]> andersk Git - openssh.git/blame - readconf.c
andersk / openssh.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
- OpenBSD CVS updates:
[openssh.git] / readconf.c
CommitLineData
8efc0c15 1/*
6ae2364d 2 *
5260325f 3 * readconf.c
6ae2364d 4 *
5260325f 5 * Author: Tatu Ylonen <ylo@cs.hut.fi>
6ae2364d 6 *
5260325f 7 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
8 * All rights reserved
6ae2364d 9 *
5260325f 10 * Created: Sat Apr 22 00:03:10 1995 ylo
6ae2364d 11 *
5260325f 12 * Functions for reading the configuration files.
6ae2364d 13 *
5260325f 14 */
8efc0c15 15
16#include "includes.h"
17RCSID("$Id$");
18
19#include "ssh.h"
20#include "cipher.h"
21#include "readconf.h"
7368a6c8 22#include "match.h"
8efc0c15 23#include "xmalloc.h"
a8be9f80 24#include "compat.h"
8efc0c15 25
26/* Format of the configuration file:
27
28 # Configuration data is parsed as follows:
29 # 1. command line options
30 # 2. user-specific file
31 # 3. system-wide file
32 # Any configuration value is only changed the first time it is set.
33 # Thus, host-specific definitions should be at the beginning of the
34 # configuration file, and defaults at the end.
35
36 # Host-specific declarations. These may override anything above. A single
37 # host may match multiple declarations; these are processed in the order
38 # that they are given in.
39
40 Host *.ngs.fi ngs.fi
41 FallBackToRsh no
42
43 Host fake.com
44 HostName another.host.name.real.org
45 User blaah
46 Port 34289
47 ForwardX11 no
48 ForwardAgent no
49
50 Host books.com
51 RemoteForward 9999 shadows.cs.hut.fi:9999
52 Cipher 3des
53
54 Host fascist.blob.com
55 Port 23123
56 User tylonen
57 RhostsAuthentication no
58 PasswordAuthentication no
59
60 Host puukko.hut.fi
61 User t35124p
62 ProxyCommand ssh-proxy %h %p
63
64 Host *.fr
65 UseRsh yes
66
67 Host *.su
68 Cipher none
69 PasswordAuthentication no
70
71 # Defaults for various options
72 Host *
73 ForwardAgent no
74 ForwardX11 yes
75 RhostsAuthentication yes
76 PasswordAuthentication yes
77 RSAAuthentication yes
78 RhostsRSAAuthentication yes
79 FallBackToRsh no
80 UseRsh no
81 StrictHostKeyChecking yes
82 KeepAlives no
83 IdentityFile ~/.ssh/identity
84 Port 22
85 EscapeChar ~
86
87*/
88
89/* Keyword tokens. */
90
5260325f 91typedef enum {
92 oBadOption,
93 oForwardAgent, oForwardX11, oGatewayPorts, oRhostsAuthentication,
94 oPasswordAuthentication, oRSAAuthentication, oFallBackToRsh, oUseRsh,
95 oSkeyAuthentication,
8efc0c15 96#ifdef KRB4
5260325f 97 oKerberosAuthentication,
8efc0c15 98#endif /* KRB4 */
99#ifdef AFS
5260325f 100 oKerberosTgtPassing, oAFSTokenPassing,
8efc0c15 101#endif
5260325f 102 oIdentityFile, oHostName, oPort, oCipher, oRemoteForward, oLocalForward,
103 oUser, oHost, oEscapeChar, oRhostsRSAAuthentication, oProxyCommand,
104 oGlobalKnownHostsFile, oUserKnownHostsFile, oConnectionAttempts,
105 oBatchMode, oCheckHostIP, oStrictHostKeyChecking, oCompression,
106 oCompressionLevel, oKeepAlives, oNumberOfPasswordPrompts, oTISAuthentication,
a306f2dd 107 oUsePrivilegedPort, oLogLevel, oCiphers, oProtocol, oIdentityFile2,
1d1ffb87 108 oGlobalKnownHostsFile2, oUserKnownHostsFile2, oDSAAuthentication
