2 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
5 * As far as I am concerned, the code I have written for this software
6 * can be used freely for any purpose. Any derived versions of this
7 * software must be clearly marked as such, and if the derived work is
8 * incompatible with the protocol description in the RFC file, it must be
9 * called by a name other than "ssh" or "Secure Shell".
13 RCSID("$OpenBSD: servconf.c,v 1.56 2001/01/07 11:28:06 markus Exp $");
20 /* add listen address */
21 void add_listen_addr(ServerOptions *options, char *addr);
23 /* Initializes the server options to their default values. */
26 initialize_server_options(ServerOptions *options)
28 memset(options, 0, sizeof(*options));
29 options->num_ports = 0;
30 options->ports_from_cmdline = 0;
31 options->listen_addrs = NULL;
32 options->num_host_key_files = 0;
33 options->pid_file = NULL;
34 options->server_key_bits = -1;
35 options->login_grace_time = -1;
36 options->key_regeneration_time = -1;
37 options->permit_root_login = -1;
38 options->ignore_rhosts = -1;
39 options->ignore_user_known_hosts = -1;
40 options->print_motd = -1;
41 options->check_mail = -1;
42 options->x11_forwarding = -1;
43 options->x11_display_offset = -1;
44 options->xauth_location = NULL;
45 options->strict_modes = -1;
46 options->keepalives = -1;
47 options->log_facility = (SyslogFacility) - 1;
48 options->log_level = (LogLevel) - 1;
49 options->rhosts_authentication = -1;
50 options->rhosts_rsa_authentication = -1;
51 options->rsa_authentication = -1;
52 options->pubkey_authentication = -1;
54 options->kerberos_authentication = -1;
55 options->kerberos_or_local_passwd = -1;
56 options->kerberos_ticket_cleanup = -1;
59 options->kerberos_tgt_passing = -1;
60 options->afs_token_passing = -1;
62 options->password_authentication = -1;
63 options->kbd_interactive_authentication = -1;
65 options->skey_authentication = -1;
67 options->permit_empty_passwd = -1;
68 options->use_login = -1;
69 options->allow_tcp_forwarding = -1;
70 options->num_allow_users = 0;
71 options->num_deny_users = 0;
72 options->num_allow_groups = 0;
73 options->num_deny_groups = 0;
74 options->ciphers = NULL;
75 options->protocol = SSH_PROTO_UNKNOWN;
76 options->gateway_ports = -1;
77 options->num_subsystems = 0;
78 options->max_startups_begin = -1;
79 options->max_startups_rate = -1;
80 options->max_startups = -1;
84 fill_default_server_options(ServerOptions *options)
86 if (options->protocol == SSH_PROTO_UNKNOWN)
87 options->protocol = SSH_PROTO_1|SSH_PROTO_2;
88 if (options->num_host_key_files == 0) {
89 /* fill default hostkeys for protocols */
90 if (options->protocol & SSH_PROTO_1)
91 options->host_key_files[options->num_host_key_files++] = HOST_KEY_FILE;
92 if (options->protocol & SSH_PROTO_2)
93 options->host_key_files[options->num_host_key_files++] = HOST_DSA_KEY_FILE;
95 if (options->num_ports == 0)
96 options->ports[options->num_ports++] = SSH_DEFAULT_PORT;
97 if (options->listen_addrs == NULL)
98 add_listen_addr(options, NULL);
99 if (options->pid_file == NULL)
100 options->pid_file = SSH_DAEMON_PID_FILE;
101 if (options->server_key_bits == -1)
102 options->server_key_bits = 768;
103 if (options->login_grace_time == -1)
104 options->login_grace_time = 600;
105 if (options->key_regeneration_time == -1)
106 options->key_regeneration_time = 3600;
107 if (options->permit_root_login == -1)
108 options->permit_root_login = 1; /* yes */
109 if (options->ignore_rhosts == -1)
110 options->ignore_rhosts = 1;
