*/
#include "includes.h"
-RCSID("$OpenBSD: readconf.c,v 1.79 2001/05/24 18:57:53 stevesk Exp $");
+RCSID("$OpenBSD: readconf.c,v 1.88 2001/08/30 16:04:35 stevesk Exp $");
#include "ssh.h"
#include "xmalloc.h"
oForwardAgent, oForwardX11, oGatewayPorts, oRhostsAuthentication,
oPasswordAuthentication, oRSAAuthentication, oFallBackToRsh, oUseRsh,
oChallengeResponseAuthentication, oXAuthLocation,
-#ifdef KRB4
+#if defined(KRB4) || defined(KRB5)
oKerberosAuthentication,
-#endif /* KRB4 */
+#endif
+#if defined(AFS) || defined(KRB5)
+ oKerberosTgtPassing,
+#endif
#ifdef AFS
- oKerberosTgtPassing, oAFSTokenPassing,
+ oAFSTokenPassing,
#endif
oIdentityFile, oHostName, oPort, oCipher, oRemoteForward, oLocalForward,
oUser, oHost, oEscapeChar, oRhostsRSAAuthentication, oProxyCommand,
oGlobalKnownHostsFile2, oUserKnownHostsFile2, oPubkeyAuthentication,
oKbdInteractiveAuthentication, oKbdInteractiveDevices, oHostKeyAlias,
oDynamicForward, oPreferredAuthentications, oHostbasedAuthentication,
- oHostKeyAlgorithms, oBindAddress
+ oHostKeyAlgorithms, oBindAddress, oSmartcardDevice
} OpCodes;
/* Textual representations of the tokens. */
{ "challengeresponseauthentication", oChallengeResponseAuthentication },
{ "skeyauthentication", oChallengeResponseAuthentication }, /* alias */
{ "tisauthentication", oChallengeResponseAuthentication }, /* alias */
-#ifdef KRB4
+#if defined(KRB4) || defined(KRB5)
{ "kerberosauthentication", oKerberosAuthentication },
-#endif /* KRB4 */
-#ifdef AFS
+#endif
+#if defined(AFS) || defined(KRB5)
{ "kerberostgtpassing", oKerberosTgtPassing },
+#endif
+#ifdef AFS
{ "afstokenpassing", oAFSTokenPassing },
#endif
{ "fallbacktorsh", oFallBackToRsh },
{ "host", oHost },
{ "escapechar", oEscapeChar },
{ "globalknownhostsfile", oGlobalKnownHostsFile },
- { "userknownhostsfile", oUserKnownHostsFile },
+ { "userknownhostsfile", oUserKnownHostsFile }, /* obsolete */
{ "globalknownhostsfile2", oGlobalKnownHostsFile2 },
- { "userknownhostsfile2", oUserKnownHostsFile2 },
+ { "userknownhostsfile2", oUserKnownHostsFile2 }, /* obsolete */
{ "connectionattempts", oConnectionAttempts },
{ "batchmode", oBatchMode },
{ "checkhostip", oCheckHostIP },
{ "preferredauthentications", oPreferredAuthentications },
{ "hostkeyalgorithms", oHostKeyAlgorithms },
{ "bindaddress", oBindAddress },
+ { "smartcarddevice", oSmartcardDevice },
{ NULL, 0 }
};
char buf[256], *s, *string, **charptr, *endofnumber, *keyword, *arg;
int opcode, *intptr, value;
u_short fwd_port, fwd_host_port;
+ char sfwd_host_port[6];
s = line;
/* Get the keyword. (Each line is supposed to begin with a keyword). */
case oChallengeResponseAuthentication:
intptr = &options->challenge_response_authentication;
goto parse_flag;
-
-#ifdef KRB4
+#if defined(KRB4) || defined(KRB5)
case oKerberosAuthentication:
intptr = &options->kerberos_authentication;
goto parse_flag;
-#endif /* KRB4 */
-
-#ifdef AFS
+#endif
+#if defined(AFS) || defined(KRB5)
case oKerberosTgtPassing:
intptr = &options->kerberos_tgt_passing;
goto parse_flag;
-
+#endif
+#ifdef AFS
case oAFSTokenPassing:
intptr = &options->afs_token_passing;
goto parse_flag;
#endif
-
case oFallBackToRsh:
intptr = &options->fallback_to_rsh;
goto parse_flag;
charptr = &options->bind_address;
goto parse_string;
+ case oSmartcardDevice:
+ charptr = &options->smartcard_device;
+ goto parse_string;
+
case oProxyCommand:
charptr = &options->proxy_command;
string = xstrdup("");
*intptr = (LogLevel) value;
break;
- case oRemoteForward:
- arg = strdelim(&s);
- if (!arg || *arg == '\0')
- fatal("%.200s line %d: Missing argument.", filename, linenum);
- fwd_port = a2port(arg);
- if (fwd_port == 0)
- fatal("%.200s line %d: Badly formatted port number.",
- filename, linenum);
- arg = strdelim(&s);
- if (!arg || *arg == '\0')
- fatal("%.200s line %d: Missing second argument.",
- filename, linenum);