8efc0c15 109} OpCodes;
110
111/* Textual representations of the tokens. */
112
5260325f 113static struct {
114 const char *name;
115 OpCodes opcode;
116} keywords[] = {
117 { "forwardagent", oForwardAgent },
118 { "forwardx11", oForwardX11 },
119 { "gatewayports", oGatewayPorts },
120 { "useprivilegedport", oUsePrivilegedPort },
121 { "rhostsauthentication", oRhostsAuthentication },
122 { "passwordauthentication", oPasswordAuthentication },
123 { "rsaauthentication", oRSAAuthentication },
1d1ffb87 124 { "dsaauthentication", oDSAAuthentication },
5260325f 125 { "skeyauthentication", oSkeyAuthentication },
8efc0c15 126#ifdef KRB4
5260325f 127 { "kerberosauthentication", oKerberosAuthentication },
8efc0c15 128#endif /* KRB4 */
129#ifdef AFS
5260325f 130 { "kerberostgtpassing", oKerberosTgtPassing },
131 { "afstokenpassing", oAFSTokenPassing },
8efc0c15 132#endif
5260325f 133 { "fallbacktorsh", oFallBackToRsh },
134 { "usersh", oUseRsh },
135 { "identityfile", oIdentityFile },
a306f2dd 136 { "identityfile2", oIdentityFile2 },
5260325f 137 { "hostname", oHostName },
138 { "proxycommand", oProxyCommand },
139 { "port", oPort },
140 { "cipher", oCipher },
a8be9f80 141 { "ciphers", oCiphers },
142 { "protocol", oProtocol },
5260325f 143 { "remoteforward", oRemoteForward },
144 { "localforward", oLocalForward },
145 { "user", oUser },
146 { "host", oHost },
147 { "escapechar", oEscapeChar },
148 { "rhostsrsaauthentication", oRhostsRSAAuthentication },
149 { "globalknownhostsfile", oGlobalKnownHostsFile },
150 { "userknownhostsfile", oUserKnownHostsFile },
a306f2dd 151 { "globalknownhostsfile2", oGlobalKnownHostsFile2 },
152 { "userknownhostsfile2", oUserKnownHostsFile2 },
5260325f 153 { "connectionattempts", oConnectionAttempts },
154 { "batchmode", oBatchMode },
155 { "checkhostip", oCheckHostIP },
156 { "stricthostkeychecking", oStrictHostKeyChecking },
157 { "compression", oCompression },
158 { "compressionlevel", oCompressionLevel },
159 { "keepalive", oKeepAlives },
160 { "numberofpasswordprompts", oNumberOfPasswordPrompts },
161 { "tisauthentication", oTISAuthentication },
162 { "loglevel", oLogLevel },
163 { NULL, 0 }
6a17f9c2 164};
165
8efc0c15 166/* Characters considered whitespace in strtok calls. */
167#define WHITESPACE " \t\r\n"
168
169
aa3378df 170/*
171 * Adds a local TCP/IP port forward to options. Never returns if there is an
172 * error.
173 */
8efc0c15 174
6ae2364d 175void
57112b5a 176add_local_forward(Options *options, u_short port, const char *host,
177 u_short host_port)
8efc0c15 178{
5260325f 179 Forward *fwd;
180 extern uid_t original_real_uid;
5260325f 181 if (port < IPPORT_RESERVED && original_real_uid != 0)
182 fatal("Privileged ports can only be forwarded by root.\n");
183 if (options->num_local_forwards >= SSH_MAX_FORWARDS_PER_DIRECTION)
184 fatal("Too many local forwards (max %d).", SSH_MAX_FORWARDS_PER_DIRECTION);
185 fwd = &options->local_forwards[options->num_local_forwards++];
186 fwd->port = port;
187 fwd->host = xstrdup(host);
188 fwd->host_port = host_port;
8efc0c15 189}
190
aa3378df 191/*
192 * Adds a remote TCP/IP port forward to options. Never returns if there is
193 * an error.
