2 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
5 * As far as I am concerned, the code I have written for this software
6 * can be used freely for any purpose. Any derived versions of this
7 * software must be clearly marked as such, and if the derived work is
8 * incompatible with the protocol description in the RFC file, it must be
9 * called by a name other than "ssh" or "Secure Shell".
13 RCSID("$OpenBSD: servconf.c,v 1.80 2001/05/18 14:13:29 markus Exp $");
27 #include "pathnames.h"
28 #include "tildexpand.h"
34 void add_listen_addr(ServerOptions *options, char *addr, u_short port);
35 void add_one_listen_addr(ServerOptions *options, char *addr, u_short port);
37 /* AF_UNSPEC or AF_INET or AF_INET6 */
40 /* Initializes the server options to their default values. */
43 initialize_server_options(ServerOptions *options)
45 memset(options, 0, sizeof(*options));
46 options->num_ports = 0;
47 options->ports_from_cmdline = 0;
48 options->listen_addrs = NULL;
49 options->num_host_key_files = 0;
50 options->pid_file = NULL;
51 options->server_key_bits = -1;
52 options->login_grace_time = -1;
53 options->key_regeneration_time = -1;
54 options->permit_root_login = PERMIT_NOT_SET;
55 options->ignore_rhosts = -1;
56 options->ignore_user_known_hosts = -1;
57 options->print_motd = -1;
58 options->print_lastlog = -1;
59 options->check_mail = -1;
60 options->x11_forwarding = -1;
61 options->x11_display_offset = -1;
62 options->xauth_location = NULL;
63 options->strict_modes = -1;
64 options->keepalives = -1;
65 options->log_facility = (SyslogFacility) - 1;
66 options->log_level = (LogLevel) - 1;
67 options->rhosts_authentication = -1;
68 options->rhosts_rsa_authentication = -1;
69 options->hostbased_authentication = -1;
70 options->hostbased_uses_name_from_packet_only = -1;
71 options->rsa_authentication = -1;
72 options->pubkey_authentication = -1;
74 options->kerberos_authentication = -1;
75 options->kerberos_or_local_passwd = -1;
76 options->kerberos_ticket_cleanup = -1;
79 options->kerberos_tgt_passing = -1;
80 options->afs_token_passing = -1;
82 options->password_authentication = -1;
83 options->kbd_interactive_authentication = -1;
84 options->challenge_response_authentication = -1;
85 options->permit_empty_passwd = -1;
86 options->use_login = -1;
87 options->allow_tcp_forwarding = -1;
88 options->num_allow_users = 0;
89 options->num_deny_users = 0;
90 options->num_allow_groups = 0;
91 options->num_deny_groups = 0;
92 options->ciphers = NULL;
94 options->protocol = SSH_PROTO_UNKNOWN;
95 options->gateway_ports = -1;
96 options->num_subsystems = 0;
97 options->max_startups_begin = -1;
98 options->max_startups_rate = -1;
99 options->max_startups = -1;
100 options->banner = NULL;
101 options->reverse_mapping_check = -1;
102 options->client_alive_interval = -1;
103 options->client_alive_count_max = -1;
104 options->pam_authentication_via_kbd_int = -1;
108 fill_default_server_options(ServerOptions *options)
110 if (options->protocol == SSH_PROTO_UNKNOWN)
111 options->protocol = SSH_PROTO_1|SSH_PROTO_2;
112 if (options->num_host_key_files == 0) {
113 /* fill default hostkeys for protocols */
114 if (options->protocol & SSH_PROTO_1)
115 options->host_key_files[options->num_host_key_files++] = _PATH_HOST_KEY_FILE;
116 if (options->protocol & SSH_PROTO_2)
117 options->host_key_files[options->num_host_key_files++] = _PATH_HOST_DSA_KEY_FILE;
119 if (options->num_ports == 0)
120 options->ports[options->num_ports++] = SSH_DEFAULT_PORT;
121 if (options->listen_addrs == NULL)
122 add_listen_addr(options, NULL, 0);
123 if (options->pid_file == NULL)
