]> andersk Git - openssh.git/blame - readconf.c
andersk / openssh.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Fix spec files
[openssh.git] / readconf.c
CommitLineData
8efc0c15 1/*
6ae2364d 2 *
5260325f 3 * readconf.c
6ae2364d 4 *
5260325f 5 * Author: Tatu Ylonen <ylo@cs.hut.fi>
6ae2364d 6 *
5260325f 7 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
8 * All rights reserved
6ae2364d 9 *
5260325f 10 * Created: Sat Apr 22 00:03:10 1995 ylo
6ae2364d 11 *
5260325f 12 * Functions for reading the configuration files.
6ae2364d 13 *
5260325f 14 */
8efc0c15 15
16#include "includes.h"
c345cf9d 17RCSID("$OpenBSD: readconf.c,v 1.45 2000/08/02 17:27:04 provos Exp $");
8efc0c15 18
19#include "ssh.h"
20#include "cipher.h"
21#include "readconf.h"
7368a6c8 22#include "match.h"
8efc0c15 23#include "xmalloc.h"
a8be9f80 24#include "compat.h"
8efc0c15 25
26/* Format of the configuration file:
27
28 # Configuration data is parsed as follows:
29 # 1. command line options
30 # 2. user-specific file
31 # 3. system-wide file
32 # Any configuration value is only changed the first time it is set.
33 # Thus, host-specific definitions should be at the beginning of the
34 # configuration file, and defaults at the end.
35
36 # Host-specific declarations. These may override anything above. A single
37 # host may match multiple declarations; these are processed in the order
38 # that they are given in.
39
40 Host *.ngs.fi ngs.fi
41 FallBackToRsh no
42
43 Host fake.com
44 HostName another.host.name.real.org
45 User blaah
46 Port 34289
47 ForwardX11 no
48 ForwardAgent no
49
50 Host books.com
51 RemoteForward 9999 shadows.cs.hut.fi:9999
52 Cipher 3des
53
54 Host fascist.blob.com
55 Port 23123
56 User tylonen
57 RhostsAuthentication no
58 PasswordAuthentication no
59
60 Host puukko.hut.fi
61 User t35124p
62 ProxyCommand ssh-proxy %h %p
63
64 Host *.fr
65 UseRsh yes
66
67 Host *.su
68 Cipher none
69 PasswordAuthentication no
70
71 # Defaults for various options
72 Host *
73 ForwardAgent no
74 ForwardX11 yes
75 RhostsAuthentication yes
76 PasswordAuthentication yes
77 RSAAuthentication yes
78 RhostsRSAAuthentication yes
79 FallBackToRsh no
80 UseRsh no
81 StrictHostKeyChecking yes
82 KeepAlives no
83 IdentityFile ~/.ssh/identity
84 Port 22
85 EscapeChar ~
86
87*/
88
89/* Keyword tokens. */
90
5260325f 91typedef enum {
92 oBadOption,
93 oForwardAgent, oForwardX11, oGatewayPorts, oRhostsAuthentication,
94 oPasswordAuthentication, oRSAAuthentication, oFallBackToRsh, oUseRsh,
fa649821 95 oSkeyAuthentication, oXAuthLocation,
8efc0c15 96#ifdef KRB4
5260325f 97 oKerberosAuthentication,
8efc0c15 98#endif /* KRB4 */
99#ifdef AFS
5260325f 100 oKerberosTgtPassing, oAFSTokenPassing,
8efc0c15 101#endif
5260325f 102 oIdentityFile, oHostName, oPort, oCipher, oRemoteForward, oLocalForward,
103 oUser, oHost, oEscapeChar, oRhostsRSAAuthentication, oProxyCommand,
104 oGlobalKnownHostsFile, oUserKnownHostsFile, oConnectionAttempts,
105 oBatchMode, oCheckHostIP, oStrictHostKeyChecking, oCompression,
106 oCompressionLevel, oKeepAlives, oNumberOfPasswordPrompts, oTISAuthentication,
a306f2dd 107 oUsePrivilegedPort, oLogLevel, oCiphers, oProtocol, oIdentityFile2,