194 */
8efc0c15 195
6ae2364d 196void
57112b5a 197add_remote_forward(Options *options, u_short port, const char *host,
198 u_short host_port)
8efc0c15 199{
5260325f 200 Forward *fwd;
201 if (options->num_remote_forwards >= SSH_MAX_FORWARDS_PER_DIRECTION)
202 fatal("Too many remote forwards (max %d).",
203 SSH_MAX_FORWARDS_PER_DIRECTION);
204 fwd = &options->remote_forwards[options->num_remote_forwards++];
205 fwd->port = port;
206 fwd->host = xstrdup(host);
207 fwd->host_port = host_port;
8efc0c15 208}
209
aa3378df 210/*
211 * Returns the number of the token pointed to by cp of length len. Never
212 * returns if the token is not known.
213 */
8efc0c15 214
6ae2364d 215static OpCodes
5260325f 216parse_token(const char *cp, const char *filename, int linenum)
8efc0c15 217{
5260325f 218 unsigned int i;
8efc0c15 219
5260325f 220 for (i = 0; keywords[i].name; i++)
aa3378df 221 if (strcasecmp(cp, keywords[i].name) == 0)
5260325f 222 return keywords[i].opcode;
8efc0c15 223
5260325f 224 fprintf(stderr, "%s: line %d: Bad configuration option: %s\n",
225 filename, linenum, cp);
226 return oBadOption;
8efc0c15 227}
228
aa3378df 229/*
230 * Processes a single option line as used in the configuration files. This
231 * only sets those values that have not already been set.
232 */
8efc0c15 233
e7c0f9d5 234int
235process_config_line(Options *options, const char *host,
5260325f 236 char *line, const char *filename, int linenum,
237 int *activep)
8efc0c15 238{
aa3378df 239 char buf[256], *cp, *string, **charptr, *cp2;
57112b5a 240 int opcode, *intptr, value;
241 u_short fwd_port, fwd_host_port;
5260325f 242
243 /* Skip leading whitespace. */
244 cp = line + strspn(line, WHITESPACE);
245 if (!*cp || *cp == '\n' || *cp == '#')
246 return 0;
247
aa3378df 248 /* Get the keyword. (Each line is supposed to begin with a keyword). */
5260325f 249 cp = strtok(cp, WHITESPACE);
5260325f 250 opcode = parse_token(cp, filename, linenum);
251
252 switch (opcode) {
253 case oBadOption:
aa3378df 254 /* don't panic, but count bad options */
255 return -1;
5260325f 256 /* NOTREACHED */
257 case oForwardAgent:
258 intptr = &options->forward_agent;
259parse_flag:
260 cp = strtok(NULL, WHITESPACE);
261 if (!cp)
262 fatal("%.200s line %d: Missing yes/no argument.", filename, linenum);
263 value = 0; /* To avoid compiler warning... */
264 if (strcmp(cp, "yes") == 0 || strcmp(cp, "true") == 0)
265 value = 1;
266 else if (strcmp(cp, "no") == 0 || strcmp(cp, "false") == 0)
267 value = 0;
268 else
269 fatal("%.200s line %d: Bad yes/no argument.", filename, linenum);
270 if (*activep && *intptr == -1)
271 *intptr = value;
272 break;
273
274 case oForwardX11:
275 intptr = &options->forward_x11;
276 goto parse_flag;
277
278 case oGatewayPorts:
279 intptr = &options->gateway_ports;
280 goto parse_flag;
281
282 case oUsePrivilegedPort:
283 intptr = &options->use_privileged_port;
284 goto parse_flag;
285
286 case oRhostsAuthentication:
287 intptr = &options->rhosts_authentication;
