.h"
18#include "servconf.h"
19#include "xmalloc.h"
a8be9f80 20#include "compat.h"
8efc0c15 21
48e671d5 22/* add listen address */
23void add_listen_addr(ServerOptions *options, char *addr);
24
8efc0c15 25/* Initializes the server options to their default values. */
26
6ae2364d 27void
5260325f 28initialize_server_options(ServerOptions *options)
8efc0c15 29{
5260325f 30 memset(options, 0, sizeof(*options));
48e671d5 31 options->num_ports = 0;
32 options->ports_from_cmdline = 0;
33 options->listen_addrs = NULL;
5260325f 34 options->host_key_file = NULL;
1d1ffb87 35 options->host_dsa_key_file = NULL;
0fbe8c74 36 options->pid_file = NULL;
5260325f 37 options->server_key_bits = -1;
38 options->login_grace_time = -1;
39 options->key_regeneration_time = -1;
40 options->permit_root_login = -1;
41 options->ignore_rhosts = -1;
42 options->ignore_user_known_hosts = -1;
43 options->print_motd = -1;
44 options->check_mail = -1;
45 options->x11_forwarding = -1;
46 options->x11_display_offset = -1;
fa649821 47 options->xauth_location = NULL;
5260325f 48 options->strict_modes = -1;
49 options->keepalives = -1;
50 options->log_facility = (SyslogFacility) - 1;
51 options->log_level = (LogLevel) - 1;
52 options->rhosts_authentication = -1;
53 options->rhosts_rsa_authentication = -1;
54 options->rsa_authentication = -1;
1d1ffb87 55 options->dsa_authentication = -1;
8efc0c15 56#ifdef KRB4
5260325f 57 options->kerberos_authentication = -1;
58 options->kerberos_or_local_passwd = -1;
59 options->kerberos_ticket_cleanup = -1;
8efc0c15 60#endif
61#ifdef AFS
5260325f 62 options->kerberos_tgt_passing = -1;
63 options->afs_token_passing = -1;
8efc0c15 64#endif
5260325f 65 options->password_authentication = -1;
8efc0c15 66#ifdef SKEY
5260325f 67 options->skey_authentication = -1;
8efc0c15 68#endif
5260325f 69 options->permit_empty_passwd = -1;
70 options->use_login = -1;
71 options->num_allow_users = 0;
72 options->num_deny_users = 0;
73 options->num_allow_groups = 0;
74 options->num_deny_groups = 0;
a8be9f80 75 options->ciphers = NULL;
76 options->protocol = SSH_PROTO_UNKNOWN;
1d1ffb87 77 options->gateway_ports = -1;
38c295d6 78 options->num_subsystems = 0;
089fbbd2 79 options->max_startups = -1;
8efc0c15 80}
81
6ae2364d 82void
5260325f 83fill_default_server_options(ServerOptions *options)
8efc0c15 84{
48e671d5 85 if (options->num_ports == 0)
86 options->ports[options->num_ports++] = SSH_DEFAULT_PORT;
87 if (options->listen_addrs == NULL)
88 add_listen_addr(options, NULL);
5260325f 89 if (options->host_key_file == NULL)
90 options->host_key_file = HOST_KEY_FILE;
1d1ffb87 91 if (options->host_dsa_key_file == NULL)
92 options->host_dsa_key_file = HOST_DSA_KEY_FILE;
0fbe8c74 93 if (options->pid_file == NULL)
94 options->pid_file = SSH_DAEMON_PID_FILE;
5260325f 95 if (options->server_key_bits == -1)
96 options->server_key_bits = 768;
97 if (options->login_grace_time == -1)
98 options->login_grace_time = 600;
99 if (options->key_regeneration_time == -1)
100 options->key_regeneration_time = 3600;
101 if (options->permit_root_login == -1)