124 options->pid_file = _PATH_SSH_DAEMON_PID_FILE;
125 if (options->server_key_bits == -1)
126 options->server_key_bits = 768;
127 if (options->login_grace_time == -1)
128 options->login_grace_time = 600;
129 if (options->key_regeneration_time == -1)
130 options->key_regeneration_time = 3600;
131 if (options->permit_root_login == PERMIT_NOT_SET)
132 options->permit_root_login = PERMIT_YES;
133 if (options->ignore_rhosts == -1)
134 options->ignore_rhosts = 1;
135 if (options->ignore_user_known_hosts == -1)
136 options->ignore_user_known_hosts = 0;
137 if (options->check_mail == -1)
138 options->check_mail = 0;
139 if (options->print_motd == -1)
140 options->print_motd = 1;
141 if (options->print_lastlog == -1)
142 options->print_lastlog = 1;
143 if (options->x11_forwarding == -1)
144 options->x11_forwarding = 0;
145 if (options->x11_display_offset == -1)
146 options->x11_display_offset = 10;
148 if (options->xauth_location == NULL)
149 options->xauth_location = XAUTH_PATH;
150 #endif /* XAUTH_PATH */
151 if (options->strict_modes == -1)
152 options->strict_modes = 1;
153 if (options->keepalives == -1)
154 options->keepalives = 1;
155 if (options->log_facility == (SyslogFacility) (-1))
156 options->log_facility = SYSLOG_FACILITY_AUTH;
157 if (options->log_level == (LogLevel) (-1))
158 options->log_level = SYSLOG_LEVEL_INFO;
159 if (options->rhosts_authentication == -1)
160 options->rhosts_authentication = 0;
161 if (options->rhosts_rsa_authentication == -1)
162 options->rhosts_rsa_authentication = 0;
163 if (options->hostbased_authentication == -1)
164 options->hostbased_authentication = 0;
165 if (options->hostbased_uses_name_from_packet_only == -1)
166 options->hostbased_uses_name_from_packet_only = 0;
167 if (options->rsa_authentication == -1)
168 options->rsa_authentication = 1;
169 if (options->pubkey_authentication == -1)
170 options->pubkey_authentication = 1;
172 if (options->kerberos_authentication == -1)
173 options->kerberos_authentication = (access(KEYFILE, R_OK) == 0);
174 if (options->kerberos_or_local_passwd == -1)
175 options->kerberos_or_local_passwd = 1;
176 if (options->kerberos_ticket_cleanup == -1)
177 options->kerberos_ticket_cleanup = 1;
180 if (options->kerberos_tgt_passing == -1)
181 options->kerberos_tgt_passing = 0;
182 if (options->afs_token_passing == -1)
183 options->afs_token_passing = k_hasafs();
185 if (options->password_authentication == -1)
186 options->password_authentication = 1;
187 if (options->kbd_interactive_authentication == -1)
188 options->kbd_interactive_authentication = 0;
189 if (options->challenge_response_authentication == -1)
190 options->challenge_response_authentication = 1;
191 if (options->permit_empty_passwd == -1)
192 options->permit_empty_passwd = 0;
193 if (options->use_login == -1)
194 options->use_login = 0;
195 if (options->allow_tcp_forwarding == -1)
196 options->allow_tcp_forwarding = 1;
197 if (options->gateway_ports == -1)
198 options->gateway_ports = 0;
199 if (options->max_startups == -1)
200 options->max_startups = 10;
201 if (options->max_startups_rate == -1)
202 options->max_startups_rate = 100; /* 100% */
203 if (options->max_startups_begin == -1)
204 options->max_startups_begin = options->max_startups;
205 if (options->reverse_mapping_check == -1)
206 options->reverse_mapping_check = 0;
207 if (options->client_alive_interval == -1)
208 options->client_alive_interval = 0;
209 if (options->client_alive_count_max == -1)
210 options->client_alive_count_max = 3;
211 if (options->pam_authentication_via_kbd_int == -1)
212 options->pam_authentication_via_kbd_int = 0;
215 /* Keyword tokens. */
217 sBadOption, /* == unknown option */
