2 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
5 * As far as I am concerned, the code I have written for this software
6 * can be used freely for any purpose. Any derived versions of this
7 * software must be clearly marked as such, and if the derived work is
8 * incompatible with the protocol description in the RFC file, it must be
9 * called by a name other than "ssh" or "Secure Shell".
13 RCSID("$OpenBSD: servconf.c,v 1.52 2000/10/11 20:14:39 markus Exp $");
20 /* add listen address */
21 void add_listen_addr(ServerOptions *options, char *addr);
23 /* Initializes the server options to their default values. */
26 initialize_server_options(ServerOptions *options)
28 memset(options, 0, sizeof(*options));
29 options->num_ports = 0;
30 options->ports_from_cmdline = 0;
31 options->listen_addrs = NULL;
32 options->host_key_file = NULL;
33 options->host_dsa_key_file = NULL;
34 options->pid_file = NULL;
35 options->server_key_bits = -1;
36 options->login_grace_time = -1;
37 options->key_regeneration_time = -1;
38 options->permit_root_login = -1;
39 options->ignore_rhosts = -1;
40 options->ignore_user_known_hosts = -1;
41 options->print_motd = -1;
42 options->check_mail = -1;
43 options->x11_forwarding = -1;
44 options->x11_display_offset = -1;
45 options->xauth_location = NULL;
46 options->strict_modes = -1;
47 options->keepalives = -1;
48 options->log_facility = (SyslogFacility) - 1;
49 options->log_level = (LogLevel) - 1;
50 options->rhosts_authentication = -1;
51 options->rhosts_rsa_authentication = -1;
52 options->rsa_authentication = -1;
53 options->dsa_authentication = -1;
55 options->kerberos_authentication = -1;
56 options->kerberos_or_local_passwd = -1;
57 options->kerberos_ticket_cleanup = -1;
60 options->kerberos_tgt_passing = -1;
61 options->afs_token_passing = -1;
63 options->password_authentication = -1;
64 options->kbd_interactive_authentication = -1;
66 options->skey_authentication = -1;
68 options->permit_empty_passwd = -1;
69 options->use_login = -1;
70 options->num_allow_users = 0;
71 options->num_deny_users = 0;
72 options->num_allow_groups = 0;
73 options->num_deny_groups = 0;
74 options->ciphers = NULL;
75 options->protocol = SSH_PROTO_UNKNOWN;
76 options->gateway_ports = -1;
77 options->num_subsystems = 0;
78 options->max_startups_begin = -1;
79 options->max_startups_rate = -1;
80 options->max_startups = -1;
84 fill_default_server_options(ServerOptions *options)
86 if (options->num_ports == 0)
87 options->ports[options->num_ports++] = SSH_DEFAULT_PORT;
88 if (options->listen_addrs == NULL)
89 add_listen_addr(options, NULL);
90 if (options->host_key_file == NULL)
91 options->host_key_file = HOST_KEY_FILE;
92 if (options->host_dsa_key_file == NULL)
93 options->host_dsa_key_file = HOST_DSA_KEY_FILE;
94 if (options->pid_file == NULL)
95 options->pid_file = SSH_DAEMON_PID_FILE;
96 if (options->server_key_bits == -1)
97 options->server_key_bits = 768;
98 if (options->login_grace_time == -1)
99 options->login_grace_time = 600;
100 if (options->key_regeneration_time == -1)
101 options->key_regeneration_time = 3600;
102 if (options->permit_root_login == -1)
103 options->permit_root_login = 1; /* yes */
104 if (options->ignore_rhosts == -1)
105 options->ignore_rhosts = 1;
106 if (options->ignore_user_known_hosts == -1)
107 options->ignore_user_known_hosts = 0;
108 if (options->check_mail == -1)
109 options->check_mail = 0;
110 if (options->print_motd == -1)
111 options->print_motd = 1;
112 if (options->x11_forwarding == -1)
113 options->x11_forwarding = 0;
114 if (options->x11_display_offset == -1)
115 options->x11_display_offset = 10;
117 if (options->xauth_location == NULL)
