- (djm) Make portable build with MIT krb5 (some issues remain)

[openssh.git] / servconf.c

diff --git a/servconf.c b/servconf.c
index 9bbd994ca556417462dee5f9dbfcc79eeb4789b0..8e2839085b08a4be114a0cfbe19711b289014be5 100644 (file)
--- a/servconf.c
+++ b/servconf.c
@@ -10,11 +10,24 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: servconf.c,v 1.101 2002/02/04 12:15:25 markus Exp $");
+RCSID("$OpenBSD: servconf.c,v 1.118 2003/04/09 08:23:52 hin Exp $");
 
-#if defined(KRB4) || defined(KRB5)
+#if defined(KRB4)
 #include <krb.h>
 #endif
+
+#if defined(KRB5)
+# ifdef HEIMDAL
+#  include <krb.h>
+# else
+/*
+ * XXX: Bodge - but then, so is using the kerberos IV KEYFILE to get a 
+ * Kerberos V keytab
+ */
+#  define KEYFILE "/etc/krb5.keytab"
+# endif
+#endif
+
 #ifdef AFS
 #include <kafs.h>
 #endif
@@ -36,6 +49,8 @@ static void add_one_listen_addr(ServerOptions *, char *, u_short);
 
 /* AF_UNSPEC or AF_INET or AF_INET6 */
 extern int IPv4or6;
+/* Use of privilege separation or not */
+extern int use_privsep;
 
 /* Initializes the server options to their default values. */
 
@@ -90,7 +105,9 @@ initialize_server_options(ServerOptions *options)
        options->kbd_interactive_authentication = -1;
        options->challenge_response_authentication = -1;
        options->permit_empty_passwd = -1;
+       options->permit_user_env = -1;
        options->use_login = -1;
+       options->compression = -1;
        options->allow_tcp_forwarding = -1;
        options->num_allow_users = 0;
        options->num_deny_users = 0;
@@ -110,6 +127,9 @@ initialize_server_options(ServerOptions *options)
        options->client_alive_count_max = -1;
        options->authorized_keys_file = NULL;
        options->authorized_keys_file2 = NULL;
+
+       /* Needs to be accessable in many places */
+       use_privsep = -1;
 }
 
 void
@@ -143,7 +163,7 @@ fill_default_server_options(ServerOptions *options)
        if (options->server_key_bits == -1)
                options->server_key_bits = 768;
        if (options->login_grace_time == -1)
-               options->login_grace_time = 600;
+               options->login_grace_time = 120;
        if (options->key_regeneration_time == -1)
                options->key_regeneration_time = 3600;
        if (options->permit_root_login == PERMIT_NOT_SET)
@@ -186,7 +206,7 @@ fill_default_server_options(ServerOptions *options)
                options->pubkey_authentication = 1;
 #if defined(KRB4) || defined(KRB5)
        if (options->kerberos_authentication == -1)
-               options->kerberos_authentication = (access(KEYFILE, R_OK) == 0);
+               options->kerberos_authentication = 0;
        if (options->kerberos_or_local_passwd == -1)
                options->kerberos_or_local_passwd = 1;
        if (options->kerberos_ticket_cleanup == -1)
@@ -198,7 +218,7 @@ fill_default_server_options(ServerOptions *options)
 #endif
 #ifdef AFS
        if (options->afs_token_passing == -1)
-               options->afs_token_passing = k_hasafs();
+               options->afs_token_passing = 0;
 #endif
        if (options->password_authentication == -1)
                options->password_authentication = 1;
@@ -208,8 +228,12 @@ fill_default_server_options(ServerOptions *options)
                options->challenge_response_authentication = 1;
        if (options->permit_empty_passwd == -1)
                options->permit_empty_passwd = 0;
+       if (options->permit_user_env == -1)
+               options->permit_user_env = 0;
        if (options->use_login == -1)
                options->use_login = 0;
+       if (options->compression == -1)
+               options->compression = 1;
        if (options->allow_tcp_forwarding == -1)
                options->allow_tcp_forwarding = 1;
        if (options->gateway_ports == -1)
@@ -235,6 +259,20 @@ fill_default_server_options(ServerOptions *options)
        }
        if (options->authorized_keys_file == NULL)
                options->authorized_keys_file = _PATH_SSH_USER_PERMITTED_KEYS;
+
+       /* Turn privilege separation on by default */
+       if (use_privsep == -1)
+               use_privsep = 1;
+
+#ifndef HAVE_MMAP
+       if (use_privsep && options->compression == 1) {
+               error("This platform does not support both privilege "
+                   "separation and compression");
+               error("Compression disabled");
+               options->compression = 0;
+       }
+#endif
+
 }
 