218 sPort, sHostKeyFile, sServerKeyBits, sLoginGraceTime, sKeyRegenerationTime,
219 sPermitRootLogin, sLogFacility, sLogLevel,
220 sRhostsAuthentication, sRhostsRSAAuthentication, sRSAAuthentication,
222 sKerberosAuthentication, sKerberosOrLocalPasswd, sKerberosTicketCleanup,
225 sKerberosTgtPassing, sAFSTokenPassing,
227 sChallengeResponseAuthentication,
228 sPasswordAuthentication, sKbdInteractiveAuthentication, sListenAddress,
229 sPrintMotd, sPrintLastLog, sIgnoreRhosts,
230 sX11Forwarding, sX11DisplayOffset,
231 sStrictModes, sEmptyPasswd, sKeepAlives, sCheckMail,
232 sUseLogin, sAllowTcpForwarding,
233 sAllowUsers, sDenyUsers, sAllowGroups, sDenyGroups,
234 sIgnoreUserKnownHosts, sCiphers, sMacs, sProtocol, sPidFile,
235 sGatewayPorts, sPubkeyAuthentication, sXAuthLocation, sSubsystem, sMaxStartups,
236 sBanner, sReverseMappingCheck, sHostbasedAuthentication,
237 sHostbasedUsesNameFromPacketOnly, sClientAliveInterval,
238 sClientAliveCountMax, sPAMAuthenticationViaKbdInt
241 /* Textual representation of the tokens. */
244 ServerOpCodes opcode;
247 { "hostkey", sHostKeyFile },
248 { "hostdsakey", sHostKeyFile }, /* alias */
249 { "pidfile", sPidFile },
250 { "serverkeybits", sServerKeyBits },
251 { "logingracetime", sLoginGraceTime },
252 { "keyregenerationinterval", sKeyRegenerationTime },
253 { "permitrootlogin", sPermitRootLogin },
254 { "syslogfacility", sLogFacility },
255 { "loglevel", sLogLevel },
256 { "rhostsauthentication", sRhostsAuthentication },
257 { "rhostsrsaauthentication", sRhostsRSAAuthentication },
258 { "hostbasedauthentication", sHostbasedAuthentication },
259 { "hostbasedusesnamefrompacketonly", sHostbasedUsesNameFromPacketOnly },
260 { "rsaauthentication", sRSAAuthentication },
261 { "pubkeyauthentication", sPubkeyAuthentication },
262 { "dsaauthentication", sPubkeyAuthentication }, /* alias */
264 { "kerberosauthentication", sKerberosAuthentication },
265 { "kerberosorlocalpasswd", sKerberosOrLocalPasswd },
266 { "kerberosticketcleanup", sKerberosTicketCleanup },
269 { "kerberostgtpassing", sKerberosTgtPassing },
270 { "afstokenpassing", sAFSTokenPassing },
272 { "passwordauthentication", sPasswordAuthentication },
273 { "kbdinteractiveauthentication", sKbdInteractiveAuthentication },
274 { "challengeresponseauthentication", sChallengeResponseAuthentication },
275 { "skeyauthentication", sChallengeResponseAuthentication }, /* alias */
276 { "checkmail", sCheckMail },
277 { "listenaddress", sListenAddress },
278 { "printmotd", sPrintMotd },
279 { "printlastlog", sPrintLastLog },
280 { "ignorerhosts", sIgnoreRhosts },
281 { "ignoreuserknownhosts", sIgnoreUserKnownHosts },
282 { "x11forwarding", sX11Forwarding },
283 { "x11displayoffset", sX11DisplayOffset },
284 { "xauthlocation", sXAuthLocation },
285 { "strictmodes", sStrictModes },
286 { "permitemptypasswords", sEmptyPasswd },
287 { "uselogin", sUseLogin },
288 { "keepalive", sKeepAlives },
289 { "allowtcpforwarding", sAllowTcpForwarding },
290 { "allowusers", sAllowUsers },
291 { "denyusers", sDenyUsers },
292 { "allowgroups", sAllowGroups },
293 { "denygroups", sDenyGroups },
294 { "ciphers", sCiphers },
296 { "protocol", sProtocol },
297 { "gatewayports", sGatewayPorts },
298 { "subsystem", sSubsystem },
299 { "maxstartups", sMaxStartups },
300 { "banner", sBanner },
301 { "reversemappingcheck", sReverseMappingCheck },
302 { "clientaliveinterval", sClientAliveInterval },
303 { "clientalivecountmax", sClientAliveCountMax },
304 { "PAMAuthenticationViaKbdInt", sPAMAuthenticationViaKbdInt },
309 * Returns the number of the token pointed to by cp or sBadOption.