118 options->xauth_location = XAUTH_PATH;
119 #endif /* XAUTH_PATH */
120 if (options->strict_modes == -1)
121 options->strict_modes = 1;
122 if (options->keepalives == -1)
123 options->keepalives = 1;
124 if (options->log_facility == (SyslogFacility) (-1))
125 options->log_facility = SYSLOG_FACILITY_AUTH;
126 if (options->log_level == (LogLevel) (-1))
127 options->log_level = SYSLOG_LEVEL_INFO;
128 if (options->rhosts_authentication == -1)
129 options->rhosts_authentication = 0;
130 if (options->rhosts_rsa_authentication == -1)
131 options->rhosts_rsa_authentication = 0;
132 if (options->rsa_authentication == -1)
133 options->rsa_authentication = 1;
134 if (options->dsa_authentication == -1)
135 options->dsa_authentication = 1;
137 if (options->kerberos_authentication == -1)
138 options->kerberos_authentication = (access(KEYFILE, R_OK) == 0);
139 if (options->kerberos_or_local_passwd == -1)
140 options->kerberos_or_local_passwd = 1;
141 if (options->kerberos_ticket_cleanup == -1)
142 options->kerberos_ticket_cleanup = 1;
145 if (options->kerberos_tgt_passing == -1)
146 options->kerberos_tgt_passing = 0;
147 if (options->afs_token_passing == -1)
148 options->afs_token_passing = k_hasafs();
150 if (options->password_authentication == -1)
151 options->password_authentication = 1;
152 if (options->kbd_interactive_authentication == -1)
153 options->kbd_interactive_authentication = 0;
155 if (options->skey_authentication == -1)
156 options->skey_authentication = 1;
158 if (options->permit_empty_passwd == -1)
159 options->permit_empty_passwd = 0;
160 if (options->use_login == -1)
161 options->use_login = 0;
162 if (options->protocol == SSH_PROTO_UNKNOWN)
163 options->protocol = SSH_PROTO_1|SSH_PROTO_2;
164 if (options->gateway_ports == -1)
165 options->gateway_ports = 0;
166 if (options->max_startups == -1)
167 options->max_startups = 10;
168 if (options->max_startups_rate == -1)
169 options->max_startups_rate = 100; /* 100% */
170 if (options->max_startups_begin == -1)
171 options->max_startups_begin = options->max_startups;
174 /* Keyword tokens. */
176 sBadOption, /* == unknown option */
177 sPort, sHostKeyFile, sServerKeyBits, sLoginGraceTime, sKeyRegenerationTime,
178 sPermitRootLogin, sLogFacility, sLogLevel,
179 sRhostsAuthentication, sRhostsRSAAuthentication, sRSAAuthentication,
181 sKerberosAuthentication, sKerberosOrLocalPasswd, sKerberosTicketCleanup,
184 sKerberosTgtPassing, sAFSTokenPassing,
189 sPasswordAuthentication, sKbdInteractiveAuthentication, sListenAddress,
190 sPrintMotd, sIgnoreRhosts, sX11Forwarding, sX11DisplayOffset,
191 sStrictModes, sEmptyPasswd, sRandomSeedFile, sKeepAlives, sCheckMail,
192 sUseLogin, sAllowUsers, sDenyUsers, sAllowGroups, sDenyGroups,
193 sIgnoreUserKnownHosts, sHostDSAKeyFile, sCiphers, sProtocol, sPidFile,
194 sGatewayPorts, sDSAAuthentication, sXAuthLocation, sSubsystem, sMaxStartups
197 /* Textual representation of the tokens. */
200 ServerOpCodes opcode;
203 { "hostkey", sHostKeyFile },
204 { "hostdsakey", sHostDSAKeyFile },
205 { "pidfile", sPidFile },
206 { "serverkeybits", sServerKeyBits },
207 { "logingracetime", sLoginGraceTime },
208 { "keyregenerationinterval", sKeyRegenerationTime },
209 { "permitrootlogin", sPermitRootLogin },
210 { "syslogfacility", sLogFacility },
211 { "loglevel", sLogLevel },
212 { "rhostsauthentication", sRhostsAuthentication },
213 { "rhostsrsaauthentication", sRhostsRSAAuthentication },
214 { "rsaauthentication", sRSAAuthentication },
215 { "dsaauthentication", sDSAAuthentication },
217 { "kerberosauthentication", sKerberosAuthentication },
218 { "kerberosorlocalpasswd", sKerberosOrLocalPasswd },