111 if (options->ignore_user_known_hosts == -1)
112 options->ignore_user_known_hosts = 0;
113 if (options->check_mail == -1)
114 options->check_mail = 0;
115 if (options->print_motd == -1)
116 options->print_motd = 1;
117 if (options->x11_forwarding == -1)
118 options->x11_forwarding = 0;
119 if (options->x11_display_offset == -1)
120 options->x11_display_offset = 10;
122 if (options->xauth_location == NULL)
123 options->xauth_location = XAUTH_PATH;
124 #endif /* XAUTH_PATH */
125 if (options->strict_modes == -1)
126 options->strict_modes = 1;
127 if (options->keepalives == -1)
128 options->keepalives = 1;
129 if (options->log_facility == (SyslogFacility) (-1))
130 options->log_facility = SYSLOG_FACILITY_AUTH;
131 if (options->log_level == (LogLevel) (-1))
132 options->log_level = SYSLOG_LEVEL_NOTICE;
133 if (options->rhosts_authentication == -1)
134 options->rhosts_authentication = 0;
135 if (options->rhosts_rsa_authentication == -1)
136 options->rhosts_rsa_authentication = 0;
137 if (options->rsa_authentication == -1)
138 options->rsa_authentication = 1;
139 if (options->pubkey_authentication == -1)
140 options->pubkey_authentication = 1;
142 if (options->kerberos_authentication == -1)
143 options->kerberos_authentication = (access(KEYFILE, R_OK) == 0);
144 if (options->kerberos_or_local_passwd == -1)
145 options->kerberos_or_local_passwd = 1;
146 if (options->kerberos_ticket_cleanup == -1)
147 options->kerberos_ticket_cleanup = 1;
150 if (options->kerberos_tgt_passing == -1)
151 options->kerberos_tgt_passing = 0;
152 if (options->afs_token_passing == -1)
153 options->afs_token_passing = k_hasafs();
155 if (options->password_authentication == -1)
156 options->password_authentication = 1;
157 if (options->kbd_interactive_authentication == -1)
158 options->kbd_interactive_authentication = 0;
160 if (options->skey_authentication == -1)
161 options->skey_authentication = 1;
163 if (options->permit_empty_passwd == -1)
164 options->permit_empty_passwd = 0;
165 if (options->use_login == -1)
166 options->use_login = 0;
167 if (options->allow_tcp_forwarding == -1)
168 options->allow_tcp_forwarding = 1;
169 if (options->gateway_ports == -1)
170 options->gateway_ports = 0;
171 if (options->max_startups == -1)
172 options->max_startups = 10;
173 if (options->max_startups_rate == -1)
174 options->max_startups_rate = 100; /* 100% */
175 if (options->max_startups_begin == -1)
176 options->max_startups_begin = options->max_startups;
179 /* Keyword tokens. */
181 sBadOption, /* == unknown option */
182 sPort, sHostKeyFile, sServerKeyBits, sLoginGraceTime, sKeyRegenerationTime,
183 sPermitRootLogin, sLogFacility, sLogLevel,
184 sRhostsAuthentication, sRhostsRSAAuthentication, sRSAAuthentication,
186 sKerberosAuthentication, sKerberosOrLocalPasswd, sKerberosTicketCleanup,
189 sKerberosTgtPassing, sAFSTokenPassing,
194 sPasswordAuthentication, sKbdInteractiveAuthentication, sListenAddress,
195 sPrintMotd, sIgnoreRhosts, sX11Forwarding, sX11DisplayOffset,
196 sStrictModes, sEmptyPasswd, sRandomSeedFile, sKeepAlives, sCheckMail,
197 sUseLogin, sAllowTcpForwarding,
198 sAllowUsers, sDenyUsers, sAllowGroups, sDenyGroups,
199 sIgnoreUserKnownHosts, sCiphers, sProtocol, sPidFile,
200 sGatewayPorts, sPubkeyAuthentication, sXAuthLocation, sSubsystem, sMaxStartups,
203 /* Textual representation of the tokens. */
206 ServerOpCodes opcode;
209 { "hostkey", sHostKeyFile },
210 { "hostdsakey", sHostKeyFile }, /* alias */
211 { "pidfile", sPidFile },
212 { "serverkeybits", sServerKeyBits },