1d1ffb87 108 oGlobalKnownHostsFile2, oUserKnownHostsFile2, oDSAAuthentication
8efc0c15 109} OpCodes;
110
111/* Textual representations of the tokens. */
112
5260325f 113static struct {
114 const char *name;
115 OpCodes opcode;
116} keywords[] = {
117 { "forwardagent", oForwardAgent },
118 { "forwardx11", oForwardX11 },
fa649821 119 { "xauthlocation", oXAuthLocation },
5260325f 120 { "gatewayports", oGatewayPorts },
121 { "useprivilegedport", oUsePrivilegedPort },
122 { "rhostsauthentication", oRhostsAuthentication },
123 { "passwordauthentication", oPasswordAuthentication },
124 { "rsaauthentication", oRSAAuthentication },
1d1ffb87 125 { "dsaauthentication", oDSAAuthentication },
5260325f 126 { "skeyauthentication", oSkeyAuthentication },
8efc0c15 127#ifdef KRB4
5260325f 128 { "kerberosauthentication", oKerberosAuthentication },
8efc0c15 129#endif /* KRB4 */
130#ifdef AFS
5260325f 131 { "kerberostgtpassing", oKerberosTgtPassing },
132 { "afstokenpassing", oAFSTokenPassing },
8efc0c15 133#endif
5260325f 134 { "fallbacktorsh", oFallBackToRsh },
135 { "usersh", oUseRsh },
136 { "identityfile", oIdentityFile },
a306f2dd 137 { "identityfile2", oIdentityFile2 },
5260325f 138 { "hostname", oHostName },
139 { "proxycommand", oProxyCommand },
140 { "port", oPort },
141 { "cipher", oCipher },
a8be9f80 142 { "ciphers", oCiphers },
143 { "protocol", oProtocol },
5260325f 144 { "remoteforward", oRemoteForward },
145 { "localforward", oLocalForward },
146 { "user", oUser },
147 { "host", oHost },
148 { "escapechar", oEscapeChar },
149 { "rhostsrsaauthentication", oRhostsRSAAuthentication },
150 { "globalknownhostsfile", oGlobalKnownHostsFile },
151 { "userknownhostsfile", oUserKnownHostsFile },
a306f2dd 152 { "globalknownhostsfile2", oGlobalKnownHostsFile2 },
153 { "userknownhostsfile2", oUserKnownHostsFile2 },
5260325f 154 { "connectionattempts", oConnectionAttempts },
155 { "batchmode", oBatchMode },
156 { "checkhostip", oCheckHostIP },
157 { "stricthostkeychecking", oStrictHostKeyChecking },
158 { "compression", oCompression },
159 { "compressionlevel", oCompressionLevel },
160 { "keepalive", oKeepAlives },
161 { "numberofpasswordprompts", oNumberOfPasswordPrompts },
162 { "tisauthentication", oTISAuthentication },
163 { "loglevel", oLogLevel },
164 { NULL, 0 }
6a17f9c2 165};
166
aa3378df 167/*
168 * Adds a local TCP/IP port forward to options. Never returns if there is an
169 * error.
170 */
8efc0c15 171
6ae2364d 172void
57112b5a 173add_local_forward(Options *options, u_short port, const char *host,
174 u_short host_port)
8efc0c15 175{
5260325f 176 Forward *fwd;
177 extern uid_t original_real_uid;
5260325f 178 if (port < IPPORT_RESERVED && original_real_uid != 0)
179 fatal("Privileged ports can only be forwarded by root.\n");
180 if (options->num_local_forwards >= SSH_MAX_FORWARDS_PER_DIRECTION)
181 fatal("Too many local forwards (max %d).", SSH_MAX_FORWARDS_PER_DIRECTION);
182 fwd = &options->local_forwards[options->num_local_forwards++];
183 fwd->port = port;
184 fwd->host = xstrdup(host);
185 fwd->host_port = host_port;
8efc0c15 186}
187
aa3378df 188/*
189 * Adds a remote TCP/IP port forward to options. Never returns if there is
190 * an error.
