*/
#include "includes.h"
-RCSID("$OpenBSD: readconf.c,v 1.126 2003/12/09 21:53:36 markus Exp $");
+RCSID("$OpenBSD: readconf.c,v 1.130 2004/04/27 09:46:36 djm Exp $");
#include "ssh.h"
#include "xmalloc.h"
oClearAllForwardings, oNoHostAuthenticationForLocalhost,
oEnableSSHKeysign, oRekeyLimit, oVerifyHostKeyDNS, oConnectTimeout,
oAddressFamily, oGssAuthentication, oGssDelegateCreds,
+ oServerAliveInterval, oServerAliveCountMax, oIdentitiesOnly,
+ oSendEnv,
oDeprecated, oUnsupported
} OpCodes;
{ "usersh", oDeprecated },
{ "identityfile", oIdentityFile },
{ "identityfile2", oIdentityFile }, /* alias */
+ { "identitiesonly", oIdentitiesOnly },
{ "hostname", oHostName },
{ "hostkeyalias", oHostKeyAlias },
{ "proxycommand", oProxyCommand },
{ "rekeylimit", oRekeyLimit },
{ "connecttimeout", oConnectTimeout },
{ "addressfamily", oAddressFamily },
+ { "serveraliveinterval", oServerAliveInterval },
+ { "serveralivecountmax", oServerAliveCountMax },
+ { "sendenv", oSendEnv },
{ NULL, oBadOption }
};
/* NOTREACHED */
case oConnectTimeout:
intptr = &options->connection_timeout;
-/* parse_time: */
+parse_time:
arg = strdelim(&s);
if (!arg || *arg == '\0')
fatal("%s line %d: missing time value.",
intptr = &options->enable_ssh_keysign;
goto parse_flag;
+ case oIdentitiesOnly:
+ intptr = &options->identities_only;
+ goto parse_flag;
+
+ case oServerAliveInterval:
+ intptr = &options->server_alive_interval;
+ goto parse_time;
+
+ case oServerAliveCountMax:
+ intptr = &options->server_alive_count_max;
+ goto parse_int;
+
+ case oSendEnv:
+ while ((arg = strdelim(&s)) != NULL && *arg != '\0') {
+ if (strchr(arg, '=') != NULL)
+ fatal("%s line %d: Invalid environment name.",
+ filename, linenum);
+ if (options->num_send_env >= MAX_SEND_ENV)
+ fatal("%s line %d: too many send env.",
+ filename, linenum);
+ options->send_env[options->num_send_env++] =
+ xstrdup(arg);
+ }
+ break;
+
case oDeprecated:
debug("%s line %d: Deprecated option \"%s\"",
filename, linenum, keyword);
*/
int
-read_config_file(const char *filename, const char *host, Options *options)
+read_config_file(const char *filename, const char *host, Options *options,
+ int checkperm)
{
FILE *f;
char line[1024];
int bad_options = 0;
/* Open the file. */
- f = fopen(filename, "r");
- if (!f)
+ if ((f = fopen(filename, "r")) == NULL)
return 0;
+ if (checkperm) {
+ struct stat sb;
+
+ if (fstat(fileno(f), &sb) == -1) {
+ fatal("fstat %s: %s", filename, strerror(errno));
+ fclose(f);
+ return (0);
+ }
+ if (((sb.st_uid != 0 && sb.st_uid != getuid()) ||
+ (sb.st_mode & 022) != 0)) {
+ fatal("Bad owner or permissions on %s", filename);
+ return 0;
+ }
+ }
+
debug("Reading configuration data %.200s", filename);
/*
options->smartcard_device = NULL;
options->enable_ssh_keysign = - 1;
options->no_host_authentication_for_localhost = - 1;
+ options->identities_only = - 1;
options->rekey_limit = - 1;
options->verify_host_key_dns = -1;
+ options->server_alive_interval = -1;
+ options->server_alive_count_max = -1;
+ options->num_send_env = 0;
}
/*
clear_forwardings(options);
if (options->no_host_authentication_for_localhost == - 1)
options->no_host_authentication_for_localhost = 0;
+ if (options->identities_only == -1)
+ options->identities_only = 0;
if (options->enable_ssh_keysign == -1)
options->enable_ssh_keysign = 0;
if (options->rekey_limit == -1)
options->rekey_limit = 0;
if (options->verify_host_key_dns == -1)
options->verify_host_key_dns = 0;
+ if (options->server_alive_interval == -1)
+ options->server_alive_interval = 0;
+ if (options->server_alive_count_max == -1)
+ options->server_alive_count_max = 3;
/* options->proxy_command should not be set by default */
/* options->user will be set in the main program if appropriate */
/* options->hostname will be set in the main program if appropriate */
andersk / openssh.git / blobdiff