288 goto parse_flag;
289
290 case oPasswordAuthentication:
291 intptr = &options->password_authentication;
292 goto parse_flag;
293
1d1ffb87 294 case oDSAAuthentication:
295 intptr = &options->dsa_authentication;
296 goto parse_flag;
297
5260325f 298 case oRSAAuthentication:
299 intptr = &options->rsa_authentication;
300 goto parse_flag;
301
302 case oRhostsRSAAuthentication:
303 intptr = &options->rhosts_rsa_authentication;
304 goto parse_flag;
305
306 case oTISAuthentication:
307 /* fallthrough, there is no difference on the client side */
308 case oSkeyAuthentication:
309 intptr = &options->skey_authentication;
310 goto parse_flag;
8efc0c15 311
312#ifdef KRB4
5260325f 313 case oKerberosAuthentication:
314 intptr = &options->kerberos_authentication;
315 goto parse_flag;
8efc0c15 316#endif /* KRB4 */
317
318#ifdef AFS
5260325f 319 case oKerberosTgtPassing:
320 intptr = &options->kerberos_tgt_passing;
321 goto parse_flag;
8efc0c15 322
5260325f 323 case oAFSTokenPassing:
324 intptr = &options->afs_token_passing;
325 goto parse_flag;
8efc0c15 326#endif
5260325f 327
328 case oFallBackToRsh:
329 intptr = &options->fallback_to_rsh;
330 goto parse_flag;
331
332 case oUseRsh:
333 intptr = &options->use_rsh;
334 goto parse_flag;
335
336 case oBatchMode:
337 intptr = &options->batch_mode;
338 goto parse_flag;
339
340 case oCheckHostIP:
341 intptr = &options->check_host_ip;
342 goto parse_flag;
343
344 case oStrictHostKeyChecking:
345 intptr = &options->strict_host_key_checking;
346 cp = strtok(NULL, WHITESPACE);
347 if (!cp)
348 fatal("%.200s line %d: Missing yes/no argument.",
349 filename, linenum);
350 value = 0; /* To avoid compiler warning... */
351 if (strcmp(cp, "yes") == 0 || strcmp(cp, "true") == 0)
352 value = 1;
353 else if (strcmp(cp, "no") == 0 || strcmp(cp, "false") == 0)
354 value = 0;
355 else if (strcmp(cp, "ask") == 0)
356 value = 2;
357 else
358 fatal("%.200s line %d: Bad yes/no/ask argument.", filename, linenum);
359 if (*activep && *intptr == -1)
360 *intptr = value;
361 break;
362
363 case oCompression:
364 intptr = &options->compression;
365 goto parse_flag;
366
367 case oKeepAlives:
368 intptr = &options->keepalives;
369 goto parse_flag;
370
371 case oNumberOfPasswordPrompts:
372 intptr = &options->number_of_password_prompts;
373 goto parse_int;
374
375 case oCompressionLevel:
376 intptr = &options->compression_level;
377 goto parse_int;
378
379 case oIdentityFile:
a306f2dd 380 case oIdentityFile2:
5260325f 381 cp = strtok(NULL, WHITESPACE);
382 if (!cp)
383 fatal("%.200s line %d: Missing argument.", filename, linenum);
384 if (*activep) {
a306f2dd 385 intptr = (opcode == oIdentityFile) ?
386 &options->num_identity_files :
387 &options->num_identity_files2;
388 if (*intptr >= SSH_MAX_IDENTITY_FILES)
5260325f 389 fatal("%.200s line %d: Too many identity files specified (max %d).",
390 filename, linenum, SSH_MAX_IDENTITY_FILES);
a306f2dd 391 charptr = (opcode == oIdentityFile) ?