102 options->permit_root_login = 1; /* yes */
103 if (options->ignore_rhosts == -1)
c8d54615 104 options->ignore_rhosts = 1;
5260325f 105 if (options->ignore_user_known_hosts == -1)
106 options->ignore_user_known_hosts = 0;
107 if (options->check_mail == -1)
108 options->check_mail = 0;
109 if (options->print_motd == -1)
110 options->print_motd = 1;
111 if (options->x11_forwarding == -1)
c8d54615 112 options->x11_forwarding = 0;
5260325f 113 if (options->x11_display_offset == -1)
c8d54615 114 options->x11_display_offset = 10;
fa649821 115#ifdef XAUTH_PATH
116 if (options->xauth_location == NULL)
117 options->xauth_location = XAUTH_PATH;
118#endif /* XAUTH_PATH */
5260325f 119 if (options->strict_modes == -1)
120 options->strict_modes = 1;
121 if (options->keepalives == -1)
122 options->keepalives = 1;
123 if (options->log_facility == (SyslogFacility) (-1))
124 options->log_facility = SYSLOG_FACILITY_AUTH;
125 if (options->log_level == (LogLevel) (-1))
126 options->log_level = SYSLOG_LEVEL_INFO;
127 if (options->rhosts_authentication == -1)
128 options->rhosts_authentication = 0;
129 if (options->rhosts_rsa_authentication == -1)
c8d54615 130 options->rhosts_rsa_authentication = 0;
5260325f 131 if (options->rsa_authentication == -1)
132 options->rsa_authentication = 1;
1d1ffb87 133 if (options->dsa_authentication == -1)
134 options->dsa_authentication = 1;
8efc0c15 135#ifdef KRB4
5260325f 136 if (options->kerberos_authentication == -1)
137 options->kerberos_authentication = (access(KEYFILE, R_OK) == 0);
138 if (options->kerberos_or_local_passwd == -1)
139 options->kerberos_or_local_passwd = 1;
140 if (options->kerberos_ticket_cleanup == -1)
141 options->kerberos_ticket_cleanup = 1;
8efc0c15 142#endif /* KRB4 */
143#ifdef AFS
5260325f 144 if (options->kerberos_tgt_passing == -1)
145 options->kerberos_tgt_passing = 0;
146 if (options->afs_token_passing == -1)
147 options->afs_token_passing = k_hasafs();
8efc0c15 148#endif /* AFS */
5260325f 149 if (options->password_authentication == -1)
150 options->password_authentication = 1;
8efc0c15 151#ifdef SKEY
5260325f 152 if (options->skey_authentication == -1)
153 options->skey_authentication = 1;
8efc0c15 154#endif
5260325f 155 if (options->permit_empty_passwd == -1)
c8d54615 156 options->permit_empty_passwd = 0;
5260325f 157 if (options->use_login == -1)
158 options->use_login = 0;
a8be9f80 159 if (options->protocol == SSH_PROTO_UNKNOWN)
a306f2dd 160 options->protocol = SSH_PROTO_1|SSH_PROTO_2;
1d1ffb87 161 if (options->gateway_ports == -1)
162 options->gateway_ports = 0;
089fbbd2 163 if (options->max_startups == -1)
164 options->max_startups = 10;
8efc0c15 165}
166
8efc0c15 167/* Keyword tokens. */
5260325f 168typedef enum {
169 sBadOption, /* == unknown option */
170 sPort, sHostKeyFile, sServerKeyBits, sLoginGraceTime, sKeyRegenerationTime,
171 sPermitRootLogin, sLogFacility, sLogLevel,
172 sRhostsAuthentication, sRhostsRSAAuthentication, sRSAAuthentication,
8efc0c15 173#ifdef KRB4
5260325f 174 sKerberosAuthentication, sKerberosOrLocalPasswd, sKerberosTicketCleanup,
