*/
#include "includes.h"
-RCSID("$OpenBSD: servconf.c,v 1.100 2002/01/29 14:32:03 markus Exp $");
+RCSID("$OpenBSD: servconf.c,v 1.119 2003/05/15 01:48:10 jakob Exp $");
-#if defined(KRB4) || defined(KRB5)
+#if defined(KRB4)
#include <krb.h>
#endif
+
+#if defined(KRB5)
+# ifdef HEIMDAL
+# include <krb.h>
+# else
+/*
+ * XXX: Bodge - but then, so is using the kerberos IV KEYFILE to get a
+ * Kerberos V keytab
+ */
+# define KEYFILE "/etc/krb5.keytab"
+# endif
+#endif
+
#ifdef AFS
#include <kafs.h>
#endif
/* AF_UNSPEC or AF_INET or AF_INET6 */
extern int IPv4or6;
+/* Use of privilege separation or not */
+extern int use_privsep;
/* Initializes the server options to their default values. */
memset(options, 0, sizeof(*options));
/* Portable-specific options */
- options->pam_authentication_via_kbd_int = -1;
+ options->use_pam = -1;
/* Standard Options */
options->num_ports = 0;
options->xauth_location = NULL;
options->strict_modes = -1;
options->keepalives = -1;
- options->log_facility = (SyslogFacility) - 1;
- options->log_level = (LogLevel) - 1;
+ options->log_facility = SYSLOG_FACILITY_NOT_SET;
+ options->log_level = SYSLOG_LEVEL_NOT_SET;
options->rhosts_authentication = -1;
options->rhosts_rsa_authentication = -1;
options->hostbased_authentication = -1;
options->hostbased_uses_name_from_packet_only = -1;
options->rsa_authentication = -1;
options->pubkey_authentication = -1;
-#if defined(KRB4) || defined(KRB5)
options->kerberos_authentication = -1;
options->kerberos_or_local_passwd = -1;
options->kerberos_ticket_cleanup = -1;
-#endif
-#if defined(AFS) || defined(KRB5)
options->kerberos_tgt_passing = -1;
-#endif
-#ifdef AFS
options->afs_token_passing = -1;
-#endif
options->password_authentication = -1;
options->kbd_interactive_authentication = -1;
options->challenge_response_authentication = -1;
options->permit_empty_passwd = -1;
+ options->permit_user_env = -1;
options->use_login = -1;
+ options->compression = -1;
options->allow_tcp_forwarding = -1;
options->num_allow_users = 0;
options->num_deny_users = 0;
options->client_alive_count_max = -1;
options->authorized_keys_file = NULL;
options->authorized_keys_file2 = NULL;
+
+ /* Needs to be accessable in many places */
+ use_privsep = -1;
}
void
fill_default_server_options(ServerOptions *options)
{
/* Portable-specific options */
- if (options->pam_authentication_via_kbd_int == -1)
- options->pam_authentication_via_kbd_int = 0;
+ if (options->use_pam == -1)
+ options->use_pam = 0;
/* Standard Options */
if (options->protocol == SSH_PROTO_UNKNOWN)
if (options->server_key_bits == -1)
options->server_key_bits = 768;
if (options->login_grace_time == -1)
- options->login_grace_time = 600;
+ options->login_grace_time = 120;
if (options->key_regeneration_time == -1)
options->key_regeneration_time = 3600;
if (options->permit_root_login == PERMIT_NOT_SET)
options->strict_modes = 1;
if (options->keepalives == -1)
options->keepalives = 1;
- if (options->log_facility == (SyslogFacility) (-1))
+ if (options->log_facility == SYSLOG_FACILITY_NOT_SET)
options->log_facility = SYSLOG_FACILITY_AUTH;
- if (options->log_level == (LogLevel) (-1))
+ if (options->log_level == SYSLOG_LEVEL_NOT_SET)
options->log_level = SYSLOG_LEVEL_INFO;
if (options->rhosts_authentication == -1)
options->rhosts_authentication = 0;
options->rsa_authentication = 1;
if (options->pubkey_authentication == -1)
options->pubkey_authentication = 1;
-#if defined(KRB4) || defined(KRB5)
if (options->kerberos_authentication == -1)
- options->kerberos_authentication = (access(KEYFILE, R_OK) == 0);
+ options->kerberos_authentication = 0;
if (options->kerberos_or_local_passwd == -1)
options->kerberos_or_local_passwd = 1;
if (options->kerberos_ticket_cleanup == -1)
options->kerberos_ticket_cleanup = 1;
-#endif
-#if defined(AFS) || defined(KRB5)
if (options->kerberos_tgt_passing == -1)
options->kerberos_tgt_passing = 0;
-#endif
-#ifdef AFS