213 { "logingracetime", sLoginGraceTime },
214 { "keyregenerationinterval", sKeyRegenerationTime },
215 { "permitrootlogin", sPermitRootLogin },
216 { "syslogfacility", sLogFacility },
217 { "loglevel", sLogLevel },
218 { "rhostsauthentication", sRhostsAuthentication },
219 { "rhostsrsaauthentication", sRhostsRSAAuthentication },
220 { "rsaauthentication", sRSAAuthentication },
221 { "pubkeyauthentication", sPubkeyAuthentication },
222 { "dsaauthentication", sPubkeyAuthentication }, /* alias */
224 { "kerberosauthentication", sKerberosAuthentication },
225 { "kerberosorlocalpasswd", sKerberosOrLocalPasswd },
226 { "kerberosticketcleanup", sKerberosTicketCleanup },
229 { "kerberostgtpassing", sKerberosTgtPassing },
230 { "afstokenpassing", sAFSTokenPassing },
232 { "passwordauthentication", sPasswordAuthentication },
233 { "kbdinteractiveauthentication", sKbdInteractiveAuthentication },
235 { "skeyauthentication", sSkeyAuthentication },
237 { "checkmail", sCheckMail },
238 { "listenaddress", sListenAddress },
239 { "printmotd", sPrintMotd },
240 { "ignorerhosts", sIgnoreRhosts },
241 { "ignoreuserknownhosts", sIgnoreUserKnownHosts },
242 { "x11forwarding", sX11Forwarding },
243 { "x11displayoffset", sX11DisplayOffset },
244 { "xauthlocation", sXAuthLocation },
245 { "strictmodes", sStrictModes },
246 { "permitemptypasswords", sEmptyPasswd },
247 { "uselogin", sUseLogin },
248 { "randomseed", sRandomSeedFile },
249 { "keepalive", sKeepAlives },
250 { "allowtcpforwarding", sAllowTcpForwarding },
251 { "allowusers", sAllowUsers },
252 { "denyusers", sDenyUsers },
253 { "allowgroups", sAllowGroups },
254 { "denygroups", sDenyGroups },
255 { "ciphers", sCiphers },
256 { "protocol", sProtocol },
257 { "gatewayports", sGatewayPorts },
258 { "subsystem", sSubsystem },
259 { "maxstartups", sMaxStartups },
264 * Returns the number of the token pointed to by cp of length len. Never
265 * returns if the token is not known.
269 parse_token(const char *cp, const char *filename,
274 for (i = 0; keywords[i].name; i++)
275 if (strcasecmp(cp, keywords[i].name) == 0)
276 return keywords[i].opcode;
278 fprintf(stderr, "%s: line %d: Bad configuration option: %s\n",
279 filename, linenum, cp);
287 add_listen_addr(ServerOptions *options, char *addr)
290 struct addrinfo hints, *ai, *aitop;
291 char strport[NI_MAXSERV];
295 if (options->num_ports == 0)
296 options->ports[options->num_ports++] = SSH_DEFAULT_PORT;
297 for (i = 0; i < options->num_ports; i++) {
298 memset(&hints, 0, sizeof(hints));
299 hints.ai_family = IPv4or6;
300 hints.ai_socktype = SOCK_STREAM;
301 hints.ai_flags = (addr == NULL) ? AI_PASSIVE : 0;
302 snprintf(strport, sizeof strport, "%d", options->ports[i]);
303 if ((gaierr = getaddrinfo(addr, strport, &hints, &aitop)) != 0)
304 fatal("bad addr or host: %s (%s)\n",
305 addr ? addr : "<NULL>",
306 gai_strerror(gaierr));
307 for (ai = aitop; ai->ai_next; ai = ai->ai_next)
309 ai->ai_next = options->listen_addrs;
310 options->listen_addrs = aitop;
314 /* Reads the server configuration file. */
317 read_server_config(ServerOptions *options, const char *filename)
321 char *cp, **charptr, *arg;
322 int linenum, *intptr, value;
324 ServerOpCodes opcode;
327 f = fopen(filename, "r");
333 while (fgets(line, sizeof(line), f)) {
337 /* Ignore leading whitespace */
340 if (!*arg || *arg == '#')
344 opcode = parse_token(arg, filename, linenum);
350 /* ignore ports from configfile if cmdline specifies ports */
351 if (options->ports_from_cmdline)
