2 * Author: Tatu Ylonen <ylo@cs.hut.fi>
3 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
5 * Functions for reading the configuration files.
7 * As far as I am concerned, the code I have written for this software
8 * can be used freely for any purpose. Any derived versions of this
9 * software must be clearly marked as such, and if the derived work is
10 * incompatible with the protocol description in the RFC file, it must be
11 * called by a name other than "ssh" or "Secure Shell".
15 RCSID("$OpenBSD: readconf.c,v 1.89 2001/09/03 20:58:33 stevesk Exp $");
21 #include "pathnames.h"
29 /* Format of the configuration file:
31 # Configuration data is parsed as follows:
32 # 1. command line options
33 # 2. user-specific file
35 # Any configuration value is only changed the first time it is set.
36 # Thus, host-specific definitions should be at the beginning of the
37 # configuration file, and defaults at the end.
39 # Host-specific declarations. These may override anything above. A single
40 # host may match multiple declarations; these are processed in the order
41 # that they are given in.
47 HostName another.host.name.real.org
54 RemoteForward 9999 shadows.cs.hut.fi:9999
60 RhostsAuthentication no
61 PasswordAuthentication no
65 ProxyCommand ssh-proxy %h %p
72 PasswordAuthentication no
74 # Defaults for various options
78 RhostsAuthentication yes
79 PasswordAuthentication yes
81 RhostsRSAAuthentication yes
84 StrictHostKeyChecking yes
86 IdentityFile ~/.ssh/identity
96 oForwardAgent, oForwardX11, oGatewayPorts, oRhostsAuthentication,
97 oPasswordAuthentication, oRSAAuthentication, oFallBackToRsh, oUseRsh,
98 oChallengeResponseAuthentication, oXAuthLocation,
99 #if defined(KRB4) || defined(KRB5)
100 oKerberosAuthentication,
102 #if defined(AFS) || defined(KRB5)
108 oIdentityFile, oHostName, oPort, oCipher, oRemoteForward, oLocalForward,
109 oUser, oHost, oEscapeChar, oRhostsRSAAuthentication, oProxyCommand,
110 oGlobalKnownHostsFile, oUserKnownHostsFile, oConnectionAttempts,
111 oBatchMode, oCheckHostIP, oStrictHostKeyChecking, oCompression,
112 oCompressionLevel, oKeepAlives, oNumberOfPasswordPrompts,
113 oUsePrivilegedPort, oLogLevel, oCiphers, oProtocol, oMacs,
114 oGlobalKnownHostsFile2, oUserKnownHostsFile2, oPubkeyAuthentication,
115 oKbdInteractiveAuthentication, oKbdInteractiveDevices, oHostKeyAlias,
116 oDynamicForward, oPreferredAuthentications, oHostbasedAuthentication,
117 oHostKeyAlgorithms, oBindAddress, oSmartcardDevice
120 /* Textual representations of the tokens. */
126 { "forwardagent", oForwardAgent },
127 { "forwardx11", oForwardX11 },
128 { "xauthlocation", oXAuthLocation },
129 { "gatewayports", oGatewayPorts },
130 { "useprivilegedport", oUsePrivilegedPort },
131 { "rhostsauthentication", oRhostsAuthentication },
132 { "passwordauthentication", oPasswordAuthentication },
133 { "kbdinteractiveauthentication", oKbdInteractiveAuthentication },
134 { "kbdinteractivedevices", oKbdInteractiveDevices },
135 { "rsaauthentication", oRSAAuthentication },
136 { "pubkeyauthentication", oPubkeyAuthentication },
137 { "dsaauthentication", oPubkeyAuthentication }, /* alias */
138 { "rhostsrsaauthentication", oRhostsRSAAuthentication },
139 { "hostbasedauthentication", oHostbasedAuthentication },