191 */
8efc0c15 192
6ae2364d 193void
57112b5a 194add_remote_forward(Options *options, u_short port, const char *host,
195 u_short host_port)
8efc0c15 196{
5260325f 197 Forward *fwd;
198 if (options->num_remote_forwards >= SSH_MAX_FORWARDS_PER_DIRECTION)
199 fatal("Too many remote forwards (max %d).",
200 SSH_MAX_FORWARDS_PER_DIRECTION);
201 fwd = &options->remote_forwards[options->num_remote_forwards++];
202 fwd->port = port;
203 fwd->host = xstrdup(host);
204 fwd->host_port = host_port;
8efc0c15 205}
206
aa3378df 207/*
208 * Returns the number of the token pointed to by cp of length len. Never
209 * returns if the token is not known.
210 */
8efc0c15 211
6ae2364d 212static OpCodes
5260325f 213parse_token(const char *cp, const char *filename, int linenum)
8efc0c15 214{
5260325f 215 unsigned int i;
8efc0c15 216
5260325f 217 for (i = 0; keywords[i].name; i++)
aa3378df 218 if (strcasecmp(cp, keywords[i].name) == 0)
5260325f 219 return keywords[i].opcode;
8efc0c15 220
5260325f 221 fprintf(stderr, "%s: line %d: Bad configuration option: %s\n",
222 filename, linenum, cp);
223 return oBadOption;
8efc0c15 224}
225
aa3378df 226/*
227 * Processes a single option line as used in the configuration files. This
228 * only sets those values that have not already been set.
229 */
8efc0c15 230
e7c0f9d5 231int
232process_config_line(Options *options, const char *host,
5260325f 233 char *line, const char *filename, int linenum,
234 int *activep)
8efc0c15 235{
089fbbd2 236 char buf[256], *s, *string, **charptr, *endofnumber, *keyword, *arg;
57112b5a 237 int opcode, *intptr, value;
238 u_short fwd_port, fwd_host_port;
5260325f 239
704b1659 240 s = line;
241 /* Get the keyword. (Each line is supposed to begin with a keyword). */
242 keyword = strdelim(&s);
243 /* Ignore leading whitespace. */
244 if (*keyword == '\0')
245 keyword = strdelim(&s);
246 if (!*keyword || *keyword == '\n' || *keyword == '#')
5260325f 247 return 0;
248
089fbbd2 249 opcode = parse_token(keyword, filename, linenum);
5260325f 250
251 switch (opcode) {
252 case oBadOption:
aa3378df 253 /* don't panic, but count bad options */
254 return -1;
5260325f 255 /* NOTREACHED */
256 case oForwardAgent:
257 intptr = &options->forward_agent;
258parse_flag:
704b1659 259 arg = strdelim(&s);
089fbbd2 260 if (!arg || *arg == '\0')
5260325f 261 fatal("%.200s line %d: Missing yes/no argument.", filename, linenum);
262 value = 0; /* To avoid compiler warning... */
089fbbd2 263 if (strcmp(arg, "yes") == 0 || strcmp(arg, "true") == 0)
5260325f 264 value = 1;
089fbbd2 265 else if (strcmp(arg, "no") == 0 || strcmp(arg, "false") == 0)
5260325f 266 value = 0;
267 else
268 fatal("%.200s line %d: Bad yes/no argument.", filename, linenum);
269 if (*activep && *intptr == -1)
270 *intptr = value;
271 break;
272
273 case oForwardX11:
274 intptr = &options->forward_x11;
275 goto parse_flag;
276
277 case oGatewayPorts:
278 intptr = &options->gateway_ports;
279 goto parse_flag;
280
281 case oUsePrivilegedPort:
282 intptr = &options->use_privileged_port;
283 goto parse_flag;
284
285 case oRhostsAuthentication:
286 intptr = &options->rhosts_authentication;
287 goto parse_flag;
288
289 case oPasswordAuthentication:
290 intptr = &options->password_authentication;
291 goto parse_flag;
292
1d1ffb87 293 case oDSAAuthentication:
294 intptr = &options->dsa_authentication;
295 goto parse_flag;
296
5260325f 297 case oRSAAuthentication:
298 intptr = &options->rsa_authentication;
299 goto parse_flag;
300
301 case oRhostsRSAAuthentication:
302 intptr = &options->rhosts_rsa_authentication;
303 goto parse_flag;
304
305 case oTISAuthentication:
306 /* fallthrough, there is no difference on the client side */
307 case oSkeyAuthentication:
308 intptr = &options->skey_authentication;
309 goto parse_flag;
8efc0c15 310
311#ifdef KRB4
5260325f 312 case oKerberosAuthentication:
313 intptr = &options->kerberos_authentication;
314 goto parse_flag;
8efc0c15 315#endif /* KRB4 */
316
317#ifdef AFS
5260325f 318 case oKerberosTgtPassing:
319 intptr = &options->kerberos_tgt_passing;
320 goto parse_flag;
8efc0c15 321
5260325f 322 case oAFSTokenPassing:
323 intptr = &options->afs_token_passing;
324 goto parse_flag;
8efc0c15 325#endif
5260325f 326
327 case oFallBackToRsh:
328 intptr = &options->fallback_to_rsh;
329 goto parse_flag;
330
331 case oUseRsh:
332 intptr = &options->use_rsh;
333 goto parse_flag;
334
335 case oBatchMode:
336 intptr = &options->batch_mode;
337 goto parse_flag;
338
339 case oCheckHostIP:
340 intptr = &options->check_host_ip;
341 goto parse_flag;
342
343 case oStrictHostKeyChecking:
344 intptr = &options->strict_host_key_checking;
704b1659 345 arg = strdelim(&s);
089fbbd2 346 if (!arg || *arg == '\0')
5260325f 347 fatal("%.200s line %d: Missing yes/no argument.",
348 filename, linenum);
349 value = 0; /* To avoid compiler warning... */
089fbbd2 350 if (strcmp(arg, "yes") == 0 || strcmp(arg, "true") == 0)
5260325f 351 value = 1;
089fbbd2 352 else if (strcmp(arg, "no") == 0 || strcmp(arg, "false") == 0)
5260325f 353 value = 0;
089fbbd2 354 else if (strcmp(arg, "ask") == 0)
5260325f 355 value = 2;
356 else
357 fatal("%.200s line %d: Bad yes/no/ask argument.", filename, linenum);
358 if (*activep && *intptr == -1)
359 *intptr = value;
360 break;
361
362 case oCompression:
363 intptr = &options->compression;
364 goto parse_flag;
365
366 case oKeepAlives:
367 intptr = &options->keepalives;
368 goto parse_flag;
369
370 case oNumberOfPasswordPrompts:
371 intptr = &options->number_of_password_prompts;
372 goto parse_int;
373
374 case oCompressionLevel:
375 intptr = &options->compression_level;
376 goto parse_int;
377
378 case oIdentityFile:
a306f2dd 379 case oIdentityFile2:
704b1659 380 arg = strdelim(&s);
089fbbd2 381 if (!arg || *arg == '\0')
5260325f 382 fatal("%.200s line %d: Missing argument.", filename, linenum);
383 if (*activep) {
a306f2dd 384 intptr = (opcode == oIdentityFile) ?
385 &options->num_identity_files :
386 &options->num_identity_files2;
387 if (*intptr >= SSH_MAX_IDENTITY_FILES)
5260325f 388 fatal("%.200s line %d: Too many identity files specified (max %d).",
389 filename, linenum, SSH_MAX_IDENTITY_FILES);
a306f2dd 390 charptr = (opcode == oIdentityFile) ?