313 parse_token(const char *cp, const char *filename,
318 for (i = 0; keywords[i].name; i++)
319 if (strcasecmp(cp, keywords[i].name) == 0)
320 return keywords[i].opcode;
322 error("%s: line %d: Bad configuration option: %s",
323 filename, linenum, cp);
328 add_listen_addr(ServerOptions *options, char *addr, u_short port)
332 if (options->num_ports == 0)
333 options->ports[options->num_ports++] = SSH_DEFAULT_PORT;
335 for (i = 0; i < options->num_ports; i++)
336 add_one_listen_addr(options, addr, options->ports[i]);
338 add_one_listen_addr(options, addr, port);
342 add_one_listen_addr(ServerOptions *options, char *addr, u_short port)
344 struct addrinfo hints, *ai, *aitop;
345 char strport[NI_MAXSERV];
348 memset(&hints, 0, sizeof(hints));
349 hints.ai_family = IPv4or6;
350 hints.ai_socktype = SOCK_STREAM;
351 hints.ai_flags = (addr == NULL) ? AI_PASSIVE : 0;
352 snprintf(strport, sizeof strport, "%d", port);
353 if ((gaierr = getaddrinfo(addr, strport, &hints, &aitop)) != 0)
354 fatal("bad addr or host: %s (%s)",
355 addr ? addr : "<NULL>",
356 gai_strerror(gaierr));
357 for (ai = aitop; ai->ai_next; ai = ai->ai_next)
359 ai->ai_next = options->listen_addrs;
360 options->listen_addrs = aitop;
363 /* Reads the server configuration file. */
366 read_server_config(ServerOptions *options, const char *filename)
370 char *cp, **charptr, *arg, *p;
371 int linenum, *intptr, value;
373 ServerOpCodes opcode;
376 f = fopen(filename, "r");
382 while (fgets(line, sizeof(line), f)) {
386 /* Ignore leading whitespace */
389 if (!arg || !*arg || *arg == '#')
393 opcode = parse_token(arg, filename, linenum);
399 /* ignore ports from configfile if cmdline specifies ports */
400 if (options->ports_from_cmdline)
402 if (options->listen_addrs != NULL)
403 fatal("%s line %d: ports must be specified before "
404 "ListenAdress.", filename, linenum);
405 if (options->num_ports >= MAX_PORTS)
406 fatal("%s line %d: too many ports.",
409 if (!arg || *arg == '\0')
410 fatal("%s line %d: missing port number.",
412 options->ports[options->num_ports++] = a2port(arg);
413 if (options->ports[options->num_ports-1] == 0)
414 fatal("%s line %d: Badly formatted port number.",
419 intptr = &options->server_key_bits;
422 if (!arg || *arg == '\0')
423 fatal("%s line %d: missing integer value.",
430 case sLoginGraceTime:
431 intptr = &options->login_grace_time;
434 case sKeyRegenerationTime:
435 intptr = &options->key_regeneration_time;
440 if (!arg || *arg == '\0' || strncmp(arg, "[]", 2) == 0)
441 fatal("%s line %d: missing inet addr.",
444 if ((p = strchr(arg, ']')) == NULL)
445 fatal("%s line %d: bad ipv6 inet addr usage.",
448 memmove(p, p+1, strlen(p+1)+1);
449 } else if (((p = strchr(arg, ':')) == NULL) ||
450 (strchr(p+1, ':') != NULL)) {
451 add_listen_addr(options, arg, 0);
459 fatal("%s line %d: bad inet addr:port usage.",
463 if ((port = a2port(p)) == 0)
464 fatal("%s line %d: bad port number.",
466 add_listen_addr(options, arg, port);
468 } else if (*p == '\0')
469 add_listen_addr(options, arg, 0);
471 fatal("%s line %d: bad inet addr usage.",
476 intptr = &options->num_host_key_files;
477 if (*intptr >= MAX_HOSTKEYS)
478 fatal("%s line %d: too many host keys specified (max %d).",
479 filename, linenum, MAX_HOSTKEYS);
480 charptr = &options->host_key_files[*intptr];
483 if (!arg || *arg == '\0')
484 fatal("%s line %d: missing file name.",
486 if (*charptr == NULL) {