353 if (options->listen_addrs != NULL)
354 fatal("%s line %d: ports must be specified before "
355 "ListenAdress.\n", filename, linenum);
356 if (options->num_ports >= MAX_PORTS)
357 fatal("%s line %d: too many ports.\n",
360 if (!arg || *arg == '\0')
361 fatal("%s line %d: missing port number.\n",
363 options->ports[options->num_ports++] = atoi(arg);
367 intptr = &options->server_key_bits;
370 if (!arg || *arg == '\0') {
371 fprintf(stderr, "%s line %d: missing integer value.\n",
380 case sLoginGraceTime:
381 intptr = &options->login_grace_time;
384 case sKeyRegenerationTime:
385 intptr = &options->key_regeneration_time;
390 if (!arg || *arg == '\0')
391 fatal("%s line %d: missing inet addr.\n",
393 add_listen_addr(options, arg);
397 intptr = &options->num_host_key_files;
398 if (*intptr >= MAX_HOSTKEYS) {
399 fprintf(stderr, "%s line %d: to many host keys specified (max %d).\n",
400 filename, linenum, MAX_HOSTKEYS);
403 charptr = &options->host_key_files[*intptr];
406 if (!arg || *arg == '\0') {
407 fprintf(stderr, "%s line %d: missing file name.\n",
411 if (*charptr == NULL) {
412 *charptr = tilde_expand_filename(arg, getuid());
413 /* increase optional counter */
415 *intptr = *intptr + 1;
420 charptr = &options->pid_file;
423 case sRandomSeedFile:
424 fprintf(stderr, "%s line %d: \"randomseed\" option is obsolete.\n",
429 case sPermitRootLogin:
430 intptr = &options->permit_root_login;
432 if (!arg || *arg == '\0') {
433 fprintf(stderr, "%s line %d: missing yes/without-password/no argument.\n",
437 if (strcmp(arg, "without-password") == 0)
439 else if (strcmp(arg, "yes") == 0)
441 else if (strcmp(arg, "no") == 0)
444 fprintf(stderr, "%s line %d: Bad yes/without-password/no argument: %s\n",
445 filename, linenum, arg);
453 intptr = &options->ignore_rhosts;
456 if (!arg || *arg == '\0') {
457 fprintf(stderr, "%s line %d: missing yes/no argument.\n",
461 if (strcmp(arg, "yes") == 0)
463 else if (strcmp(arg, "no") == 0)
466 fprintf(stderr, "%s line %d: Bad yes/no argument: %s\n",
467 filename, linenum, arg);
474 case sIgnoreUserKnownHosts:
475 intptr = &options->ignore_user_known_hosts;
478 case sRhostsAuthentication:
479 intptr = &options->rhosts_authentication;
482 case sRhostsRSAAuthentication:
483 intptr = &options->rhosts_rsa_authentication;
486 case sRSAAuthentication:
487 intptr = &options->rsa_authentication;
490 case sPubkeyAuthentication:
491 intptr = &options->pubkey_authentication;
495 case sKerberosAuthentication:
496 intptr = &options->kerberos_authentication;
499 case sKerberosOrLocalPasswd:
500 intptr = &options->kerberos_or_local_passwd;
503 case sKerberosTicketCleanup:
504 intptr = &options->kerberos_ticket_cleanup;
509 case sKerberosTgtPassing:
510 intptr = &options->kerberos_tgt_passing;
513 case sAFSTokenPassing:
514 intptr = &options->afs_token_passing;
518 case sPasswordAuthentication:
519 intptr = &options->password_authentication;
522 case sKbdInteractiveAuthentication:
523 intptr = &options->kbd_interactive_authentication;
527 intptr = &options->check_mail;
531 case sSkeyAuthentication:
532 intptr = &options->skey_authentication;
537 intptr = &options->print_motd;
541 intptr = &options->x11_forwarding;
544 case sX11DisplayOffset:
545 intptr = &options->x11_display_offset;
549 charptr = &options->xauth_location;
553 intptr = &options->strict_modes;
557 intptr = &options->keepalives;
561 intptr = &options->permit_empty_passwd;
565 intptr = &options->use_login;
569 intptr = &options->gateway_ports;
573 intptr = (int *) &options->log_facility;
