]> andersk Git - openssh.git/blob - readconf.c
- OpenBSD CVS Updates:
[openssh.git] / readconf.c
1 /*
2  *
3  * readconf.c
4  *
5  * Author: Tatu Ylonen <ylo@cs.hut.fi>
6  *
7  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
8  *                    All rights reserved
9  *
10  * Created: Sat Apr 22 00:03:10 1995 ylo
11  *
12  * Functions for reading the configuration files.
13  *
14  */
15
16 #include "includes.h"
17 RCSID("$OpenBSD: readconf.c,v 1.37 2000/06/20 01:39:43 markus Exp $");
18
19 #include "ssh.h"
20 #include "cipher.h"
21 #include "readconf.h"
22 #include "match.h"
23 #include "xmalloc.h"
24 #include "compat.h"
25
26 /* Format of the configuration file:
27
28    # Configuration data is parsed as follows:
29    #  1. command line options
30    #  2. user-specific file
31    #  3. system-wide file
32    # Any configuration value is only changed the first time it is set.
33    # Thus, host-specific definitions should be at the beginning of the
34    # configuration file, and defaults at the end.
35
36    # Host-specific declarations.  These may override anything above.  A single
37    # host may match multiple declarations; these are processed in the order
38    # that they are given in.
39
40    Host *.ngs.fi ngs.fi
41      FallBackToRsh no
42
43    Host fake.com
44      HostName another.host.name.real.org
45      User blaah
46      Port 34289
47      ForwardX11 no
48      ForwardAgent no
49
50    Host books.com
51      RemoteForward 9999 shadows.cs.hut.fi:9999
52      Cipher 3des
53
54    Host fascist.blob.com
55      Port 23123
56      User tylonen
57      RhostsAuthentication no
58      PasswordAuthentication no
59
60    Host puukko.hut.fi
61      User t35124p
62      ProxyCommand ssh-proxy %h %p
63
64    Host *.fr
65      UseRsh yes
66
67    Host *.su
68      Cipher none
69      PasswordAuthentication no
70
71    # Defaults for various options
72    Host *
73      ForwardAgent no
74      ForwardX11 yes
75      RhostsAuthentication yes
76      PasswordAuthentication yes
77      RSAAuthentication yes
78      RhostsRSAAuthentication yes
79      FallBackToRsh no
80      UseRsh no
81      StrictHostKeyChecking yes
82      KeepAlives no
83      IdentityFile ~/.ssh/identity
84      Port 22
85      EscapeChar ~
86
87 */
88
89 /* Keyword tokens. */
90
91 typedef enum {
92         oBadOption,
93         oForwardAgent, oForwardX11, oGatewayPorts, oRhostsAuthentication,
94         oPasswordAuthentication, oRSAAuthentication, oFallBackToRsh, oUseRsh,
95         oSkeyAuthentication, oXAuthLocation,
96 #ifdef KRB4
97         oKerberosAuthentication,
98 #endif /* KRB4 */
99 #ifdef AFS
100         oKerberosTgtPassing, oAFSTokenPassing,
101 #endif
102         oIdentityFile, oHostName, oPort, oCipher, oRemoteForward, oLocalForward,
103         oUser, oHost, oEscapeChar, oRhostsRSAAuthentication, oProxyCommand,
104         oGlobalKnownHostsFile, oUserKnownHostsFile, oConnectionAttempts,
105         oBatchMode, oCheckHostIP, oStrictHostKeyChecking, oCompression,
106         oCompressionLevel, oKeepAlives, oNumberOfPasswordPrompts, oTISAuthentication,
107         oUsePrivilegedPort, oLogLevel, oCiphers, oProtocol, oIdentityFile2,
108         oGlobalKnownHostsFile2, oUserKnownHostsFile2, oDSAAuthentication
109 } OpCodes;
110
111 /* Textual representations of the tokens. */
112
113 static struct {
114         const char *name;
115         OpCodes opcode;
116 } keywords[] = {
117         { "forwardagent", oForwardAgent },
118         { "forwardx11", oForwardX11 },
119         { "xauthlocation", oXAuthLocation },
120         { "gatewayports", oGatewayPorts },
121         { "useprivilegedport", oUsePrivilegedPort },
122         { "rhostsauthentication", oRhostsAuthentication },
123         { "passwordauthentication", oPasswordAuthentication },
124         { "rsaauthentication", oRSAAuthentication },
125         { "dsaauthentication", oDSAAuthentication },
126         { "skeyauthentication", oSkeyAuthentication },
127 #ifdef KRB4