392 &options->identity_files[*intptr] :
393 &options->identity_files2[*intptr];
394 *charptr = xstrdup(cp);
395 *intptr = *intptr + 1;
5260325f 396 }
397 break;
398
399 case oUser:
400 charptr = &options->user;
401parse_string:
402 cp = strtok(NULL, WHITESPACE);
403 if (!cp)
404 fatal("%.200s line %d: Missing argument.", filename, linenum);
405 if (*activep && *charptr == NULL)
406 *charptr = xstrdup(cp);
407 break;
408
409 case oGlobalKnownHostsFile:
410 charptr = &options->system_hostfile;
411 goto parse_string;
412
413 case oUserKnownHostsFile:
414 charptr = &options->user_hostfile;
415 goto parse_string;
416
a306f2dd 417 case oGlobalKnownHostsFile2:
418 charptr = &options->system_hostfile2;
419 goto parse_string;
420
421 case oUserKnownHostsFile2:
422 charptr = &options->user_hostfile2;
423 goto parse_string;
424
5260325f 425 case oHostName:
426 charptr = &options->hostname;
427 goto parse_string;
428
429 case oProxyCommand:
430 charptr = &options->proxy_command;
431 string = xstrdup("");
432 while ((cp = strtok(NULL, WHITESPACE)) != NULL) {
433 string = xrealloc(string, strlen(string) + strlen(cp) + 2);
434 strcat(string, " ");
435 strcat(string, cp);
436 }
437 if (*activep && *charptr == NULL)
438 *charptr = string;
439 else
440 xfree(string);
441 return 0;
442
443 case oPort:
444 intptr = &options->port;
445parse_int:
446 cp = strtok(NULL, WHITESPACE);
447 if (!cp)
448 fatal("%.200s line %d: Missing argument.", filename, linenum);
449 if (cp[0] < '0' || cp[0] > '9')
450 fatal("%.200s line %d: Bad number.", filename, linenum);
aa3378df 451
452 /* Octal, decimal, or hex format? */
453 value = strtol(cp, &cp2, 0);
454 if (cp == cp2)
455 fatal("%.200s line %d: Bad number.", filename, linenum);
5260325f 456 if (*activep && *intptr == -1)
457 *intptr = value;
458 break;
459
460 case oConnectionAttempts:
461 intptr = &options->connection_attempts;
462 goto parse_int;
463
464 case oCipher:
465 intptr = &options->cipher;
466 cp = strtok(NULL, WHITESPACE);
71276795 467 if (!cp)
468 fatal("%.200s line %d: Missing argument.", filename, linenum);
5260325f 469 value = cipher_number(cp);
470 if (value == -1)
471 fatal("%.200s line %d: Bad cipher '%s'.",
472 filename, linenum, cp ? cp : "<NONE>");
473 if (*activep && *intptr == -1)
474 *intptr = value;
475 break;
476
a8be9f80 477 case oCiphers:
478 cp = strtok(NULL, WHITESPACE);
71276795 479 if (!cp)
480 fatal("%.200s line %d: Missing argument.", filename, linenum);
a8be9f80 481 if (!ciphers_valid(cp))
d0c832f3 482 fatal("%.200s line %d: Bad SSH2 cipher spec '%s'.",
a8be9f80 483 filename, linenum, cp ? cp : "<NONE>");
484 if (*activep && options->ciphers == NULL)
485 options->ciphers = xstrdup(cp);
486 break;
487
488 case oProtocol:
489 intptr = &options->protocol;
490 cp = strtok(NULL, WHITESPACE);
71276795 491 if (!cp)
492 fatal("%.200s line %d: Missing argument.", filename, linenum);
a8be9f80 493 value = proto_spec(cp);
494 if (value == SSH_PROTO_UNKNOWN)
495 fatal("%.200s line %d: Bad protocol spec '%s'.",
496 filename, linenum, cp ? cp : "<NONE>");
497 if (*activep && *intptr == SSH_PROTO_UNKNOWN)
498 *intptr = value;
499 break;
500
5260325f 501 case oLogLevel:
502 intptr = (int *) &options->log_level;
503 cp = strtok(NULL, WHITESPACE);
504 value = log_level_number(cp);
505 if (value == (LogLevel) - 1)
506 fatal("%.200s line %d: unsupported log level '%s'\n",
507 filename, linenum, cp ? cp : "<NONE>");
508 if (*activep && (LogLevel) * intptr == -1)
509 *intptr = (LogLevel) value;
510 break;
511
512 case oRemoteForward:
513 cp = strtok(NULL, WHITESPACE);
514 if (!cp)
515 fatal("%.200s line %d: Missing argument.", filename, linenum);
516 if (cp[0] < '0' || cp[0] > '9')
517 fatal("%.200s line %d: Badly formatted port number.",
518 filename, linenum);
519 fwd_port = atoi(cp);
520 cp = strtok(NULL, WHITESPACE);
521 if (!cp)
522 fatal("%.200s line %d: Missing second argument.",
523 filename, linenum);
57112b5a 524 if (sscanf(cp, "%255[^:]:%hu", buf, &fwd_host_port) != 2)
5260325f 525 fatal("%.200s line %d: Badly formatted host:port.",
526 filename, linenum);
527 if (*activep)
528 add_remote_forward(options, fwd_port, buf, fwd_host_port);
529 break;
530
531 case oLocalForward:
532 cp = strtok(NULL, WHITESPACE);
533 if (!cp)
534 fatal("%.200s line %d: Missing argument.", filename, linenum);
535 if (cp[0] < '0' || cp[0] > '9')
536 fatal("%.200s line %d: Badly formatted port number.",
537 filename, linenum);
538 fwd_port = atoi(cp);
539 cp = strtok(NULL, WHITESPACE);
540 if (!cp)
541 fatal("%.200s line %d: Missing second argument.",
542 filename, linenum);
57112b5a 543 if (sscanf(cp, "%255[^:]:%hu", buf, &fwd_host_port) != 2)
5260325f 544 fatal("%.200s line %d: Badly formatted host:port.",
545 filename, linenum);
546 if (*activep)
547 add_local_forward(options, fwd_port, buf, fwd_host_port);
548 break;
549
550 case oHost:
551 *activep = 0;
552 while ((cp = strtok(NULL, WHITESPACE)) != NULL)
553 if (match_pattern(host, cp)) {
554 debug("Applying options for %.100s", cp);
555 *activep = 1;
556 break;
557 }
aa3378df 558 /* Avoid garbage check below, as strtok already returned NULL. */
5260325f 559 return 0;
560
561 case oEscapeChar:
562 intptr = &options->escape_char;
563 cp = strtok(NULL, WHITESPACE);
564 if (!cp)
565 fatal("%.200s line %d: Missing argument.", filename, linenum);
566 if (cp[0] == '^' && cp[2] == 0 &&
567 (unsigned char) cp[1] >= 64 && (unsigned char) cp[1] < 128)
568 value = (unsigned char) cp[1] & 31;
569 else if (strlen(cp) == 1)
570 value = (unsigned char) cp[0];
571 else if (strcmp(cp, "none") == 0)
572 value = -2;
573 else {
574 fatal("%.200s line %d: Bad escape character.",
575 filename, linenum);
576 /* NOTREACHED */
577 value = 0; /* Avoid compiler warning. */
578 }
579 if (*activep && *intptr == -1)
580 *intptr = value;
581 break;
582
583 default:
584 fatal("process_config_line: Unimplemented opcode %d", opcode);
585 }
586
587 /* Check that there is no garbage at end of line. */
588 if (strtok(NULL, WHITESPACE) != NULL)
589 fatal("%.200s line %d: garbage at end of line.",
590 filename, linenum);
591 return 0;
8efc0c15 592}
593
594
aa3378df 595/*
596 * Reads the config file and modifies the options accordingly. Options
597 * should already be initialized before this call. This never returns if
598 * there is an error. If the file does not exist, this returns immediately.