391 &options->identity_files[*intptr] :
392 &options->identity_files2[*intptr];
089fbbd2 393 *charptr = xstrdup(arg);
a306f2dd 394 *intptr = *intptr + 1;
5260325f 395 }
396 break;
397
fa649821 398 case oXAuthLocation:
399 charptr=&options->xauth_location;
400 goto parse_string;
401
5260325f 402 case oUser:
403 charptr = &options->user;
404parse_string:
704b1659 405 arg = strdelim(&s);
089fbbd2 406 if (!arg || *arg == '\0')
5260325f 407 fatal("%.200s line %d: Missing argument.", filename, linenum);
408 if (*activep && *charptr == NULL)
089fbbd2 409 *charptr = xstrdup(arg);
5260325f 410 break;
411
412 case oGlobalKnownHostsFile:
413 charptr = &options->system_hostfile;
414 goto parse_string;
415
416 case oUserKnownHostsFile:
417 charptr = &options->user_hostfile;
418 goto parse_string;
419
a306f2dd 420 case oGlobalKnownHostsFile2:
421 charptr = &options->system_hostfile2;
422 goto parse_string;
423
424 case oUserKnownHostsFile2:
425 charptr = &options->user_hostfile2;
426 goto parse_string;
427
5260325f 428 case oHostName:
429 charptr = &options->hostname;
430 goto parse_string;
431
432 case oProxyCommand:
433 charptr = &options->proxy_command;
434 string = xstrdup("");
704b1659 435 while ((arg = strdelim(&s)) != NULL && *arg != '\0') {
089fbbd2 436 string = xrealloc(string, strlen(string) + strlen(arg) + 2);
5260325f 437 strcat(string, " ");
089fbbd2 438 strcat(string, arg);
5260325f 439 }
440 if (*activep && *charptr == NULL)
441 *charptr = string;
442 else
443 xfree(string);
444 return 0;
445
446 case oPort:
447 intptr = &options->port;
448parse_int:
704b1659 449 arg = strdelim(&s);
089fbbd2 450 if (!arg || *arg == '\0')
5260325f 451 fatal("%.200s line %d: Missing argument.", filename, linenum);
089fbbd2 452 if (arg[0] < '0' || arg[0] > '9')
5260325f 453 fatal("%.200s line %d: Bad number.", filename, linenum);
aa3378df 454
455 /* Octal, decimal, or hex format? */
089fbbd2 456 value = strtol(arg, &endofnumber, 0);
457 if (arg == endofnumber)
aa3378df 458 fatal("%.200s line %d: Bad number.", filename, linenum);
5260325f 459 if (*activep && *intptr == -1)
460 *intptr = value;
461 break;
462
463 case oConnectionAttempts:
464 intptr = &options->connection_attempts;
465 goto parse_int;
466
467 case oCipher:
468 intptr = &options->cipher;
704b1659 469 arg = strdelim(&s);
089fbbd2 470 if (!arg || *arg == '\0')
71276795 471 fatal("%.200s line %d: Missing argument.", filename, linenum);
089fbbd2 472 value = cipher_number(arg);
5260325f 473 if (value == -1)
474 fatal("%.200s line %d: Bad cipher '%s'.",
089fbbd2 475 filename, linenum, arg ? arg : "<NONE>");
5260325f 476 if (*activep && *intptr == -1)
477 *intptr = value;
478 break;
479
a8be9f80 480 case oCiphers:
704b1659 481 arg = strdelim(&s);
089fbbd2 482 if (!arg || *arg == '\0')
71276795 483 fatal("%.200s line %d: Missing argument.", filename, linenum);
089fbbd2 484 if (!ciphers_valid(arg))
d0c832f3 485 fatal("%.200s line %d: Bad SSH2 cipher spec '%s'.",
089fbbd2 486 filename, linenum, arg ? arg : "<NONE>");
a8be9f80 487 if (*activep && options->ciphers == NULL)
089fbbd2 488 options->ciphers = xstrdup(arg);
a8be9f80 489 break;
490
491 case oProtocol:
492 intptr = &options->protocol;
704b1659 493 arg = strdelim(&s);
089fbbd2 494 if (!arg || *arg == '\0')
71276795 495 fatal("%.200s line %d: Missing argument.", filename, linenum);
089fbbd2 496 value = proto_spec(arg);
a8be9f80 497 if (value == SSH_PROTO_UNKNOWN)
498 fatal("%.200s line %d: Bad protocol spec '%s'.",
089fbbd2 499 filename, linenum, arg ? arg : "<NONE>");
a8be9f80 500 if (*activep && *intptr == SSH_PROTO_UNKNOWN)
501 *intptr = value;