128         { "kerberosauthentication", oKerberosAuthentication },
129 #endif /* KRB4 */
130 #ifdef AFS
131         { "kerberostgtpassing", oKerberosTgtPassing },
132         { "afstokenpassing", oAFSTokenPassing },
133 #endif
134         { "fallbacktorsh", oFallBackToRsh },
135         { "usersh", oUseRsh },
136         { "identityfile", oIdentityFile },
137         { "identityfile2", oIdentityFile2 },
138         { "hostname", oHostName },
139         { "proxycommand", oProxyCommand },
140         { "port", oPort },
141         { "cipher", oCipher },
142         { "ciphers", oCiphers },
143         { "protocol", oProtocol },
144         { "remoteforward", oRemoteForward },
145         { "localforward", oLocalForward },
146         { "user", oUser },
147         { "host", oHost },
148         { "escapechar", oEscapeChar },
149         { "rhostsrsaauthentication", oRhostsRSAAuthentication },
150         { "globalknownhostsfile", oGlobalKnownHostsFile },
151         { "userknownhostsfile", oUserKnownHostsFile },
152         { "globalknownhostsfile2", oGlobalKnownHostsFile2 },
153         { "userknownhostsfile2", oUserKnownHostsFile2 },
154         { "connectionattempts", oConnectionAttempts },
155         { "batchmode", oBatchMode },
156         { "checkhostip", oCheckHostIP },
157         { "stricthostkeychecking", oStrictHostKeyChecking },
158         { "compression", oCompression },
159         { "compressionlevel", oCompressionLevel },
160         { "keepalive", oKeepAlives },
161         { "numberofpasswordprompts", oNumberOfPasswordPrompts },
162         { "tisauthentication", oTISAuthentication },
163         { "loglevel", oLogLevel },
164         { NULL, 0 }
165 };
166
167 /* Characters considered whitespace in strtok calls. */
168 #define WHITESPACE " \t\r\n="
169
170
171 /*
172  * Adds a local TCP/IP port forward to options.  Never returns if there is an
173  * error.
174  */
175
176 void
177 add_local_forward(Options *options, u_short port, const char *host,
178                   u_short host_port)
179 {
180         Forward *fwd;
181         extern uid_t original_real_uid;
182         if (port < IPPORT_RESERVED && original_real_uid != 0)
183                 fatal("Privileged ports can only be forwarded by root.\n");
184         if (options->num_local_forwards >= SSH_MAX_FORWARDS_PER_DIRECTION)
185                 fatal("Too many local forwards (max %d).", SSH_MAX_FORWARDS_PER_DIRECTION);
186         fwd = &options->local_forwards[options->num_local_forwards++];
187         fwd->port = port;
188         fwd->host = xstrdup(host);
189         fwd->host_port = host_port;
190 }
191
192 /*
193  * Adds a remote TCP/IP port forward to options.  Never returns if there is
194  * an error.
195  */
196
197 void
198 add_remote_forward(Options *options, u_short port, const char *host,
199                    u_short host_port)
200 {
201         Forward *fwd;
202         if (options->num_remote_forwards >= SSH_MAX_FORWARDS_PER_DIRECTION)
203                 fatal("Too many remote forwards (max %d).",
204                       SSH_MAX_FORWARDS_PER_DIRECTION);
205         fwd = &options->remote_forwards[options->num_remote_forwards++];
206         fwd->port = port;
207         fwd->host = xstrdup(host);
208         fwd->host_port = host_port;
209 }
210
211 /*
212  * Returns the number of the token pointed to by cp of length len. Never
213  * returns if the token is not known.
214  */
215
216 static OpCodes
217 parse_token(const char *cp, const char *filename, int linenum)
218 {
219         unsigned int i;
220
221         for (i = 0; keywords[i].name; i++)
222                 if (strcasecmp(cp, keywords[i].name) == 0)
223                         return keywords[i].opcode;
224
225         fprintf(stderr, "%s: line %d: Bad configuration option: %s\n",
226                 filename, linenum, cp);
227         return oBadOption;
228 }
229
230 /*
231  * Processes a single option line as used in the configuration files. This
232  * only sets those values that have not already been set.
