]> andersk Git - openssh.git/blame_incremental - servconf.c
andersk / openssh.git / blame_incremental
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (non-incremental) | history | HEAD
- (stevesk) OpenBSD CVS updates:
[openssh.git] / servconf.c
... / ...
CommitLineData
1/*
2 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
3 * All rights reserved
4 *
5 * As far as I am concerned, the code I have written for this software
6 * can be used freely for any purpose. Any derived versions of this
7 * software must be clearly marked as such, and if the derived work is
8 * incompatible with the protocol description in the RFC file, it must be
9 * called by a name other than "ssh" or "Secure Shell".
10 */
11
12#include "includes.h"
13RCSID("$OpenBSD: servconf.c,v 1.54 2000/11/12 19:50:38 markus Exp $");
14
15#include "ssh.h"
16#include "servconf.h"
17#include "xmalloc.h"
18#include "compat.h"
19
20/* add listen address */
21void add_listen_addr(ServerOptions *options, char *addr);
22
23/* Initializes the server options to their default values. */
24
25void
26initialize_server_options(ServerOptions *options)
27{
28 memset(options, 0, sizeof(*options));
29 options->num_ports = 0;
30 options->ports_from_cmdline = 0;
31 options->listen_addrs = NULL;
32 options->num_host_key_files = 0;
33 options->pid_file = NULL;
34 options->server_key_bits = -1;
35 options->login_grace_time = -1;
36 options->key_regeneration_time = -1;
37 options->permit_root_login = -1;
38 options->ignore_rhosts = -1;
39 options->ignore_user_known_hosts = -1;
40 options->print_motd = -1;
41 options->check_mail = -1;
42 options->x11_forwarding = -1;
43 options->x11_display_offset = -1;
44 options->xauth_location = NULL;
45 options->strict_modes = -1;
46 options->keepalives = -1;
47 options->log_facility = (SyslogFacility) - 1;
48 options->log_level = (LogLevel) - 1;
49 options->rhosts_authentication = -1;
50 options->rhosts_rsa_authentication = -1;
51 options->rsa_authentication = -1;
52 options->pubkey_authentication = -1;
53#ifdef KRB4
54 options->kerberos_authentication = -1;
55 options->kerberos_or_local_passwd = -1;
56 options->kerberos_ticket_cleanup = -1;
57#endif
58#ifdef AFS
59 options->kerberos_tgt_passing = -1;
60 options->afs_token_passing = -1;
61#endif
62 options->password_authentication = -1;
63 options->kbd_interactive_authentication = -1;
64#ifdef SKEY
65 options->skey_authentication = -1;
66#endif
67 options->permit_empty_passwd = -1;
68 options->use_login = -1;
69 options->allow_tcp_forwarding = -1;
70 options->num_allow_users = 0;
71 options->num_deny_users = 0;
72 options->num_allow_groups = 0;
73 options->num_deny_groups = 0;
74 options->ciphers = NULL;
75 options->protocol = SSH_PROTO_UNKNOWN;
76 options->gateway_ports = -1;
77 options->num_subsystems = 0;
78 options->max_startups_begin = -1;
79 options->max_startups_rate = -1;
80 options->max_startups = -1;
81}
82
83void
84fill_default_server_options(ServerOptions *options)
85{
86 if (options->protocol == SSH_PROTO_UNKNOWN)
87 options->protocol = SSH_PROTO_1|SSH_PROTO_2;
88 if (options->num_host_key_files == 0) {
89 /* fill default hostkeys for protocols */
90 if (options->protocol & SSH_PROTO_1)
91 options->host_key_files[options->num_host_key_files++] = HOST_KEY_FILE;
92 if (options->protocol & SSH_PROTO_2)