8efc0c15 175#endif
176#ifdef AFS
5260325f 177 sKerberosTgtPassing, sAFSTokenPassing,
8efc0c15 178#endif
179#ifdef SKEY
5260325f 180 sSkeyAuthentication,
8efc0c15 181#endif
5260325f 182 sPasswordAuthentication, sListenAddress,
183 sPrintMotd, sIgnoreRhosts, sX11Forwarding, sX11DisplayOffset,
184 sStrictModes, sEmptyPasswd, sRandomSeedFile, sKeepAlives, sCheckMail,
185 sUseLogin, sAllowUsers, sDenyUsers, sAllowGroups, sDenyGroups,
1d1ffb87 186 sIgnoreUserKnownHosts, sHostDSAKeyFile, sCiphers, sProtocol, sPidFile,
089fbbd2 187 sGatewayPorts, sDSAAuthentication, sXAuthLocation, sSubsystem, sMaxStartups
8efc0c15 188} ServerOpCodes;
189
190/* Textual representation of the tokens. */
5260325f 191static struct {
192 const char *name;
193 ServerOpCodes opcode;
194} keywords[] = {
195 { "port", sPort },
196 { "hostkey", sHostKeyFile },
1d1ffb87 197 { "hostdsakey", sHostDSAKeyFile },
0fbe8c74 198 { "pidfile", sPidFile },
5260325f 199 { "serverkeybits", sServerKeyBits },
200 { "logingracetime", sLoginGraceTime },
201 { "keyregenerationinterval", sKeyRegenerationTime },
202 { "permitrootlogin", sPermitRootLogin },
203 { "syslogfacility", sLogFacility },
204 { "loglevel", sLogLevel },
205 { "rhostsauthentication", sRhostsAuthentication },
206 { "rhostsrsaauthentication", sRhostsRSAAuthentication },
207 { "rsaauthentication", sRSAAuthentication },
1d1ffb87 208 { "dsaauthentication", sDSAAuthentication },
8efc0c15 209#ifdef KRB4
5260325f 210 { "kerberosauthentication", sKerberosAuthentication },
211 { "kerberosorlocalpasswd", sKerberosOrLocalPasswd },
212 { "kerberosticketcleanup", sKerberosTicketCleanup },
8efc0c15 213#endif
214#ifdef AFS
5260325f 215 { "kerberostgtpassing", sKerberosTgtPassing },
216 { "afstokenpassing", sAFSTokenPassing },
8efc0c15 217#endif
5260325f 218 { "passwordauthentication", sPasswordAuthentication },
8efc0c15 219#ifdef SKEY
5260325f 220 { "skeyauthentication", sSkeyAuthentication },
8efc0c15 221#endif
5260325f 222 { "checkmail", sCheckMail },
223 { "listenaddress", sListenAddress },
224 { "printmotd", sPrintMotd },
225 { "ignorerhosts", sIgnoreRhosts },
226 { "ignoreuserknownhosts", sIgnoreUserKnownHosts },
227 { "x11forwarding", sX11Forwarding },
228 { "x11displayoffset", sX11DisplayOffset },
fa649821 229 { "xauthlocation", sXAuthLocation },
5260325f 230 { "strictmodes", sStrictModes },
231 { "permitemptypasswords", sEmptyPasswd },
232 { "uselogin", sUseLogin },
233 { "randomseed", sRandomSeedFile },
234 { "keepalive", sKeepAlives },
235 { "allowusers", sAllowUsers },
236 { "denyusers", sDenyUsers },
237 { "allowgroups", sAllowGroups },
238 { "denygroups", sDenyGroups },
a8be9f80 239 { "ciphers", sCiphers },
240 { "protocol", sProtocol },
1d1ffb87 241 { "gatewayports", sGatewayPorts },
38c295d6 242 { "subsystem", sSubsystem },
089fbbd2 243 { "maxstartups", sMaxStartups },
5260325f 244 { NULL, 0 }
8efc0c15 245};
246
aa3378df 247/*
248 * Returns the number of the token pointed to by cp of length len. Never
249 * returns if the token is not known.