233  */
234
235 int
236 process_config_line(Options *options, const char *host,
237                     char *line, const char *filename, int linenum,
238                     int *activep)
239 {
240         char buf[256], *cp, *string, **charptr, *cp2;
241         int opcode, *intptr, value;
242         u_short fwd_port, fwd_host_port;
243
244         /* Skip leading whitespace. */
245         cp = line + strspn(line, WHITESPACE);
246         if (!*cp || *cp == '\n' || *cp == '#')
247                 return 0;
248
249         /* Get the keyword. (Each line is supposed to begin with a keyword). */
250         cp = strtok(cp, WHITESPACE);
251         opcode = parse_token(cp, filename, linenum);
252
253         switch (opcode) {
254         case oBadOption:
255                 /* don't panic, but count bad options */
256                 return -1;
257                 /* NOTREACHED */
258         case oForwardAgent:
259                 intptr = &options->forward_agent;
260 parse_flag:
261                 cp = strtok(NULL, WHITESPACE);
262                 if (!cp)
263                         fatal("%.200s line %d: Missing yes/no argument.", filename, linenum);
264                 value = 0;      /* To avoid compiler warning... */
265                 if (strcmp(cp, "yes") == 0 || strcmp(cp, "true") == 0)
266                         value = 1;
267                 else if (strcmp(cp, "no") == 0 || strcmp(cp, "false") == 0)
268                         value = 0;
269                 else
270                         fatal("%.200s line %d: Bad yes/no argument.", filename, linenum);
271                 if (*activep && *intptr == -1)
272                         *intptr = value;
273                 break;
274
275         case oForwardX11:
276                 intptr = &options->forward_x11;
277                 goto parse_flag;
278
279         case oGatewayPorts:
280                 intptr = &options->gateway_ports;
281                 goto parse_flag;
282
283         case oUsePrivilegedPort:
284                 intptr = &options->use_privileged_port;
285                 goto parse_flag;
286
287         case oRhostsAuthentication:
288                 intptr = &options->rhosts_authentication;
289                 goto parse_flag;
290
291         case oPasswordAuthentication:
292                 intptr = &options->password_authentication;
293                 goto parse_flag;
294
295         case oDSAAuthentication:
296                 intptr = &options->dsa_authentication;
297                 goto parse_flag;
298
299         case oRSAAuthentication:
300                 intptr = &options->rsa_authentication;
301                 goto parse_flag;
302
303         case oRhostsRSAAuthentication:
304                 intptr = &options->rhosts_rsa_authentication;
305                 goto parse_flag;
306
307         case oTISAuthentication:
308                 /* fallthrough, there is no difference on the client side */
309         case oSkeyAuthentication:
310                 intptr = &options->skey_authentication;
311                 goto parse_flag;
312
313 #ifdef KRB4
314         case oKerberosAuthentication:
315                 intptr = &options->kerberos_authentication;
316                 goto parse_flag;
317 #endif /* KRB4 */
318
319 #ifdef AFS
320         case oKerberosTgtPassing:
321                 intptr = &options->kerberos_tgt_passing;
322                 goto parse_flag;
323
324         case oAFSTokenPassing:
325                 intptr = &options->afs_token_passing;
326                 goto parse_flag;
327 #endif
328
329         case oFallBackToRsh:
330                 intptr = &options->fallback_to_rsh;
331                 goto parse_flag;
332
333         case oUseRsh:
334                 intptr = &options->use_rsh;
335                 goto parse_flag;
336
337         case oBatchMode:
338                 intptr = &options->batch_mode;
339                 goto parse_flag;
340
341         case oCheckHostIP:
342                 intptr = &options->check_host_ip;
343                 goto parse_flag;
344
345         case oStrictHostKeyChecking:
346                 intptr = &options->strict_host_key_checking;
347                 cp = strtok(NULL, WHITESPACE);
348                 if (!cp)
349                         fatal("%.200s line %d: Missing yes/no argument.",
350                               filename, linenum);
351                 value = 0;      /* To avoid compiler warning... */
352                 if (strcmp(cp, "yes") == 0 || strcmp(cp, "true") == 0)
353                         value = 1;
354                 else if (strcmp(cp, "no") == 0 || strcmp(cp, "false") == 0)
355                         value = 0;
356                 else if (strcmp(cp, "ask") == 0)
357                         value = 2;
358                 else
359                         fatal("%.200s line %d: Bad yes/no/ask argument.", filename, linenum);
360                 if (*activep && *intptr == -1)
361                         *intptr = value;
362                 break;
363
364         case oCompression:
365                 intptr = &options->compression;
366                 goto parse_flag;
367
368         case oKeepAlives:
369                 intptr = &options->keepalives;
370                 goto parse_flag;
371
372         case oNumberOfPasswordPrompts:
373                 intptr = &options->number_of_password_prompts;
374                 goto parse_int;
375
376         case oCompressionLevel:
377                 intptr = &options->compression_level;
378                 goto parse_int;
379
380         case oIdentityFile:
381         case oIdentityFile2:
382                 cp = strtok(NULL, WHITESPACE);
383                 if (!cp)
384                         fatal("%.200s line %d: Missing argument.", filename, linenum);
385                 if (*activep) {
386                         intptr = (opcode == oIdentityFile) ?