93 options->host_key_files[options->num_host_key_files++] = HOST_DSA_KEY_FILE;
94 }
95 if (options->num_ports == 0)
96 options->ports[options->num_ports++] = SSH_DEFAULT_PORT;
97 if (options->listen_addrs == NULL)
98 add_listen_addr(options, NULL);
99 if (options->pid_file == NULL)
100 options->pid_file = SSH_DAEMON_PID_FILE;
101 if (options->server_key_bits == -1)
102 options->server_key_bits = 768;
103 if (options->login_grace_time == -1)
104 options->login_grace_time = 600;
105 if (options->key_regeneration_time == -1)
106 options->key_regeneration_time = 3600;
107 if (options->permit_root_login == -1)
108 options->permit_root_login = 1; /* yes */
109 if (options->ignore_rhosts == -1)
110 options->ignore_rhosts = 1;
111 if (options->ignore_user_known_hosts == -1)
112 options->ignore_user_known_hosts = 0;
113 if (options->check_mail == -1)
114 options->check_mail = 0;
115 if (options->print_motd == -1)
116 options->print_motd = 1;
117 if (options->x11_forwarding == -1)
118 options->x11_forwarding = 0;
119 if (options->x11_display_offset == -1)
120 options->x11_display_offset = 10;
121#ifdef XAUTH_PATH
122 if (options->xauth_location == NULL)
123 options->xauth_location = XAUTH_PATH;
124#endif /* XAUTH_PATH */
125 if (options->strict_modes == -1)
126 options->strict_modes = 1;
127 if (options->keepalives == -1)
128 options->keepalives = 1;
129 if (options->log_facility == (SyslogFacility) (-1))
130 options->log_facility = SYSLOG_FACILITY_AUTH;
131 if (options->log_level == (LogLevel) (-1))
132 options->log_level = SYSLOG_LEVEL_INFO;
133 if (options->rhosts_authentication == -1)
134 options->rhosts_authentication = 0;
135 if (options->rhosts_rsa_authentication == -1)
136 options->rhosts_rsa_authentication = 0;
137 if (options->rsa_authentication == -1)
138 options->rsa_authentication = 1;
139 if (options->pubkey_authentication == -1)
140 options->pubkey_authentication = 1;
141#ifdef KRB4
142 if (options->kerberos_authentication == -1)
143 options->kerberos_authentication = (access(KEYFILE, R_OK) == 0);
144 if (options->kerberos_or_local_passwd == -1)
145 options->kerberos_or_local_passwd = 1;
146 if (options->kerberos_ticket_cleanup == -1)
147 options->kerberos_ticket_cleanup = 1;
148#endif /* KRB4 */
149#ifdef AFS
150 if (options->kerberos_tgt_passing == -1)
151 options->kerberos_tgt_passing = 0;
152 if (options->afs_token_passing == -1)
153 options->afs_token_passing = k_hasafs();
154#endif /* AFS */
155 if (options->password_authentication == -1)
156 options->password_authentication = 1;
157 if (options->kbd_interactive_authentication == -1)
158 options->kbd_interactive_authentication = 0;
159#ifdef SKEY
160 if (options->skey_authentication == -1)
161 options->skey_authentication = 1;
162#endif
163 if (options->permit_empty_passwd == -1)
164 options->permit_empty_passwd = 0;
165 if (options->use_login == -1)
166 options->use_login = 0;
167 if (options->allow_tcp_forwarding == -1)
168 options->allow_tcp_forwarding = 1;
169 if (options->gateway_ports == -1)
170 options->gateway_ports = 0;
171 if (options->max_startups == -1)
172 options->max_startups = 10;
173 if (options->max_startups_rate == -1)
174 options->max_startups_rate = 100; /* 100% */
175 if (options->max_startups_begin == -1)
176 options->max_startups_begin = options->max_startups;
177}
178
179/* Keyword tokens. */