- if (sscanf(arg, "%255[^:]:%hu", buf, &fwd_host_port) != 2)
- fatal("%.200s line %d: Badly formatted host:port.",
- filename, linenum);
- if (*activep)
- add_remote_forward(options, fwd_port, buf, fwd_host_port);
- break;
-
case oLocalForward:
+ case oRemoteForward:
arg = strdelim(&s);
if (!arg || *arg == '\0')
- fatal("%.200s line %d: Missing argument.", filename, linenum);
- fwd_port = a2port(arg);
- if (fwd_port == 0)
- fatal("%.200s line %d: Badly formatted port number.",
- filename, linenum);
+ fatal("%.200s line %d: Missing port argument.",
+ filename, linenum);
+ if ((fwd_port = a2port(arg)) == 0)
+ fatal("%.200s line %d: Bad listen port.",
+ filename, linenum);
arg = strdelim(&s);
if (!arg || *arg == '\0')
fatal("%.200s line %d: Missing second argument.",
- filename, linenum);
- if (sscanf(arg, "%255[^:]:%hu", buf, &fwd_host_port) != 2)
- fatal("%.200s line %d: Badly formatted host:port.",
- filename, linenum);
- if (*activep)
- add_local_forward(options, fwd_port, buf, fwd_host_port);
+ filename, linenum);
+ if (sscanf(arg, "%255[^:]:%5[0-9]", buf, sfwd_host_port) != 2 &&
+ sscanf(arg, "%255[^/]/%5[0-9]", buf, sfwd_host_port) != 2)
+ fatal("%.200s line %d: Bad forwarding specification.",
+ filename, linenum);
+ if ((fwd_host_port = a2port(sfwd_host_port)) == 0)
+ fatal("%.200s line %d: Bad forwarding port.",
+ filename, linenum);
+ if (*activep) {
+ if (opcode == oLocalForward)
+ add_local_forward(options, fwd_port, buf,
+ fwd_host_port);
+ else if (opcode == oRemoteForward)
+ add_remote_forward(options, fwd_port, buf,
+ fwd_host_port);
+ }
break;
case oDynamicForward:
if (fwd_port == 0)
fatal("%.200s line %d: Badly formatted port number.",
filename, linenum);
- add_local_forward(options, fwd_port, "socks4", 0);
+ if (*activep)
+ add_local_forward(options, fwd_port, "socks4", 0);
break;
case oHost:
options->rsa_authentication = -1;
options->pubkey_authentication = -1;
options->challenge_response_authentication = -1;
-#ifdef KRB4
+#if defined(KRB4) || defined(KRB5)
options->kerberos_authentication = -1;
#endif
-#ifdef AFS
+#if defined(AFS) || defined(KRB5)
options->kerberos_tgt_passing = -1;
+#endif
+#ifdef AFS
options->afs_token_passing = -1;
#endif
options->password_authentication = -1;
options->log_level = (LogLevel) - 1;
options->preferred_authentications = NULL;
options->bind_address = NULL;
+ options->smartcard_device = NULL;
}
/*
options->forward_agent = 0;
if (options->forward_x11 == -1)
options->forward_x11 = 0;
-#ifdef XAUTH_PATH
+#ifdef _PATH_XAUTH
if (options->xauth_location == NULL)
- options->xauth_location = XAUTH_PATH;
-#endif /* XAUTH_PATH */
+ options->xauth_location = _PATH_XAUTH;
+#endif
if (options->gateway_ports == -1)
options->gateway_ports = 0;
if (options->use_privileged_port == -1)
if (options->pubkey_authentication == -1)
options->pubkey_authentication = 1;
if (options->challenge_response_authentication == -1)
- options->challenge_response_authentication = 0;
-#ifdef KRB4
+ options->challenge_response_authentication = 1;
+#if defined(KRB4) || defined(KRB5)
if (options->kerberos_authentication == -1)
options->kerberos_authentication = 1;
-#endif /* KRB4 */
-#ifdef AFS
+#endif
+#if defined(AFS) || defined(KRB5)
if (options->kerberos_tgt_passing == -1)
options->kerberos_tgt_passing = 1;
+#endif
+#ifdef AFS
if (options->afs_token_passing == -1)
options->afs_token_passing = 1;
-#endif /* AFS */
+#endif
if (options->password_authentication == -1)
options->password_authentication = 1;
if (options->kbd_interactive_authentication == -1)
if (options->port == -1)
options->port = 0; /* Filled in ssh_connect. */
if (options->connection_attempts == -1)
- options->connection_attempts = 4;
+ options->connection_attempts = 1;
if (options->number_of_password_prompts == -1)
options->number_of_password_prompts = 3;
/* Selected in ssh_login(). */