387                             &options->num_identity_files :
388                             &options->num_identity_files2;
389                         if (*intptr >= SSH_MAX_IDENTITY_FILES)
390                                 fatal("%.200s line %d: Too many identity files specified (max %d).",
391                                       filename, linenum, SSH_MAX_IDENTITY_FILES);
392                         charptr = (opcode == oIdentityFile) ?
393                             &options->identity_files[*intptr] :
394                             &options->identity_files2[*intptr];
395                         *charptr = xstrdup(cp);
396                         *intptr = *intptr + 1;
397                 }
398                 break;
399
400         case oXAuthLocation:
401                 charptr=&options->xauth_location;
402                 goto parse_string;
403
404         case oUser:
405                 charptr = &options->user;
406 parse_string:
407                 cp = strtok(NULL, WHITESPACE);
408                 if (!cp)
409                         fatal("%.200s line %d: Missing argument.", filename, linenum);
410                 if (*activep && *charptr == NULL)
411                         *charptr = xstrdup(cp);
412                 break;
413
414         case oGlobalKnownHostsFile:
415                 charptr = &options->system_hostfile;
416                 goto parse_string;
417
418         case oUserKnownHostsFile:
419                 charptr = &options->user_hostfile;
420                 goto parse_string;
421
422         case oGlobalKnownHostsFile2:
423                 charptr = &options->system_hostfile2;
424                 goto parse_string;
425
426         case oUserKnownHostsFile2:
427                 charptr = &options->user_hostfile2;
428                 goto parse_string;
429
430         case oHostName:
431                 charptr = &options->hostname;
432                 goto parse_string;
433
434         case oProxyCommand:
435                 charptr = &options->proxy_command;
436                 string = xstrdup("");
437                 while ((cp = strtok(NULL, WHITESPACE)) != NULL) {
438                         string = xrealloc(string, strlen(string) + strlen(cp) + 2);
439                         strcat(string, " ");
440                         strcat(string, cp);
441                 }
442                 if (*activep && *charptr == NULL)
443                         *charptr = string;
444                 else
445                         xfree(string);
446                 return 0;
447
448         case oPort:
449                 intptr = &options->port;
450 parse_int:
451                 cp = strtok(NULL, WHITESPACE);
452                 if (!cp)
453                         fatal("%.200s line %d: Missing argument.", filename, linenum);
454                 if (cp[0] < '0' || cp[0] > '9')
455                         fatal("%.200s line %d: Bad number.", filename, linenum);
456
457                 /* Octal, decimal, or hex format? */
458                 value = strtol(cp, &cp2, 0);
459                 if (cp == cp2)
460                         fatal("%.200s line %d: Bad number.", filename, linenum);
461                 if (*activep && *intptr == -1)
462                         *intptr = value;
463                 break;
464
465         case oConnectionAttempts:
466                 intptr = &options->connection_attempts;
467                 goto parse_int;
468
469         case oCipher:
470                 intptr = &options->cipher;
471                 cp = strtok(NULL, WHITESPACE);
472                 if (!cp)
473                         fatal("%.200s line %d: Missing argument.", filename, linenum);
474                 value = cipher_number(cp);
475                 if (value == -1)
476                         fatal("%.200s line %d: Bad cipher '%s'.",
477                               filename, linenum, cp ? cp : "<NONE>");
478                 if (*activep && *intptr == -1)
479                         *intptr = value;
480                 break;
481
482         case oCiphers:
483                 cp = strtok(NULL, WHITESPACE);
484                 if (!cp)
485                         fatal("%.200s line %d: Missing argument.", filename, linenum);
486                 if (!ciphers_valid(cp))
487                         fatal("%.200s line %d: Bad SSH2 cipher spec '%s'.",
488                               filename, linenum, cp ? cp : "<NONE>");
489                 if (*activep && options->ciphers == NULL)
490                         options->ciphers = xstrdup(cp);
491                 break;
492
493         case oProtocol:
494                 intptr = &options->protocol;
495                 cp = strtok(NULL, WHITESPACE);
496                 if (!cp)
497                         fatal("%.200s line %d: Missing argument.", filename, linenum);
498                 value = proto_spec(cp);
499                 if (value == SSH_PROTO_UNKNOWN)
500                         fatal("%.200s line %d: Bad protocol spec '%s'.",