250 */
8efc0c15 251
6ae2364d 252static ServerOpCodes
5260325f 253parse_token(const char *cp, const char *filename,
254 int linenum)
8efc0c15 255{
5260325f 256 unsigned int i;
8efc0c15 257
5260325f 258 for (i = 0; keywords[i].name; i++)
aa3378df 259 if (strcasecmp(cp, keywords[i].name) == 0)
5260325f 260 return keywords[i].opcode;
8efc0c15 261
5260325f 262 fprintf(stderr, "%s: line %d: Bad configuration option: %s\n",
263 filename, linenum, cp);
264 return sBadOption;
8efc0c15 265}
266
48e671d5 267/*
268 * add listen address
269 */
6ae2364d 270void
48e671d5 271add_listen_addr(ServerOptions *options, char *addr)
272{
273 extern int IPv4or6;
274 struct addrinfo hints, *ai, *aitop;
275 char strport[NI_MAXSERV];
276 int gaierr;
277 int i;
278
279 if (options->num_ports == 0)
280 options->ports[options->num_ports++] = SSH_DEFAULT_PORT;
281 for (i = 0; i < options->num_ports; i++) {
282 memset(&hints, 0, sizeof(hints));
283 hints.ai_family = IPv4or6;
284 hints.ai_socktype = SOCK_STREAM;
285 hints.ai_flags = (addr == NULL) ? AI_PASSIVE : 0;
286 snprintf(strport, sizeof strport, "%d", options->ports[i]);
287 if ((gaierr = getaddrinfo(addr, strport, &hints, &aitop)) != 0)
288 fatal("bad addr or host: %s (%s)\n",
289 addr ? addr : "<NULL>",
290 gai_strerror(gaierr));
291 for (ai = aitop; ai->ai_next; ai = ai->ai_next)
292 ;
293 ai->ai_next = options->listen_addrs;
294 options->listen_addrs = aitop;
295 }
296}
297
8efc0c15 298/* Reads the server configuration file. */
299
6ae2364d 300void
5260325f 301read_server_config(ServerOptions *options, const char *filename)
8efc0c15 302{
5260325f 303 FILE *f;
304 char line[1024];
089fbbd2 305 char *cp, **charptr, *arg;
5260325f 306 int linenum, *intptr, value;
307 int bad_options = 0;
308 ServerOpCodes opcode;
38c295d6 309 int i;
5260325f 310
311 f = fopen(filename, "r");
312 if (!f) {
313 perror(filename);
8efc0c15 314 exit(1);
5260325f 315 }
316 linenum = 0;
317 while (fgets(line, sizeof(line), f)) {
318 linenum++;
704b1659 319 cp = line;
320 arg = strdelim(&cp);
321 /* Ignore leading whitespace */
322 if (*arg == '\0')
323 arg = strdelim(&cp);
324 if (!*arg || *arg == '#')
5260325f 325 continue;
089fbbd2 326 opcode = parse_token(arg, filename, linenum);
5260325f 327 switch (opcode) {
328 case sBadOption:
329 bad_options++;
330 continue;
331 case sPort:
48e671d5 332 /* ignore ports from configfile if cmdline specifies ports */
333 if (options->ports_from_cmdline)
334 continue;
335 if (options->listen_addrs != NULL)
336 fatal("%s line %d: ports must be specified before "
337 "ListenAdress.\n", filename, linenum);
338 if (options->num_ports >= MAX_PORTS)
339 fatal("%s line %d: too many ports.\n",
6ae2364d 340 filename, linenum);
704b1659 341 arg = strdelim(&cp);
089fbbd2 342 if (!arg || *arg == '\0')
48e671d5 343 fatal("%s line %d: missing port number.\n",
344 filename, linenum);
089fbbd2 345 options->ports[options->num_ports++] = atoi(arg);
48e671d5 346 break;
347
348 case sServerKeyBits:
349 intptr = &options->server_key_bits;
5260325f 350parse_int:
704b1659 351 arg = strdelim(&cp);
089fbbd2 352 if (!arg || *arg == '\0') {
5260325f 353 fprintf(stderr, "%s line %d: missing integer value.\n",
354 filename, linenum);
355 exit(1);
356 }
089fbbd2 357 value = atoi(arg);
5260325f 358 if (*intptr == -1)
359 *intptr = value;
360 break;
361
5260325f 362 case sLoginGraceTime:
363 intptr = &options->login_grace_time;
364 goto parse_int;
365
366 case sKeyRegenerationTime:
367 intptr = &options->key_regeneration_time;
368 goto parse_int;
369
370 case sListenAddress:
704b1659 371 arg = strdelim(&cp);
089fbbd2 372 if (!arg || *arg == '\0')
48e671d5 373 fatal("%s line %d: missing inet addr.\n",
374 filename, linenum);
089fbbd2 375 add_listen_addr(options, arg);
5260325f 376 break;
377
378 case sHostKeyFile:
1d1ffb87 379 case sHostDSAKeyFile:
e78a59f5 380 charptr = (opcode == sHostKeyFile ) ?