if (options->afs_token_passing == -1)
- options->afs_token_passing = k_hasafs();
-#endif
+ options->afs_token_passing = 0;
if (options->password_authentication == -1)
options->password_authentication = 1;
if (options->kbd_interactive_authentication == -1)
options->challenge_response_authentication = 1;
if (options->permit_empty_passwd == -1)
options->permit_empty_passwd = 0;
+ if (options->permit_user_env == -1)
+ options->permit_user_env = 0;
if (options->use_login == -1)
options->use_login = 0;
+ if (options->compression == -1)
+ options->compression = 1;
if (options->allow_tcp_forwarding == -1)
options->allow_tcp_forwarding = 1;
if (options->gateway_ports == -1)
}
if (options->authorized_keys_file == NULL)
options->authorized_keys_file = _PATH_SSH_USER_PERMITTED_KEYS;
+
+ /* Turn privilege separation on by default */
+ if (use_privsep == -1)
+ use_privsep = 1;
+
+#ifndef HAVE_MMAP
+ if (use_privsep && options->compression == 1) {
+ error("This platform does not support both privilege "
+ "separation and compression");
+ error("Compression disabled");
+ options->compression = 0;
+ }
+#endif
+
}
/* Keyword tokens. */
typedef enum {
sBadOption, /* == unknown option */
/* Portable-specific options */
- sPAMAuthenticationViaKbdInt,
+ sUsePAM,
/* Standard Options */
sPort, sHostKeyFile, sServerKeyBits, sLoginGraceTime, sKeyRegenerationTime,
sPermitRootLogin, sLogFacility, sLogLevel,
sRhostsAuthentication, sRhostsRSAAuthentication, sRSAAuthentication,
-#if defined(KRB4) || defined(KRB5)
sKerberosAuthentication, sKerberosOrLocalPasswd, sKerberosTicketCleanup,
-#endif
-#if defined(AFS) || defined(KRB5)
- sKerberosTgtPassing,
-#endif
-#ifdef AFS
- sAFSTokenPassing,
-#endif
- sChallengeResponseAuthentication,
+ sKerberosTgtPassing, sAFSTokenPassing, sChallengeResponseAuthentication,
sPasswordAuthentication, sKbdInteractiveAuthentication, sListenAddress,
sPrintMotd, sPrintLastLog, sIgnoreRhosts,
sX11Forwarding, sX11DisplayOffset, sX11UseLocalhost,
sStrictModes, sEmptyPasswd, sKeepAlives,
- sUseLogin, sAllowTcpForwarding,
+ sPermitUserEnvironment, sUseLogin, sAllowTcpForwarding, sCompression,
sAllowUsers, sDenyUsers, sAllowGroups, sDenyGroups,
sIgnoreUserKnownHosts, sCiphers, sMacs, sProtocol, sPidFile,
sGatewayPorts, sPubkeyAuthentication, sXAuthLocation, sSubsystem, sMaxStartups,
sBanner, sVerifyReverseMapping, sHostbasedAuthentication,
sHostbasedUsesNameFromPacketOnly, sClientAliveInterval,
sClientAliveCountMax, sAuthorizedKeysFile, sAuthorizedKeysFile2,
+ sUsePrivilegeSeparation,
sDeprecated
} ServerOpCodes;
ServerOpCodes opcode;
} keywords[] = {
/* Portable-specific options */
- { "PAMAuthenticationViaKbdInt", sPAMAuthenticationViaKbdInt },
+ { "UsePAM", sUsePAM },
/* Standard Options */
{ "port", sPort },
{ "hostkey", sHostKeyFile },
{ "rsaauthentication", sRSAAuthentication },
{ "pubkeyauthentication", sPubkeyAuthentication },
{ "dsaauthentication", sPubkeyAuthentication }, /* alias */
-#if defined(KRB4) || defined(KRB5)
{ "kerberosauthentication", sKerberosAuthentication },
{ "kerberosorlocalpasswd", sKerberosOrLocalPasswd },
{ "kerberosticketcleanup", sKerberosTicketCleanup },
-#endif
-#if defined(AFS) || defined(KRB5)
{ "kerberostgtpassing", sKerberosTgtPassing },
-#endif
-#ifdef AFS
{ "afstokenpassing", sAFSTokenPassing },
-#endif
{ "passwordauthentication", sPasswordAuthentication },
{ "kbdinteractiveauthentication", sKbdInteractiveAuthentication },
{ "challengeresponseauthentication", sChallengeResponseAuthentication },
{ "xauthlocation", sXAuthLocation },
{ "strictmodes", sStrictModes },
{ "permitemptypasswords", sEmptyPasswd },
+ { "permituserenvironment", sPermitUserEnvironment },
{ "uselogin", sUseLogin },
+ { "compression", sCompression },
{ "keepalive", sKeepAlives },
{ "allowtcpforwarding", sAllowTcpForwarding },
{ "allowusers", sAllowUsers },
{ "clientalivecountmax", sClientAliveCountMax },
{ "authorizedkeysfile", sAuthorizedKeysFile },