501                               filename, linenum, cp ? cp : "<NONE>");
502                 if (*activep && *intptr == SSH_PROTO_UNKNOWN)
503                         *intptr = value;
504                 break;
505
506         case oLogLevel:
507                 intptr = (int *) &options->log_level;
508                 cp = strtok(NULL, WHITESPACE);
509                 value = log_level_number(cp);
510                 if (value == (LogLevel) - 1)
511                         fatal("%.200s line %d: unsupported log level '%s'\n",
512                               filename, linenum, cp ? cp : "<NONE>");
513                 if (*activep && (LogLevel) * intptr == -1)
514                         *intptr = (LogLevel) value;
515                 break;
516
517         case oRemoteForward:
518                 cp = strtok(NULL, WHITESPACE);
519                 if (!cp)
520                         fatal("%.200s line %d: Missing argument.", filename, linenum);
521                 if (cp[0] < '0' || cp[0] > '9')
522                         fatal("%.200s line %d: Badly formatted port number.",
523                               filename, linenum);
524                 fwd_port = atoi(cp);
525                 cp = strtok(NULL, WHITESPACE);
526                 if (!cp)
527                         fatal("%.200s line %d: Missing second argument.",
528                               filename, linenum);
529                 if (sscanf(cp, "%255[^:]:%hu", buf, &fwd_host_port) != 2)
530                         fatal("%.200s line %d: Badly formatted host:port.",
531                               filename, linenum);
532                 if (*activep)
533                         add_remote_forward(options, fwd_port, buf, fwd_host_port);
534                 break;
535
536         case oLocalForward:
537                 cp = strtok(NULL, WHITESPACE);
538                 if (!cp)
539                         fatal("%.200s line %d: Missing argument.", filename, linenum);
540                 if (cp[0] < '0' || cp[0] > '9')
541                         fatal("%.200s line %d: Badly formatted port number.",
542                               filename, linenum);
543                 fwd_port = atoi(cp);
544                 cp = strtok(NULL, WHITESPACE);
545                 if (!cp)
546                         fatal("%.200s line %d: Missing second argument.",
547                               filename, linenum);
548                 if (sscanf(cp, "%255[^:]:%hu", buf, &fwd_host_port) != 2)
549                         fatal("%.200s line %d: Badly formatted host:port.",
550                               filename, linenum);
551                 if (*activep)
552                         add_local_forward(options, fwd_port, buf, fwd_host_port);
553                 break;
554
555         case oHost:
556                 *activep = 0;
557                 while ((cp = strtok(NULL, WHITESPACE)) != NULL)
558                         if (match_pattern(host, cp)) {
559                                 debug("Applying options for %.100s", cp);
560                                 *activep = 1;
561                                 break;
562                         }
563                 /* Avoid garbage check below, as strtok already returned NULL. */
564                 return 0;
565
566         case oEscapeChar:
567                 intptr = &options->escape_char;
568                 cp = strtok(NULL, WHITESPACE);
569                 if (!cp)
570                         fatal("%.200s line %d: Missing argument.", filename, linenum);
571                 if (cp[0] == '^' && cp[2] == 0 &&
572                     (unsigned char) cp[1] >= 64 && (unsigned char) cp[1] < 128)
573                         value = (unsigned char) cp[1] & 31;
574                 else if (strlen(cp) == 1)
575                         value = (unsigned char) cp[0];
576                 else if (strcmp(cp, "none") == 0)
577                         value = -2;
578                 else {
579                         fatal("%.200s line %d: Bad escape character.",
580                               filename, linenum);
581                         /* NOTREACHED */
582                         value = 0;      /* Avoid compiler warning. */
583                 }
584                 if (*activep && *intptr == -1)
585                         *intptr = value;
586                 break;
587
588         default:
589                 fatal("process_config_line: Unimplemented opcode %d", opcode);
590         }
591
592         /* Check that there is no garbage at end of line. */
593         if (strtok(NULL, WHITESPACE) != NULL)
594                 fatal("%.200s line %d: garbage at end of line.",
595                       filename, linenum);
596         return 0;
597 }
598
599
600 /*
601  * Reads the config file and modifies the options accordingly.  Options
602  * should already be initialized before this call.  This never returns if
603  * there is an error.  If the file does not exist, this returns immediately.