502 break;
503
5260325f 504 case oLogLevel:
505 intptr = (int *) &options->log_level;
704b1659 506 arg = strdelim(&s);
089fbbd2 507 value = log_level_number(arg);
5260325f 508 if (value == (LogLevel) - 1)
509 fatal("%.200s line %d: unsupported log level '%s'\n",
089fbbd2 510 filename, linenum, arg ? arg : "<NONE>");
5260325f 511 if (*activep && (LogLevel) * intptr == -1)
512 *intptr = (LogLevel) value;
513 break;
514
515 case oRemoteForward:
704b1659 516 arg = strdelim(&s);
089fbbd2 517 if (!arg || *arg == '\0')
5260325f 518 fatal("%.200s line %d: Missing argument.", filename, linenum);
089fbbd2 519 if (arg[0] < '0' || arg[0] > '9')
5260325f 520 fatal("%.200s line %d: Badly formatted port number.",
521 filename, linenum);
089fbbd2 522 fwd_port = atoi(arg);
704b1659 523 arg = strdelim(&s);
089fbbd2 524 if (!arg || *arg == '\0')
5260325f 525 fatal("%.200s line %d: Missing second argument.",
526 filename, linenum);
089fbbd2 527 if (sscanf(arg, "%255[^:]:%hu", buf, &fwd_host_port) != 2)
5260325f 528 fatal("%.200s line %d: Badly formatted host:port.",
529 filename, linenum);
530 if (*activep)
531 add_remote_forward(options, fwd_port, buf, fwd_host_port);
532 break;
533
534 case oLocalForward:
704b1659 535 arg = strdelim(&s);
089fbbd2 536 if (!arg || *arg == '\0')
5260325f 537 fatal("%.200s line %d: Missing argument.", filename, linenum);
089fbbd2 538 if (arg[0] < '0' || arg[0] > '9')
5260325f 539 fatal("%.200s line %d: Badly formatted port number.",
540 filename, linenum);
089fbbd2 541 fwd_port = atoi(arg);
704b1659 542 arg = strdelim(&s);
089fbbd2 543 if (!arg || *arg == '\0')
5260325f 544 fatal("%.200s line %d: Missing second argument.",
545 filename, linenum);
089fbbd2 546 if (sscanf(arg, "%255[^:]:%hu", buf, &fwd_host_port) != 2)
5260325f 547 fatal("%.200s line %d: Badly formatted host:port.",
548 filename, linenum);
549 if (*activep)
550 add_local_forward(options, fwd_port, buf, fwd_host_port);
551 break;
552
553 case oHost:
554 *activep = 0;
704b1659 555 while ((arg = strdelim(&s)) != NULL && *arg != '\0')
089fbbd2 556 if (match_pattern(host, arg)) {
557 debug("Applying options for %.100s", arg);
5260325f 558 *activep = 1;
559 break;
560 }
704b1659 561 /* Avoid garbage check below, as strdelim is done. */
5260325f 562 return 0;
563
564 case oEscapeChar:
565 intptr = &options->escape_char;
704b1659 566 arg = strdelim(&s);
089fbbd2 567 if (!arg || *arg == '\0')
5260325f 568 fatal("%.200s line %d: Missing argument.", filename, linenum);
089fbbd2 569 if (arg[0] == '^' && arg[2] == 0 &&
570 (unsigned char) arg[1] >= 64 && (unsigned char) arg[1] < 128)
571 value = (unsigned char) arg[1] & 31;
572 else if (strlen(arg) == 1)
573 value = (unsigned char) arg[0];
574 else if (strcmp(arg, "none") == 0)
5260325f 575 value = -2;
576 else {
577 fatal("%.200s line %d: Bad escape character.",
578 filename, linenum);
579 /* NOTREACHED */
580 value = 0; /* Avoid compiler warning. */
581 }
582 if (*activep && *intptr == -1)
583 *intptr = value;
584 break;
585
586 default:
587 fatal("process_config_line: Unimplemented opcode %d", opcode);
588 }
589
590 /* Check that there is no garbage at end of line. */
704b1659 591 if ((arg = strdelim(&s)) != NULL && *arg != '\0')
089fbbd2 592 {
593 fatal("%.200s line %d: garbage at end of line; \"%.200s\".",
594 filename, linenum, arg);
595 }
5260325f 596 return 0;
8efc0c15 597}
598
599
aa3378df 600/*
601 * Reads the config file and modifies the options accordingly. Options
602 * should already be initialized before this call. This never returns if
603 * there is an error. If the file does not exist, this returns immediately.