140 { "challengeresponseauthentication", oChallengeResponseAuthentication },
141 { "skeyauthentication", oChallengeResponseAuthentication }, /* alias */
142 { "tisauthentication", oChallengeResponseAuthentication }, /* alias */
143 #if defined(KRB4) || defined(KRB5)
144 { "kerberosauthentication", oKerberosAuthentication },
146 #if defined(AFS) || defined(KRB5)
147 { "kerberostgtpassing", oKerberosTgtPassing },
150 { "afstokenpassing", oAFSTokenPassing },
152 { "fallbacktorsh", oFallBackToRsh },
153 { "usersh", oUseRsh },
154 { "identityfile", oIdentityFile },
155 { "identityfile2", oIdentityFile }, /* alias */
156 { "hostname", oHostName },
157 { "hostkeyalias", oHostKeyAlias },
158 { "proxycommand", oProxyCommand },
160 { "cipher", oCipher },
161 { "ciphers", oCiphers },
163 { "protocol", oProtocol },
164 { "remoteforward", oRemoteForward },
165 { "localforward", oLocalForward },
168 { "escapechar", oEscapeChar },
169 { "globalknownhostsfile", oGlobalKnownHostsFile },
170 { "userknownhostsfile", oUserKnownHostsFile }, /* obsolete */
171 { "globalknownhostsfile2", oGlobalKnownHostsFile2 },
172 { "userknownhostsfile2", oUserKnownHostsFile2 }, /* obsolete */
173 { "connectionattempts", oConnectionAttempts },
174 { "batchmode", oBatchMode },
175 { "checkhostip", oCheckHostIP },
176 { "stricthostkeychecking", oStrictHostKeyChecking },
177 { "compression", oCompression },
178 { "compressionlevel", oCompressionLevel },
179 { "keepalive", oKeepAlives },
180 { "numberofpasswordprompts", oNumberOfPasswordPrompts },
181 { "loglevel", oLogLevel },
182 { "dynamicforward", oDynamicForward },
183 { "preferredauthentications", oPreferredAuthentications },
184 { "hostkeyalgorithms", oHostKeyAlgorithms },
185 { "bindaddress", oBindAddress },
186 { "smartcarddevice", oSmartcardDevice },
191 * Adds a local TCP/IP port forward to options. Never returns if there is an
196 add_local_forward(Options *options, u_short port, const char *host,
201 extern uid_t original_real_uid;
202 if (port < IPPORT_RESERVED && original_real_uid != 0)
203 fatal("Privileged ports can only be forwarded by root.");
205 if (options->num_local_forwards >= SSH_MAX_FORWARDS_PER_DIRECTION)
206 fatal("Too many local forwards (max %d).", SSH_MAX_FORWARDS_PER_DIRECTION);
207 fwd = &options->local_forwards[options->num_local_forwards++];
209 fwd->host = xstrdup(host);
210 fwd->host_port = host_port;
214 * Adds a remote TCP/IP port forward to options. Never returns if there is
219 add_remote_forward(Options *options, u_short port, const char *host,
223 if (options->num_remote_forwards >= SSH_MAX_FORWARDS_PER_DIRECTION)
224 fatal("Too many remote forwards (max %d).",
225 SSH_MAX_FORWARDS_PER_DIRECTION);
226 fwd = &options->remote_forwards[options->num_remote_forwards++];
228 fwd->host = xstrdup(host);
229 fwd->host_port = host_port;
233 * Returns the number of the token pointed to by cp or oBadOption.
237 parse_token(const char *cp, const char *filename, int linenum)
241 for (i = 0; keywords[i].name; i++)
242 if (strcasecmp(cp, keywords[i].name) == 0)
243 return keywords[i].opcode;
245 error("%s: line %d: Bad configuration option: %s",
246 filename, linenum, cp);
251 * Processes a single option line as used in the configuration files. This
252 * only sets those values that have not already been set.