604  */
605
606 void
607 read_config_file(const char *filename, const char *host, Options *options)
608 {
609         FILE *f;
610         char line[1024];
611         int active, linenum;
612         int bad_options = 0;
613
614         /* Open the file. */
615         f = fopen(filename, "r");
616         if (!f)
617                 return;
618
619         debug("Reading configuration data %.200s", filename);
620
621         /*
622          * Mark that we are now processing the options.  This flag is turned
623          * on/off by Host specifications.
624          */
625         active = 1;
626         linenum = 0;
627         while (fgets(line, sizeof(line), f)) {
628                 /* Update line number counter. */
629                 linenum++;
630                 if (process_config_line(options, host, line, filename, linenum, &active) != 0)
631                         bad_options++;
632         }
633         fclose(f);
634         if (bad_options > 0)
635                 fatal("%s: terminating, %d bad configuration options\n",
636                       filename, bad_options);
637 }
638
639 /*
640  * Initializes options to special values that indicate that they have not yet
641  * been set.  Read_config_file will only set options with this value. Options
642  * are processed in the following order: command line, user config file,
643  * system config file.  Last, fill_default_options is called.
644  */
645
646 void
647 initialize_options(Options * options)
648 {
649         memset(options, 'X', sizeof(*options));
650         options->forward_agent = -1;
651         options->forward_x11 = -1;
652         options->xauth_location = NULL;
653         options->gateway_ports = -1;
654         options->use_privileged_port = -1;
655         options->rhosts_authentication = -1;
656         options->rsa_authentication = -1;
657         options->dsa_authentication = -1;
658         options->skey_authentication = -1;
659 #ifdef KRB4
660         options->kerberos_authentication = -1;
661 #endif
662 #ifdef AFS
663         options->kerberos_tgt_passing = -1;
664         options->afs_token_passing = -1;
665 #endif
666         options->password_authentication = -1;
667         options->rhosts_rsa_authentication = -1;
668         options->fallback_to_rsh = -1;
669         options->use_rsh = -1;
670         options->batch_mode = -1;
671         options->check_host_ip = -1;
672         options->strict_host_key_checking = -1;
673         options->compression = -1;
674         options->keepalives = -1;
675         options->compression_level = -1;
676         options->port = -1;
677         options->connection_attempts = -1;
678         options->number_of_password_prompts = -1;
679         options->cipher = -1;
680         options->ciphers = NULL;
681         options->protocol = SSH_PROTO_UNKNOWN;
682         options->num_identity_files = 0;
683         options->num_identity_files2 = 0;
684         options->hostname = NULL;
685         options->proxy_command = NULL;
686         options->user = NULL;
687         options->escape_char = -1;
688         options->system_hostfile = NULL;
689         options->user_hostfile = NULL;
690         options->system_hostfile2 = NULL;
691         options->user_hostfile2 = NULL;
692         options->num_local_forwards = 0;
693         options->num_remote_forwards = 0;
694         options->log_level = (LogLevel) - 1;
695 }
696
697 /*
698  * Called after processing other sources of option data, this fills those
699  * options for which no value has been specified with their default values.