604 */
8efc0c15 605
6ae2364d 606void
5260325f 607read_config_file(const char *filename, const char *host, Options *options)
8efc0c15 608{
5260325f 609 FILE *f;
610 char line[1024];
611 int active, linenum;
612 int bad_options = 0;
613
614 /* Open the file. */
615 f = fopen(filename, "r");
616 if (!f)
617 return;
618
619 debug("Reading configuration data %.200s", filename);
620
aa3378df 621 /*
622 * Mark that we are now processing the options. This flag is turned
623 * on/off by Host specifications.
624 */
5260325f 625 active = 1;
626 linenum = 0;
627 while (fgets(line, sizeof(line), f)) {
628 /* Update line number counter. */
629 linenum++;
630 if (process_config_line(options, host, line, filename, linenum, &active) != 0)
631 bad_options++;
632 }
633 fclose(f);
634 if (bad_options > 0)
635 fatal("%s: terminating, %d bad configuration options\n",
636 filename, bad_options);
8efc0c15 637}
638
aa3378df 639/*
640 * Initializes options to special values that indicate that they have not yet
641 * been set. Read_config_file will only set options with this value. Options
642 * are processed in the following order: command line, user config file,
643 * system config file. Last, fill_default_options is called.
644 */
8efc0c15 645
6ae2364d 646void
5260325f 647initialize_options(Options * options)
8efc0c15 648{
5260325f 649 memset(options, 'X', sizeof(*options));
650 options->forward_agent = -1;
651 options->forward_x11 = -1;
fa649821 652 options->xauth_location = NULL;
5260325f 653 options->gateway_ports = -1;
654 options->use_privileged_port = -1;
655 options->rhosts_authentication = -1;
656 options->rsa_authentication = -1;
1d1ffb87 657 options->dsa_authentication = -1;
5260325f 658 options->skey_authentication = -1;
8efc0c15 659#ifdef KRB4
5260325f 660 options->kerberos_authentication = -1;
8efc0c15 661#endif
662#ifdef AFS
5260325f 663 options->kerberos_tgt_passing = -1;
664 options->afs_token_passing = -1;
8efc0c15 665#endif
5260325f 666 options->password_authentication = -1;
667 options->rhosts_rsa_authentication = -1;
668 options->fallback_to_rsh = -1;
669 options->use_rsh = -1;
670 options->batch_mode = -1;
671 options->check_host_ip = -1;
672 options->strict_host_key_checking = -1;
673 options->compression = -1;
674 options->keepalives = -1;
675 options->compression_level = -1;
676 options->port = -1;
677 options->connection_attempts = -1;
678 options->number_of_password_prompts = -1;
679 options->cipher = -1;
a8be9f80 680 options->ciphers = NULL;
681 options->protocol = SSH_PROTO_UNKNOWN;
5260325f 682 options->num_identity_files = 0;
a306f2dd 683 options->num_identity_files2 = 0;
5260325f 684 options->hostname = NULL;
685 options->proxy_command = NULL;
686 options->user = NULL;
687 options->escape_char = -1;
688 options->system_hostfile = NULL;
689 options->user_hostfile = NULL;
a306f2dd 690 options->system_hostfile2 = NULL;
691 options->user_hostfile2 = NULL;
5260325f 692 options->num_local_forwards = 0;
693 options->num_remote_forwards = 0;
694 options->log_level = (LogLevel) - 1;
8efc0c15 695}
696
aa3378df 697/*
698 * Called after processing other sources of option data, this fills those
699 * options for which no value has been specified with their default values.