256 process_config_line(Options *options, const char *host,
257 char *line, const char *filename, int linenum,
260 char buf[256], *s, *string, **charptr, *endofnumber, *keyword, *arg;
261 int opcode, *intptr, value;
262 u_short fwd_port, fwd_host_port;
263 char sfwd_host_port[6];
266 /* Get the keyword. (Each line is supposed to begin with a keyword). */
267 keyword = strdelim(&s);
268 /* Ignore leading whitespace. */
269 if (*keyword == '\0')
270 keyword = strdelim(&s);
271 if (keyword == NULL || !*keyword || *keyword == '\n' || *keyword == '#')
274 opcode = parse_token(keyword, filename, linenum);
278 /* don't panic, but count bad options */
282 intptr = &options->forward_agent;
285 if (!arg || *arg == '\0')
286 fatal("%.200s line %d: Missing yes/no argument.", filename, linenum);
287 value = 0; /* To avoid compiler warning... */
288 if (strcmp(arg, "yes") == 0 || strcmp(arg, "true") == 0)
290 else if (strcmp(arg, "no") == 0 || strcmp(arg, "false") == 0)
293 fatal("%.200s line %d: Bad yes/no argument.", filename, linenum);
294 if (*activep && *intptr == -1)
299 intptr = &options->forward_x11;
303 intptr = &options->gateway_ports;
306 case oUsePrivilegedPort:
307 intptr = &options->use_privileged_port;
310 case oRhostsAuthentication:
311 intptr = &options->rhosts_authentication;
314 case oPasswordAuthentication:
315 intptr = &options->password_authentication;
318 case oKbdInteractiveAuthentication:
319 intptr = &options->kbd_interactive_authentication;
322 case oKbdInteractiveDevices:
323 charptr = &options->kbd_interactive_devices;
326 case oPubkeyAuthentication:
327 intptr = &options->pubkey_authentication;
330 case oRSAAuthentication:
331 intptr = &options->rsa_authentication;
334 case oRhostsRSAAuthentication:
335 intptr = &options->rhosts_rsa_authentication;
338 case oHostbasedAuthentication:
339 intptr = &options->hostbased_authentication;
342 case oChallengeResponseAuthentication:
343 intptr = &options->challenge_response_authentication;
345 #if defined(KRB4) || defined(KRB5)
346 case oKerberosAuthentication:
347 intptr = &options->kerberos_authentication;
350 #if defined(AFS) || defined(KRB5)
351 case oKerberosTgtPassing:
352 intptr = &options->kerberos_tgt_passing;
356 case oAFSTokenPassing:
357 intptr = &options->afs_token_passing;
361 intptr = &options->fallback_to_rsh;
365 intptr = &options->use_rsh;
369 intptr = &options->batch_mode;
373 intptr = &options->check_host_ip;
376 case oStrictHostKeyChecking:
377 intptr = &options->strict_host_key_checking;
379 if (!arg || *arg == '\0')
380 fatal("%.200s line %d: Missing yes/no/ask argument.",
382 value = 0; /* To avoid compiler warning... */
383 if (strcmp(arg, "yes") == 0 || strcmp(arg, "true") == 0)
385 else if (strcmp(arg, "no") == 0 || strcmp(arg, "false") == 0)
387 else if (strcmp(arg, "ask") == 0)
390 fatal("%.200s line %d: Bad yes/no/ask argument.", filename, linenum);
391 if (*activep && *intptr == -1)
396 intptr = &options->compression;
400 intptr = &options->keepalives;
403 case oNumberOfPasswordPrompts:
404 intptr = &options->number_of_password_prompts;
407 case oCompressionLevel:
408 intptr = &options->compression_level;
413 if (!arg || *arg == '\0')
414 fatal("%.200s line %d: Missing argument.", filename, linenum);
416 intptr = &options->num_identity_files;
417 if (*intptr >= SSH_MAX_IDENTITY_FILES)
418 fatal("%.200s line %d: Too many identity files specified (max %d).",
419 filename, linenum, SSH_MAX_IDENTITY_FILES);
420 charptr = &options->identity_files[*intptr];
421 *charptr = xstrdup(arg);
422 *intptr = *intptr + 1;
427 charptr=&options->xauth_location;
431 charptr = &options->user;
434 if (!arg || *arg == '\0')
435 fatal("%.200s line %d: Missing argument.", filename, linenum);
436 if (*activep && *charptr == NULL)
437 *charptr = xstrdup(arg);
440 case oGlobalKnownHostsFile:
441 charptr = &options->system_hostfile;
444 case oUserKnownHostsFile:
445 charptr = &options->user_hostfile;
448 case oGlobalKnownHostsFile2:
449 charptr = &options->system_hostfile2;
452 case oUserKnownHostsFile2:
453 charptr = &options->user_hostfile2;
457 charptr = &options->hostname;
461 charptr = &options->host_key_alias;
464 case oPreferredAuthentications:
465 charptr = &options->preferred_authentications;
469 charptr = &options->bind_address;
472 case oSmartcardDevice:
473 charptr = &options->smartcard_device;
477 charptr = &options->proxy_command;
478 string = xstrdup("");
479 while ((arg = strdelim(&s)) != NULL && *arg != '\0') {
480 string = xrealloc(string, strlen(string) + strlen(arg) + 2);
484 if (*activep && *charptr == NULL)