180typedef enum {
181 sBadOption, /* == unknown option */
182 sPort, sHostKeyFile, sServerKeyBits, sLoginGraceTime, sKeyRegenerationTime,
183 sPermitRootLogin, sLogFacility, sLogLevel,
184 sRhostsAuthentication, sRhostsRSAAuthentication, sRSAAuthentication,
185#ifdef KRB4
186 sKerberosAuthentication, sKerberosOrLocalPasswd, sKerberosTicketCleanup,
187#endif
188#ifdef AFS
189 sKerberosTgtPassing, sAFSTokenPassing,
190#endif
191#ifdef SKEY
192 sSkeyAuthentication,
193#endif
194 sPasswordAuthentication, sKbdInteractiveAuthentication, sListenAddress,
195 sPrintMotd, sIgnoreRhosts, sX11Forwarding, sX11DisplayOffset,
196 sStrictModes, sEmptyPasswd, sRandomSeedFile, sKeepAlives, sCheckMail,
197 sUseLogin, sAllowTcpForwarding,
198 sAllowUsers, sDenyUsers, sAllowGroups, sDenyGroups,
199 sIgnoreUserKnownHosts, sCiphers, sProtocol, sPidFile,
200 sGatewayPorts, sPubkeyAuthentication, sXAuthLocation, sSubsystem, sMaxStartups,
201} ServerOpCodes;
202
203/* Textual representation of the tokens. */
204static struct {
205 const char *name;
206 ServerOpCodes opcode;
207} keywords[] = {
208 { "port", sPort },
209 { "hostkey", sHostKeyFile },
210 { "hostdsakey", sHostKeyFile }, /* alias */
211 { "pidfile", sPidFile },
212 { "serverkeybits", sServerKeyBits },
213 { "logingracetime", sLoginGraceTime },
214 { "keyregenerationinterval", sKeyRegenerationTime },
215 { "permitrootlogin", sPermitRootLogin },
216 { "syslogfacility", sLogFacility },
217 { "loglevel", sLogLevel },
218 { "rhostsauthentication", sRhostsAuthentication },
219 { "rhostsrsaauthentication", sRhostsRSAAuthentication },
220 { "rsaauthentication", sRSAAuthentication },
221 { "pubkeyauthentication", sPubkeyAuthentication },
222 { "dsaauthentication", sPubkeyAuthentication }, /* alias */
223#ifdef KRB4
224 { "kerberosauthentication", sKerberosAuthentication },
225 { "kerberosorlocalpasswd", sKerberosOrLocalPasswd },
226 { "kerberosticketcleanup", sKerberosTicketCleanup },
227#endif
228#ifdef AFS
229 { "kerberostgtpassing", sKerberosTgtPassing },
230 { "afstokenpassing", sAFSTokenPassing },
231#endif
232 { "passwordauthentication", sPasswordAuthentication },
233 { "kbdinteractiveauthentication", sKbdInteractiveAuthentication },
234#ifdef SKEY
235 { "skeyauthentication", sSkeyAuthentication },
236#endif
237 { "checkmail", sCheckMail },
238 { "listenaddress", sListenAddress },
239 { "printmotd", sPrintMotd },
240 { "ignorerhosts", sIgnoreRhosts },
241 { "ignoreuserknownhosts", sIgnoreUserKnownHosts },
242 { "x11forwarding", sX11Forwarding },
243 { "x11displayoffset", sX11DisplayOffset },
244 { "xauthlocation", sXAuthLocation },
245 { "strictmodes", sStrictModes },
246 { "permitemptypasswords", sEmptyPasswd },
247 { "uselogin", sUseLogin },
248 { "randomseed", sRandomSeedFile },
249 { "keepalive", sKeepAlives },
250 { "allowtcpforwarding", sAllowTcpForwarding },
251 { "allowusers", sAllowUsers },
252 { "denyusers", sDenyUsers },
253 { "allowgroups", sAllowGroups },
254 { "denygroups", sDenyGroups },
255 { "ciphers", sCiphers },
256 { "protocol", sProtocol },
257 { "gatewayports", sGatewayPorts },
258 { "subsystem", sSubsystem },
259 { "maxstartups", sMaxStartups },
260 { NULL, 0 }
261};
262
263/*
264 * Returns the number of the token pointed to by cp of length len. Never
265 * returns if the token is not known.