700 */
8efc0c15 701
6ae2364d 702void
5260325f 703fill_default_options(Options * options)
8efc0c15 704{
5260325f 705 if (options->forward_agent == -1)
71276795 706 options->forward_agent = 0;
5260325f 707 if (options->forward_x11 == -1)
c8d54615 708 options->forward_x11 = 0;
fa649821 709#ifdef XAUTH_PATH
710 if (options->xauth_location == NULL)
711 options->xauth_location = XAUTH_PATH;
712#endif /* XAUTH_PATH */
5260325f 713 if (options->gateway_ports == -1)
714 options->gateway_ports = 0;
715 if (options->use_privileged_port == -1)
716 options->use_privileged_port = 1;
717 if (options->rhosts_authentication == -1)
718 options->rhosts_authentication = 1;
719 if (options->rsa_authentication == -1)
720 options->rsa_authentication = 1;
1d1ffb87 721 if (options->dsa_authentication == -1)
722 options->dsa_authentication = 1;
5260325f 723 if (options->skey_authentication == -1)
724 options->skey_authentication = 0;
8efc0c15 725#ifdef KRB4
5260325f 726 if (options->kerberos_authentication == -1)
727 options->kerberos_authentication = 1;
8efc0c15 728#endif /* KRB4 */
729#ifdef AFS
5260325f 730 if (options->kerberos_tgt_passing == -1)
731 options->kerberos_tgt_passing = 1;
732 if (options->afs_token_passing == -1)
733 options->afs_token_passing = 1;
8efc0c15 734#endif /* AFS */
5260325f 735 if (options->password_authentication == -1)
736 options->password_authentication = 1;
737 if (options->rhosts_rsa_authentication == -1)
738 options->rhosts_rsa_authentication = 1;
739 if (options->fallback_to_rsh == -1)
3f7a7e4a 740 options->fallback_to_rsh = 0;
5260325f 741 if (options->use_rsh == -1)
742 options->use_rsh = 0;
743 if (options->batch_mode == -1)
744 options->batch_mode = 0;
745 if (options->check_host_ip == -1)
746 options->check_host_ip = 1;
747 if (options->strict_host_key_checking == -1)
748 options->strict_host_key_checking = 2; /* 2 is default */
749 if (options->compression == -1)
750 options->compression = 0;
751 if (options->keepalives == -1)
752 options->keepalives = 1;
753 if (options->compression_level == -1)
754 options->compression_level = 6;
755 if (options->port == -1)
756 options->port = 0; /* Filled in ssh_connect. */
757 if (options->connection_attempts == -1)
758 options->connection_attempts = 4;
759 if (options->number_of_password_prompts == -1)
760 options->number_of_password_prompts = 3;
761 /* Selected in ssh_login(). */
762 if (options->cipher == -1)
763 options->cipher = SSH_CIPHER_NOT_SET;
d0c832f3 764 /* options->ciphers, default set in myproposals.h */
a8be9f80 765 if (options->protocol == SSH_PROTO_UNKNOWN)
a306f2dd 766 options->protocol = SSH_PROTO_1|SSH_PROTO_2|SSH_PROTO_1_PREFERRED;
5260325f 767 if (options->num_identity_files == 0) {
768 options->identity_files[0] =
769 xmalloc(2 + strlen(SSH_CLIENT_IDENTITY) + 1);
770 sprintf(options->identity_files[0], "~/%.100s", SSH_CLIENT_IDENTITY);
771 options->num_identity_files = 1;
772 }
a306f2dd 773 if (options->num_identity_files2 == 0) {
774 options->identity_files2[0] =
1d1ffb87 775 xmalloc(2 + strlen(SSH_CLIENT_ID_DSA) + 1);
776 sprintf(options->identity_files2[0], "~/%.100s", SSH_CLIENT_ID_DSA);
a306f2dd 777 options->num_identity_files2 = 1;
778 }
5260325f 779 if (options->escape_char == -1)
780 options->escape_char = '~';
781 if (options->system_hostfile == NULL)
782 options->system_hostfile = SSH_SYSTEM_HOSTFILE;
783 if (options->user_hostfile == NULL)
784 options->user_hostfile = SSH_USER_HOSTFILE;
a306f2dd 785 if (options->system_hostfile2 == NULL)
786 options->system_hostfile2 = SSH_SYSTEM_HOSTFILE2;
787 if (options->user_hostfile2 == NULL)
788 options->user_hostfile2 = SSH_USER_HOSTFILE2;
5260325f 789 if (options->log_level == (LogLevel) - 1)
790 options->log_level = SYSLOG_LEVEL_INFO;
791 /* options->proxy_command should not be set by default */
792 /* options->user will be set in the main program if appropriate */
793 /* options->hostname will be set in the main program if appropriate */
8efc0c15 794}
git-cvsimport mirror of OpenSSH
This page took 1.714152 seconds and 5 git commands to generate.