491 intptr = &options->port;
494 if (!arg || *arg == '\0')
495 fatal("%.200s line %d: Missing argument.", filename, linenum);
496 if (arg[0] < '0' || arg[0] > '9')
497 fatal("%.200s line %d: Bad number.", filename, linenum);
499 /* Octal, decimal, or hex format? */
500 value = strtol(arg, &endofnumber, 0);
501 if (arg == endofnumber)
502 fatal("%.200s line %d: Bad number.", filename, linenum);
503 if (*activep && *intptr == -1)
507 case oConnectionAttempts:
508 intptr = &options->connection_attempts;
512 intptr = &options->cipher;
514 if (!arg || *arg == '\0')
515 fatal("%.200s line %d: Missing argument.", filename, linenum);
516 value = cipher_number(arg);
518 fatal("%.200s line %d: Bad cipher '%s'.",
519 filename, linenum, arg ? arg : "<NONE>");
520 if (*activep && *intptr == -1)
526 if (!arg || *arg == '\0')
527 fatal("%.200s line %d: Missing argument.", filename, linenum);
528 if (!ciphers_valid(arg))
529 fatal("%.200s line %d: Bad SSH2 cipher spec '%s'.",
530 filename, linenum, arg ? arg : "<NONE>");
531 if (*activep && options->ciphers == NULL)
532 options->ciphers = xstrdup(arg);
537 if (!arg || *arg == '\0')
538 fatal("%.200s line %d: Missing argument.", filename, linenum);
540 fatal("%.200s line %d: Bad SSH2 Mac spec '%s'.",
541 filename, linenum, arg ? arg : "<NONE>");
542 if (*activep && options->macs == NULL)
543 options->macs = xstrdup(arg);
546 case oHostKeyAlgorithms:
548 if (!arg || *arg == '\0')
549 fatal("%.200s line %d: Missing argument.", filename, linenum);
550 if (!key_names_valid2(arg))
551 fatal("%.200s line %d: Bad protocol 2 host key algorithms '%s'.",
552 filename, linenum, arg ? arg : "<NONE>");
553 if (*activep && options->hostkeyalgorithms == NULL)
554 options->hostkeyalgorithms = xstrdup(arg);
558 intptr = &options->protocol;
560 if (!arg || *arg == '\0')
561 fatal("%.200s line %d: Missing argument.", filename, linenum);
562 value = proto_spec(arg);
563 if (value == SSH_PROTO_UNKNOWN)
564 fatal("%.200s line %d: Bad protocol spec '%s'.",
565 filename, linenum, arg ? arg : "<NONE>");
566 if (*activep && *intptr == SSH_PROTO_UNKNOWN)
571 intptr = (int *) &options->log_level;
573 value = log_level_number(arg);
574 if (value == (LogLevel) - 1)
575 fatal("%.200s line %d: unsupported log level '%s'",
576 filename, linenum, arg ? arg : "<NONE>");
577 if (*activep && (LogLevel) * intptr == -1)
578 *intptr = (LogLevel) value;
584 if (!arg || *arg == '\0')
585 fatal("%.200s line %d: Missing port argument.",
587 if ((fwd_port = a2port(arg)) == 0)
588 fatal("%.200s line %d: Bad listen port.",
591 if (!arg || *arg == '\0')
592 fatal("%.200s line %d: Missing second argument.",
594 if (sscanf(arg, "%255[^:]:%5[0-9]", buf, sfwd_host_port) != 2 &&
595 sscanf(arg, "%255[^/]/%5[0-9]", buf, sfwd_host_port) != 2)
596 fatal("%.200s line %d: Bad forwarding specification.",
598 if ((fwd_host_port = a2port(sfwd_host_port)) == 0)
599 fatal("%.200s line %d: Bad forwarding port.",
602 if (opcode == oLocalForward)
603 add_local_forward(options, fwd_port, buf,
605 else if (opcode == oRemoteForward)
606 add_remote_forward(options, fwd_port, buf,
611 case oDynamicForward:
613 if (!arg || *arg == '\0')
614 fatal("%.200s line %d: Missing port argument.",
616 fwd_port = a2port(arg);
618 fatal("%.200s line %d: Badly formatted port number.",
621 add_local_forward(options, fwd_port, "socks4", 0);
626 while ((arg = strdelim(&s)) != NULL && *arg != '\0')
627 if (match_pattern(host, arg)) {
628 debug("Applying options for %.100s", arg);
632 /* Avoid garbage check below, as strdelim is done. */
636 intptr = &options->escape_char;
638 if (!arg || *arg == '\0')
639 fatal("%.200s line %d: Missing argument.", filename, linenum);
640 if (arg[0] == '^' && arg[2] == 0 &&
641 (u_char) arg[1] >= 64 && (u_char) arg[1] < 128)
642 value = (u_char) arg[1] & 31;
643 else if (strlen(arg) == 1)
644 value = (u_char) arg[0];
645 else if (strcmp(arg, "none") == 0)
646 value = SSH_ESCAPECHAR_NONE;
648 fatal("%.200s line %d: Bad escape character.",
651 value = 0; /* Avoid compiler warning. */
653 if (*activep && *intptr == -1)
658 fatal("process_config_line: Unimplemented opcode %d", opcode);
661 /* Check that there is no garbage at end of line. */
662 if ((arg = strdelim(&s)) != NULL && *arg != '\0') {
663 fatal("%.200s line %d: garbage at end of line; \"%.200s\".",
664 filename, linenum, arg);
671 * Reads the config file and modifies the options accordingly. Options
672 * should already be initialized before this call. This never returns if
673 * there is an error. If the file does not exist, this returns 0.