1d1ffb87 381 &options->host_key_file : &options->host_dsa_key_file;
fa649821 382parse_filename:
704b1659 383 arg = strdelim(&cp);
089fbbd2 384 if (!arg || *arg == '\0') {
5260325f 385 fprintf(stderr, "%s line %d: missing file name.\n",
0fbe8c74 386 filename, linenum);
387 exit(1);
388 }
389 if (*charptr == NULL)
089fbbd2 390 *charptr = tilde_expand_filename(arg, getuid());
0fbe8c74 391 break;
392
393 case sPidFile:
394 charptr = &options->pid_file;
fa649821 395 goto parse_filename;
5260325f 396
397 case sRandomSeedFile:
398 fprintf(stderr, "%s line %d: \"randomseed\" option is obsolete.\n",
399 filename, linenum);
704b1659 400 arg = strdelim(&cp);
5260325f 401 break;
402
403 case sPermitRootLogin:
404 intptr = &options->permit_root_login;
704b1659 405 arg = strdelim(&cp);
089fbbd2 406 if (!arg || *arg == '\0') {
5260325f 407 fprintf(stderr, "%s line %d: missing yes/without-password/no argument.\n",
408 filename, linenum);
409 exit(1);
410 }
089fbbd2 411 if (strcmp(arg, "without-password") == 0)
5260325f 412 value = 2;
089fbbd2 413 else if (strcmp(arg, "yes") == 0)
5260325f 414 value = 1;
089fbbd2 415 else if (strcmp(arg, "no") == 0)
5260325f 416 value = 0;
417 else {
418 fprintf(stderr, "%s line %d: Bad yes/without-password/no argument: %s\n",
089fbbd2 419 filename, linenum, arg);
5260325f 420 exit(1);
421 }
422 if (*intptr == -1)
423 *intptr = value;
424 break;
425
426 case sIgnoreRhosts:
427 intptr = &options->ignore_rhosts;
428parse_flag:
704b1659 429 arg = strdelim(&cp);
089fbbd2 430 if (!arg || *arg == '\0') {
5260325f 431 fprintf(stderr, "%s line %d: missing yes/no argument.\n",
432 filename, linenum);
433 exit(1);
434 }
089fbbd2 435 if (strcmp(arg, "yes") == 0)
5260325f 436 value = 1;
089fbbd2 437 else if (strcmp(arg, "no") == 0)
5260325f 438 value = 0;
439 else {
440 fprintf(stderr, "%s line %d: Bad yes/no argument: %s\n",
089fbbd2 441 filename, linenum, arg);
5260325f 442 exit(1);
443 }
444 if (*intptr == -1)
445 *intptr = value;
446 break;
447
448 case sIgnoreUserKnownHosts:
449 intptr = &options->ignore_user_known_hosts;
c8d54615 450 goto parse_flag;
5260325f 451
452 case sRhostsAuthentication:
453 intptr = &options->rhosts_authentication;
454 goto parse_flag;
455
456 case sRhostsRSAAuthentication:
457 intptr = &options->rhosts_rsa_authentication;
458 goto parse_flag;
459
460 case sRSAAuthentication:
461 intptr = &options->rsa_authentication;
462 goto parse_flag;
463
1d1ffb87 464 case sDSAAuthentication:
465 intptr = &options->dsa_authentication;
466 goto parse_flag;
467
8efc0c15 468#ifdef KRB4
5260325f 469 case sKerberosAuthentication:
470 intptr = &options->kerberos_authentication;
471 goto parse_flag;
472
473 case sKerberosOrLocalPasswd:
474 intptr = &options->kerberos_or_local_passwd;
475 goto parse_flag;
476
477 case sKerberosTicketCleanup:
478 intptr = &options->kerberos_ticket_cleanup;
479 goto parse_flag;
8efc0c15 480#endif
5260325f 481
8efc0c15 482#ifdef AFS
5260325f 483 case sKerberosTgtPassing:
484 intptr = &options->kerberos_tgt_passing;