266 */
267
268static ServerOpCodes
269parse_token(const char *cp, const char *filename,
270 int linenum)
271{
272 unsigned int i;
273
274 for (i = 0; keywords[i].name; i++)
275 if (strcasecmp(cp, keywords[i].name) == 0)
276 return keywords[i].opcode;
277
278 fprintf(stderr, "%s: line %d: Bad configuration option: %s\n",
279 filename, linenum, cp);
280 return sBadOption;
281}
282
283/*
284 * add listen address
285 */
286void
287add_listen_addr(ServerOptions *options, char *addr)
288{
289 extern int IPv4or6;
290 struct addrinfo hints, *ai, *aitop;
291 char strport[NI_MAXSERV];
292 int gaierr;
293 int i;
294
295 if (options->num_ports == 0)
296 options->ports[options->num_ports++] = SSH_DEFAULT_PORT;
297 for (i = 0; i < options->num_ports; i++) {
298 memset(&hints, 0, sizeof(hints));
299 hints.ai_family = IPv4or6;
300 hints.ai_socktype = SOCK_STREAM;
301 hints.ai_flags = (addr == NULL) ? AI_PASSIVE : 0;
302 snprintf(strport, sizeof strport, "%d", options->ports[i]);
303 if ((gaierr = getaddrinfo(addr, strport, &hints, &aitop)) != 0)
304 fatal("bad addr or host: %s (%s)\n",
305 addr ? addr : "<NULL>",
306 gai_strerror(gaierr));
307 for (ai = aitop; ai->ai_next; ai = ai->ai_next)
308 ;
309 ai->ai_next = options->listen_addrs;
310 options->listen_addrs = aitop;
311 }
312}
313
314/* Reads the server configuration file. */
315
316void
317read_server_config(ServerOptions *options, const char *filename)
318{
319 FILE *f;
320 char line[1024];
321 char *cp, **charptr, *arg;
322 int linenum, *intptr, value;
323 int bad_options = 0;
324 ServerOpCodes opcode;
325 int i;
326
327 f = fopen(filename, "r");
328 if (!f) {
329 perror(filename);
330 exit(1);
331 }
332 linenum = 0;
333 while (fgets(line, sizeof(line), f)) {
334 linenum++;
335 cp = line;
336 arg = strdelim(&cp);
337 /* Ignore leading whitespace */
338 if (*arg == '\0')
339 arg = strdelim(&cp);
340 if (!*arg || *arg == '#')
341 continue;
342 intptr = NULL;
343 charptr = NULL;
344 opcode = parse_token(arg, filename, linenum);
345 switch (opcode) {
346 case sBadOption:
347 bad_options++;
348 continue;
349 case sPort:
350 /* ignore ports from configfile if cmdline specifies ports */
351 if (options->ports_from_cmdline)
352 continue;
353 if (options->listen_addrs != NULL)
354 fatal("%s line %d: ports must be specified before "
355 "ListenAdress.\n", filename, linenum);
356 if (options->num_ports >= MAX_PORTS)
357 fatal("%s line %d: too many ports.\n",
358 filename, linenum);
359 arg = strdelim(&cp);
360 if (!arg || *arg == '\0')
361 fatal("%s line %d: missing port number.\n",
362 filename, linenum);
363 options->ports[options->num_ports++] = atoi(arg);
364 break;
365
366 case sServerKeyBits:
367 intptr = &options->server_key_bits;
368parse_int:
369 arg = strdelim(&cp);
370 if (!arg || *arg == '\0') {
371 fprintf(stderr, "%s line %d: missing integer value.\n",
372 filename, linenum);
373 exit(1);
374 }
375 value = atoi(arg);
376 if (*intptr == -1)
377 *intptr = value;
378 break;
379
380 case sLoginGraceTime:
381 intptr = &options->login_grace_time;
382 goto parse_int;
383
384 case sKeyRegenerationTime:
385 intptr = &options->key_regeneration_time;
386 goto parse_int;
387
388 case sListenAddress:
389 arg = strdelim(&cp);
390 if (!arg || *arg == '\0')
391 fatal("%s line %d: missing inet addr.\n",
392 filename, linenum);
393 add_listen_addr(options, arg);
394 break;
395
396 case sHostKeyFile:
397 intptr = &options->num_host_key_files;
398 if (*intptr >= MAX_HOSTKEYS) {
399 fprintf(stderr, "%s line %d: to many host keys specified (max %d).\n",
400 filename, linenum, MAX_HOSTKEYS);
401 exit(1);
402 }
403 charptr = &options->host_key_files[*intptr];
404parse_filename:
405 arg = strdelim(&cp);
406 if (!arg || *arg == '\0') {
407 fprintf(stderr, "%s line %d: missing file name.\n",
408 filename, linenum);
409 exit(1);
410 }
411 if (*charptr == NULL) {
412 *charptr = tilde_expand_filename(arg, getuid());
413 /* increase optional counter */
414 if (intptr != NULL)
415 *intptr = *intptr + 1;
416 }
417 break;
418
419 case sPidFile:
420 charptr = &options->pid_file;
421 goto parse_filename;
422
423 case sRandomSeedFile:
424 fprintf(stderr, "%s line %d: \"randomseed\" option is obsolete.\n",
425 filename, linenum);
426 arg = strdelim(&cp);
427 break;
428
429 case sPermitRootLogin:
430 intptr = &options->permit_root_login;
431 arg = strdelim(&cp);
432 if (!arg || *arg == '\0') {
433 fprintf(stderr, "%s line %d: missing yes/without-password/no argument.\n",
434 filename, linenum);
435 exit(1);
436 }
437 if (strcmp(arg, "without-password") == 0)
438 value = 2;
439 else if (strcmp(arg, "yes") == 0)
440 value = 1;
441 else if (strcmp(arg, "no") == 0)
442 value = 0;
443 else {
444 fprintf(stderr, "%s line %d: Bad yes/without-password/no argument: %s\n",
445 filename, linenum, arg);
446 exit(1);
447 }
448 if (*intptr == -1)
449 *intptr = value;
450 break;
451
452 case sIgnoreRhosts:
453 intptr = &options->ignore_rhosts;
454parse_flag:
455 arg = strdelim(&cp);
456 if (!arg || *arg == '\0') {
457 fprintf(stderr, "%s line %d: missing yes/no argument.\n",
458 filename, linenum);
459 exit(1);
460 }
461 if (strcmp(arg, "yes") == 0)
462 value = 1;
463 else if (strcmp(arg, "no") == 0)
464 value = 0;
465 else {
466 fprintf(stderr, "%s line %d: Bad yes/no argument: %s\n",
467 filename, linenum, arg);
468 exit(1);
469 }
470 if (*intptr == -1)
471 *intptr = value;
472 break;
473
474 case sIgnoreUserKnownHosts:
475 intptr = &options->ignore_user_known_hosts;
476 goto parse_flag;
477
478 case sRhostsAuthentication:
479 intptr = &options->rhosts_authentication;
480 goto parse_flag;
481
482 case sRhostsRSAAuthentication:
483 intptr = &options->rhosts_rsa_authentication;
484 goto parse_flag;
485
486 case sRSAAuthentication:
487 intptr = &options->rsa_authentication;
488 goto parse_flag;
489
490 case sPubkeyAuthentication:
491 intptr = &options->pubkey_authentication;
492 goto parse_flag;
493
494#ifdef KRB4
495 case sKerberosAuthentication:
496 intptr = &options->kerberos_authentication;
497 goto parse_flag;
498
499 case sKerberosOrLocalPasswd:
500 intptr = &options->kerberos_or_local_passwd;
501 goto parse_flag;
502
503 case sKerberosTicketCleanup:
504 intptr = &options->kerberos_ticket_cleanup;
505 goto parse_flag;
506#endif
507
508#ifdef AFS
509 case sKerberosTgtPassing:
510 intptr = &options->kerberos_tgt_passing;
511 goto parse_flag;
512
513 case sAFSTokenPassing:
514 intptr = &options->afs_token_passing;
515 goto parse_flag;
516#endif
517
518 case sPasswordAuthentication:
519 intptr = &options->password_authentication;
520 goto parse_flag;
521
522 case sKbdInteractiveAuthentication:
523 intptr = &options->kbd_interactive_authentication;
524 goto parse_flag;
525
526 case sCheckMail:
527 intptr = &options->check_mail;
528 goto parse_flag;
529
530#ifdef SKEY
531 case sSkeyAuthentication:
532 intptr = &options->skey_authentication;
533 goto parse_flag;
534#endif
535
536 case sPrintMotd:
537 intptr = &options->print_motd;
538 goto parse_flag;
539
540 case sX11Forwarding:
541 intptr = &options->x11_forwarding;
542 goto parse_flag;
543
544 case sX11DisplayOffset:
545 intptr = &options->x11_display_offset;
546 goto parse_int;
547
548 case sXAuthLocation:
549 charptr = &options->xauth_location;
550 goto parse_filename;
551
552 case sStrictModes:
553 intptr = &options->strict_modes;
554 goto parse_flag;
555
556 case sKeepAlives:
557 intptr = &options->keepalives;
558 goto parse_flag;
559
560 case sEmptyPasswd:
561 intptr = &options->permit_empty_passwd;
562 goto parse_flag;
563
564 case sUseLogin:
565 intptr = &options->use_login;
566 goto parse_flag;
567
568 case sGatewayPorts:
569 intptr = &options->gateway_ports;
570 goto parse_flag;
571
572 case sLogFacility:
573 intptr = (int *) &options->log_facility;
574 arg = strdelim(&cp);
575 value = log_facility_number(arg);
576 if (value == (SyslogFacility) - 1)
577 fatal("%.200s line %d: unsupported log facility '%s'\n",
578 filename, linenum, arg ? arg : "<NONE>");
579 if (*intptr == -1)
580 *intptr = (SyslogFacility) value;
581 break;
582
583 case sLogLevel:
584 intptr = (int *) &options->log_level;
585 arg = strdelim(&cp);
586 value = log_level_number(arg);
587 if (value == (LogLevel) - 1)
588 fatal("%.200s line %d: unsupported log level '%s'\n",
589 filename, linenum, arg ? arg : "<NONE>");
590 if (*intptr == -1)
591 *intptr = (LogLevel) value;
592 break;
593
594 case sAllowTcpForwarding:
595 intptr = &options->allow_tcp_forwarding;
596 goto parse_flag;
597
598 case sAllowUsers:
599 while ((arg = strdelim(&cp)) && *arg != '\0') {
600 if (options->num_allow_users >= MAX_ALLOW_USERS)
601 fatal("%s line %d: too many allow users.\n",
602 filename, linenum);
603 options->allow_users[options->num_allow_users++] = xstrdup(arg);
604 }
605 break;
606
607 case sDenyUsers:
608 while ((arg = strdelim(&cp)) && *arg != '\0') {
609 if (options->num_deny_users >= MAX_DENY_USERS)
610 fatal( "%s line %d: too many deny users.\n",
611 filename, linenum);
612 options->deny_users[options->num_deny_users++] = xstrdup(arg);
613 }
614 break;
615
616 case sAllowGroups:
617 while ((arg = strdelim(&cp)) && *arg != '\0') {
618 if (options->num_allow_groups >= MAX_ALLOW_GROUPS)
619 fatal("%s line %d: too many allow groups.\n",
620 filename, linenum);