677 read_config_file(const char *filename, const char *host, Options *options)
685 f = fopen(filename, "r");
689 debug("Reading configuration data %.200s", filename);
692 * Mark that we are now processing the options. This flag is turned
693 * on/off by Host specifications.
697 while (fgets(line, sizeof(line), f)) {
698 /* Update line number counter. */
700 if (process_config_line(options, host, line, filename, linenum, &active) != 0)
705 fatal("%s: terminating, %d bad configuration options",
706 filename, bad_options);
711 * Initializes options to special values that indicate that they have not yet
712 * been set. Read_config_file will only set options with this value. Options
713 * are processed in the following order: command line, user config file,
714 * system config file. Last, fill_default_options is called.
718 initialize_options(Options * options)
720 memset(options, 'X', sizeof(*options));
721 options->forward_agent = -1;
722 options->forward_x11 = -1;
723 options->xauth_location = NULL;
724 options->gateway_ports = -1;
725 options->use_privileged_port = -1;
726 options->rhosts_authentication = -1;
727 options->rsa_authentication = -1;
728 options->pubkey_authentication = -1;
729 options->challenge_response_authentication = -1;
730 #if defined(KRB4) || defined(KRB5)
731 options->kerberos_authentication = -1;
733 #if defined(AFS) || defined(KRB5)
734 options->kerberos_tgt_passing = -1;
737 options->afs_token_passing = -1;
739 options->password_authentication = -1;
740 options->kbd_interactive_authentication = -1;
741 options->kbd_interactive_devices = NULL;
742 options->rhosts_rsa_authentication = -1;
743 options->hostbased_authentication = -1;
744 options->fallback_to_rsh = -1;
745 options->use_rsh = -1;
746 options->batch_mode = -1;
747 options->check_host_ip = -1;
748 options->strict_host_key_checking = -1;
749 options->compression = -1;
750 options->keepalives = -1;
751 options->compression_level = -1;
753 options->connection_attempts = -1;
754 options->number_of_password_prompts = -1;
755 options->cipher = -1;
756 options->ciphers = NULL;
757 options->macs = NULL;
758 options->hostkeyalgorithms = NULL;
759 options->protocol = SSH_PROTO_UNKNOWN;
760 options->num_identity_files = 0;
761 options->hostname = NULL;
762 options->host_key_alias = NULL;
763 options->proxy_command = NULL;
764 options->user = NULL;
765 options->escape_char = -1;
766 options->system_hostfile = NULL;
767 options->user_hostfile = NULL;
768 options->system_hostfile2 = NULL;
769 options->user_hostfile2 = NULL;
770 options->num_local_forwards = 0;
771 options->num_remote_forwards = 0;
772 options->log_level = (LogLevel) - 1;
773 options->preferred_authentications = NULL;
774 options->bind_address = NULL;
775 options->smartcard_device = NULL;
779 * Called after processing other sources of option data, this fills those
780 * options for which no value has been specified with their default values.