599 */
8efc0c15 600
6ae2364d 601void
5260325f 602read_config_file(const char *filename, const char *host, Options *options)
8efc0c15 603{
5260325f 604 FILE *f;
605 char line[1024];
606 int active, linenum;
607 int bad_options = 0;
608
609 /* Open the file. */
610 f = fopen(filename, "r");
611 if (!f)
612 return;
613
614 debug("Reading configuration data %.200s", filename);
615
aa3378df 616 /*
617 * Mark that we are now processing the options. This flag is turned
618 * on/off by Host specifications.
619 */
5260325f 620 active = 1;
621 linenum = 0;
622 while (fgets(line, sizeof(line), f)) {
623 /* Update line number counter. */
624 linenum++;
625 if (process_config_line(options, host, line, filename, linenum, &active) != 0)
626 bad_options++;
627 }
628 fclose(f);
629 if (bad_options > 0)
630 fatal("%s: terminating, %d bad configuration options\n",
631 filename, bad_options);
8efc0c15 632}
633
aa3378df 634/*
635 * Initializes options to special values that indicate that they have not yet
636 * been set. Read_config_file will only set options with this value. Options
637 * are processed in the following order: command line, user config file,
638 * system config file. Last, fill_default_options is called.
639 */
8efc0c15 640
6ae2364d 641void
5260325f 642initialize_options(Options * options)
8efc0c15 643{
5260325f 644 memset(options, 'X', sizeof(*options));
645 options->forward_agent = -1;
646 options->forward_x11 = -1;
647 options->gateway_ports = -1;
648 options->use_privileged_port = -1;
649 options->rhosts_authentication = -1;
650 options->rsa_authentication = -1;
1d1ffb87 651 options->dsa_authentication = -1;
5260325f 652 options->skey_authentication = -1;
8efc0c15 653#ifdef KRB4
5260325f 654 options->kerberos_authentication = -1;
8efc0c15 655#endif
656#ifdef AFS
5260325f 657 options->kerberos_tgt_passing = -1;
658 options->afs_token_passing = -1;
8efc0c15 659#endif
5260325f 660 options->password_authentication = -1;
661 options->rhosts_rsa_authentication = -1;
662 options->fallback_to_rsh = -1;
663 options->use_rsh = -1;
664 options->batch_mode = -1;
665 options->check_host_ip = -1;
666 options->strict_host_key_checking = -1;
667 options->compression = -1;
668 options->keepalives = -1;
669 options->compression_level = -1;
670 options->port = -1;
671 options->connection_attempts = -1;
672 options->number_of_password_prompts = -1;
673 options->cipher = -1;
a8be9f80 674 options->ciphers = NULL;
675 options->protocol = SSH_PROTO_UNKNOWN;
5260325f 676 options->num_identity_files = 0;
a306f2dd 677 options->num_identity_files2 = 0;
5260325f 678 options->hostname = NULL;
679 options->proxy_command = NULL;
680 options->user = NULL;
681 options->escape_char = -1;
682 options->system_hostfile = NULL;
683 options->user_hostfile = NULL;
a306f2dd 684 options->system_hostfile2 = NULL;
685 options->user_hostfile2 = NULL;
5260325f 686 options->num_local_forwards = 0;
687 options->num_remote_forwards = 0;
688 options->log_level = (LogLevel) - 1;
8efc0c15 689}
690
aa3378df 691/*
692 * Called after processing other sources of option data, this fills those
693 * options for which no value has been specified with their default values.