487 *charptr = tilde_expand_filename(arg, getuid());
488 /* increase optional counter */
490 *intptr = *intptr + 1;
495 charptr = &options->pid_file;
498 case sPermitRootLogin:
499 intptr = &options->permit_root_login;
501 if (!arg || *arg == '\0')
502 fatal("%s line %d: missing yes/"
503 "without-password/forced-commands-only/no "
504 "argument.", filename, linenum);
505 value = 0; /* silence compiler */
506 if (strcmp(arg, "without-password") == 0)
507 value = PERMIT_NO_PASSWD;
508 else if (strcmp(arg, "forced-commands-only") == 0)
509 value = PERMIT_FORCED_ONLY;
510 else if (strcmp(arg, "yes") == 0)
512 else if (strcmp(arg, "no") == 0)
515 fatal("%s line %d: Bad yes/"
516 "without-password/forced-commands-only/no "
517 "argument: %s", filename, linenum, arg);
523 intptr = &options->ignore_rhosts;
526 if (!arg || *arg == '\0')
527 fatal("%s line %d: missing yes/no argument.",
529 value = 0; /* silence compiler */
530 if (strcmp(arg, "yes") == 0)
532 else if (strcmp(arg, "no") == 0)
535 fatal("%s line %d: Bad yes/no argument: %s",
536 filename, linenum, arg);
541 case sIgnoreUserKnownHosts:
542 intptr = &options->ignore_user_known_hosts;
545 case sRhostsAuthentication:
546 intptr = &options->rhosts_authentication;
549 case sRhostsRSAAuthentication:
550 intptr = &options->rhosts_rsa_authentication;
553 case sHostbasedAuthentication:
554 intptr = &options->hostbased_authentication;
557 case sHostbasedUsesNameFromPacketOnly:
558 intptr = &options->hostbased_uses_name_from_packet_only;
561 case sRSAAuthentication:
562 intptr = &options->rsa_authentication;
565 case sPubkeyAuthentication:
566 intptr = &options->pubkey_authentication;
570 case sKerberosAuthentication:
571 intptr = &options->kerberos_authentication;
574 case sKerberosOrLocalPasswd:
575 intptr = &options->kerberos_or_local_passwd;
578 case sKerberosTicketCleanup:
579 intptr = &options->kerberos_ticket_cleanup;
584 case sKerberosTgtPassing:
585 intptr = &options->kerberos_tgt_passing;
588 case sAFSTokenPassing:
589 intptr = &options->afs_token_passing;
593 case sPasswordAuthentication:
594 intptr = &options->password_authentication;
597 case sKbdInteractiveAuthentication:
598 intptr = &options->kbd_interactive_authentication;
602 intptr = &options->check_mail;
605 case sChallengeResponseAuthentication:
606 intptr = &options->challenge_response_authentication;
610 intptr = &options->print_motd;
614 intptr = &options->print_lastlog;
618 intptr = &options->x11_forwarding;
621 case sX11DisplayOffset:
622 intptr = &options->x11_display_offset;
626 charptr = &options->xauth_location;
630 intptr = &options->strict_modes;
634 intptr = &options->keepalives;
638 intptr = &options->permit_empty_passwd;
642 intptr = &options->use_login;
646 intptr = &options->gateway_ports;
649 case sReverseMappingCheck:
650 intptr = &options->reverse_mapping_check;
654 intptr = (int *) &options->log_facility;
656 value = log_facility_number(arg);
657 if (value == (SyslogFacility) - 1)
658 fatal("%.200s line %d: unsupported log facility '%s'",
659 filename, linenum, arg ? arg : "<NONE>");
661 *intptr = (SyslogFacility) value;
665 intptr = (int *) &options->log_level;
667 value = log_level_number(arg);
668 if (value == (LogLevel) - 1)
669 fatal("%.200s line %d: unsupported log level '%s'",
670 filename, linenum, arg ? arg : "<NONE>");
672 *intptr = (LogLevel) value;
675 case sAllowTcpForwarding:
676 intptr = &options->allow_tcp_forwarding;