784 fill_default_options(Options * options)
788 if (options->forward_agent == -1)
789 options->forward_agent = 0;
790 if (options->forward_x11 == -1)
791 options->forward_x11 = 0;
793 if (options->xauth_location == NULL)
794 options->xauth_location = _PATH_XAUTH;
796 if (options->gateway_ports == -1)
797 options->gateway_ports = 0;
798 if (options->use_privileged_port == -1)
799 options->use_privileged_port = 0;
800 if (options->rhosts_authentication == -1)
801 options->rhosts_authentication = 1;
802 if (options->rsa_authentication == -1)
803 options->rsa_authentication = 1;
804 if (options->pubkey_authentication == -1)
805 options->pubkey_authentication = 1;
806 if (options->challenge_response_authentication == -1)
807 options->challenge_response_authentication = 1;
808 #if defined(KRB4) || defined(KRB5)
809 if (options->kerberos_authentication == -1)
810 options->kerberos_authentication = 1;
812 #if defined(AFS) || defined(KRB5)
813 if (options->kerberos_tgt_passing == -1)
814 options->kerberos_tgt_passing = 1;
817 if (options->afs_token_passing == -1)
818 options->afs_token_passing = 1;
820 if (options->password_authentication == -1)
821 options->password_authentication = 1;
822 if (options->kbd_interactive_authentication == -1)
823 options->kbd_interactive_authentication = 1;
824 if (options->rhosts_rsa_authentication == -1)
825 options->rhosts_rsa_authentication = 1;
826 if (options->hostbased_authentication == -1)
827 options->hostbased_authentication = 0;
828 if (options->fallback_to_rsh == -1)
829 options->fallback_to_rsh = 0;
830 if (options->use_rsh == -1)
831 options->use_rsh = 0;
832 if (options->batch_mode == -1)
833 options->batch_mode = 0;
834 if (options->check_host_ip == -1)
835 options->check_host_ip = 1;
836 if (options->strict_host_key_checking == -1)
837 options->strict_host_key_checking = 2; /* 2 is default */
838 if (options->compression == -1)
839 options->compression = 0;
840 if (options->keepalives == -1)
841 options->keepalives = 1;
842 if (options->compression_level == -1)
843 options->compression_level = 6;
844 if (options->port == -1)
845 options->port = 0; /* Filled in ssh_connect. */
846 if (options->connection_attempts == -1)
847 options->connection_attempts = 1;
848 if (options->number_of_password_prompts == -1)
849 options->number_of_password_prompts = 3;
850 /* Selected in ssh_login(). */
851 if (options->cipher == -1)
852 options->cipher = SSH_CIPHER_NOT_SET;
853 /* options->ciphers, default set in myproposals.h */
854 /* options->macs, default set in myproposals.h */
855 /* options->hostkeyalgorithms, default set in myproposals.h */
856 if (options->protocol == SSH_PROTO_UNKNOWN)
857 options->protocol = SSH_PROTO_1|SSH_PROTO_2;
858 if (options->num_identity_files == 0) {
859 if (options->protocol & SSH_PROTO_1) {
860 len = 2 + strlen(_PATH_SSH_CLIENT_IDENTITY) + 1;
861 options->identity_files[options->num_identity_files] =
863 snprintf(options->identity_files[options->num_identity_files++],
864 len, "~/%.100s", _PATH_SSH_CLIENT_IDENTITY);
866 if (options->protocol & SSH_PROTO_2) {
867 len = 2 + strlen(_PATH_SSH_CLIENT_ID_RSA) + 1;
868 options->identity_files[options->num_identity_files] =
870 snprintf(options->identity_files[options->num_identity_files++],
871 len, "~/%.100s", _PATH_SSH_CLIENT_ID_RSA);
873 len = 2 + strlen(_PATH_SSH_CLIENT_ID_DSA) + 1;
874 options->identity_files[options->num_identity_files] =
876 snprintf(options->identity_files[options->num_identity_files++],
877 len, "~/%.100s", _PATH_SSH_CLIENT_ID_DSA);
880 if (options->escape_char == -1)
881 options->escape_char = '~';
882 if (options->system_hostfile == NULL)
883 options->system_hostfile = _PATH_SSH_SYSTEM_HOSTFILE;
884 if (options->user_hostfile == NULL)
885 options->user_hostfile = _PATH_SSH_USER_HOSTFILE;
886 if (options->system_hostfile2 == NULL)
887 options->system_hostfile2 = _PATH_SSH_SYSTEM_HOSTFILE2;
888 if (options->user_hostfile2 == NULL)
889 options->user_hostfile2 = _PATH_SSH_USER_HOSTFILE2;
890 if (options->log_level == (LogLevel) - 1)
891 options->log_level = SYSLOG_LEVEL_INFO;
892 /* options->proxy_command should not be set by default */
893 /* options->user will be set in the main program if appropriate */
894 /* options->hostname will be set in the main program if appropriate */
895 /* options->host_key_alias should not be set by default */
896 /* options->preferred_authentications will be set in ssh */