219 { "kerberosticketcleanup", sKerberosTicketCleanup },
222 { "kerberostgtpassing", sKerberosTgtPassing },
223 { "afstokenpassing", sAFSTokenPassing },
225 { "passwordauthentication", sPasswordAuthentication },
226 { "kbdinteractiveauthentication", sKbdInteractiveAuthentication },
228 { "skeyauthentication", sSkeyAuthentication },
230 { "checkmail", sCheckMail },
231 { "listenaddress", sListenAddress },
232 { "printmotd", sPrintMotd },
233 { "ignorerhosts", sIgnoreRhosts },
234 { "ignoreuserknownhosts", sIgnoreUserKnownHosts },
235 { "x11forwarding", sX11Forwarding },
236 { "x11displayoffset", sX11DisplayOffset },
237 { "xauthlocation", sXAuthLocation },
238 { "strictmodes", sStrictModes },
239 { "permitemptypasswords", sEmptyPasswd },
240 { "uselogin", sUseLogin },
241 { "randomseed", sRandomSeedFile },
242 { "keepalive", sKeepAlives },
243 { "allowusers", sAllowUsers },
244 { "denyusers", sDenyUsers },
245 { "allowgroups", sAllowGroups },
246 { "denygroups", sDenyGroups },
247 { "ciphers", sCiphers },
248 { "protocol", sProtocol },
249 { "gatewayports", sGatewayPorts },
250 { "subsystem", sSubsystem },
251 { "maxstartups", sMaxStartups },
256 * Returns the number of the token pointed to by cp of length len. Never
257 * returns if the token is not known.
261 parse_token(const char *cp, const char *filename,
266 for (i = 0; keywords[i].name; i++)
267 if (strcasecmp(cp, keywords[i].name) == 0)
268 return keywords[i].opcode;
270 fprintf(stderr, "%s: line %d: Bad configuration option: %s\n",
271 filename, linenum, cp);
279 add_listen_addr(ServerOptions *options, char *addr)
282 struct addrinfo hints, *ai, *aitop;
283 char strport[NI_MAXSERV];
287 if (options->num_ports == 0)
288 options->ports[options->num_ports++] = SSH_DEFAULT_PORT;
289 for (i = 0; i < options->num_ports; i++) {
290 memset(&hints, 0, sizeof(hints));
291 hints.ai_family = IPv4or6;
292 hints.ai_socktype = SOCK_STREAM;
293 hints.ai_flags = (addr == NULL) ? AI_PASSIVE : 0;
294 snprintf(strport, sizeof strport, "%d", options->ports[i]);
295 if ((gaierr = getaddrinfo(addr, strport, &hints, &aitop)) != 0)
296 fatal("bad addr or host: %s (%s)\n",
297 addr ? addr : "<NULL>",
298 gai_strerror(gaierr));
299 for (ai = aitop; ai->ai_next; ai = ai->ai_next)
301 ai->ai_next = options->listen_addrs;
302 options->listen_addrs = aitop;
306 /* Reads the server configuration file. */
309 read_server_config(ServerOptions *options, const char *filename)
313 char *cp, **charptr, *arg;
314 int linenum, *intptr, value;
316 ServerOpCodes opcode;
319 f = fopen(filename, "r");
325 while (fgets(line, sizeof(line), f)) {
329 /* Ignore leading whitespace */
332 if (!*arg || *arg == '#')
334 opcode = parse_token(arg, filename, linenum);
340 /* ignore ports from configfile if cmdline specifies ports */
341 if (options->ports_from_cmdline)
343 if (options->listen_addrs != NULL)
344 fatal("%s line %d: ports must be specified before "
345 "ListenAdress.\n", filename, linenum);
346 if (options->num_ports >= MAX_PORTS)
347 fatal("%s line %d: too many ports.\n",
350 if (!arg || *arg == '\0')
351 fatal("%s line %d: missing port number.\n",
353 options->ports[options->num_ports++] = atoi(arg);
357 intptr = &options->server_key_bits;
360 if (!arg || *arg == '\0') {
361 fprintf(stderr, "%s line %d: missing integer value.\n",
370 case sLoginGraceTime:
371 intptr = &options->login_grace_time;
374 case sKeyRegenerationTime:
375 intptr = &options->key_regeneration_time;
380 if (!arg || *arg == '\0')
381 fatal("%s line %d: missing inet addr.\n",
383 add_listen_addr(options, arg);
387 case sHostDSAKeyFile:
388 charptr = (opcode == sHostKeyFile ) ?