694 */
8efc0c15 695
6ae2364d 696void
5260325f 697fill_default_options(Options * options)
8efc0c15 698{
5260325f 699 if (options->forward_agent == -1)
71276795 700 options->forward_agent = 0;
5260325f 701 if (options->forward_x11 == -1)
c8d54615 702 options->forward_x11 = 0;
5260325f 703 if (options->gateway_ports == -1)
704 options->gateway_ports = 0;
705 if (options->use_privileged_port == -1)
706 options->use_privileged_port = 1;
707 if (options->rhosts_authentication == -1)
708 options->rhosts_authentication = 1;
709 if (options->rsa_authentication == -1)
710 options->rsa_authentication = 1;
1d1ffb87 711 if (options->dsa_authentication == -1)
712 options->dsa_authentication = 1;
5260325f 713 if (options->skey_authentication == -1)
714 options->skey_authentication = 0;
8efc0c15 715#ifdef KRB4
5260325f 716 if (options->kerberos_authentication == -1)
717 options->kerberos_authentication = 1;
8efc0c15 718#endif /* KRB4 */
719#ifdef AFS
5260325f 720 if (options->kerberos_tgt_passing == -1)
721 options->kerberos_tgt_passing = 1;
722 if (options->afs_token_passing == -1)
723 options->afs_token_passing = 1;
8efc0c15 724#endif /* AFS */
5260325f 725 if (options->password_authentication == -1)
726 options->password_authentication = 1;
727 if (options->rhosts_rsa_authentication == -1)
728 options->rhosts_rsa_authentication = 1;
729 if (options->fallback_to_rsh == -1)
730 options->fallback_to_rsh = 1;
731 if (options->use_rsh == -1)
732 options->use_rsh = 0;
733 if (options->batch_mode == -1)
734 options->batch_mode = 0;
735 if (options->check_host_ip == -1)
736 options->check_host_ip = 1;
737 if (options->strict_host_key_checking == -1)
738 options->strict_host_key_checking = 2; /* 2 is default */
739 if (options->compression == -1)
740 options->compression = 0;
741 if (options->keepalives == -1)
742 options->keepalives = 1;
743 if (options->compression_level == -1)
744 options->compression_level = 6;
745 if (options->port == -1)
746 options->port = 0; /* Filled in ssh_connect. */
747 if (options->connection_attempts == -1)
748 options->connection_attempts = 4;
749 if (options->number_of_password_prompts == -1)
750 options->number_of_password_prompts = 3;
751 /* Selected in ssh_login(). */
752 if (options->cipher == -1)
753 options->cipher = SSH_CIPHER_NOT_SET;
d0c832f3 754 /* options->ciphers, default set in myproposals.h */
a8be9f80 755 if (options->protocol == SSH_PROTO_UNKNOWN)
a306f2dd 756 options->protocol = SSH_PROTO_1|SSH_PROTO_2|SSH_PROTO_1_PREFERRED;
5260325f 757 if (options->num_identity_files == 0) {
758 options->identity_files[0] =
759 xmalloc(2 + strlen(SSH_CLIENT_IDENTITY) + 1);
760 sprintf(options->identity_files[0], "~/%.100s", SSH_CLIENT_IDENTITY);
761 options->num_identity_files = 1;
762 }
a306f2dd 763 if (options->num_identity_files2 == 0) {
764 options->identity_files2[0] =
1d1ffb87 765 xmalloc(2 + strlen(SSH_CLIENT_ID_DSA) + 1);
766 sprintf(options->identity_files2[0], "~/%.100s", SSH_CLIENT_ID_DSA);
a306f2dd 767 options->num_identity_files2 = 1;
768 }
5260325f 769 if (options->escape_char == -1)
770 options->escape_char = '~';
771 if (options->system_hostfile == NULL)
772 options->system_hostfile = SSH_SYSTEM_HOSTFILE;
773 if (options->user_hostfile == NULL)
774 options->user_hostfile = SSH_USER_HOSTFILE;
a306f2dd 775 if (options->system_hostfile2 == NULL)
776 options->system_hostfile2 = SSH_SYSTEM_HOSTFILE2;
777 if (options->user_hostfile2 == NULL)
778 options->user_hostfile2 = SSH_USER_HOSTFILE2;
5260325f 779 if (options->log_level == (LogLevel) - 1)
780 options->log_level = SYSLOG_LEVEL_INFO;
781 /* options->proxy_command should not be set by default */
782 /* options->user will be set in the main program if appropriate */
783 /* options->hostname will be set in the main program if appropriate */
8efc0c15 784}
git-cvsimport mirror of OpenSSH
This page took 0.555347 seconds and 5 git commands to generate.