575 value = log_facility_number(arg);
576 if (value == (SyslogFacility) - 1)
577 fatal("%.200s line %d: unsupported log facility '%s'\n",
578 filename, linenum, arg ? arg : "<NONE>");
580 *intptr = (SyslogFacility) value;
584 intptr = (int *) &options->log_level;
586 value = log_level_number(arg);
587 if (value == (LogLevel) - 1)
588 fatal("%.200s line %d: unsupported log level '%s'\n",
589 filename, linenum, arg ? arg : "<NONE>");
591 *intptr = (LogLevel) value;
594 case sAllowTcpForwarding:
595 intptr = &options->allow_tcp_forwarding;
599 while ((arg = strdelim(&cp)) && *arg != '\0') {
600 if (options->num_allow_users >= MAX_ALLOW_USERS)
601 fatal("%s line %d: too many allow users.\n",
603 options->allow_users[options->num_allow_users++] = xstrdup(arg);
608 while ((arg = strdelim(&cp)) && *arg != '\0') {
609 if (options->num_deny_users >= MAX_DENY_USERS)
610 fatal( "%s line %d: too many deny users.\n",
612 options->deny_users[options->num_deny_users++] = xstrdup(arg);
617 while ((arg = strdelim(&cp)) && *arg != '\0') {
618 if (options->num_allow_groups >= MAX_ALLOW_GROUPS)
619 fatal("%s line %d: too many allow groups.\n",
621 options->allow_groups[options->num_allow_groups++] = xstrdup(arg);
626 while ((arg = strdelim(&cp)) && *arg != '\0') {
627 if (options->num_deny_groups >= MAX_DENY_GROUPS)
628 fatal("%s line %d: too many deny groups.\n",
630 options->deny_groups[options->num_deny_groups++] = xstrdup(arg);
636 if (!arg || *arg == '\0')
637 fatal("%s line %d: Missing argument.", filename, linenum);
638 if (!ciphers_valid(arg))
639 fatal("%s line %d: Bad SSH2 cipher spec '%s'.",
640 filename, linenum, arg ? arg : "<NONE>");
641 if (options->ciphers == NULL)
642 options->ciphers = xstrdup(arg);
646 intptr = &options->protocol;
648 if (!arg || *arg == '\0')
649 fatal("%s line %d: Missing argument.", filename, linenum);
650 value = proto_spec(arg);
651 if (value == SSH_PROTO_UNKNOWN)
652 fatal("%s line %d: Bad protocol spec '%s'.",
653 filename, linenum, arg ? arg : "<NONE>");
654 if (*intptr == SSH_PROTO_UNKNOWN)
659 if(options->num_subsystems >= MAX_SUBSYSTEMS) {
660 fatal("%s line %d: too many subsystems defined.",
664 if (!arg || *arg == '\0')
665 fatal("%s line %d: Missing subsystem name.",
667 for (i = 0; i < options->num_subsystems; i++)
668 if(strcmp(arg, options->subsystem_name[i]) == 0)
669 fatal("%s line %d: Subsystem '%s' already defined.",
670 filename, linenum, arg);
671 options->subsystem_name[options->num_subsystems] = xstrdup(arg);
673 if (!arg || *arg == '\0')
674 fatal("%s line %d: Missing subsystem command.",
676 options->subsystem_command[options->num_subsystems] = xstrdup(arg);
677 options->num_subsystems++;
682 if (!arg || *arg == '\0')
683 fatal("%s line %d: Missing MaxStartups spec.",
685 if (sscanf(arg, "%d:%d:%d",
686 &options->max_startups_begin,
687 &options->max_startups_rate,
688 &options->max_startups) == 3) {
689 if (options->max_startups_begin >
690 options->max_startups ||
691 options->max_startups_rate > 100 ||
692 options->max_startups_rate < 1)
693 fatal("%s line %d: Illegal MaxStartups spec.",
697 intptr = &options->max_startups;
701 fprintf(stderr, "%s line %d: Missing handler for opcode %s (%d)\n",
702 filename, linenum, arg, opcode);
705 if ((arg = strdelim(&cp)) != NULL && *arg != '\0') {
707 "%s line %d: garbage at end of line; \"%.200s\".\n",
708 filename, linenum, arg);
713 if (bad_options > 0) {
714 fprintf(stderr, "%s: terminating, %d bad configuration options\n",
715 filename, bad_options);