389 &options->host_key_file : &options->host_dsa_key_file;
392 if (!arg || *arg == '\0') {
393 fprintf(stderr, "%s line %d: missing file name.\n",
397 if (*charptr == NULL)
398 *charptr = tilde_expand_filename(arg, getuid());
402 charptr = &options->pid_file;
405 case sRandomSeedFile:
406 fprintf(stderr, "%s line %d: \"randomseed\" option is obsolete.\n",
411 case sPermitRootLogin:
412 intptr = &options->permit_root_login;
414 if (!arg || *arg == '\0') {
415 fprintf(stderr, "%s line %d: missing yes/without-password/no argument.\n",
419 if (strcmp(arg, "without-password") == 0)
421 else if (strcmp(arg, "yes") == 0)
423 else if (strcmp(arg, "no") == 0)
426 fprintf(stderr, "%s line %d: Bad yes/without-password/no argument: %s\n",
427 filename, linenum, arg);
435 intptr = &options->ignore_rhosts;
438 if (!arg || *arg == '\0') {
439 fprintf(stderr, "%s line %d: missing yes/no argument.\n",
443 if (strcmp(arg, "yes") == 0)
445 else if (strcmp(arg, "no") == 0)
448 fprintf(stderr, "%s line %d: Bad yes/no argument: %s\n",
449 filename, linenum, arg);
456 case sIgnoreUserKnownHosts:
457 intptr = &options->ignore_user_known_hosts;
460 case sRhostsAuthentication:
461 intptr = &options->rhosts_authentication;
464 case sRhostsRSAAuthentication:
465 intptr = &options->rhosts_rsa_authentication;
468 case sRSAAuthentication:
469 intptr = &options->rsa_authentication;
472 case sDSAAuthentication:
473 intptr = &options->dsa_authentication;
477 case sKerberosAuthentication:
478 intptr = &options->kerberos_authentication;
481 case sKerberosOrLocalPasswd:
482 intptr = &options->kerberos_or_local_passwd;
485 case sKerberosTicketCleanup:
486 intptr = &options->kerberos_ticket_cleanup;
491 case sKerberosTgtPassing:
492 intptr = &options->kerberos_tgt_passing;
495 case sAFSTokenPassing:
496 intptr = &options->afs_token_passing;
500 case sPasswordAuthentication:
501 intptr = &options->password_authentication;
504 case sKbdInteractiveAuthentication:
505 intptr = &options->kbd_interactive_authentication;
509 intptr = &options->check_mail;
513 case sSkeyAuthentication:
514 intptr = &options->skey_authentication;
519 intptr = &options->print_motd;
523 intptr = &options->x11_forwarding;
526 case sX11DisplayOffset:
527 intptr = &options->x11_display_offset;
531 charptr = &options->xauth_location;
535 intptr = &options->strict_modes;
539 intptr = &options->keepalives;
543 intptr = &options->permit_empty_passwd;
547 intptr = &options->use_login;
551 intptr = &options->gateway_ports;
555 intptr = (int *) &options->log_facility;
557 value = log_facility_number(arg);
558 if (value == (SyslogFacility) - 1)
559 fatal("%.200s line %d: unsupported log facility '%s'\n",
560 filename, linenum, arg ? arg : "<NONE>");
562 *intptr = (SyslogFacility) value;
566 intptr = (int *) &options->log_level;
568 value = log_level_number(arg);
569 if (value == (LogLevel) - 1)
570 fatal("%.200s line %d: unsupported log level '%s'\n",
571 filename, linenum, arg ? arg : "<NONE>");