485 goto parse_flag;
8efc0c15 486
5260325f 487 case sAFSTokenPassing:
488 intptr = &options->afs_token_passing;
489 goto parse_flag;
8efc0c15 490#endif
491
5260325f 492 case sPasswordAuthentication:
493 intptr = &options->password_authentication;
494 goto parse_flag;
8efc0c15 495
5260325f 496 case sCheckMail:
497 intptr = &options->check_mail;
498 goto parse_flag;
8efc0c15 499
500#ifdef SKEY
5260325f 501 case sSkeyAuthentication:
502 intptr = &options->skey_authentication;
503 goto parse_flag;
8efc0c15 504#endif
505
5260325f 506 case sPrintMotd:
507 intptr = &options->print_motd;
508 goto parse_flag;
509
510 case sX11Forwarding:
511 intptr = &options->x11_forwarding;
512 goto parse_flag;
513
514 case sX11DisplayOffset:
515 intptr = &options->x11_display_offset;
516 goto parse_int;
517
fa649821 518 case sXAuthLocation:
519 charptr = &options->xauth_location;
520 goto parse_filename;
521
5260325f 522 case sStrictModes:
523 intptr = &options->strict_modes;
524 goto parse_flag;
525
526 case sKeepAlives:
527 intptr = &options->keepalives;
528 goto parse_flag;
529
530 case sEmptyPasswd:
531 intptr = &options->permit_empty_passwd;
532 goto parse_flag;
533
534 case sUseLogin:
535 intptr = &options->use_login;
536 goto parse_flag;
537
1d1ffb87 538 case sGatewayPorts:
539 intptr = &options->gateway_ports;
540 goto parse_flag;
541
5260325f 542 case sLogFacility:
543 intptr = (int *) &options->log_facility;
704b1659 544 arg = strdelim(&cp);
089fbbd2 545 value = log_facility_number(arg);
5260325f 546 if (value == (SyslogFacility) - 1)
547 fatal("%.200s line %d: unsupported log facility '%s'\n",
089fbbd2 548 filename, linenum, arg ? arg : "<NONE>");
5260325f 549 if (*intptr == -1)
550 *intptr = (SyslogFacility) value;
551 break;
552
553 case sLogLevel:
554 intptr = (int *) &options->log_level;
704b1659 555 arg = strdelim(&cp);
089fbbd2 556 value = log_level_number(arg);
5260325f 557 if (value == (LogLevel) - 1)
558 fatal("%.200s line %d: unsupported log level '%s'\n",
089fbbd2 559 filename, linenum, arg ? arg : "<NONE>");
5260325f 560 if (*intptr == -1)
561 *intptr = (LogLevel) value;
562 break;
563
564 case sAllowUsers:
704b1659 565 while ((arg = strdelim(&cp)) && *arg != '\0') {
a8be9f80 566 if (options->num_allow_users >= MAX_ALLOW_USERS)
567 fatal("%s line %d: too many allow users.\n",
568 filename, linenum);
089fbbd2 569 options->allow_users[options->num_allow_users++] = xstrdup(arg);
5260325f 570 }
571 break;
572
573 case sDenyUsers:
704b1659 574 while ((arg = strdelim(&cp)) && *arg != '\0') {
a8be9f80 575 if (options->num_deny_users >= MAX_DENY_USERS)
576 fatal( "%s line %d: too many deny users.\n",
577 filename, linenum);
089fbbd2 578 options->deny_users[options->num_deny_users++] = xstrdup(arg);
5260325f 579 }
580 break;
581
582 case sAllowGroups:
704b1659 583 while ((arg = strdelim(&cp)) && *arg != '\0') {
a8be9f80 584 if (options->num_allow_groups >= MAX_ALLOW_GROUPS)
585 fatal("%s line %d: too many allow groups.\n",
586 filename, linenum);