621 options->allow_groups[options->num_allow_groups++] = xstrdup(arg);
622 }
623 break;
624
625 case sDenyGroups:
626 while ((arg = strdelim(&cp)) && *arg != '\0') {
627 if (options->num_deny_groups >= MAX_DENY_GROUPS)
628 fatal("%s line %d: too many deny groups.\n",
629 filename, linenum);
630 options->deny_groups[options->num_deny_groups++] = xstrdup(arg);
631 }
632 break;
633
634 case sCiphers:
635 arg = strdelim(&cp);
636 if (!arg || *arg == '\0')
637 fatal("%s line %d: Missing argument.", filename, linenum);
638 if (!ciphers_valid(arg))
639 fatal("%s line %d: Bad SSH2 cipher spec '%s'.",
640 filename, linenum, arg ? arg : "<NONE>");
641 if (options->ciphers == NULL)
642 options->ciphers = xstrdup(arg);
643 break;
644
645 case sProtocol:
646 intptr = &options->protocol;
647 arg = strdelim(&cp);
648 if (!arg || *arg == '\0')
649 fatal("%s line %d: Missing argument.", filename, linenum);
650 value = proto_spec(arg);
651 if (value == SSH_PROTO_UNKNOWN)
652 fatal("%s line %d: Bad protocol spec '%s'.",
653 filename, linenum, arg ? arg : "<NONE>");
654 if (*intptr == SSH_PROTO_UNKNOWN)
655 *intptr = value;
656 break;
657
658 case sSubsystem:
659 if(options->num_subsystems >= MAX_SUBSYSTEMS) {
660 fatal("%s line %d: too many subsystems defined.",
661 filename, linenum);
662 }
663 arg = strdelim(&cp);
664 if (!arg || *arg == '\0')
665 fatal("%s line %d: Missing subsystem name.",
666 filename, linenum);
667 for (i = 0; i < options->num_subsystems; i++)
668 if(strcmp(arg, options->subsystem_name[i]) == 0)
669 fatal("%s line %d: Subsystem '%s' already defined.",
670 filename, linenum, arg);
671 options->subsystem_name[options->num_subsystems] = xstrdup(arg);
672 arg = strdelim(&cp);
673 if (!arg || *arg == '\0')
674 fatal("%s line %d: Missing subsystem command.",
675 filename, linenum);
676 options->subsystem_command[options->num_subsystems] = xstrdup(arg);
677 options->num_subsystems++;
678 break;
679
680 case sMaxStartups:
681 arg = strdelim(&cp);
682 if (!arg || *arg == '\0')
683 fatal("%s line %d: Missing MaxStartups spec.",
684 filename, linenum);
685 if (sscanf(arg, "%d:%d:%d",
686 &options->max_startups_begin,
687 &options->max_startups_rate,
688 &options->max_startups) == 3) {
689 if (options->max_startups_begin >
690 options->max_startups ||
691 options->max_startups_rate > 100 ||
692 options->max_startups_rate < 1)
693 fatal("%s line %d: Illegal MaxStartups spec.",
694 filename, linenum);
695 break;
696 }
697 intptr = &options->max_startups;
698 goto parse_int;
699
700 default:
701 fprintf(stderr, "%s line %d: Missing handler for opcode %s (%d)\n",
702 filename, linenum, arg, opcode);
703 exit(1);
704 }
705 if ((arg = strdelim(&cp)) != NULL && *arg != '\0') {
706 fprintf(stderr,
707 "%s line %d: garbage at end of line; \"%.200s\".\n",
708 filename, linenum, arg);
709 exit(1);
710 }
711 }
712 fclose(f);
713 if (bad_options > 0) {
714 fprintf(stderr, "%s: terminating, %d bad configuration options\n",
715 filename, bad_options);
716 exit(1);
717 }
718}
git-cvsimport mirror of OpenSSH
This page took 0.050035 seconds and 5 git commands to generate.