573 *intptr = (LogLevel) value;
577 while ((arg = strdelim(&cp)) && *arg != '\0') {
578 if (options->num_allow_users >= MAX_ALLOW_USERS)
579 fatal("%s line %d: too many allow users.\n",
581 options->allow_users[options->num_allow_users++] = xstrdup(arg);
586 while ((arg = strdelim(&cp)) && *arg != '\0') {
587 if (options->num_deny_users >= MAX_DENY_USERS)
588 fatal( "%s line %d: too many deny users.\n",
590 options->deny_users[options->num_deny_users++] = xstrdup(arg);
595 while ((arg = strdelim(&cp)) && *arg != '\0') {
596 if (options->num_allow_groups >= MAX_ALLOW_GROUPS)
597 fatal("%s line %d: too many allow groups.\n",
599 options->allow_groups[options->num_allow_groups++] = xstrdup(arg);
604 while ((arg = strdelim(&cp)) && *arg != '\0') {
605 if (options->num_deny_groups >= MAX_DENY_GROUPS)
606 fatal("%s line %d: too many deny groups.\n",
608 options->deny_groups[options->num_deny_groups++] = xstrdup(arg);
614 if (!arg || *arg == '\0')
615 fatal("%s line %d: Missing argument.", filename, linenum);
616 if (!ciphers_valid(arg))
617 fatal("%s line %d: Bad SSH2 cipher spec '%s'.",
618 filename, linenum, arg ? arg : "<NONE>");
619 if (options->ciphers == NULL)
620 options->ciphers = xstrdup(arg);
624 intptr = &options->protocol;
626 if (!arg || *arg == '\0')
627 fatal("%s line %d: Missing argument.", filename, linenum);
628 value = proto_spec(arg);
629 if (value == SSH_PROTO_UNKNOWN)
630 fatal("%s line %d: Bad protocol spec '%s'.",
631 filename, linenum, arg ? arg : "<NONE>");
632 if (*intptr == SSH_PROTO_UNKNOWN)
637 if(options->num_subsystems >= MAX_SUBSYSTEMS) {
638 fatal("%s line %d: too many subsystems defined.",
642 if (!arg || *arg == '\0')
643 fatal("%s line %d: Missing subsystem name.",
645 for (i = 0; i < options->num_subsystems; i++)
646 if(strcmp(arg, options->subsystem_name[i]) == 0)
647 fatal("%s line %d: Subsystem '%s' already defined.",
648 filename, linenum, arg);
649 options->subsystem_name[options->num_subsystems] = xstrdup(arg);
651 if (!arg || *arg == '\0')
652 fatal("%s line %d: Missing subsystem command.",
654 options->subsystem_command[options->num_subsystems] = xstrdup(arg);
655 options->num_subsystems++;
660 if (!arg || *arg == '\0')
661 fatal("%s line %d: Missing MaxStartups spec.",
663 if (sscanf(arg, "%d:%d:%d",
664 &options->max_startups_begin,
665 &options->max_startups_rate,
666 &options->max_startups) == 3) {
667 if (options->max_startups_begin >
668 options->max_startups ||
669 options->max_startups_rate > 100 ||
670 options->max_startups_rate < 1)
671 fatal("%s line %d: Illegal MaxStartups spec.",
675 intptr = &options->max_startups;
679 fprintf(stderr, "%s line %d: Missing handler for opcode %s (%d)\n",
680 filename, linenum, arg, opcode);
683 if ((arg = strdelim(&cp)) != NULL && *arg != '\0') {
685 "%s line %d: garbage at end of line; \"%.200s\".\n",
686 filename, linenum, arg);
691 if (bad_options > 0) {
692 fprintf(stderr, "%s: terminating, %d bad configuration options\n",
693 filename, bad_options);