]> andersk Git - openssh.git/blobdiff - servconf.c
andersk / openssh.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
- djm@cvs.openbsd.org 2006/03/19 07:41:30
[openssh.git] / servconf.c
diff --git a/servconf.c b/servconf.c
index 2d1a0c3627feae31cda1d208ece71f07082d8941..7923f5df4c985b7925538a2f7608765ede668040 100644 (file)
--- a/servconf.c
+++ b/servconf.c
@@ -10,7 +10,6 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: servconf.c,v 1.139 2005/03/01 10:09:52 djm Exp $");
 
 #include "ssh.h"
 #include "log.h"
@@ -101,6 +100,7 @@ initialize_server_options(ServerOptions *options)
        options->authorized_keys_file = NULL;
        options->authorized_keys_file2 = NULL;
        options->num_accept_env = 0;
+       options->permit_tun = -1;
 
        /* Needs to be accessable in many places */
        use_privsep = -1;
@@ -201,7 +201,7 @@ fill_default_server_options(ServerOptions *options)
        if (options->use_login == -1)
                options->use_login = 0;
        if (options->compression == -1)
-               options->compression = 1;
+               options->compression = COMP_DELAYED;
        if (options->allow_tcp_forwarding == -1)
                options->allow_tcp_forwarding = 1;
        if (options->gateway_ports == -1)
@@ -229,6 +229,8 @@ fill_default_server_options(ServerOptions *options)
        }
        if (options->authorized_keys_file == NULL)
                options->authorized_keys_file = _PATH_SSH_USER_PERMITTED_KEYS;
+       if (options->permit_tun == -1)
+               options->permit_tun = SSH_TUNMODE_NO;
 
        /* Turn privilege separation on by default */
        if (use_privsep == -1)
@@ -270,7 +272,7 @@ typedef enum {
        sBanner, sUseDNS, sHostbasedAuthentication,
        sHostbasedUsesNameFromPacketOnly, sClientAliveInterval,
        sClientAliveCountMax, sAuthorizedKeysFile, sAuthorizedKeysFile2,
-       sGssAuthentication, sGssCleanupCreds, sAcceptEnv,
+       sGssAuthentication, sGssCleanupCreds, sAcceptEnv, sPermitTunnel,
        sUsePrivilegeSeparation,
        sDeprecated, sUnsupported
 } ServerOpCodes;
@@ -373,6 +375,7 @@ static struct {
        { "authorizedkeysfile2", sAuthorizedKeysFile2 },
        { "useprivilegeseparation", sUsePrivilegeSeparation},
        { "acceptenv", sAcceptEnv },
+       { "permittunnel", sPermitTunnel },
        { NULL, sBadOption }
 };
 
@@ -398,7 +401,7 @@ parse_token(const char *cp, const char *filename,
 static void
 add_listen_addr(ServerOptions *options, char *addr, u_short port)
 {
-       int i;
+       u_int i;
 
        if (options->num_ports == 0)
                options->ports[options->num_ports++] = SSH_DEFAULT_PORT;
@@ -438,12 +441,14 @@ process_server_config_line(ServerOptions *options, char *line,
     const char *filename, int linenum)
 {
        char *cp, **charptr, *arg, *p;
-       int *intptr, value, i, n;
+       int *intptr, value, n;
        ServerOpCodes opcode;
        u_short port;
+       u_int i;
 
        cp = line;
-       arg = strdelim(&cp);
+       if ((arg = strdelim(&cp)) != NULL)
+               return 0;
        /* Ignore leading whitespace */
        if (*arg == '\0')
                arg = strdelim(&cp);
@@ -516,6 +521,12 @@ parse_time:
                if (arg == NULL || *arg == '\0')
                        fatal("%s line %d: missing address",
                            filename, linenum);
+               /* check for bare IPv6 address: no "[]" and 2 or more ":" */
+               if (strchr(arg, '[') == NULL && (p = strchr(arg, ':')) != NULL
+                   && strchr(p+1, ':') != NULL) {
+                       add_listen_addr(options, arg, 0);
+                       break;
+               }
                p = hpdelim(&arg);
                if (p == NULL)
                        fatal("%s line %d: bad address:port usage",
@@ -532,6 +543,9 @@ parse_time:
 
        case sAddressFamily:
                arg = strdelim(&cp);
+               if (!arg || *arg == '\0')
+                       fatal("%s line %d: missing address family.",
+                           filename, linenum);
                intptr = &options->address_family;
                if (options->listen_addrs != NULL)
                        fatal("%s line %d: address family must be specified before "
@@ -721,7 +735,23 @@ parse_flag:
 
        case sCompression:
                intptr = &options->compression;
-               goto parse_flag;
+               arg = strdelim(&cp);
+               if (!arg || *arg == '\0')
+                       fatal("%s line %d: missing yes/no/delayed "
+                           "argument.", filename, linenum);
+               value = 0;      /* silence compiler */
+               if (strcmp(arg, "delayed") == 0)
+                       value = COMP_DELAYED;
+               else if (strcmp(arg, "yes") == 0)
+                       value = COMP_ZLIB;
+               else if (strcmp(arg, "no") == 0)
+                       value = COMP_NONE;
+               else
+                       fatal("%s line %d: Bad yes/no/delayed "
+                           "argument: %s", filename, linenum, arg);
+               if (*intptr == -1)
+                       *intptr = value;
+               break;
 
        case sGatewayPorts:
                intptr = &options->gateway_ports;
@@ -936,6 +966,28 @@ parse_flag:
                }
                break;
 
+       case sPermitTunnel:
+               intptr = &options->permit_tun;
+               arg = strdelim(&cp);
+               if (!arg || *arg == '\0')
+                       fatal("%s line %d: Missing yes/point-to-point/"
+                           "ethernet/no argument.", filename, linenum);
+               value = 0;      /* silence compiler */
+               if (strcasecmp(arg, "ethernet") == 0)
+                       value = SSH_TUNMODE_ETHERNET;
+               else if (strcasecmp(arg, "point-to-point") == 0)
+                       value = SSH_TUNMODE_POINTOPOINT;
+               else if (strcasecmp(arg, "yes") == 0)
+                       value = SSH_TUNMODE_YES;
+               else if (strcasecmp(arg, "no") == 0)
+                       value = SSH_TUNMODE_NO;
+               else
+                       fatal("%s line %d: Bad yes/point-to-point/ethernet/"
+                           "no argument: %s", filename, linenum, arg);
+               if (*intptr == -1)
+                       *intptr = value;
+               break;
+
        case sDeprecated:
                logit("%s line %d: Deprecated option %s",
                    filename, linenum, arg);
@@ -1001,7 +1053,7 @@ parse_server_config(ServerOptions *options, const char *filename, Buffer *conf)
 
        obuf = cbuf = xstrdup(buffer_ptr(conf));
        linenum = 1;
-       while((cp = strsep(&cbuf, "\n")) != NULL) {
+       while ((cp = strsep(&cbuf, "\n")) != NULL) {
                if (process_server_config_line(options, cp, filename,
                    linenum++) != 0)
                        bad_options++;
git-cvsimport mirror of OpenSSH
This page took 0.437912 seconds and 4 git commands to generate.