700  */
701
702 void
703 fill_default_options(Options * options)
704 {
705         if (options->forward_agent == -1)
706                 options->forward_agent = 0;
707         if (options->forward_x11 == -1)
708                 options->forward_x11 = 0;
709 #ifdef XAUTH_PATH
710         if (options->xauth_location == NULL)
711                 options->xauth_location = XAUTH_PATH;
712 #endif /* XAUTH_PATH */
713         if (options->gateway_ports == -1)
714                 options->gateway_ports = 0;
715         if (options->use_privileged_port == -1)
716                 options->use_privileged_port = 1;
717         if (options->rhosts_authentication == -1)
718                 options->rhosts_authentication = 1;
719         if (options->rsa_authentication == -1)
720                 options->rsa_authentication = 1;
721         if (options->dsa_authentication == -1)
722                 options->dsa_authentication = 1;
723         if (options->skey_authentication == -1)
724                 options->skey_authentication = 0;
725 #ifdef KRB4
726         if (options->kerberos_authentication == -1)
727                 options->kerberos_authentication = 1;
728 #endif /* KRB4 */
729 #ifdef AFS
730         if (options->kerberos_tgt_passing == -1)
731                 options->kerberos_tgt_passing = 1;
732         if (options->afs_token_passing == -1)
733                 options->afs_token_passing = 1;
734 #endif /* AFS */
735         if (options->password_authentication == -1)
736                 options->password_authentication = 1;
737         if (options->rhosts_rsa_authentication == -1)
738                 options->rhosts_rsa_authentication = 1;
739         if (options->fallback_to_rsh == -1)
740                 options->fallback_to_rsh = 1;
741         if (options->use_rsh == -1)
742                 options->use_rsh = 0;
743         if (options->batch_mode == -1)
744                 options->batch_mode = 0;
745         if (options->check_host_ip == -1)
746                 options->check_host_ip = 1;
747         if (options->strict_host_key_checking == -1)
748                 options->strict_host_key_checking = 2;  /* 2 is default */
749         if (options->compression == -1)
750                 options->compression = 0;
751         if (options->keepalives == -1)
752                 options->keepalives = 1;
753         if (options->compression_level == -1)
754                 options->compression_level = 6;
755         if (options->port == -1)
756                 options->port = 0;      /* Filled in ssh_connect. */
757         if (options->connection_attempts == -1)
758                 options->connection_attempts = 4;
759         if (options->number_of_password_prompts == -1)
760                 options->number_of_password_prompts = 3;
761         /* Selected in ssh_login(). */
762         if (options->cipher == -1)
763                 options->cipher = SSH_CIPHER_NOT_SET;
764         /* options->ciphers, default set in myproposals.h */
765         if (options->protocol == SSH_PROTO_UNKNOWN)
766                 options->protocol = SSH_PROTO_1|SSH_PROTO_2|SSH_PROTO_1_PREFERRED;
767         if (options->num_identity_files == 0) {
768                 options->identity_files[0] =
769                         xmalloc(2 + strlen(SSH_CLIENT_IDENTITY) + 1);
770                 sprintf(options->identity_files[0], "~/%.100s", SSH_CLIENT_IDENTITY);
771                 options->num_identity_files = 1;
772         }
773         if (options->num_identity_files2 == 0) {
774                 options->identity_files2[0] =
775                         xmalloc(2 + strlen(SSH_CLIENT_ID_DSA) + 1);
776                 sprintf(options->identity_files2[0], "~/%.100s", SSH_CLIENT_ID_DSA);
777                 options->num_identity_files2 = 1;
778         }
779         if (options->escape_char == -1)
780                 options->escape_char = '~';
781         if (options->system_hostfile == NULL)
782                 options->system_hostfile = SSH_SYSTEM_HOSTFILE;
783         if (options->user_hostfile == NULL)
784                 options->user_hostfile = SSH_USER_HOSTFILE;
785         if (options->system_hostfile2 == NULL)
786                 options->system_hostfile2 = SSH_SYSTEM_HOSTFILE2;
787         if (options->user_hostfile2 == NULL)
788                 options->user_hostfile2 = SSH_USER_HOSTFILE2;
789         if (options->log_level == (LogLevel) - 1)
790                 options->log_level = SYSLOG_LEVEL_INFO;
791         /* options->proxy_command should not be set by default */
792         /* options->user will be set in the main program if appropriate */
793         /* options->hostname will be set in the main program if appropriate */
794 }
This page took 0.096451 seconds and 5 git commands to generate.