 /* Keyword tokens. */
@@ -260,13 +298,14 @@ typedef enum {
        sPrintMotd, sPrintLastLog, sIgnoreRhosts,
        sX11Forwarding, sX11DisplayOffset, sX11UseLocalhost,
        sStrictModes, sEmptyPasswd, sKeepAlives,
-       sUseLogin, sAllowTcpForwarding,
+       sPermitUserEnvironment, sUseLogin, sAllowTcpForwarding, sCompression,
        sAllowUsers, sDenyUsers, sAllowGroups, sDenyGroups,
        sIgnoreUserKnownHosts, sCiphers, sMacs, sProtocol, sPidFile,
        sGatewayPorts, sPubkeyAuthentication, sXAuthLocation, sSubsystem, sMaxStartups,
        sBanner, sVerifyReverseMapping, sHostbasedAuthentication,
        sHostbasedUsesNameFromPacketOnly, sClientAliveInterval,
        sClientAliveCountMax, sAuthorizedKeysFile, sAuthorizedKeysFile2,
+       sUsePrivilegeSeparation,
        sDeprecated
 } ServerOpCodes;
 
@@ -322,7 +361,9 @@ static struct {
        { "xauthlocation", sXAuthLocation },
        { "strictmodes", sStrictModes },
        { "permitemptypasswords", sEmptyPasswd },
+       { "permituserenvironment", sPermitUserEnvironment },
        { "uselogin", sUseLogin },
+       { "compression", sCompression },
        { "keepalive", sKeepAlives },
        { "allowtcpforwarding", sAllowTcpForwarding },
        { "allowusers", sAllowUsers },
@@ -342,6 +383,7 @@ static struct {
        { "clientalivecountmax", sClientAliveCountMax },
        { "authorizedkeysfile", sAuthorizedKeysFile },
        { "authorizedkeysfile2", sAuthorizedKeysFile2 },
+       { "useprivilegeseparation", sUsePrivilegeSeparation},
        { NULL, sBadOption }
 };
 
@@ -389,7 +431,7 @@ add_one_listen_addr(ServerOptions *options, char *addr, u_short port)
        hints.ai_family = IPv4or6;
        hints.ai_socktype = SOCK_STREAM;
        hints.ai_flags = (addr == NULL) ? AI_PASSIVE : 0;
-       snprintf(strport, sizeof strport, "%d", port);
+       snprintf(strport, sizeof strport, "%u", port);
        if ((gaierr = getaddrinfo(addr, strport, &hints, &aitop)) != 0)
                fatal("bad addr or host: %s (%s)",
                    addr ? addr : "<NULL>",
@@ -405,9 +447,8 @@ process_server_config_line(ServerOptions *options, char *line,
     const char *filename, int linenum)
 {
        char *cp, **charptr, *arg, *p;
-       int *intptr, value;
+       int *intptr, value, i, n;
        ServerOpCodes opcode;
-       int i, n;
 
        cp = line;
        arg = strdelim(&cp);
@@ -680,10 +721,18 @@ parse_flag:
                intptr = &options->permit_empty_passwd;
                goto parse_flag;
 
+       case sPermitUserEnvironment:
+               intptr = &options->permit_user_env;
+               goto parse_flag;
+
        case sUseLogin:
                intptr = &options->use_login;
                goto parse_flag;
 
+       case sCompression:
+               intptr = &options->compression;
+               goto parse_flag;
+
        case sGatewayPorts:
                intptr = &options->gateway_ports;
                goto parse_flag;
@@ -718,12 +767,17 @@ parse_flag:
                intptr = &options->allow_tcp_forwarding;
                goto parse_flag;
 
+       case sUsePrivilegeSeparation:
+               intptr = &use_privsep;
+               goto parse_flag;
+
        case sAllowUsers:
                while ((arg = strdelim(&cp)) && *arg != '\0') {
                        if (options->num_allow_users >= MAX_ALLOW_USERS)
                                fatal("%s line %d: too many allow users.",
                                    filename, linenum);
-                       options->allow_users[options->num_allow_users++] = xstrdup(arg);
+                       options->allow_users[options->num_allow_users++] =
+                           xstrdup(arg);
                }
                break;
 
@@ -732,7 +786,8 @@ parse_flag:
                        if (options->num_deny_users >= MAX_DENY_USERS)
                                fatal( "%s line %d: too many deny users.",
                                    filename, linenum);
-                       options->deny_users[options->num_deny_users++] = xstrdup(arg);
+                       options->deny_users[options->num_deny_users++] =
+                           xstrdup(arg);
                }
                break;
 
@@ -741,7 +796,8 @@ parse_flag:
                        if (options->num_allow_groups >= MAX_ALLOW_GROUPS)
                                fatal("%s line %d: too many allow groups.",
                                    filename, linenum);
-                       options->allow_groups[options->num_allow_groups++] = xstrdup(arg);
+                       options->allow_groups[options->num_allow_groups++] =
+                           xstrdup(arg);
                }
                break;
 
@@ -858,7 +914,7 @@ parse_flag:
                goto parse_int;
 
        case sDeprecated:
-               log("%s line %d: Deprecated option %s",
+               logit("%s line %d: Deprecated option %s",
                    filename, linenum, arg);
                while (arg)
                    arg = strdelim(&cp);
@@ -879,11 +935,11 @@ parse_flag:
 void
 read_server_config(ServerOptions *options, const char *filename)
 {
-       FILE *f;
+       int linenum, bad_options = 0;
        char line[1024];
-       int linenum;
-       int bad_options = 0;
+       FILE *f;
 
+       debug2("read_server_config: filename %s", filename);
        f = fopen(filename, "r");
        if (!f) {
                perror(filename);