680 while ((arg = strdelim(&cp)) && *arg != '\0') {
681 if (options->num_allow_users >= MAX_ALLOW_USERS)
682 fatal("%s line %d: too many allow users.",
684 options->allow_users[options->num_allow_users++] = xstrdup(arg);
689 while ((arg = strdelim(&cp)) && *arg != '\0') {
690 if (options->num_deny_users >= MAX_DENY_USERS)
691 fatal( "%s line %d: too many deny users.",
693 options->deny_users[options->num_deny_users++] = xstrdup(arg);
698 while ((arg = strdelim(&cp)) && *arg != '\0') {
699 if (options->num_allow_groups >= MAX_ALLOW_GROUPS)
700 fatal("%s line %d: too many allow groups.",
702 options->allow_groups[options->num_allow_groups++] = xstrdup(arg);
707 while ((arg = strdelim(&cp)) && *arg != '\0') {
708 if (options->num_deny_groups >= MAX_DENY_GROUPS)
709 fatal("%s line %d: too many deny groups.",
711 options->deny_groups[options->num_deny_groups++] = xstrdup(arg);
717 if (!arg || *arg == '\0')
718 fatal("%s line %d: Missing argument.", filename, linenum);
719 if (!ciphers_valid(arg))
720 fatal("%s line %d: Bad SSH2 cipher spec '%s'.",
721 filename, linenum, arg ? arg : "<NONE>");
722 if (options->ciphers == NULL)
723 options->ciphers = xstrdup(arg);
728 if (!arg || *arg == '\0')
729 fatal("%s line %d: Missing argument.", filename, linenum);
731 fatal("%s line %d: Bad SSH2 mac spec '%s'.",
732 filename, linenum, arg ? arg : "<NONE>");
733 if (options->macs == NULL)
734 options->macs = xstrdup(arg);
738 intptr = &options->protocol;
740 if (!arg || *arg == '\0')
741 fatal("%s line %d: Missing argument.", filename, linenum);
742 value = proto_spec(arg);
743 if (value == SSH_PROTO_UNKNOWN)
744 fatal("%s line %d: Bad protocol spec '%s'.",
745 filename, linenum, arg ? arg : "<NONE>");
746 if (*intptr == SSH_PROTO_UNKNOWN)
751 if(options->num_subsystems >= MAX_SUBSYSTEMS) {
752 fatal("%s line %d: too many subsystems defined.",
756 if (!arg || *arg == '\0')
757 fatal("%s line %d: Missing subsystem name.",
759 for (i = 0; i < options->num_subsystems; i++)
760 if(strcmp(arg, options->subsystem_name[i]) == 0)
761 fatal("%s line %d: Subsystem '%s' already defined.",
762 filename, linenum, arg);
763 options->subsystem_name[options->num_subsystems] = xstrdup(arg);
765 if (!arg || *arg == '\0')
766 fatal("%s line %d: Missing subsystem command.",
768 options->subsystem_command[options->num_subsystems] = xstrdup(arg);
769 options->num_subsystems++;
774 if (!arg || *arg == '\0')
775 fatal("%s line %d: Missing MaxStartups spec.",
777 if (sscanf(arg, "%d:%d:%d",
778 &options->max_startups_begin,
779 &options->max_startups_rate,
780 &options->max_startups) == 3) {
781 if (options->max_startups_begin >
782 options->max_startups ||
783 options->max_startups_rate > 100 ||
784 options->max_startups_rate < 1)
785 fatal("%s line %d: Illegal MaxStartups spec.",
789 intptr = &options->max_startups;
793 charptr = &options->banner;
795 case sClientAliveInterval:
796 intptr = &options->client_alive_interval;
798 case sClientAliveCountMax:
799 intptr = &options->client_alive_count_max;
801 case sPAMAuthenticationViaKbdInt:
802 intptr = &options->pam_authentication_via_kbd_int;
806 fatal("%s line %d: Missing handler for opcode %s (%d)",
807 filename, linenum, arg, opcode);
809 if ((arg = strdelim(&cp)) != NULL && *arg != '\0')
810 fatal("%s line %d: garbage at end of line; \"%.200s\".",
811 filename, linenum, arg);
815 fatal("%s: terminating, %d bad configuration options",
816 filename, bad_options);