089fbbd2 587 options->allow_groups[options->num_allow_groups++] = xstrdup(arg);
5260325f 588 }
589 break;
590
591 case sDenyGroups:
704b1659 592 while ((arg = strdelim(&cp)) && *arg != '\0') {
a8be9f80 593 if (options->num_deny_groups >= MAX_DENY_GROUPS)
594 fatal("%s line %d: too many deny groups.\n",
595 filename, linenum);
089fbbd2 596 options->deny_groups[options->num_deny_groups++] = xstrdup(arg);
5260325f 597 }
598 break;
599
a8be9f80 600 case sCiphers:
704b1659 601 arg = strdelim(&cp);
089fbbd2 602 if (!arg || *arg == '\0')
71276795 603 fatal("%s line %d: Missing argument.", filename, linenum);
089fbbd2 604 if (!ciphers_valid(arg))
d0c832f3 605 fatal("%s line %d: Bad SSH2 cipher spec '%s'.",
089fbbd2 606 filename, linenum, arg ? arg : "<NONE>");
a8be9f80 607 if (options->ciphers == NULL)
089fbbd2 608 options->ciphers = xstrdup(arg);
a8be9f80 609 break;
610
611 case sProtocol:
612 intptr = &options->protocol;
704b1659 613 arg = strdelim(&cp);
089fbbd2 614 if (!arg || *arg == '\0')
71276795 615 fatal("%s line %d: Missing argument.", filename, linenum);
089fbbd2 616 value = proto_spec(arg);
a8be9f80 617 if (value == SSH_PROTO_UNKNOWN)
618 fatal("%s line %d: Bad protocol spec '%s'.",
089fbbd2 619 filename, linenum, arg ? arg : "<NONE>");
a8be9f80 620 if (*intptr == SSH_PROTO_UNKNOWN)
621 *intptr = value;
622 break;
623
38c295d6 624 case sSubsystem:
625 if(options->num_subsystems >= MAX_SUBSYSTEMS) {
626 fatal("%s line %d: too many subsystems defined.",
627 filename, linenum);
628 }
704b1659 629 arg = strdelim(&cp);
089fbbd2 630 if (!arg || *arg == '\0')
38c295d6 631 fatal("%s line %d: Missing subsystem name.",
632 filename, linenum);
633 for (i = 0; i < options->num_subsystems; i++)
089fbbd2 634 if(strcmp(arg, options->subsystem_name[i]) == 0)
38c295d6 635 fatal("%s line %d: Subsystem '%s' already defined.",
089fbbd2 636 filename, linenum, arg);
637 options->subsystem_name[options->num_subsystems] = xstrdup(arg);
704b1659 638 arg = strdelim(&cp);
089fbbd2 639 if (!arg || *arg == '\0')
38c295d6 640 fatal("%s line %d: Missing subsystem command.",
641 filename, linenum);
089fbbd2 642 options->subsystem_command[options->num_subsystems] = xstrdup(arg);
38c295d6 643 options->num_subsystems++;
644 break;
645
089fbbd2 646 case sMaxStartups:
647 intptr = &options->max_startups;
648 goto parse_int;
649
5260325f 650 default:
651 fprintf(stderr, "%s line %d: Missing handler for opcode %s (%d)\n",
089fbbd2 652 filename, linenum, arg, opcode);
5260325f 653 exit(1);
8efc0c15 654 }
704b1659 655 if ((arg = strdelim(&cp)) != NULL && *arg != '\0') {
089fbbd2 656 fprintf(stderr,
657 "%s line %d: garbage at end of line; \"%.200s\".\n",
658 filename, linenum, arg);
5260325f 659 exit(1);
8efc0c15 660 }
8efc0c15 661 }
5260325f 662 fclose(f);
663 if (bad_options > 0) {
664 fprintf(stderr, "%s: terminating, %d bad configuration options\n",
665 filename, bad_options);
666 exit(1);
8efc0c15 667 }
8efc0c15 668}
git-cvsimport mirror of OpenSSH
This page took 0.207844 seconds and 5 git commands to generate.