{ "authorizedkeysfile2", sAuthorizedKeysFile2 },
+ { "useprivilegeseparation", sUsePrivilegeSeparation},
{ NULL, sBadOption }
};
hints.ai_family = IPv4or6;
hints.ai_socktype = SOCK_STREAM;
hints.ai_flags = (addr == NULL) ? AI_PASSIVE : 0;
- snprintf(strport, sizeof strport, "%d", port);
+ snprintf(strport, sizeof strport, "%u", port);
if ((gaierr = getaddrinfo(addr, strport, &hints, &aitop)) != 0)
fatal("bad addr or host: %s (%s)",
addr ? addr : "<NULL>",
const char *filename, int linenum)
{
char *cp, **charptr, *arg, *p;
- int *intptr, value;
+ int *intptr, value, i, n;
ServerOpCodes opcode;
- int i, n;
cp = line;
arg = strdelim(&cp);
opcode = parse_token(arg, filename, linenum);
switch (opcode) {
/* Portable-specific options */
- case sPAMAuthenticationViaKbdInt:
- intptr = &options->pam_authentication_via_kbd_int;
+ case sUsePAM:
+ intptr = &options->use_pam;
goto parse_flag;
/* Standard Options */
case sPubkeyAuthentication:
intptr = &options->pubkey_authentication;
goto parse_flag;
-#if defined(KRB4) || defined(KRB5)
+
case sKerberosAuthentication:
intptr = &options->kerberos_authentication;
goto parse_flag;
case sKerberosTicketCleanup:
intptr = &options->kerberos_ticket_cleanup;
goto parse_flag;
-#endif
-#if defined(AFS) || defined(KRB5)
+
case sKerberosTgtPassing:
intptr = &options->kerberos_tgt_passing;
goto parse_flag;
-#endif
-#ifdef AFS
+
case sAFSTokenPassing:
intptr = &options->afs_token_passing;
goto parse_flag;
-#endif
case sPasswordAuthentication:
intptr = &options->password_authentication;
intptr = &options->permit_empty_passwd;
goto parse_flag;
+ case sPermitUserEnvironment:
+ intptr = &options->permit_user_env;
+ goto parse_flag;
+
case sUseLogin:
intptr = &options->use_login;
goto parse_flag;
+ case sCompression:
+ intptr = &options->compression;
+ goto parse_flag;
+
case sGatewayPorts:
intptr = &options->gateway_ports;
goto parse_flag;
intptr = (int *) &options->log_facility;
arg = strdelim(&cp);
value = log_facility_number(arg);
- if (value == (SyslogFacility) - 1)
+ if (value == SYSLOG_FACILITY_NOT_SET)
fatal("%.200s line %d: unsupported log facility '%s'",
filename, linenum, arg ? arg : "<NONE>");
if (*intptr == -1)
intptr = (int *) &options->log_level;
arg = strdelim(&cp);
value = log_level_number(arg);
- if (value == (LogLevel) - 1)
+ if (value == SYSLOG_LEVEL_NOT_SET)
fatal("%.200s line %d: unsupported log level '%s'",
filename, linenum, arg ? arg : "<NONE>");
if (*intptr == -1)
intptr = &options->allow_tcp_forwarding;
goto parse_flag;
+ case sUsePrivilegeSeparation:
+ intptr = &use_privsep;
+ goto parse_flag;
+
case sAllowUsers:
while ((arg = strdelim(&cp)) && *arg != '\0') {
if (options->num_allow_users >= MAX_ALLOW_USERS)
fatal("%s line %d: too many allow users.",
filename, linenum);
- options->allow_users[options->num_allow_users++] = xstrdup(arg);
+ options->allow_users[options->num_allow_users++] =
+ xstrdup(arg);
}
break;
if (options->num_deny_users >= MAX_DENY_USERS)
fatal( "%s line %d: too many deny users.",
filename, linenum);
- options->deny_users[options->num_deny_users++] = xstrdup(arg);
+ options->deny_users[options->num_deny_users++] =
+ xstrdup(arg);
}
break;
if (options->num_allow_groups >= MAX_ALLOW_GROUPS)
fatal("%s line %d: too many allow groups.",
filename, linenum);
- options->allow_groups[options->num_allow_groups++] = xstrdup(arg);
+ options->allow_groups[options->num_allow_groups++] =
+ xstrdup(arg);
}
break;
goto parse_int;
case sDeprecated:
- log("%s line %d: Deprecated option %s",
+ logit("%s line %d: Deprecated option %s",
filename, linenum, arg);
while (arg)
arg = strdelim(&cp);
void
read_server_config(ServerOptions *options, const char *filename)
{
- FILE *f;
+ int linenum, bad_options = 0;
char line[1024];
- int linenum;
- int bad_options = 0;
+ FILE *f;
+ debug2("read_server_config: filename %s", filename);
f = fopen(filename, "r");
if (!f) {
perror(filename);