diff options
| author | millert@openbsd.org <millert@openbsd.org> | 2017-10-21 23:06:24 +0000 |
|---|---|---|
| committer | Damien Miller <djm@mindrot.org> | 2017-10-23 16:10:08 +1100 |
| commit | 887669ef032d63cf07f53cada216fa8a0c9a7d72 (patch) | |
| tree | 089b20255da21a489d7bc796a8ee86bd0b8f028f /readconf.c | |
| parent | d27bff293cfeb2252f4c7a58babe5ad3262c6c98 (diff) | |
upstream commit
Add URI support to ssh, sftp and scp. For example
ssh://user@host or sftp://user@host/path. The connection parameters
described in draft-ietf-secsh-scp-sftp-ssh-uri-04 are not implemented since
the ssh fingerprint format in the draft uses md5 with no way to specify the
hash function type. OK djm@
Upstream-ID: 4ba3768b662d6722de59e6ecb00abf2d4bf9cacc
Diffstat (limited to 'readconf.c')
| -rw-r--r-- | readconf.c | 54 |
1 files changed, 22 insertions, 32 deletions
diff --git a/readconf.c b/readconf.c index f63894f9c..63baa7d78 100644 --- a/readconf.c +++ b/readconf.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: readconf.c,v 1.279 2017/09/21 19:16:53 markus Exp $ */ | 1 | /* $OpenBSD: readconf.c,v 1.280 2017/10/21 23:06:24 millert Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
| 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
| @@ -683,34 +683,6 @@ match_cfg_line(Options *options, char **condition, struct passwd *pw, | |||
| 683 | return result; | 683 | return result; |
| 684 | } | 684 | } |
| 685 | 685 | ||
| 686 | /* Check and prepare a domain name: removes trailing '.' and lowercases */ | ||
| 687 | static void | ||
| 688 | valid_domain(char *name, const char *filename, int linenum) | ||
| 689 | { | ||
| 690 | size_t i, l = strlen(name); | ||
| 691 | u_char c, last = '\0'; | ||
| 692 | |||
| 693 | if (l == 0) | ||
| 694 | fatal("%s line %d: empty hostname suffix", filename, linenum); | ||
| 695 | if (!isalpha((u_char)name[0]) && !isdigit((u_char)name[0])) | ||
| 696 | fatal("%s line %d: hostname suffix \"%.100s\" " | ||
| 697 | "starts with invalid character", filename, linenum, name); | ||
| 698 | for (i = 0; i < l; i++) { | ||
| 699 | c = tolower((u_char)name[i]); | ||
| 700 | name[i] = (char)c; | ||
| 701 | if (last == '.' && c == '.') | ||
| 702 | fatal("%s line %d: hostname suffix \"%.100s\" contains " | ||
| 703 | "consecutive separators", filename, linenum, name); | ||
| 704 | if (c != '.' && c != '-' && !isalnum(c) && | ||
| 705 | c != '_') /* technically invalid, but common */ | ||
| 706 | fatal("%s line %d: hostname suffix \"%.100s\" contains " | ||
| 707 | "invalid characters", filename, linenum, name); | ||
| 708 | last = c; | ||
| 709 | } | ||
| 710 | if (name[l - 1] == '.') | ||
| 711 | name[l - 1] = '\0'; | ||
| 712 | } | ||
| 713 | |||
| 714 | /* | 686 | /* |
| 715 | * Returns the number of the token pointed to by cp or oBadOption. | 687 | * Returns the number of the token pointed to by cp or oBadOption. |
| 716 | */ | 688 | */ |
| @@ -1562,7 +1534,11 @@ parse_keytypes: | |||
| 1562 | case oCanonicalDomains: | 1534 | case oCanonicalDomains: |
| 1563 | value = options->num_canonical_domains != 0; | 1535 | value = options->num_canonical_domains != 0; |
| 1564 | while ((arg = strdelim(&s)) != NULL && *arg != '\0') { | 1536 | while ((arg = strdelim(&s)) != NULL && *arg != '\0') { |
| 1565 | valid_domain(arg, filename, linenum); | 1537 | const char *errstr; |
| 1538 | if (!valid_domain(arg, 1, &errstr)) { | ||
| 1539 | fatal("%s line %d: %s", filename, linenum, | ||
| 1540 | errstr); | ||
| 1541 | } | ||
| 1566 | if (!*activep || value) | 1542 | if (!*activep || value) |
| 1567 | continue; | 1543 | continue; |
| 1568 | if (options->num_canonical_domains >= MAX_CANON_DOMAINS) | 1544 | if (options->num_canonical_domains >= MAX_CANON_DOMAINS) |
| @@ -2294,11 +2270,13 @@ parse_jump(const char *s, Options *o, int active) | |||
| 2294 | 2270 | ||
| 2295 | if (first) { | 2271 | if (first) { |
| 2296 | /* First argument and configuration is active */ | 2272 | /* First argument and configuration is active */ |
| 2297 | if (parse_user_host_port(cp, &user, &host, &port) != 0) | 2273 | if (parse_ssh_uri(cp, &user, &host, &port) == -1 || |
| 2274 | parse_user_host_port(cp, &user, &host, &port) != 0) | ||
| 2298 | goto out; | 2275 | goto out; |
| 2299 | } else { | 2276 | } else { |
| 2300 | /* Subsequent argument or inactive configuration */ | 2277 | /* Subsequent argument or inactive configuration */ |
| 2301 | if (parse_user_host_port(cp, NULL, NULL, NULL) != 0) | 2278 | if (parse_ssh_uri(cp, NULL, NULL, NULL) == -1 || |
| 2279 | parse_user_host_port(cp, NULL, NULL, NULL) != 0) | ||
| 2302 | goto out; | 2280 | goto out; |
| 2303 | } | 2281 | } |
| 2304 | first = 0; /* only check syntax for subsequent hosts */ | 2282 | first = 0; /* only check syntax for subsequent hosts */ |
| @@ -2323,6 +2301,18 @@ parse_jump(const char *s, Options *o, int active) | |||
| 2323 | return ret; | 2301 | return ret; |
| 2324 | } | 2302 | } |
| 2325 | 2303 | ||
| 2304 | int | ||
| 2305 | parse_ssh_uri(const char *uri, char **userp, char **hostp, int *portp) | ||
| 2306 | { | ||
| 2307 | char *path; | ||
| 2308 | int r; | ||
| 2309 | |||
| 2310 | r = parse_uri("ssh", uri, userp, hostp, portp, &path); | ||
| 2311 | if (r == 0 && path != NULL) | ||
| 2312 | r = -1; /* path not allowed */ | ||
| 2313 | return r; | ||
| 2314 | } | ||
| 2315 | |||
| 2326 | /* XXX the following is a near-vebatim copy from servconf.c; refactor */ | 2316 | /* XXX the following is a near-vebatim copy from servconf.c; refactor */ |
| 2327 | static const char * | 2317 | static const char * |
| 2328 | fmt_multistate_int(int val, const struct multistate *m) | 2318 | fmt_multistate_int(int val, const struct multistate *m) |